Conftest
| Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
|---|---|---|---|---|---|---|---|---|---|---|
| Ceph | 12,411 | 5 | 1 | 6 hours ago | 1 | August 26, 2014 | 967 | other | C++ | |
| Ceph is a distributed object, block, and file storage platform | ||||||||||
| Kind | 12,034 | 402 | 4 days ago | 171 | June 15, 2023 | 179 | apache-2.0 | Go | ||
| Kubernetes IN Docker - local clusters for testing Kubernetes | ||||||||||
| Metersphere | 10,184 | 13 hours ago | 167 | gpl-3.0 | Java | |||||
| MeterSphere 一站式开源持续测试平台,为软件质量保驾护航。搞测试,就选 MeterSphere! | ||||||||||
| Origin | 8,377 | 152 | 18 | 7 hours ago | 76 | May 31, 2021 | 193 | apache-2.0 | Go | |
| Conformance test suite for OpenShift | ||||||||||
| Certified Kubernetes Administrator Course | 5,885 | 2 days ago | 25 | Shell | ||||||
| Certified Kubernetes Administrator - CKA Course | ||||||||||
| Waypoint | 4,776 | 6 | 18 days ago | 93 | August 09, 2023 | 362 | other | Go | ||
| A tool to build, deploy, and release any application on any platform. | ||||||||||
| Test Infra | 3,691 | 84 | 7 hours ago | 1,009 | April 25, 2021 | 246 | apache-2.0 | Go | ||
| Test infrastructure for the Kubernetes project. | ||||||||||
| Garden | 2,925 |  | 3 | 7 hours ago | 464 | August 16, 2023 | 266 | mpl-2.0 | TypeScript | |
| Automation for Kubernetes development and testing. Spin up production-like environments for development, testing, and CI on demand. Use the same configuration and workflows at every step of the process. Speed up your builds and test runs via shared result caching | ||||||||||
| Sonobuoy | 2,778 | 19 | 11 hours ago | 152 | June 15, 2023 | 22 | apache-2.0 | Go | ||
| Sonobuoy is a diagnostic tool that makes it easier to understand the state of a Kubernetes cluster by running a set of Kubernetes conformance tests and other plugins in an accessible and non-destructive manner. | ||||||||||
| Conftest | 2,689 | 6 | 8 days ago | 110 | July 09, 2023 | 32 | other | Go | ||
| Write tests against structured configuration data using the Open Policy Agent Rego query language | ||||||||||
Conftest
Conftest helps you write tests against structured configuration data. Using Conftest you can write tests for your Kubernetes configuration, Tekton pipeline definitions, Terraform code, Serverless configs or any other config files.
Conftest uses the Rego language from Open Policy Agent for writing the assertions. You can read more about Rego in How do I write policies in the Open Policy Agent documentation.
Here's a quick example. Save the following as policy/deployment.rego:
package main
deny[msg] {
input.kind == "Deployment"
not input.spec.template.spec.securityContext.runAsNonRoot
msg := "Containers must not run as root"
}
deny[msg] {
input.kind == "Deployment"
not input.spec.selector.matchLabels.app
msg := "Containers must provide app label for pod selectors"
}
Assuming you have a Kubernetes deployment in deployment.yaml you can run Conftest like so:
$ conftest test deployment.yaml
FAIL - deployment.yaml - Containers must not run as root
FAIL - deployment.yaml - Containers must provide app label for pod selectors
2 tests, 0 passed, 0 warnings, 2 failures, 0 exceptions
Conftest isn't specific to Kubernetes. It will happily let you write tests for any configuration files in a variety of different formats. See the documentation for installation instructions and more details about the features.
Want to contribute to Conftest?
- See DEVELOPMENT.md to build and test Conftest itself.
- See CONTRIBUTING.md to get started.
For discussions and questions join us on the Open Policy Agent Slack
in the #opa-conftest channel.
