Use with https://cloud.google.com/anthos-config-management/docs/tutorials/app-policy-validation-ci-pipeline
For detailed documentation that includes this code sample, see the following:
steps: - id: 'Prepare config' # This step builds the final manifests for the app # using kustomize and the configuration files # available in the repository. name: 'gcr.io/google.com/cloudsdktool/cloud-sdk' entrypoint: '/bin/sh' args: ['-c', 'mkdir hydrated-manifests && kubectl kustomize config/prod > hydrated-manifests/prod.yaml'] - id: 'Download policies' # This step fetches the policies from the Anthos Config Management repository # and consolidates every resource in a single file. name: 'gcr.io/kpt-dev/kpt' entrypoint: '/bin/sh' args: ['-c', 'kpt pkg get https://github.com/GoogleCloudPlatform/anthos-config-management-samples.git/ci-app/acm-repo/cluster@main constraints && kpt fn source constraints/ hydrated-manifests/ > hydrated-manifests/kpt-manifests.yaml'] - id: 'Validate against policies' # This step validates that all resources comply with all policies. name: 'gcr.io/kpt-fn/gatekeeper:v0.2' args: ['--input', 'hydrated-manifests/kpt-manifests.yaml']
To search and filter code samples for other Google Cloud products, see the Google Cloud sample browser.