Creating a Policy
To create a new policy, use the policy init
command:
policy init
You'll be asked to select a server. Assuming you've logged in to the Aserto Policy Registry, you'll be able to select from following:
# SERVER 1 opcr.io 2 registry.prod.aserto.com
> Select server#:
If you haven't logged in to the Aserto Policy Registry, you'll only see the opcr
option. After selecting a server you'll be asked to confirm your choice, or otherwise override it with a different value:
server: (registry.prod.aserto.com):
Hitting "Enter" will confirm your choice. Otherwise, provide a different value and hit "Enter".
Next, provide your username in the policy registry you've selected:
> user : ([YOUR_USER_NAME]):
Provide the name of the secret containing the Github token you'd like to use (by default, the name should be GITHUB_TOKEN
)
> github secret name: (GITHUB_TOKEN): GITHUB_TOKEN
Specify the name of the repository you'll be pushing the policy to:
> repo : (): [YOUR-ORGANIZATION]/[POLICY-NAME]
The following directory structure will be created:
.โโโ .githubโย ย โโโ config.yamlโย ย โโโ workflowsโย ย โโโ build-release-policy.yamlโโโ .gitignoreโโโ src โโโ .manifest โโโ policies โโโ hello.rego
Update the content of the policy as needed, then follow the steps to build, tag and push the policy to OPCR.