Enforcing Policy Compliance with Required Status Checks

Syncier Security Tower can provide feedback on GitHub to check if manifests comply with all policies activated in a cluster. Feedback is provided for Pull Requests using the GitHub Status Checks. You can view the result of a check on the Checks tab of a Pull Request, and also at the bottom of the Conversations tab. Checks are enabled by default for all repositories in which Syncier Security Tower is installed to. Refer to the cluster configuration reference on how to disable feedback for a specific cluster.

Pull Request feedback

To make sure that your clusters are compliant with the activated policies, it is recommended to make the checks mandatory. This way a Pull Request can only be merged if the check was successful. Follow the instructions in the GitHub documentation to set up branch protection, and enable a required status check from Syncier Security Tower. Please note, that you can only enable the status check once Syncier Security Tower has provided feedback at least once.