Add Policy DSL Validator, Schema Exporter, and Simulation Smoke tools
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Implemented PolicyDslValidator with command-line options for strict mode and JSON output. - Created PolicySchemaExporter to generate JSON schemas for policy-related models. - Developed PolicySimulationSmoke tool to validate policy simulations against expected outcomes. - Added project files and necessary dependencies for each tool. - Ensured proper error handling and usage instructions across tools.
This commit is contained in:
31
docs/examples/policies/internal-only.yaml
Normal file
31
docs/examples/policies/internal-only.yaml
Normal file
@@ -0,0 +1,31 @@
|
||||
version: "1.0"
|
||||
metadata:
|
||||
description: Relaxed internal/development policy
|
||||
tags:
|
||||
- internal
|
||||
- dev
|
||||
rules:
|
||||
- name: Block KEV advisories
|
||||
tags: [kev]
|
||||
action: block
|
||||
|
||||
- name: Warn medium severity
|
||||
severity: [Medium]
|
||||
environments: [internal]
|
||||
action: warn
|
||||
|
||||
- name: Accept vendor VEX
|
||||
action:
|
||||
type: require_vex
|
||||
requireVex:
|
||||
vendors: [VendorX, VendorY]
|
||||
justifications:
|
||||
- component_not_present
|
||||
- vulnerable_code_not_present
|
||||
|
||||
- name: Quiet low severity
|
||||
severity: [Low, Informational]
|
||||
action:
|
||||
type: ignore
|
||||
until: 2026-01-01T00:00:00Z
|
||||
justification: "Deferred to annual remediation cycle"
|
||||
Reference in New Issue
Block a user