Support for AquaSec Assurance Policies
complete
T
Tight Swordfish
Aquasec has support for assurance policies within their platform which define what issues will be accepted, and what will cause a build to fail. Currently harness only allows us to fail a build on a particular severity, but we would like to be able to select a policy which manages the failures.
Log In
Pritesh Chandaliya
complete
Pritesh Chandaliya
We will be releasing a workaround for supporting the AquaSec assurance policy (and any scanner for that reason) which provides the policy results. We will expose a field called as "EXERNAL_POLICY_FAILURE" in the O/P variable. Users can create an OPA policy to fail/warn the pipeline based on the value of the field exposed.
To be clear, we will not expose policy details from the scanner but just a pass/fail flag to decide for the users to block the pipeline based on 3rd party scanners. We recommend customers to create OPA (harness) policies based on any STO normalized fields as per their convenience. Please let me know if any more questions.
This feature will be available by the end of March, 2024. Thanks!