Documentation

Polion

Explore Polion integration guides and the complete rule catalog. Use category pages to focus on specific governance areas.

CI-Integration / github

Use this workflow as a baseline and inject Polion environment values via GitHub repository secrets.

name: Polion CI
 
on:
  pull_request:
  push:
    branches: [ main ]
  workflow_dispatch:
jobs:
  analyze:
    runs-on: ubuntu-latest
 
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
 
      - name: Run polion-ci-runner
        env:
          POLION_TOKEN: ${{ secrets.POLION_TOKEN }}
        run: |
          docker run --rm \
            -e POLION_TOKEN="$POLION_TOKEN" \
            -e GITHUB_ACTIONS=true \
            -e GITHUB_REPOSITORY="${{ github.repository }}" \
            -e GITHUB_REF_NAME="${{ github.ref_name }}" \
            -e GITHUB_SHA="${{ github.sha }}" \
            -e GITHUB_HEAD_REF="${{ github.head_ref }}" \
            -v "${{ github.workspace }}:/workspace" \
            -w /workspace \
            ghcr.io/polion-io/polion-ci-runner:latest

Required: create and configure your POLION_TOKEN

Open the Polion dashboard and create a new API token for your organization.
Copy the token value immediately after creation.
In GitHub, open your repository and go to Settings → Secrets and variables → Actions.
Create a new repository secret named POLION_TOKEN.
Paste the token as the secret value and save it.

The workflow reads this secret via ${{ secrets.POLION_TOKEN }}. If the secret is missing or invalid, the runner cannot authenticate and the CI step will fail.

Optional runner flags

You can control checks with environment flags in your CI job:

POLION_DISABLE_BREAKING=0
POLION_DISABLE_GOVERNANCE=0

Keep them at 0 (or unset) to run the checks. Set a flag to 1 to disable that check.