--- # Copyright The Conforma Contributors # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # SPDX-License-Identifier: Apache-2.0 rule_data: # Usage: https://conforma.dev/docs/policy/packages/release_git_branch.html#git_branch__git_branch allowed_target_branch_patterns: - ^refs/heads/main$ - ^refs/heads/release-v[\d\.]+$ # Usage: https://conforma.dev/docs/policy/packages/release_base_image_registries.html#base_image_registries__allowed_registries_provided allowed_registry_prefixes: - localhost:5000/ - registry.local/namespace/repo/ - registry.redhat.io/ - docker.io/ - registry.access.redhat.com # Usage: https://conforma.dev/docs/policy/packages/task_step_image_registries.html allowed_step_image_registry_prefixes: - localhost:5000/ - registry.local/namespace/repo/ - registry.redhat.io/ - docker.io/ - quay.io/ # Usage: https://conforma.dev/docs/policy/release_policy.html#java__no_foreign_dependencies # TODO: Document in the policy docs which values are expected here. allowed_java_component_sources: - redhat - rebuilt # Usage: https://conforma.dev/docs/policy/packages/release_external_parameters.html pipeline_run_params: - git-repo - git-revision - output-image # Usage: https://conforma.dev/docs/policy/packages/release_hermetic_task.html required_hermetic_tasks: - buildah - run-script-oci-ta # Usage: https://conforma.dev/docs/policy/packages/release_labels.html#labels__deprecated_labels deprecated_labels: - name: INSTALL replacement: install - name: Architecture replacement: architecture - name: Name replacement: name # Usage: https://conforma.dev/docs/policy/packages/release_labels.html#labels__required_labels required_labels: - name: architecture description: Architecture the software in the image should target. - name: build-date description: Date/Time image was built as RFC 3339 date-time. - name: description description: Detailed description of the image. - name: vendor description: Name of the vendor. # Usage: https://conforma.dev/docs/policy/packages/release_labels.html#labels__optional_labels optional_labels: - name: maintainer description: >- The name and email of the maintainer (usually the submitter). Should contain `@redhat.com` or `Red Hat`. - name: summary description: A short description of the image. # Usage: https://conforma.dev/docs/policy/packages/release_labels.html#labels__disallowed_inherited_labels disallowed_inherited_labels: - name: description - name: summary # Usage: https://conforma.dev/docs/policy/packages/release_labels.html#labels__required_labels fbc_required_labels: - name: build-date description: Date/Time image was built as RFC 3339 date-time. # Usage: https://conforma.dev/docs/policy/packages/release_labels.html#labels__optional_labels fbc_optional_labels: - name: summary description: A short description of the image. # https://conforma.dev/docs/policy/packages/release_labels.html#labels__disallowed_inherited_labels fbc_disallowed_inherited_labels: - name: description - name: summary disallowed_packages: # Any version of the package greater than or equal to v50.28.3 will not be allowed. - purl: pkg:golang/k8s.io/client-go # "semverv" is a made up name to describe golang's variation of the semver standard. The format # "semver" is also supported. Both behave exactly the same. format: semverv min: v50.28.3 # Any version of the package lower than or equal to v50.28.3 will not be allowed. - purl: pkg:golang/k8s.io/client-go format: semverv max: v50.28.3 # Any version of the package greater than or equal to v50.20.2, AND lower than or equal to # v50.28.3 will be not allowed. - purl: pkg:golang/k8s.io/client-go format: semverv min: v50.20.2 max: v50.28.3 allowed_rpm_signature_keys: - 199e2f91fd431d51