search

StyraInc / opa-aws-cloudformation-hook

AWS Cloudformation Hook for OPA-powered infrastructure policy enforcement
Apache License 2.0
35 stars 5 forks source link

Non-Linux users without Docker Desktop cannot build hook locally #40

Open pauly4it opened 2 years ago

pauly4it commented 2 years ago

For users who do not have Docker Desktop installed locally due to licensing issues, the cfn submit command cannot be run with the default Docker flow. Disabling the Docker option in the hook configuration and building the zip file on a non-Linux system results in Lambda function errors. The cfn cli does not currently officially support Docker alternatives.

I recommend running the cfn submit --dry-run command on an Ubuntu GitHub runner with Docker installed to generate a valid hook zip file.

pauly4it commented 2 years ago

We now have zip files generated and attached to workflow runs as artifacts. Next steps:

  1. Update README to mention the generated zip files and how to register a hook using the zip file
  2. Move to a versioned release flow similar to the OPA repo