The Enterprise Contract is a set of tools for verifying the provenance of container images built in Red Hat Trusted Application Pipeline and validating them against a clearly defined policy.
The Enterprise Contract policy is defined using the rego policy language and is described here in Release Policy and Pipeline Policy
The enterprise-contract suite contains a set of tests that covers Enterprise Contract policies.
Steps to run 'enterprise-contract-suite':
- Follow the instructions from the Readme scripts to install AppStudio in e2e mode
- Run the e2e suite:
./bin/e2e-appstudio --ginkgo.focus="enterprise-contract-suite"