Skip to main content

Github Actions

💡 NOTE: For the latest details check out Github

Integrating the Overmind Github actions means that every PR gets automatically scanned and any infrastructure related risks identified. As soon as you create a PR, Overmind gets straight to work and puts anything important front and center.

Screenshot of how Overmind's GH Action

Configuring​

  1. Setup your GitHub Actions in your .github folder. For example here is our terraform-example repository's automatic.yml workflow.

  2. You can use the GitHub Action’s secret store to provide the API key for the Overmind CLI.

  3. Next, configure the actions to install the CLI and submit the plan to Overmind

    - uses: overmindtech/actions/install-cli@main
      with:
        version: latest
        github-token: ${{ secrets.GITHUB_TOKEN }}

    - uses: overmindtech/actions/submit-plan@main
      if: github.event.action != 'closed'
      id: submit-plan
      with:
        ovm-api-key: ${{ secrets.OVM_API_KEY }}
        plan-json: ./tfplan.json

  4. Overmind ingests the plan and discovers the resources in AWS that will be affected.

  5. Overmind will then create a blast radius by taking the affected resources and scanning for everything that depends on those resources.

  6. Finally, Overmind calculates the risks for this change, and attaches them as a comment.

A full example workflow can be found in the overmindtech/terraform-example repo