Fidesctl is primarily designed to integrate with your existing CI pipeline configurations. Common implementations include:
- Github Actions
- Gitlab CI
- Azure Pipelines
- AWS CodePipeline
- Team City
Implementing Fidesctl is possible in nearly any CI pipeline, including those not listed.
To integrate Fidesctl with your CI pipeline, you should plan to implement at least two CI actions:
fidesctl evaluate --dry <resource_dir>
evaluate --drychecks if code changes will be accepted without pushing those changes to the fidesctl server.
- Run this against the latest commit on code changesets (pull requests, merge requests, etc).
fidesctl evaluate <resource_dir>
evaluatesynchronizes the latest changes to the fidesctl server.
- Run this against commits representing merges into the default branch.
Implementation examples are also available for a variety of CI tools.