Use Conftest to test your configuration files Author: Gareth Rushgrove
Conftest is a utility to help you write tests against structured configuration data, including write tests for your Kubernetes configurations. This Tilt eextension makes it easy to run Conftest as part of your development environment.
The conftest extension can be run like so:
load ('ext://conftest' , 'conftest' )
conftest ('kubernetes.yaml' )
k8s_yaml ('kubernetes.yaml' )
k8s_resource ('example' ,
port_forwards = 8000 ,
resource_deps = ['conftest' ],
)Note that you'll need a policy directory with your Rego code. See the Conftest
documentation for basic setup and usage instructions.
The function takes a number of arguments, which map to the conftest CLI arguments.
path: path to file to testname: a name for the resource, defaults to conftest. Useful if you want multiple invocationsall_namespaces: use rules from all namespacescombine: combine all files passed in into one structuredata: a list of paths to load additional data fromfail_on_warn: fail even if only warnings are foundinput: input type if different from that autodetected from the file extensionnamespace: the namespace to use for rules, defauls to mainoutput: the output format, can be stdout, json, tap or tabletrace: whether or not to show the full policy trace, useful for debuggingupdate: download policies based on local configuration or from exlicit repositoriespolicy: where to find the policy files, defaults to a directory called policy`
You can also pass any other arguments supported by local_resource
The conftest binary must be on your path