I have been writing a few policies using Conftest and wish to verify my configuration with the conftest verify
command. So far I have been able to successfully verify my policies like so
test_deployment_with_security_context {
no_violations with input as {
... json content ...
}
}
However the omitted JSON content above is rather large and clutters my policy tests. I want to put the JSON into a file and import it into the test. The conftest verify
command takes a --data
flag allowing files to be loaded as data and made available to the policies. For example, as per the documentation, conftest verify --data policy
will recursively load in YAML and JSON files it finds. Therefore a file located in policy/examples/input.json
is made available within the policies under import data.examples
. My question is how can I use this data in the tests?
There's an open issue around this - the docs currently reflect OPA's behavior of recursively reading data files from dirs and using directory names for namespacing. This behavior is currently not mirrored in conftest. I'd suggest tracking the ticket for progress on that. As a workaround until then you could always "namespace" the data yourself, so that your input.json looks something like this:
{
"examples": {
"actual_data": {
...
}
}
}