Skip to content
/ config Public

Preset policy configuration files for Enterprise Contract

0 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

enterprise-contract/config

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

218 Commits

.github

.github

 
 

default

default

 
 

everything

everything

 
 

github-default

github-default

 
 

hack

hack

 
 

minimal

minimal

 
 

redhat-no-hermetic

redhat-no-hermetic

 
 

redhat-trusted-tasks

redhat-trusted-tasks

 
 

redhat

redhat

 
 

slsa3

slsa3

 
 

src

src

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

Repository files navigation

Enterprise Contract Configuration Files

This repo contains a set of policy.yaml files which can be used by the Enterprise Contract Command Line Interface with a variety of environments.

Konflux CI

When using Red Hat's Konflux CI, (formerly Red Hat App Studio), environment, there is a predefined Integration Test pipeline definition for each of the configs in this section. They can be used when creating an Integration Test in Konflux as per the documentation here.

The policy configuration files are:

Default

Includes rules for levels 1, 2 & 3 of SLSA v0.1. This is the default config used for new Konflux applications.

  • URL for Enterprise Contract: github.com/enterprise-contract/config//default
  • Source: default/policy.yaml
  • Collections: @slsa3

Everything (experimental)

Include every rule in the default policy source. For experiments only. This is not expected to pass for Konflux builds without excluding some rules.

  • URL for Enterprise Contract: github.com/enterprise-contract/config//everything
  • Source: everything/policy.yaml
  • Collections:

Red Hat

Includes the full set of rules and policies required internally by Red Hat when building Red Hat products.

Red Hat (non hermetic)

Includes most of the rules and policies required internally by Red Hat when building Red Hat products. It excludes the requirement of hermetic builds.

SLSA3

Rules specifically related to levels 1, 2 & 3 of SLSA v0.1, plus a set of basic checks that are expected to pass for all Konflux builds.

Konflux CI & Red Hat Trusted Application Pipeline (RHTAP) - Tasks

These are policy rules used to verify Tekton Task definitions meet the Red Hat guidelines for being considered trusted.

The policy configuration files are:

Red Hat Trusted Tasks

Rules used to verify Tekton Task definitions comply to Red Hat's standards.

GitHub

Container images built via GitHub Actions can be verified with the following policy configurations.

GitHub Default

Rules for container images built via GitHub Workflows.

See also

About

Preset policy configuration files for Enterprise Contract

Resources

Readme

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

6 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 5

Languages