Merge pull request enterprise-contract#185 from lcarva/HACBS-2428

Add config per policy source

api/config/appstudio.redhat.com_enterprisecontractpolicies.yaml

@@ -85,6 +85,22 @@ spec:
                   items:
                     description: Source defines policies and data that are evaluated together
                     properties:
+                      config:
+                        description: Config specifies which policy rules are included, or excluded, from the provided policy source urls.
+                        properties:
+                          exclude:
+                            description: Exclude is a set of policy exclusions that, in case of failure, do not block the success of the outcome.
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: set
+                          include:
+                            description: Include is a set of policy inclusions that are added to the policy evaluation. These take precedence over policy exclusions.
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: set
+                        type: object
                       data:
                         description: List of go-getter style policy data source urls
                         items:

api/v1alpha1/enterprisecontractpolicy_types.go

@@ -61,9 +61,29 @@ type Source struct {
 	// +optional
 	// +kubebuilder:validation:Type:=object
 	RuleData *extv1.JSON `json:"ruleData,omitempty"`
+	// Config specifies which policy rules are included, or excluded, from the
+	// provided policy source urls.
+	// +optional
+	// +kubebuilder:validation:Type:=object
+	Config *SourceConfig `json:"config,omitempty"`
+}
+
+// SourceConfig specifies config options for a policy source.
+type SourceConfig struct {
+	// Exclude is a set of policy exclusions that, in case of failure, do not block
+	// the success of the outcome.
+	// +optional
+	// +listType:=set
+	Exclude []string `json:"exclude,omitempty"`
+	// Include is a set of policy inclusions that are added to the policy evaluation.
+	// These take precedence over policy exclusions.
+	// +optional
+	// +listType:=set
+	Include []string `json:"include,omitempty"`
 }
 
-// EnterpriseContractPolicyConfiguration configuration of modifications to policy evaluation
+// EnterpriseContractPolicyConfiguration configuration of modifications to policy evaluation.
+// DEPRECATED: Use the config for a policy source instead.
 type EnterpriseContractPolicyConfiguration struct {
 	// Exclude set of policy exclusions that, in case of failure, do not block
 	// the success of the outcome.

config/crd/bases/appstudio.redhat.com_enterprisecontractpolicies.yaml

@@ -85,6 +85,22 @@ spec:
                   items:
                     description: Source defines policies and data that are evaluated together
                     properties:
+                      config:
+                        description: Config specifies which policy rules are included, or excluded, from the provided policy source urls.
+                        properties:
+                          exclude:
+                            description: Exclude is a set of policy exclusions that, in case of failure, do not block the success of the outcome.
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: set
+                          include:
+                            description: Include is a set of policy inclusions that are added to the policy evaluation. These take precedence over policy exclusions.
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: set
+                        type: object
                       data:
                         description: List of go-getter style policy data source urls
                         items:

docs/modules/ROOT/pages/reference.adoc

@@ -44,7 +44,7 @@ Appears In: xref:{anchor_prefix}-github-com-enterprise-contract-enterprise-contr
 [id="{anchor_prefix}-github-com-enterprise-contract-enterprise-contract-controller-api-v1alpha1-enterprisecontractpolicyconfiguration"]
 === EnterpriseContractPolicyConfiguration
 
-EnterpriseContractPolicyConfiguration configuration of modifications to policy evaluation
+EnterpriseContractPolicyConfiguration configuration of modifications to policy evaluation. DEPRECATED: Use the config for a policy source instead.
 
 [quote]
 Appears In: xref:{anchor_prefix}-github-com-enterprise-contract-enterprise-contract-controller-api-v1alpha1-enterprisecontractpolicyspec[$$EnterpriseContractPolicySpec$$]
@@ -133,6 +133,23 @@ Appears In: xref:{anchor_prefix}-github-com-enterprise-contract-enterprise-contr
 | *`policy`* __string array__ | List of go-getter style policy source urls
 | *`data`* __string array__ | List of go-getter style policy data source urls
 | *`ruleData`* __JSON__ | Arbitrary rule data that will be visible to policy rules
+| *`config`* __xref:{anchor_prefix}-github-com-enterprise-contract-enterprise-contract-controller-api-v1alpha1-sourceconfig[$$SourceConfig$$]__ | Config specifies which policy rules are included, or excluded, from the provided policy source urls.
+|===
+
+
+[id="{anchor_prefix}-github-com-enterprise-contract-enterprise-contract-controller-api-v1alpha1-sourceconfig"]
+=== SourceConfig
+
+SourceConfig specifies config options for a policy source.
+
+[quote]
+Appears In: xref:{anchor_prefix}-github-com-enterprise-contract-enterprise-contract-controller-api-v1alpha1-source[$$Source$$]
+
+[cols="25a,75a", options="header"]
+|===
+| Field | Description
+| *`exclude`* __string array__ | Exclude is a set of policy exclusions that, in case of failure, do not block the success of the outcome.
+| *`include`* __string array__ | Include is a set of policy inclusions that are added to the policy evaluation. These take precedence over policy exclusions.
 |===