Harness

policies

Create, edit and delete Governance policies written in rego

policies#list

List all policies

Request
query Parameters
accountIdentifier
string
Default: ""

Harness account ID

Example: accountIdentifier=eBqAoNchMLKigC_qZ5EdC
orgIdentifier
string
Default: ""

Harness organization ID

Example: orgIdentifier=test-org
projectIdentifier
string
Default: ""

Harness project ID

Example: projectIdentifier=test-project
per_page
integer <int64> [ 1 .. 100 ]
Default: 50

Number of results per page

Example: per_page=20
page
integer <int64> >= 0
Default: 0

Page number (starting from 0)

Example: page=4
identifierFilter
string
Default: ""

Comma separated List of Identifiers to filter on

Example: identifierFilter=test-projectId1, test-projectId2
searchTerm
string
Default: ""

Filter results by partial name match

Example: searchTerm=poli
sort
string
Default: "name,ASC"

Sort order for results

Enum: "name,ASC" "name,DESC" "updated,ASC" "updated,DESC"
Example: sort=updated,DESC
header Parameters
x-api-key
string

Harness PAT key used to perform authorization

Example: Accusamus consequatur sapiente.
Responses
200

OK response.

400

GitError: Bad Request response.

401

Unauthorized: Unauthorized response.

403

Forbidden: Forbidden response.

404

NotFound: Not Found response.

500

InternalServer: Internal Server Error response.

502

BadGateway: Bad Gateway response.

get/pm/api/v1/policies
Request samples 
Response samples 
application/json
[
  • {
    },
  • {
    },
  • {
    }
]
policies#create
Create a policy


Request 
query Parameters
accountIdentifier
string
 Default:  ""
Harness account ID


 
 Example:  accountIdentifier=eBqAoNchMLKigC_qZ5EdC
orgIdentifier
string
 Default:  ""
Harness organization ID


 
 Example:  orgIdentifier=test-org
projectIdentifier
string
 Default:  ""
Harness project ID


 
 Example:  projectIdentifier=test-project
git_commit_msg
string
The commit message used in git when creating the policy


 
 Example:  git_commit_msg=harness policy commit msg
git_import
boolean
A flag to determine if the api should try and import and existing policy from git


 
 Example:  git_import=true
git_branch
string
The git branch the policy will be created in


 
 Example:  git_branch=main
git_is_new_branch
boolean
A flag to determine if the api should try and commit to a new branch


 
 Example:  git_is_new_branch=true
git_base_branch
string
If committing to a new branch, git_base_branch tells the api which branch to base the new branch from


 
 Example:  git_base_branch=main
header Parameters
x-api-key
string
Harness PAT key used to perform authorization


 
 Example:  Autem pariatur qui modi est.
Request Body schema: application/json
required
git_connector_ref
string
The harness connector used for authenticating on the git provider


 
git_path
string
The path to the file in the git repo


 
git_repo
string
The git repo the policy resides in


 
identifier
required
string  non-empty 
Identifier for the policy


 
name
required
string  non-empty 
Name of the policy


 
rego
required
string  non-empty 
Rego that defines the policy policy


 
Responses 
201
Created response.


400
GitError: Bad Request response.


401
Unauthorized: Unauthorized response.


403
Forbidden: Forbidden response.


404
NotFound: Not Found response.


500
InternalServer: Internal Server Error response.


502
BadGateway: Bad Gateway response.


post/pm/api/v1/policies
Request samples 
application/json
{
  • "git_connector_ref": ".",
  • "git_path": ".harness/policy.rego",
  • "git_repo": "github.com/org/repo",
  • "identifier": "policy-1",
  • "name": "Check that an approval step is present",
  • "rego": "package test\ndeny[\"should say hello world\"] {input.message != \"world\"}"
}
Response samples 
application/json
{
  • "account_id": "eBqAoNchMLKigC_qZ5EdC",
  • "created": 1636669297674,
  • "git_commit_sha": "1369b45c20fc685113adcfd1a08a914180ff3c0d",
  • "git_connector_ref": ".",
  • "git_default_branch": "main",
  • "git_default_branch_commit_sha": "1369b45c20fc685113adcfd1a08a914180ff3c0d",
  • "git_default_branch_file_id": "1369b45c20fc685113adcfd1a08a914180ff3c0d",
  • "git_default_branch_file_url": "",
  • "git_default_branch_update_error": {
    },
  • "git_default_branch_updated": 1636669297674,
  • "git_file_id": "1369b45c20fc685113adcfd1a08a914180ff3c0d",
  • "git_file_url": "",
  • "git_path": ".harness/policy.rego",
  • "git_repo": "github.com/org/repo,omitempty",
  • "identifier": "policy-1",
  • "name": "Pipeline Approval",
  • "org_id": "test-org",
  • "project_id": "test-project",
  • "rego": "",
  • "updated": 1636669297674
}
policies#delete
Delete a policy by identifier


Request 
path Parameters
identifier
required
string  non-empty 
Identifier of the policy


  Examples: 
policy-1
query Parameters
accountIdentifier
string
 Default:  ""
Harness account ID


 
 Example:  accountIdentifier=eBqAoNchMLKigC_qZ5EdC
orgIdentifier
string
 Default:  ""
Harness organization ID


 
 Example:  orgIdentifier=test-org
projectIdentifier
string
 Default:  ""
Harness project ID


 
 Example:  projectIdentifier=test-project
header Parameters
x-api-key
string
Harness PAT key used to perform authorization


 
 Example:  Earum et cum eos corrupti cum et.
Responses 
204
No Content response.


400
GitError: Bad Request response.


401
Unauthorized: Unauthorized response.


403
Forbidden: Forbidden response.


404
NotFound: Not Found response.


500
InternalServer: Internal Server Error response.


502
BadGateway: Bad Gateway response.


delete/pm/api/v1/policies/{identifier}
Request samples 
Response samples 
application/json
{
  • "explanation": "File with given filepath [file.rego] already exists in Github, thus couldn't create a new file",
  • "hint": "Please check if there's already a file [file.rego] in Github repository [rego-demo] for the given filepath and branch [main].",
  • "message": "Please check if there's already a file [file.rego] in Github repository [rego-demo] for the given filepath and branch [main]."
}
policies#find
Find a policy by identifier


Request 
path Parameters
identifier
required
string  non-empty 
Identifier of the policy to retrieve


  Examples: 
policy-1
query Parameters
accountIdentifier
string
 Default:  ""
Harness account ID


 
 Example:  accountIdentifier=eBqAoNchMLKigC_qZ5EdC
orgIdentifier
string
 Default:  ""
Harness organization ID


 
 Example:  orgIdentifier=test-org
projectIdentifier
string
 Default:  ""
Harness project ID


 
 Example:  projectIdentifier=test-project
git_branch
string
The git branch the policy resides in


 
 Example:  git_branch=main
show_summary
boolean
Setting to true returns the metadata about the
                requested policy including the information held about the status of this policy in the default branch.
                git_branch is ignored as no git operation takes place.


 
 Example:  show_summary=true
header Parameters
x-api-key
string
Harness PAT key used to perform authorization


 
 Example:  Consequatur ipsa aperiam quaerat veritatis qui nihil.
Responses 
200
OK response.


400
GitError: Bad Request response.


401
Unauthorized: Unauthorized response.


403
Forbidden: Forbidden response.


404
NotFound: Not Found response.


500
InternalServer: Internal Server Error response.


502
BadGateway: Bad Gateway response.


get/pm/api/v1/policies/{identifier}
Request samples 
Response samples 
application/json
{
  • "account_id": "eBqAoNchMLKigC_qZ5EdC",
  • "created": 1636669297674,
  • "git_commit_sha": "1369b45c20fc685113adcfd1a08a914180ff3c0d",
  • "git_connector_ref": ".",
  • "git_default_branch": "main",
  • "git_default_branch_commit_sha": "1369b45c20fc685113adcfd1a08a914180ff3c0d",
  • "git_default_branch_file_id": "1369b45c20fc685113adcfd1a08a914180ff3c0d",
  • "git_default_branch_file_url": "",
  • "git_default_branch_update_error": {
    },
  • "git_default_branch_updated": 1636669297674,
  • "git_file_id": "1369b45c20fc685113adcfd1a08a914180ff3c0d",
  • "git_file_url": "",
  • "git_path": ".harness/policy.rego",
  • "git_repo": "github.com/org/repo,omitempty",
  • "identifier": "policy-1",
  • "name": "Pipeline Approval",
  • "org_id": "test-org",
  • "project_id": "test-project",
  • "rego": "",
  • "updated": 1636669297674
}
policies#update
Update a policy by identifier


Request 
path Parameters
identifier
required
string
Identifier of the policy


 
 Example:  policy-1
query Parameters
git_commit_msg
string
The commit message used in git when creating the policy


 
 Example:  git_commit_msg=harness policy commit msg
git_is_new_branch
boolean
A flag to determine if the api should try and commit to a new branch


 
 Example:  git_is_new_branch=true
git_base_branch
string
If committing to a new branch, git_base_branch tells the api which branch to base the new branch from


 
 Example:  git_base_branch=main
git_branch
string
The git branch the policy resides in


 
 Example:  git_branch=main
git_commit_sha
string
The existing commit sha of the file being updated


 
 Example:  git_commit_sha=1369b45c20fc685113adcfd1a08a914180ff3c0d
git_file_id
string
The existing file id of the file being updated, not required for bitbucket files


 
 Example:  git_file_id=1369b45c20fc685113adcfd1a08a914180ff3c0d
accountIdentifier
string
 Default:  ""
Harness account ID


 
 Example:  accountIdentifier=eBqAoNchMLKigC_qZ5EdC
orgIdentifier
string
 Default:  ""
Harness organization ID


 
 Example:  orgIdentifier=test-org
projectIdentifier
string
 Default:  ""
Harness project ID


 
 Example:  projectIdentifier=test-project
header Parameters
x-api-key
string
Harness PAT key used to perform authorization


 
 Example:  Alias nihil.
Request Body schema: application/json
required
name
string
The name of the policy


 
rego
string
The rego that defines the policy policy


 
Responses 
204
No Content response.


400
GitError: Bad Request response.


401
Unauthorized: Unauthorized response.


403
Forbidden: Forbidden response.


404
NotFound: Not Found response.


500
InternalServer: Internal Server Error response.


502
BadGateway: Bad Gateway response.


patch/pm/api/v1/policies/{identifier}
Request samples 
application/json
{
  • "name": "Check that an approval step is present",
  • "rego": "package test\ndeny[\"should say hello world\"] {input.message != \"world\"}"
}
Response samples 
application/json
{
  • "explanation": "File with given filepath [file.rego] already exists in Github, thus couldn't create a new file",
  • "hint": "Please check if there's already a file [file.rego] in Github repository [rego-demo] for the given filepath and branch [main].",
  • "message": "Please check if there's already a file [file.rego] in Github repository [rego-demo] for the given filepath and branch [main]."
}
➔ Next to evaluate