Enterprise Contract Configuration
Enterprise Contract configuration is described here.
The configuration used by EC can be provided by an
EnterpriseContractPolicy cluster resource, or
it can be fetched from a git url.
For command line use of Enterprise Contract a local file can also be used.
There are some pre-defined configuration files available here.
The output of the Enterprise Contract task includes a copy of the configuration
used. You can find it under the
policy key in the raw YAML output where it
can be copy and pasted.
|Notice that the public key used to verify both the signed images and the signed attestations created by Tekton Chains is available in the YAML output also. This public key is useful if you want to use Enterprise Contract outside the RHTAP cluster as described in here.|
To change which configuration is used by the Enterprise Contract integration test, it is necessary to modify the applicable "IntegrationTestScenario" cluster resouce.
This is currently not possible via the web UI, so it must be done using either
See Using custom configuration for details on how to do this.