apiVersion string

appstudio.redhat.com/v1alpha1

kind string

EnterpriseContractPolicy

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

spec EnterpriseContractPolicySpec

status EnterpriseContractPolicyStatus

exclude string array

Exclude set of policy exclusions that, in case of failure, do not block
the success of the outcome.

include string array

Include set of policy inclusions that are added to the policy evaluation.
These override excluded rules.

collections string array

Collections set of predefined rules. DEPRECATED: Collections can be listed in include
with the "@" prefix.

apiVersion string

appstudio.redhat.com/v1alpha1

kind string

EnterpriseContractPolicyList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items EnterpriseContractPolicy array

name string

Optional name of the policy

description string

Description of the policy or its intended use

sources Source array

One or more groups of policy rules

MinItems: 1

configuration EnterpriseContractPolicyConfiguration

Configuration handles policy modification configuration (exclusions and inclusions)

rekorUrl string

URL of the Rekor instance. Empty string disables Rekor integration

publicKey string

Public key used to validate the signature of images and attestations

identity Identity

Identity to be used for keyless verification. This is an experimental feature.

subject string

Subject is the URL of the certificate identity for keyless verification.

subjectRegExp string

SubjectRegExp is a regular expression to match the URL of the certificate identity for
keyless verification.

issuer string

Issuer is the URL of the certificate OIDC issuer for keyless verification.

issuerRegExp string

IssuerRegExp is a regular expression to match the URL of the certificate OIDC issuer for
keyless verification.

name string

Optional name for the source

policy string array

List of go-getter style policy source urls

MinItems: 1

data string array

List of go-getter style policy data source urls

ruleData JSON

Arbitrary rule data that will be visible to policy rules

Type: object

config SourceConfig

Config specifies which policy rules are included, or excluded, from the
provided policy source urls.

Type: object

volatileConfig VolatileSourceConfig

Specifies volatile configuration that can include or exclude policy rules
based on effective time.

Type: object

exclude string array

Exclude is a set of policy exclusions that, in case of failure, do not block
the success of the outcome.

include string array

Include is a set of policy inclusions that are added to the policy evaluation.
These take precedence over policy exclusions.

value string

effectiveOn string

Format: date-time

effectiveUntil string

Format: date-time

imageRef string

DEPRECATED: Use ImageDigest instead
ImageRef is used to specify an image by its digest.

Pattern: ^sha256:[a-fA-F0-9]{64}$

imageDigest string

ImageDigest is used to specify an image by its digest.

Pattern: ^sha256:[a-fA-F0-9]{64}$

imageUrl string

ImageUrl is used to specify an image by its URL without a tag.

Pattern: ^(?:https:\/\/)?\/[a-z0-9-]\/[a-z0-9-]+$

exclude VolatileCriteria array

Exclude is a set of policy exclusions that, in case of failure, do not block
the success of the outcome.

include VolatileCriteria array

Include is a set of policy inclusions that are added to the policy evaluation.
These take precedence over policy exclusions.