Skip to content

Commit

Permalink
A new plugin for testing kubernetes objects using conftest/open polic…
Browse files Browse the repository at this point in the history 
…y agent

This plugin allow for running conftest tests against a running Kubernetes cluster.
This makes it both easy to check a cluster matches some arbitrary policy and also
makes writing open policy agent code easier as you can quickly test it against a
real cluster with the minimum of fuss.

```console
$ kubectl krew install --manifest plugin/conftest.yaml  -v4
I0513 22:28:08.542388    7886 install.go:150] --manifest specified, not ensuring plugin index
I0513 22:28:08.543105    7886 install.go:119] Will install plugin: conftest
Installing plugin: conftest
I0513 22:28:08.543132    7886 install.go:74] Looking for installed versions
I0513 22:28:08.543148    7886 util.go:79] Searching for installed versions of conftest in "/home/garethr/.krew/bin"
I0513 22:28:08.543176    7886 install.go:83] Finding download target for plugin conftest
I0513 22:28:08.543189    7886 util.go:38] Using os=linux arch=amd64
I0513 22:28:08.543200    7886 util.go:61] Matching platform for labels(arch=amd64,os=linux)
I0513 22:28:08.543272    7886 util.go:68] Found matching platform with index (0)
I0513 22:28:08.543287    7886 util.go:131] Matching plugin version is 5b587c11e4b1de8679c39e07a514c68e54de57987fc3eb32dc7946e78994359a
I0513 22:28:08.543303    7886 install.go:46] Creating download dir "/tmp/krew-downloads/conftest"
I0513 22:28:08.543403    7886 install.go:61] Getting sha256 (5b587c11e4b1de8679c39e07a514c68e54de57987fc3eb32dc7946e78994359a) signed version
I0513 22:28:08.543421    7886 downloader.go:36] Fetching "https://github.com/instrumenta/conftest/archive/v0.5.2.zip"
I0513 22:28:10.836287    7886 downloader.go:43] Reading download data into memory
I0513 22:28:11.317941    7886 downloader.go:48] Read 45106 bytes of download data into memory
I0513 22:28:11.318010    7886 downloader.go:174] detected .zip file
I0513 22:28:11.318032    7886 downloader.go:55] Extracting download zip to "/tmp/krew-downloads/conftest"
I0513 22:28:11.330572    7886 move.go:155] Creating plugin dir "/home/garethr/.krew/store/conftest"
I0513 22:28:11.331392    7886 move.go:161] Creating temp plugin move operations dir "/tmp/krew-temp-move923716619"
I0513 22:28:11.331450    7886 move.go:125] Finding move targets from "/tmp/krew-downloads/conftest" to "/tmp/krew-temp-move923716619" with file operation=index.FileOperation{From:"/*/plugin/*.sh", To:"."}
I0513 22:28:11.331514    7886 move.go:44] Trying to move single file directly from="/tmp/krew-downloads/conftest" to="/tmp/krew-temp-move923716619" with file operation=index.FileOperation{From:"/*/plugin/*.sh", To:"."}
I0513 22:28:11.331684    7886 move.go:52] Wasn't a single file, proceeding with Glob move
I0513 22:28:11.331990    7886 move.go:132] Move file from "/tmp/krew-downloads/conftest/conftest-0.5.2/plugin/kubectl-conftest.sh" to "/tmp/krew-temp-move923716619/kubectl-conftest.sh"
I0513 22:28:11.332105    7886 move.go:141] Move operations are complete
I0513 22:28:11.332132    7886 move.go:172] Move directory "/tmp/krew-temp-move923716619" to "/home/garethr/.krew/store/conftest/5b587c11e4b1de8679c39e07a514c68e54de57987fc3eb32dc7946e78994359a"
I0513 22:28:11.336782    7886 install.go:159] No file found at "/home/garethr/.krew/bin/kubectl-conftest"
I0513 22:28:11.336838    7886 install.go:146] Creating symlink from "/home/garethr/.krew/store/conftest/5b587c11e4b1de8679c39e07a514c68e54de57987fc3eb32dc7946e78994359a/kubectl-conftest.sh" to "/home/garethr/.krew/bin/kubectl-conftest"
I0513 22:28:11.336964    7886 install.go:150] Created symlink at "/home/garethr/.krew/bin/kubectl-conftest"
CAVEATS:
\
 |  This plugin needs the following programs:
 |  * conftest
 |  * jq
/
Installed plugin: conftest
garethr@surface-go ~/p/conftest> kubectl conftest
A Kubectl plugin for using Conftest to test objects in Kubernetes using Open Policy Agent

See https://github.com/instrumenta/conftest for more information

Usage:
   kubectl test (TYPE[.VERSION][.GROUP] [NAME] | TYPE[.VERSION][.GROUP]/NAME)
```
  • Loading branch information
@garethr
garethr committed May 15, 2019
1 parent dca9988 commit a239913
Showing 1 changed file with 23 additions and 0 deletions.
23 changes: 23 additions & 0 deletions plugins/conftest.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
apiVersion: krew.googlecontainertools.github.com/v1alpha2
kind: Plugin
metadata:
name: conftest
spec:
version: "v0.5.2"
platforms:
- selector:
matchExpressions:
- {key: os, operator: In, values: [darwin, linux]}
uri: https://github.com/instrumenta/conftest/archive/v0.5.2.zip
head: https://github.com/instrumenta/conftest/archive/master.zip
sha256: "5b587c11e4b1de8679c39e07a514c68e54de57987fc3eb32dc7946e78994359a"
files:
- from: "/*/plugin/*.sh"
to: "."
bin: "kubectl-conftest.sh"
shortDescription: Test your Kubernetes objects using Open Policy Agent
homepage: https://github.com/instrumenta/conftest
caveats: |
This plugin needs the following programs:
* conftest
* jq

0 comments on commit a239913

Please sign in to comment.