Conftest now supports a plugin mechanism. These plugins allow you to extend conftest without needing to edit the codebase. In this blog post I will show you how to use conftest plugins and how to create your own.
Tag: conftest
In the previous post I introduced the Open Policy Agent as a method to validate configuration changes against policies to maintain compliance in your environment. In this post I will show how you can utilise the Open Policy Agent with conftest to build in compliance checks in your CI/CD pipeline and how conftest can be used to centrally manage the Rego policies.
Tags: conftest, open-policy-agent, tekton
Validating whether a set of resources in the cloud comply with your internal company policies is hard. Of course proprietary tools exists for cloud providers that evaluate all resources in that cloud provider, but that already limits their usability. In this post I will introduce the Open Policy Agent as a generic policy evaluation engine that could solve all your compliance problems, and I will show a real world example using the Open Policy Agent to evaluate Terraform Plans.
Tags: terraform, conftest, open-policy-agent