Skip to content

CONTRIBUTING.md

Latest commit

 

History

History
36 lines (29 loc) · 1.26 KB

CONTRIBUTING.md

File metadata and controls

36 lines (29 loc) · 1.26 KB

Contributing

Thanks for your interest in OCPA! This project welcomes issues, PRs, and security-minded feedback.

Getting started

  • Fork and clone the repo (recommended). If you prefer a maintainer-created branch, open an issue first and we can coordinate.
  • Create a feature branch: git checkout -b feature/my-change.
  • Create a virtualenv and install deps: 
    python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
pip install -r requirements-dev.txt

Tests and lint

  • Run tests: pytest
  • Run lint: ruff check .

Policy changes

If you modify Rego policies:

  • Bump policies/VERSION and update policies/CHANGELOG.md.
  • Update the baseline if intended: make baseline VERSION=x.y.z NOTES="desc" (OPA must be running).
  • Ensure observability/policy_scenarios_baseline.json matches expected decisions.

Security hygiene

  • Do not commit real secrets. Use charts/ocpa/values-secrets.example.yaml as a template.
  • If you add new examples, keep them scrubbed.
  • Optional: run gitleaks or trufflehog locally before release.

PR checklist

  • Tests and lint pass.
  • Docs updated if behavior or config changes.
  • Policy changes include VERSION/CHANGELOG updates.

By contributing, you agree to follow the CODE_OF_CONDUCT.md.