Write tests against structured configuration data using the Open Policy Agent Rego query language
Alternatives To Conftest
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Ceph12,411516 hours ago1August 26, 2014967otherC++
Ceph is a distributed object, block, and file storage platform
Kind12,0344024 days ago171June 15, 2023179apache-2.0Go
Kubernetes IN Docker - local clusters for testing Kubernetes
13 hours ago167gpl-3.0Java
MeterSphere 一站式开源持续测试平台,为软件质量保驾护航。搞测试,就选 MeterSphere!
Origin8,377152187 hours ago76May 31, 2021193apache-2.0Go
Conformance test suite for OpenShift
Certified Kubernetes Administrator Course5,885
2 days ago25Shell
Certified Kubernetes Administrator - CKA Course
Waypoint4,776618 days ago93August 09, 2023362otherGo
A tool to build, deploy, and release any application on any platform.
Test Infra3,691847 hours ago1,009April 25, 2021246apache-2.0Go
Test infrastructure for the Kubernetes project.
Garden2,92537 hours ago464August 16, 2023266mpl-2.0TypeScript
Automation for Kubernetes development and testing. Spin up production-like environments for development, testing, and CI on demand. Use the same configuration and workflows at every step of the process. Speed up your builds and test runs via shared result caching
Sonobuoy2,7781911 hours ago152June 15, 202322apache-2.0Go
Sonobuoy is a diagnostic tool that makes it easier to understand the state of a Kubernetes cluster by running a set of Kubernetes conformance tests and other plugins in an accessible and non-destructive manner.
Conftest2,68968 days ago110July 09, 202332otherGo
Write tests against structured configuration data using the Open Policy Agent Rego query language
Alternatives To Conftest
Select To Compare

Alternative Project Comparisons


Go Report Card Netlify

Conftest helps you write tests against structured configuration data. Using Conftest you can write tests for your Kubernetes configuration, Tekton pipeline definitions, Terraform code, Serverless configs or any other config files.

Conftest uses the Rego language from Open Policy Agent for writing the assertions. You can read more about Rego in How do I write policies in the Open Policy Agent documentation.

Here's a quick example. Save the following as policy/deployment.rego:

package main

deny[msg] {
  input.kind == "Deployment"
  not input.spec.template.spec.securityContext.runAsNonRoot

  msg := "Containers must not run as root"

deny[msg] {
  input.kind == "Deployment"

  msg := "Containers must provide app label for pod selectors"

Assuming you have a Kubernetes deployment in deployment.yaml you can run Conftest like so:

$ conftest test deployment.yaml
FAIL - deployment.yaml - Containers must not run as root
FAIL - deployment.yaml - Containers must provide app label for pod selectors

2 tests, 0 passed, 0 warnings, 2 failures, 0 exceptions

Conftest isn't specific to Kubernetes. It will happily let you write tests for any configuration files in a variety of different formats. See the documentation for installation instructions and more details about the features.

Want to contribute to Conftest?

For discussions and questions join us on the Open Policy Agent Slack in the #opa-conftest channel.

Popular Testing Projects
Popular Kubernetes Projects
Popular Software Quality Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.