This feature is a proprietary feature and is of Chainloop platform.
The following functionality is considered experimental and subject to change.
While using the experimental platform plugin to gather the extended runner context Chainloop allows you to define policies that verify the good practices and security configuration related to your CI/CD environment.

Supported policies

The following policies are supported and can be used with the runner context data.

Branch protection

  • branch-admin-enforcement - Ensures that branch protection rules are enforced for repository administrators, preventing admin bypass.
  • branch-deletion-blocked - Ensures that branch deletion is blocked to protect important branches from accidental deletion.
  • branch-force-push-blocked - Ensures that force pushes are blocked on branches to prevent bypassing code review and history integrity.
  • branch-linear-history-required - Ensures that branches require linear history to prevent merge commits and maintain a clean commit history.

Pull request protection

  • pr-code-owner-review-required - Ensures that code owner reviews are required for pull requests.
  • pr-review-required - Ensures that pull requests require a minimum number of reviewers before merging.
  • pr-stale-reviews-dismissed - Ensures that stale pull request reviews are automatically dismissed when new commits are pushed.