CI 파이프라인의 회사 정책에 따라 앱 검증

https://cloud.google.com/anthos-config-management/docs/tutorials/app-policy-validation-ci-pipeline에 사용

코드 샘플

YAML

steps:
- id: 'Prepare config'
  # This step builds the final manifests for the app
  # using kustomize and the configuration files
  # available in the repository.
  name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
  entrypoint: '/bin/sh'
  args: ['-c', 'mkdir tmp && kubectl kustomize config/prod > tmp/prod.yaml']
- id: 'Download policies'
  # This step fetches the policies from the Anthos Config Management repository
  # and consolidates every resource in a single directory.
  name: 'gcr.io/kpt-dev/kpt:v1.0.0-beta.3'
  entrypoint: '/bin/sh'
  args: ['-c', 'kpt pkg get https://github.com/GoogleCloudPlatform/csp-config-management.git/ci-app/acm-repo/cluster@1.0.0 constraints
                  && cp -a constraints/* tmp/']
- id: 'Validate against policies'
  # This step validates that all resources comply with all policies.
  name: 'gcr.io/kpt-dev/kpt:v1.0.0-beta.3'
  entrypoint: '/bin/sh'
  args: ['-c', 'kpt fn eval tmp/ --image gcr.io/kpt-fn/gatekeeper:v0']

다음 단계

다른 Google Cloud 제품의 코드 샘플을 검색하고 필터링하려면 Google Cloud 샘플 브라우저를 참조하세요.