Conforma Policies

Conforma (formerly known as Enterprise Contract) is a tool for verifing the provenance of container images built in a CI system such as Konflux, and validating them against a clearly defined policy.

Conforma policies are defined using the rego policy language and are described here in Release Policy and Pipeline Policy.

1. Additional Documentation

2. Code