forked from enterprise-contract/config
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpolicy.yaml.tmpl
43 lines (38 loc) · 1.21 KB
/
policy.yaml.tmpl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
{{- $name := .Env.NAME -}}{{- range ds "data" -}}{{- if eq .name $name -}}
#
{{ if index . "deprecated" -}}
# ** DEPRECATED **
#
{{ end -}}
# To use this policy with the ec command line:
# ec validate image \
# --image $IMAGE \
# --public-key key.pub \
# --policy github.com/enterprise-contract/config//{{ .name }}
#
# To use with an RHTAP Enterprise Contract Integration Test CR:
# ...
# spec:
# params:
# - name: POLICY_CONFIGURATION
# value: github.com/enterprise-contract/config//{{ .name }}
# ...
#
description: >-
{{ .description }}
publicKey: "k8s://openshift-pipelines/public-key"
sources:
- name: Default
policy:
- github.com/enterprise-contract/ec-policies//policy/lib
- github.com/enterprise-contract/ec-policies//policy/release
data:
- github.com/enterprise-contract/ec-policies//data
configuration:
include:
{{ .include | toYAML | strings.Indent 4 | strings.TrimSpace }}
exclude:
# Exclude step_image_registries for now since it can cause false
# positives due to https://issues.redhat.com/browse/OCPBUGS-8428
{{ .exclude | coll.Append "step_image_registries" | toYAML | strings.Indent 4 | strings.TrimSpace }}
{{- end -}}{{- end }}