- Cyral's app for Github monitors your default policy branch in Github, and it automatically updates your active Cyral policies when you commit changes to that branch. If you've made a commit and your policy fails to update, you can troubleshoot by checking the following:
- When merging your policy changes, make sure you’re merging into the default branch of the repo. When you commit a policy change to the default branch, the Cyral Github app checks it (lints it) and applies the new policy if the checks pass. When you commit a policy change to a non-default branch, the Cyral Github app performs the checks but does not apply the policy.
- Make sure the private key of your Cyral Github app has not changed. Upon first setting up your Github app, you will have sent this key to Cyral so that we can add it to your application integration. When this key changes, you must send us the new key so we can update it.
- In the
metablock of your policy, make sure the
namehas not changed.
- In your Cyral data map, make sure you follow all exclusivity limits when creating and using each
LABEL. If your data maps and policies violate any of these limits, the policy update will fail. These limits prevent users from writing conflicting rules about the same data:
LABELmust be defined in only one data map.
LABELcan refer to one or many attributes (for example, tables, fields, or columns) in one or many repositories.
- A given repository location (a table, collection, field, or column) must be included in only one
LABELmust be used in only one policy. You may use the
LABELin one or many rules in the policy.
For more information, see