Conftest verify fixture data

575 views Asked by At

I have been writing a few policies using Conftest and wish to verify my configuration with the conftest verify command. So far I have been able to successfully verify my policies like so

test_deployment_with_security_context {
  no_violations with input as {
     ... json content ...
  }
}

However the omitted JSON content above is rather large and clutters my policy tests. I want to put the JSON into a file and import it into the test. The conftest verify command takes a --data flag allowing files to be loaded as data and made available to the policies. For example, as per the documentation, conftest verify --data policy will recursively load in YAML and JSON files it finds. Therefore a file located in policy/examples/input.json is made available within the policies under import data.examples. My question is how can I use this data in the tests?

1

There are 1 answers

1
Devoops On BEST ANSWER

There's an open issue around this - the docs currently reflect OPA's behavior of recursively reading data files from dirs and using directory names for namespacing. This behavior is currently not mirrored in conftest. I'd suggest tracking the ticket for progress on that. As a workaround until then you could always "namespace" the data yourself, so that your input.json looks something like this:

{
  "examples": {
     "actual_data": {
        ...
     }
  }
}