Open suzuki-shunsuke opened 6 months ago
Policy is useful to enforce policies in the project level, but isn't useful to enforce policies in machine level.
Environment variables AQUA_ENFORCE_CHECKSUM
and AQUA_ENFORCE_REQUIRE_CHECKSUM
are useful to enforce policies in machine level.
Feature Overview
Support setting checksum in aqua-policy.yaml.
Why is the feature needed?
To enforce the checksum verification via Policy.
Workaround
Use
AQUA_ENFORCE_CHECKSUM
andAQUA_ENFORCE_REQUIRE_CHECKSUM
.These environment variables are useful especially in CI, but it's difficult to ask users to set environment variables on their local environment.
Example Code
Configuration
aqua-policy.yaml
Note