Validating apps against company policies in a CI pipeline

Stay organized with collections Save and categorize content based on your preferences.

Use with

Explore further

For detailed documentation that includes this code sample, see the following:

Code sample


- id: 'Prepare config'
  # This step builds the final manifests for the app
  # using kustomize and the configuration files
  # available in the repository.
  name: ''
  entrypoint: '/bin/sh'
  args: ['-c', 'mkdir hydrated-manifests && kubectl kustomize config/prod > hydrated-manifests/prod.yaml']
- id: 'Download policies'
  # This step fetches the policies from the Anthos Config Management repository
  # and consolidates every resource in a single file.
  name: ''
  entrypoint: '/bin/sh'
  args: ['-c', 'kpt pkg get constraints
                  && kpt fn source constraints/ hydrated-manifests/ > hydrated-manifests/kpt-manifests.yaml']
- id: 'Validate against policies'
  # This step validates that all resources comply with all policies.
  name: ''
  args: ['--input', 'hydrated-manifests/kpt-manifests.yaml']

What's next

To search and filter code samples for other Google Cloud products, see the Google Cloud sample browser.