Enforce Passing GuardRails Checks
Once GuardRails has been setup in your VCS, you can enforce passing checks to allow merging of PR/MRs.
Table of Contents
On GitHub you can setup branch protection rules for each repository by browsing to "Settings"->"Branches". There select
guardrails/scan in the section "Requires status checks to pass before merging".
On GitLab you configure the merge checks behavior. Follow these steps:
- Navigate to your project’s
- Expand the
- In the
Merge checkssubsection, select the
Pipelines must succeedcheckbox.
Savefor the changes to take effect.
Under the specific repository that you would like to enforce a branch rest, go to
branch restrictions to open the
Add a branch restriction dialog box.
branch restrictions to the following options:
Once added the rule should appear as below in the
branch restrictions page.
Once this is done, this will add a merge check to the pipeline. This merge check will fail if GuardRails detects a vulnerability.
Because the merge check fails, a repository contributor will not be able to merge the pull request.
Repository admins who will also be blocked from merging as long as the pipeline is failing.