Skip to content

example(policies): add http-allowed-hostnames example#2342

Merged
migmartri merged 1 commit into
chainloop-dev:mainfrom
migmartri:2267-add-example
Aug 11, 2025
Merged

example(policies): add http-allowed-hostnames example#2342
migmartri merged 1 commit into
chainloop-dev:mainfrom
migmartri:2267-add-example

Conversation

@migmartri

@migmartri migmartri commented Aug 11, 2025

Copy link
Copy Markdown
Member

Adds a policy example that calls the chainloop API remotely and compares the version. It's meant to showcase http-allowlist security capabilities of our policy engine.

note that an additional error state has been added to the testutils library so detect failed evaluations vs violations

./test.sh
Using Chainloop binary: chainloop

=== Policy Validation ===

Testing: Policy Lint Check
Command: chainloop policy develop lint --policy policy.yaml
✓ PASSED

Testing: No Allowed Hostnames - Should Fail the evaluation
Command: chainloop policy develop eval --policy policy.yaml --kind EVIDENCE  --material testdata/empty.json
✓ EVAL FAILED (as expected)

Testing: With Wrong Allowed Hostname - Should Fail
Command: chainloop policy develop eval --policy policy.yaml --kind EVIDENCE  --material testdata/empty.json --allowed-hostnames example.com
✓ EVAL FAILED (as expected)

Testing: With Correct Allowed Hostname  should run evaluation but fail because of version mismatch
Command: chainloop policy develop eval --policy policy.yaml --kind EVIDENCE  --material testdata/empty.json --allowed-hostnames app.chainloop.dev
✓ FAILED (as expected)

Fetching current platform version...
Current platform version: v0.256.0

Testing: Custom Expected Version (matching current platform)
Command: chainloop policy develop eval --policy policy.yaml --kind EVIDENCE  --material testdata/empty.json --allowed-hostnames app.chainloop.dev --input expected_version=v0.256.0
✓ PASSED

=== Test Results Summary ===

Total Tests: 5
Passed: 5
Failed: 0

🎉 All tests passed!

refs 2267

Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
@migmartri migmartri changed the title docs: add http-allowed-hostnames example example(policies): add http-allowed-hostnames example Aug 11, 2025
@migmartri migmartri merged commit 531fe76 into chainloop-dev:main Aug 11, 2025
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants