Labels are actually one of the more powerful features of policy management, and they should have a familiar look, since you’ve likely used other systems that employ a sort of tagging or labeling.
Essentially, labels are metadata. More specifically a label is metadata that is assigned to a component within the context of a particular application or organization. Labels can assist with identifying components you want to review, approve, or even avoid altogether. We call this label assignment.
When labels are assigned, this is an action that takes place in the application composition report. Before it can be assigned though, a label needs to exist for a particular organization or application.
As we learned in our Organization and Application Management chapter, inheritance plays a big role in policy. The same thing is true for labels, in that if a label is created in an organization, any application attached to that organization will also have the label available for use when assigned. In fact, the system will prompt you to choose the scope (organization or application) a label should exist in when it is assigned.
We’ve determined that assigning a label is an important action, but how do we build policy around this? That’s actually simple, we just add a condition, based on a specific label that you have created, being present. The one caveat, is that the label needs to exist within the application or the organization in which you are creating the condition.
To create a label:
Click the New Label button.
When creating your label, remember to use something that is easily identifiable. If you’re following along with our example in the next section, Architecture-Approved is a good example.
Click the Save button.
A few things to remember:
In the example below a new condition for the label Architecture-Approved will be added to an existing policy with an existing constraint and condition.
In our instructions, we’ve made an assumption that you understand how to create a policy.
In the Constraints area of the policy, click on the + icon, located next to the right of an existing condition.
Make sure you use the correct + icon, as it can be easy to add a new constraint by mistake. |
Because our example uses a constraint with an existing condition, we have also chosen to force a violation only when all conditions have been met. In this scenario it may be appropriate to consider a waiver as an alternative. |
Terms of Service Privacy Policy
Copyright ©
2008-present, Sonatype Inc. All rights reserved. Includes the
third-party code listed here. Sonatype and Sonatype Nexus are trademarks
of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache
Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation.
All other trademarks are the property of their respective owners.
Sonatype Headquarters - 8161
Maple Lawn Blvd #250, Fulton, MD 20759
Tysons Office - 8251 Greensboro Drive #610, McLean, VA
22102
Australia Office - 5 Martin Place, Level 14, Sydney 2000, NSW, Australia