Specify vault approval rules
Use vault approval rules to set the criteria for approving or rejecting packages in a vault.
Available package approval rules
PulseUno includes the following automated approval rules for vaults.
|defaultRule.js||Approves all packages that have no critical or high security issues and have an Apache-2.0 license.|
|rejectGPL||Rejects all packages that contain a GPL license.|
|rejectHighSeverity||Rejects all packages that contain high severity vulnerabilities.|
Tip: You can write your own approval scripts.
Set a vault approval rule
You can apply the approval rule to all vaults or individual vaults. The rule you specify for an individual vault overrides the rule set for all vaults at the space level.
To set a vault approval rule:
On the top navigation bar, select a space from the spaces list.
Set a rule for all vaults or individual vaults:
All vaults On the sidebar, select Settings > Vault Defaults. Individual vaults
- On the sidebar, select Vaults.
- On the Vaults page, open a local or remote vault. You can also open vaults inside virtual vaults.
- On the sidebar, select Settings > Approving Changes.
For the Approval Rules option, select Enable automated approval and rejection using rule scripts.
Select a rule from the list.