Skip to main content

Github Action

๐Ÿ’ก NOTE: For the latest details check out Github

Integrating the Overmind Github actions means that every PR gets automatically scanned and any infrastructure related risks identified. As soon as you create a PR, Overmind gets straight to work and puts anything important front and center.

Screenshot of how Overmind's GH Action

Configuringโ€‹

  1. Setup your GitHub Actions in your .github folder. For example here is our terraform-example repository's automatic.yml workflow.

  2. You can use the GitHub Actionโ€™s secret store to provide the API key for the Overmind CLI.

  3. Next, configure the actions to install the CLI and submit the plan to Overmind

    - uses: overmindtech/actions/install-cli@main
      with:
        version: latest
        github-token: ${{ secrets.GITHUB_TOKEN }}

    - uses: overmindtech/actions/submit-plan@main
      if: github.event.action != 'closed'
      id: submit-plan
      with:
        ovm-api-key: ${{ secrets.OVM_API_KEY }}
        plan-json: ./tfplan.json

  4. Overmind ingests the plan and discovers the resources in AWS that will be affected.

  5. Overmind will then create a blast radius by taking the affected resources and scanning for everything that depends on those resources.

  6. Finally, Overmind calculates the risks for this change, and attaches them as a comment.

A full example workflow can be found in the overmindtech/terraform-example repo