Context

When using GitOps workflows to trigger Spacelift runs via Git commands, the plan policy fields `creator_session.login` and `creator_session.teams` are empty. This makes it challenging to implement team-based restrictions using teams for runs triggered through Git operations.

Answer

The `creator_session` data is only populated when there's an active user session, such as when triggering runs through the Spacelift UI. For runs triggered via Git commands or API keys, this session context is not available.

Currently, there are two approaches to handle this situation:

1. Use the commit author as a proxy for identity by hard coding mapping commit authors to teams within your policy if this aligns with your workflow.

2. Review alternative data fields available in the plan policy structure to base your policies on. You can find the complete list of available fields in the Terraform Plan Policy documentation.