From 2693ccd153d943767e38a15798bc09eca9545866 Mon Sep 17 00:00:00 2001 From: Aravind N Date: Thu, 22 Feb 2024 16:38:13 +0530 Subject: [PATCH] Add seperate policies for security and reliability --- .../policy-include/include.rego | 53 ------------------- .../policy-include/reliability.rego | 11 ++++ .../policy-include/security.rego | 11 ++++ 3 files changed, 22 insertions(+), 53 deletions(-) delete mode 100644 policies/opsverse-corcentric-cd/policy-include/include.rego create mode 100644 policies/opsverse-corcentric-cd/policy-include/reliability.rego create mode 100644 policies/opsverse-corcentric-cd/policy-include/security.rego diff --git a/policies/opsverse-corcentric-cd/policy-include/include.rego b/policies/opsverse-corcentric-cd/policy-include/include.rego deleted file mode 100644 index bd58fe8..0000000 --- a/policies/opsverse-corcentric-cd/policy-include/include.rego +++ /dev/null @@ -1,53 +0,0 @@ -package example.include - -import rego.v1 -default allow := false -default minSecurityRatingAllowed := "1.0" -default minReliabilityRatingAllowed := "1.0" -default maxComplexityAllowed := "10" -default maxNclocAllowed := "50" -default maxNewViolationsAllowed := "10" - -allow if { - input.metricName == "security_rating" - input.metricValue >= minSecurityRatingAllowed -} - -allow if { - input.metricName == "reliability_rating" - input.metricValue >= minReliabilityRatingAllowed -} - -allow if { - input.metricName == "complexity" - input.metricValue <= maxComplexityAllowed -} - -allow if { - input.metricName == "ncloc" - input.metricValue <= maxNclocAllowed -} - -allow if { - input.metric == "unit-test" -} - -allow if { - input.status == "PASSED" - input.metric == "code-coverage" -} - -allow if { - input.status == "PASSED" - input.metric == "vulnerability" -} - -allow if { - input.status == "PASSED" - input.metric == "static-code-analysis" -} - -allow if { - input.status == "PASSED" - input.metric == "integration-test" -} \ No newline at end of file diff --git a/policies/opsverse-corcentric-cd/policy-include/reliability.rego b/policies/opsverse-corcentric-cd/policy-include/reliability.rego new file mode 100644 index 0000000..f7044a2 --- /dev/null +++ b/policies/opsverse-corcentric-cd/policy-include/reliability.rego @@ -0,0 +1,11 @@ +package reliability.include + +import rego.v1 + +default allow := false +default minReliabilityRatingAllowed := "1.0" + +allow if { + input.metricName == "reliability_rating" + input.metricValue >= minReliabilityRatingAllowed +} diff --git a/policies/opsverse-corcentric-cd/policy-include/security.rego b/policies/opsverse-corcentric-cd/policy-include/security.rego new file mode 100644 index 0000000..0fb17a5 --- /dev/null +++ b/policies/opsverse-corcentric-cd/policy-include/security.rego @@ -0,0 +1,11 @@ +package security.include + +import rego.v1 + +default allow := false +default minSecurityRatingAllowed := "1.0" + +allow if { + input.metricName == "security_rating" + input.metricValue >= minSecurityRatingAllowed +}