Releasing Guardrails

Testing and releasing guardrails gracefully

By default, guardrails in Resourcely apply to every repository that Resourcely monitors. Resourcely has two mechanisms for performing more fine-grained guardrail rollouts.

Blueprints can "exclude" specific guardrails. For simplicity, this page ignores that feature.

Guardrail Status

Guardrails in Resourcely are in one of three statuses:

Active - Resourcely applies this guardrail to pull requests. If the guardrail produces findings, Resourcely blocks the pull request and adds the guardrail's contact as an approver.
Evaluate Only - Resourcely applies this guardrail to pull requests. If the guardrail produces findings, Resourcely does not block the pull request. It still adds the guardrail's contact as an approver for visibility.
Inactive - Resourcely does not apply this guardrail to pull requests.

Targeted Repositories

Guardrails can optionally have a list of Targeted Repositories. This controls the set of repositories where Resourcely applies the guardrail.

Each guardrail can list up to ten targeted repositories. The guardrail will not run on pull requests from any other repositories. In the absence of targeted repositories, guardrails apply globally.

In the future, Guardrail Activation Policies will support arbitrary RLY predicates that can analyze repository, config root, and environment metadata.

How to Configure

In Foundry, you can edit Status and Targeted Repositories under 'Set Activation Policy'. To activate a guardrail globally, set Status to Active and remove all Targeted Repositories.

One guardrail can use both features. For example, an Evaluate Only guardrail with two Targeted Repositories would only run against pull requests in those two repositories, but would never block a pull request.

PreviousEditing Guardrails NextEnabling Inactive Guardrails

Last updated 8 months ago