Requesting support for performing a git.diff on file content within push and/or trigger policy contexts, to enable conditional evaluation of PR and tracked runs based on the nature of the changes β especially at the field or line level.
As it stands:
Trigger and push policies currently provide access to lists of changed files, but not necessarily to the diff contents themselves in a structured, queryable form.
This makes it difficult to implement fine-grained policies that inspect how a file has changed β not just which file has changed.
For example, changing a description field in a .tf file is low risk, but modifying IAM permissions or backend configurations is high risk and should trigger different enforcement.
Enhance policy contexts (ideally both push and trigger, or at least push) to expose:
A structured version of git.diff, with access to file content diffs (not just file names).
The ability to inspect added, removed, or modified lines within files.
Please authenticate to join the conversation.
π In Review
π‘ Feature Requests
Policies
7 months ago
Get notified by email when there are changes.
π In Review
π‘ Feature Requests
Policies
7 months ago
Get notified by email when there are changes.