Policy Step is not available in the build stage
pending feedback
S
Skinny Grasshopper
One of our requirement run the scan policy before push the artifact into repo which is in the CI/Build stage. We could see the policy type is available in the deploy stage but not in the Build/CI Stage. Needed to add the policy step in the CI/Build?
Log In
Canny AI
Rohan Gupta
Merged in a post:
FR - Add support for Policy step in buils stage type.
T
Tan Mackerel
Hi Team,
Currently the policy step is available in the Deploy stage or Custom stage, but not the Build stage. Our requirement is the build stage.
What we are looking for is having a policy step in a build stage that evaluates over data that includes the pipeline.yml with all input and outputs to steps prior to policy step fully evaluated.
N
Nofar Bluestein
Thank you for your feedback. Could you please elaborate on the use case you are trying to achieve?
E
Ethical Grasshopper
Nofar Bluestein
I have a mac address pool (5 mac address)
each execution build stage it will consume 1 mac address. (once execution is done, it will return the mac address back to the pool)
So in Max, I can have 5 executions run in parallel.
Once the 6th execution start, it will check the mac address pool to see if there's one available, if not, it will wait until it available.
N
Nofar Bluestein
Ethical Grasshopper:
Thank you Jason,
can you please share which infrastructure are you using for your builds?
We are looking into adding the ability to set concurrency limits so only X number of stages could execute at the same time per infra related limits. For example, if you use docker runner you would be able to configure allowing only X stages to run in parallel on agents that meet a certain criteria.
I am wondering if this could satisfy your use case, or is the a need to use the queue step specifically.
Thank you
E
Ethical Grasshopper
Nofar Bluestein
Hi I said on title, i need it at build stage. it's not target to harness infratructure.
E
Ethical Grasshopper
we will initialize a docker container. During the initialize, we will pick one mac address from the pool (5 mac in-total), if all 5 are occupied, the pipeline will wait for the next one release back
E
Ethical Grasshopper
i just need a queue step in build stage, in that case, I can make above thing easier. I just use one mac address, if any execution is running (in queue), all other execution just wait for it release.
Pranav Rastogi
pending feedback
Pranav Rastogi
Thank you for your feedback. You can do this today by creating a custom OPA policy and applying it at the pipeline. Does this work?