Skip to content

GitHub app for Fensak, a service that alows users to apply security best practices to GitOps.

License

Notifications You must be signed in to change notification settings

fensak-io/fensak

Repository files navigation

Fensak

Secure your GitOps Workflows without any compromise


Home GitHub App Documentation
latest release main branch CI LICENSE

This is the source code for Fensak, a service that allows users to apply security best practices to GitOps workflows without any compromises.

GitOps best practices require that everything about the application infrastructure is managed as code. Naturally, this means that any form of deployment requires a commit to the source repository. But this can quickly conflict with Continuous Delivery where you want to automate deployments without humans in the loop.

Fensak allows you confidently configure GitOps with protected branches through:

  • Automatic approval: Selectively auto-approves the changes that pertain to continuous delivery. Only allow through the trivial routine deployments.
  • Required reviews: Anything that fails auto-approval will require manual review to proceed. You can specify how many manual approvals substantial changes should require.
  • Fully customizable: Fensak's approval rules engine is extensible using custom JavaScript functions. Maintain full control over what changes should be approved automatically.

Learn more at fensak.io and docs.fensak.io.

Getting started with Fensak

The easiest way to get started with Fensak is with our official GitHub App, backed by our hosted managed service. Check out our Getting started guide for a quick overview of installing the app, configuring it, and getting going with auto-approving your Continuous Delivery Pull Requests.

Configuring Fensak as a User

If you are using Fensak as a user, refer to our .fensak repository reference for instructions on what you need to configure Fensak, including writing custom rules.

For examples of user defined rules including ideas on specific rules to implement and how to test them, refer to the fensak-rules-examples repo. Also check out our Writing rules scripts guide.

Technology

Fensak is built in TypeScript targeting the Deno runtime.

Reporting Bugs, Getting Help, Providing Feedback, etc

Please create a GitHub discussion if you want to:

  • report issues with the hosted Fensak service
  • get any kind of help, like setting up Fensak, writing custom rules, or using Fensak in general
  • provide product feedback and suggestions

Please create a GitHub issue to report bugs and issues with the source code, including self-hosting and using the functions for testing.

Do not open an issue to report security issues. Instead, please review our Security Policy.

If you are a paying customer of our GitHub App, and have questions about your account, or have any kind of billing releated inquiry, please email support@fensak.io.

LICENSE

SPDX-License-Identifier: AGPL-3.0-or-later OR BUSL-1.1

Fensak is dual-licensed under the AGPL 3.0 (or any later version) and Business Source License 1.1 (with no Additional Use Grant). Refer to the corresponding LICENSE files for the full parameters of either license:

Dual licensing means that you can use the code under the terms of either license.

For example, if you are using this to test your rules functions and you do not want to be bound by the terms of the AGPL license (and thus be forced to release the source code of your rules), you can license the Fensak testing code under the BUSL 1.1 license.

On the other hand, if you wish to self host an instance of Fensak for internal use, then you can license Fensak under the terms of the AGPL 3.0 (or later) license. You can not self host an instance of Fensak under the BUSL 1.1 license since it does not allow any additional use grant for production usage.

Refer to the License FAQ for more information.

About

GitHub app for Fensak, a service that alows users to apply security best practices to GitOps.

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Languages