stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
6f8ee8aacb6985328882ed5622ca769659ecbb6a
git.stella-ops.org/policies/starter-day1/overrides/production.yaml
master 51cf4bc16c more audit work
2026-01-08 20:46:43 +02:00

23 lines
550 B
YAML
Raw Blame History

apiVersion: policy.stellaops.io/v1
kind: PolicyOverride
metadata:
name: starter-day1-prod
version: 1.0.0
parent: starter-day1
environment: production
spec:
settings:
defaultAction: block
unknownsThreshold: 0.05
requireSignedSbom: true
requireSignedVerdict: true
additionalRules:
- name: require-approval-for-exceptions
description: "Require approval for exceptions in production"
action: block
match:
exceptionRequested: true
message: "Exception approvals are required in production"
Reference in New Issue View Git Blame Copy Permalink