Cerbos Hub serves as a managed CI/CD pipeline specifically designed for validating, testing, and distributing policies in a more efficient manner compared to the open-source version. With Cerbos Hub, you can effortlessly automate and streamline the entire policy management process in a few minutes.
Whenever Cerbos Hub detects a change in the policy repository, it starts the compilation and testing process for the policies. Builds in progress are shown on the Cerbos Hub UI with the build status of
If there are any compilation failures, the builds page will display them next to the commit hash.
After the compilation stage is successful, Cerbos Hub runs any policy tests found in the repository. If any of the tests fail, the build page will display the failures along with any information that might be useful for debugging the failures.
If compilation and testing succeeds, the bundle status changes to
Generated and the status of relevant deployment labels is updated to point to the new bundle. All PDPs that are currently connected to Cerbos Hub are notified about the new bundle and instructed to update themselves.
You can see the status of bundles for embedded PDPs in the
Embedded builds tab of the same screen.