Adding policies to Base Template Repos

Overview

Base Template Repositories (BTRs) are an excellent way to systematise and enforce configuration standards for your application. You can add Skycap Validation Policy definitions to any BTR to ensure that configuration files (Stencils) generated from that BTR comply with your policies.

Note

This guide assumes you have a working knowledge of both BTRs and Skycap Validation Policies. Please read our separate guides for both these topics if you're unsure about them.

How to add policies to a BTR

Policies are defined in a BTR via a central templates.json file that sits in the root of the repo.

This is an excerpt from a templates.json file that illustrates the structure of the policies section:

    "policies": [
             {
                "name": "No Port in Services",
                "filename": "no-port-num.cop",
                "description": "Block a port",
                "selector": "kind: Service",
                "tags": [],
                "preferred_sequence": 0
             },
          ],

The same templates.json file is also used to define the Kubernetes templates (Stencils) and any transformations applied to those templates. For more info, please read our guides to these features.

Components of the JSON definition

The Policy section of the templates.json has the following fields:

Directory structure for policies in BTRs

BTRs must be organized as follows: