Is there a way for SDK clients to specify which (git)branch of the cerbos policies we want to evaluate? #cicd #dev

Hey, You define the branch in the PDP configuration rather than the SDK level. https://docs.cerbos.dev/cerbos/latest/configuration/storage.html#git-driver eg

storage:
  driver: "git"
  git:
    protocol: https
    url: <https://github.com/cerbos/policy-test.git>
    branch: main
    subDir: policies

Yeah we're doing this by having a Cerbos server per branch (dev, qa, prod, etc.).

Thanks @Peter Franzen , thats the usecase I’m hinting at. During dev, use the sdk for testing the policy-in-the-making by hinting the feature_branch in the request

Are you talking about testing in an environment where you don't have access to the Cerbos installation? For local development, some of our SDKs provide test harnesses where you can launch a Cerbos instance with a set of policies. You can also use `cerbos run` to run your tests against an ephemeral Cerbos instance. While you can't switch the branch at runtime, you can use the policy

version

field to mark your in-development policies as

dev

,

staging

or whatever else. Any policy that's not

version: default

requires an explicit opt-in in the request.