0001 One Quay Repo Per Bundle

Status: Accepted
Date: 2026-05-20
Canonical Location: complytime-policies/docs/adr/0001-one-quay-repo-per-bundle.md

Summary#

Policy bundles published from complytime-policies will each get their own Quay.io repository with a policies- prefix (e.g., quay.io/complytime/policies-ampel-branch-protection) instead of sharing a single repository with bundle-name tags.

Impact On Complyctl#

None. complyctl treats complytime.yaml URLs as opaque OCI references. The ParsePolicyRef and registry client code already support any valid OCI reference format — single-repo or multi-repo.

Consumer Configuration Change#

Before (single repo, bundle-name tag):

policies:
  - id: ampel-branch-protection
    url: quay.io/complytime/complytime-policies@ampel-branch-protection

After (per-bundle repo with policies- prefix, version tag):

policies:
  - id: ampel-branch-protection
    url: quay.io/complytime/policies-ampel-branch-protection:latest

Documentation Updates Needed#

docs/QUICK_START.md — update OCI reference examples
README policy reference examples (if any)

Full Decision Record#

See the canonical ADR in complytime-policies for full context, rationale, and alternatives considered.

Edit this page on GitHub

Overview

Ai Tooling

Docs

ComplyTime

Title here