You can use Harness Policy As Code to ensure that Harness entities like Pipelines meet specific compliance requirements when specific events happen (On Save, On Run, etc). More details about Harness Policy As Code can be referred here
You would want to apply the pipeline OPA policy on multiple parallel stages of a pipeline. For example you would want to configure the policy to allow the user to run it only if the infra connector identifier is matching with a specific value. To achieve this, you can use the below policy if you only have sequential stages.
package pipeline
# CI stage is not using ci cluster
deny[msg] {
input.pipeline.stages[i].stage.spec.infrastructure.spec.connector.identifier != "k8sconnector1"
msg := sprintf("CI stage '%s' first test", [input.pipeline.stages[i].stage.name])
}
However if you want to achieve the same result on a pipeline that has multiple parallel stages, you need to configure the policy as below.
package pipeline
# CI stage is not using ci cluster
deny[msg] {
input.pipeline.stages[i].parallel[j].stage.spec.infrastructure.spec.connector.identifier != "k8sconnector1"
msg := sprintf("CI stage '%s' first test", [input.pipeline.stages[i].parallel[j].stage.name])
}