IaC monitoring with Git

git@vger.kernel.org mailing list mirror (one of many)
 help / color / mirror / code / Atom feed

* IaC monitoring with Git
@ 2019-12-19 21:30 Christopher Díaz Riveros
  2019-12-20  9:29 ` Christian Couder
  0 siblings, 1 reply; 2+ messages in thread
From: Christopher Díaz Riveros @ 2019-12-19 21:30 UTC (permalink / raw)
  To: Git List

Hi all,

I'm trying to figure out a git based solution for a use case we have
at my work place. We use IaC for our infrastructure, when we want to
create new instances/accounts/etc we add a certain set of tags in our
files to indicate some key aspects of the instances/accounts.

There is one specific tag, owner, which we use to set a contact point
in case we need someone to make a change. The main issue with this is
that you can set the tag to anything, valid or not, or it could become
invalid over time.

Would a valid approach for first issue be to set a pre-receive hook in
our repositories so that before the PR is merged, we check validity of
the contact email, a.k.a. owner tag (we assume validity means that
email exist), maybe via ldapsearch or another command like this?

For the second case, I'd assume git does not by default monitor
contents of files on a regular basis, does anybody have faced this
issue and successfully found a way to periodically check contents and
trigger alerts on repositories based on same case (email becomes
invalid, then trigger alert)?

Thanks a lot for your help!

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: IaC monitoring with Git
  2019-12-19 21:30 IaC monitoring with Git Christopher Díaz Riveros
@ 2019-12-20  9:29 ` Christian Couder
  0 siblings, 0 replies; 2+ messages in thread
From: Christian Couder @ 2019-12-20  9:29 UTC (permalink / raw)
  To: Christopher Díaz Riveros; +Cc: Git List

Hi,

On Thu, Dec 19, 2019 at 10:31 PM Christopher Díaz Riveros
<christopher.diaz.riv@gmail.com> wrote:

> Would a valid approach for first issue be to set a pre-receive hook in
> our repositories so that before the PR is merged, we check validity of
> the contact email, a.k.a. owner tag (we assume validity means that
> email exist), maybe via ldapsearch or another command like this?

You might find it easier and simpler to use CI tools like Travis CI,
Circle CI, GitLab pipelines, GitHub Actions, and so on to run the
checks instead of using a hook.

> For the second case, I'd assume git does not by default monitor
> contents of files on a regular basis, does anybody have faced this
> issue and successfully found a way to periodically check contents and
> trigger alerts on repositories based on same case (email becomes
> invalid, then trigger alert)?

Many CI tools let you schedule jobs regularly.

Best,
Christian.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2019-12-20  9:30 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-12-19 21:30 IaC monitoring with Git Christopher Díaz Riveros
2019-12-20  9:29 ` Christian Couder

Code repositories for project(s) associated with this public inbox

	https://80x24.org/mirrors/git.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).