Comment on page

conftest

Description
This provider allows you to validate your configuration files against policies that you specify, using the conftest tool and Open Policy Agent rego query files. The provider creates Test action types of the same name, which allow you to specify files to validate.
Note that, in many cases, you'll actually want to use more specific providers that can automatically configure your conftest actions, e.g. the conftest-container and/or conftest-kubernetes providers. See the conftest example project for a simple usage example of the latter.
If those don't match your needs, you can use this provider directly and manually configure your conftest actions. Simply add this provider to your project configuration, and see the conftest action documentation for a detailed reference. Also, check out the below reference for how to configure default policies, default namespaces, and test failure thresholds for all conftest actions.
Below is the full schema reference for the provider configuration. For an introduction to configuring a Garden project with providers, please look at our configuration guide.
The reference is divided into two sections. The first section contains the complete YAML schema, and the second section describes each schema key.
Complete YAML Schema
The values in the schema below are the default values.
providers:
  - # The name of the provider plugin to use.
    name:
​
    # List other providers that should be resolved before this one.
    dependencies: []
​
    # If specified, this provider will only be used in the listed environments. Note that an empty array effectively
    # disables the provider. To use a provider in all environments, omit this field.
    environments:
​
    # Path to the default policy directory or rego file to use for `conftest` actions.
    policyPath: ./policy
​
    # Default policy namespace to use for `conftest` actions.
    namespace:
​
    # Set this to `"warn"` if you'd like tests to be marked as failed if one or more _warn_ rules are matched.
    # Set to `"none"` to always mark the tests as successful.
    testFailureThreshold: error
Configuration Keys
providers[]
Type
Default
Required
array[object]
[]
No
providers[].name
​providers > name
The name of the provider plugin to use.
Type
Required
string
Yes
Example:
providers:
  - name: "local-kubernetes"
providers[].dependencies[]
​providers > dependencies
List other providers that should be resolved before this one.
Type
Default
Required
array[string]
[]
No
Example:
providers:
  - dependencies:
      - exec
providers[].environments[]
​providers > environments
If specified, this provider will only be used in the listed environments. Note that an empty array effectively disables the provider. To use a provider in all environments, omit this field.
Type
Required
array[string]
No
Example:
providers:
  - environments:
      - dev
      - stage
providers[].policyPath
​providers > policyPath
Path to the default policy directory or rego file to use for conftest actions.
Type
Default
Required
posixPath
"./policy"
No
providers[].namespace
​providers > namespace
Default policy namespace to use for conftest actions.
Type
Required
string
No
providers[].testFailureThreshold
​providers > testFailureThreshold
Set this to "warn" if you'd like tests to be marked as failed if one or more warn rules are matched. Set to "none" to always mark the tests as successful.
Type
Default
Required
string
"error"
No

Type	Default	Required
`array[object]`	`[]`	No

Type	Required
`string`	Yes

Type	Default	Required
`array[string]`	`[]`	No

Type	Required
`array[string]`	No

Type	Default	Required
`posixPath`	`"./policy"`	No

Type	Required
`string`	No

Type	Default	Required
`string`	`"error"`	No

conftest-kubernetes

container

Last modified 11d ago

conftest

Description

Complete YAML Schema

Configuration Keys

`providers[]`

`providers[].name`

`providers[].dependencies[]`

`providers[].environments[]`

`providers[].policyPath`

`providers[].namespace`

`providers[].testFailureThreshold`