Package v1alpha1 contains API Schema definitions for the appstudio.redhat.com v1alpha1 API group
EnterpriseContractPolicy is the Schema for the enterprisecontractpolicies API
Appears in:
| Field | Description |
|---|---|
apiVersion string |
appstudio.redhat.com/v1alpha1 |
kind string |
EnterpriseContractPolicy |
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
spec EnterpriseContractPolicySpec |
EnterpriseContractPolicyConfiguration configuration of modifications to policy evaluation. DEPRECATED: Use the config for a policy source instead.
Appears in:
| Field | Description |
|---|---|
exclude string array |
Exclude set of policy exclusions that, in case of failure, do not block the success of the outcome. |
include string array |
Include set of policy inclusions that are added to the policy evaluation. These override excluded rules. |
collections string array |
Collections set of predefined rules. DEPRECATED: Collections can be listed in include with the “@” prefix. |
EnterpriseContractPolicyList contains a list of EnterpriseContractPolicy
| Field | Description |
|---|---|
apiVersion string |
appstudio.redhat.com/v1alpha1 |
kind string |
EnterpriseContractPolicyList |
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
items EnterpriseContractPolicy array |
EnterpriseContractPolicySpec is used to configure the Enterprise Contract Policy
Appears in:
| Field | Description |
|---|---|
name string |
Optional name of the policy |
description string |
Description of the policy or its intended use |
sources Source array |
One or more groups of policy rules |
configuration EnterpriseContractPolicyConfiguration |
Configuration handles policy modification configuration (exclusions and inclusions) |
rekorUrl string |
URL of the Rekor instance. Empty string disables Rekor integration |
publicKey string |
Public key used to validate the signature of images and attestations |
identity Identity |
Identity to be used for keyless verification. This is an experimental feature. |
Identity defines the allowed identity for keyless signing.
Appears in:
| Field | Description |
|---|---|
subject string |
Subject is the URL of the certificate identity for keyless verification. |
subjectRegExp string |
SubjectRegExp is a regular expression to match the URL of the certificate identity for keyless verification. |
issuer string |
Issuer is the URL of the certificate OIDC issuer for keyless verification. |
issuerRegExp string |
IssuerRegExp is a regular expression to match the URL of the certificate OIDC issuer for keyless verification. |
Source defines policies and data that are evaluated together
Appears in:
| Field | Description |
|---|---|
name string |
Optional name for the source |
policy string array |
List of go-getter style policy source urls |
data string array |
List of go-getter style policy data source urls |
ruleData JSON |
Arbitrary rule data that will be visible to policy rules |
config SourceConfig |
Config specifies which policy rules are included, or excluded, from the provided policy source urls. |
volatileConfig VolatileSourceConfig |
Specifies volatile configuration that can include or exclude policy rules based on effective time. |
SourceConfig specifies config options for a policy source.
Appears in:
| Field | Description |
|---|---|
exclude string array |
Exclude is a set of policy exclusions that, in case of failure, do not block the success of the outcome. |
include string array |
Include is a set of policy inclusions that are added to the policy evaluation. These take precedence over policy exclusions. |
VolatileCriteria includes or excludes a policy rule with effective dates as an option.
Appears in:
| Field | Description |
|---|---|
value string |
|
effectiveOn string |
|
effectiveUntil string |
|
imageRef string |
ImageRef is used to specify an image by its digest. |
VolatileSourceConfig specifies volatile configuration for a policy source.
Appears in:
| Field | Description |
|---|---|
exclude VolatileCriteria array |
Exclude is a set of policy exclusions that, in case of failure, do not block the success of the outcome. |
include VolatileCriteria array |
Include is a set of policy inclusions that are added to the policy evaluation. These take precedence over policy exclusions. |