Build Policy

Control and customize how builds are handled within your CI/CD pipeline with flexible and powerful policy settings. This section allows you to define and enforce rules that determine whether builds should pass or fail based on compliance with specific criteria.

Add Policies

On the Build Policy page, you'll see a list of existing policies, including a default policy named DefaultBuildPolicy. To create a new policy, click the New Policy green button on the right side of the search bar, enter a policy name and policy description, and hit Save.

Policy Handling/Modify Policies

The Build Policy section gives you the tools to define what criteria must be met for a build to proceed or stop.

Modify and Manage Build Criteria:

• Verify Denied Licenses: If any denied licenses are detected during the scan, this flag stops the build, prompting a review by engineers.

• Secret Scanning: Prevents the build from proceeding if it detects sensitive information like passwords or API keys.

• Verify OWASP Rules: Stops the build if specific OWASP rules are violated, based on the criticality settings you choose.

• Verify SANS 25 Rules: Halts the build if certain SANS 25 rules are detected, allowing you to prioritize specific security concerns.

Each option is designed to integrate seamlessly into your CI/CD workflow, enhancing your build's security and compliance with minimal effort.

Further Customize Build Criteria:

• Filters/Rules: Implement custom filters such as "CRITICAL_SEVERITY_COUNT > 1" to stop builds that do not meet your predefined severity criteria.

• Search List: Add custom search-based rules to refine what triggers a build stop, enhancing flexibility in handling build criteria.
  

After configuring your policies, ensure all changes are saved by clicking the Save button located at the bottom right of the screen. This final step confirms your settings and applies them to your CI/CD pipeline, ensuring that each build adheres strictly to the defined criteria.