you can use opal-server generate-secret to create a cryptographically strong secret to use.use OPAL_POLICY_REPO_WEBHOOK_SECRET to configure a secret you can share with the webhook provider (authenticating incoming webhooks).see GitHub's guide on configuring webhooks.Say your server is hosted on the webhook URL will be /webhook Better GIT watching can be achieved via configuring a webhook back to the OPAL_SERVER's webhook route.OPAL_POLICY_REPO_URL= opal-server -policy-repo-polling-interval 60 run #Have the opal server monitor a repo every 60 seconds Top-level CLI options listed in -help are available under the same name as env-vars (simply convert to uppercase and replace "-" with "_", prefix with 'OPAL' )įor example OPAL_SERVER_PORT=1337 opal-server run is equivalent to opal-server -server-port 1337 run opal-client -data-topics topics1 -data-topics topics2 -data-topics topics3 run and as multi-options for cmd options i.e.OPAL_DATA_TOPICS=topic1,topic2,topic3 opal-client run pass delimited by "," with env-vars i.e.ini files, and command-line options (later overrides previous). Ideally install OPAL into a clean virtual-envīoth opal-server and opal-client can be configured using environment-variables. Make sure your system is running Python 3.7 or higher There's also a separate guide for setting-up OPAL from pre-built docker images. This HOW-TO focuses on setting-up OPAL with its packages and CLI interface, this guide is better to understand the main configurations of OPAL. We'll deploy OPAL-clients (along side policy agents). Getting Started with OPAL is easy - we'll install our OPAL-server to manage all the OPAL-client's we deploy.
This guide will teach you how to setup and use OPAL as Python packages (python 3.7 >) with its CLI Table of Contents