Comments (4)
The use case makes sense for the verify
command where each rule in a *_test.rego
file is testing a specific input for the deny
rule, though not the test
command for the same reasons in #731 (comment). I've updated the title and switched the type to enhancement
to more accurately reflect the request.
This would require updating the CheckResult
struct to treat Successes
similarly to the other result types.
from conftest.
I believe this is the expected behavior when all tests succeed, at least with the current code. Compare to the JSON output and you'll note no rule names from the unit tests are emitted.
[
{
"filename": "issue_test.rego",
"namespace": "",
"successes": 1
},
{
"filename": "issue_test.rego",
"namespace": "",
"successes": 1
}
]
However, if you have failures, the test names are emitted. Using the example from the website:
test_deny_alb_http {
cfg := parse_config("hcl2", `
resource "aws_alb_listener" "lb_with_http" {
protocol = "HTTP"
}
`)
deny with input as cfg
}
test_deny_alb_https {
cfg := parse_config("hcl2", `
resource "aws_alb_listener" "lb_with_https" {
protocol = "HTTPS"
}
`)
not deny with input as cfg
}
test_deny_alb_protocol_unspecified {
cfg := parse_config("hcl2", `
resource "aws_alb_listener" "lb_with_unspecified_protocol" {
foo = "bar"
}
`)
not deny with input as cfg
}
We get:
<?xml version="1.0" encoding="UTF-8"?>
<testsuites>
<testsuite tests="3" failures="2" time="0.000" name="conftest.">
<properties>
<property name="go.version" value="go1.19.5"></property>
</properties>
<testcase classname="conftest." name="issue_test.rego" time="0.000"></testcase>
<testcase classname="conftest." name="issue_test.rego - data.main.test_deny_alb_https" time="0.000">
<failure message="Failed" type="">data.main.test_deny_alb_https</failure>
</testcase>
<testcase classname="conftest." name="issue_test.rego - data.main.test_deny_alb_protocol_unspecified" time="0.000">
<failure message="Failed" type="">data.main.test_deny_alb_protocol_unspecified</failure>
</testcase>
</testsuite>
</testsuites>
You can see the successful test does not include the rule name, but the failures do. The JSON output mirrors this:
[
{
"filename": "issue_test.rego",
"namespace": "",
"successes": 1
},
{
"filename": "issue_test.rego",
"namespace": "",
"successes": 0,
"failures": [
{
"msg": "data.main.test_deny_alb_https"
}
]
},
{
"filename": "issue_test.rego",
"namespace": "",
"successes": 0,
"failures": [
{
"msg": "data.main.test_deny_alb_protocol_unspecified"
}
]
}
]
I do not think this is a bug, but we can definitely consider this as an enhancement request.
from conftest.
The primary reason I reported this is that the omission of the rule names for successful tests limits the usefulness of the test report. The purpose of a test report is usually:
- reporting which tests failed, which works well with the current behavior
- trace how the test suite evolves over multiple test runs by seeing how the set of tests changes
- facilitate fixing failing tests by providing info about whether the failing test succeeded in the previous test run
Leaving out the rule names for successful tests impedes the latter two, because the reader of the report can't tell the successful tests apart.
The second issue I encountered with this behavior is that Gitlab doesn't handle junitxml files with identical test cases very well. It simply "deduplicates" them and only reports one successful test case, no matter how many are listed in the file. But that's a shortcoming of Gitlab in my opinion.
So even if the current behavior is as expected, I'd like to suggest to change it to also support the latter two purposes of test reports in general.
from conftest.
I have same problem as @mhanysz and agree with its remarks.
I actually find an interest in this for the verify
command.
Note that for the stdout
output (with report notes
), the test names are clearly displayed. But the report
parameter is allowed only for stdout
ouput (so not junit
).
from conftest.
Related Issues (20)
- Add support for "azuredevops" output
- Rego policy with ExternalData Provider : undefined function external_data HOT 2
- Add support for adding built-in functions HOT 2
- Investigate generics usage in parser and engine packages HOT 2
- conftest read json file failed due to json file contains BOM HOT 3
- Rules returning a boolean (no msg) HOT 2
- parse_config not working for dockerfile HOT 2
- OPA doesn't consider built-in error fatal, but Conftest does. Can we revert the change? HOT 1
- Conftest does not output detailed summary report HOT 1
- Dependabot should update all parsers
- Implement option for custom output destinations in `output.Get()`
- Sarif Format Support HOT 2
- Has anyone used conftest in s390x environment? HOT 3
- Parser for nginx HOT 2
- Error in documentation for pulling OCI registry
- Using Conftest with OPA bundles
- Invalid parsing of ResourceQuota yaml file HOT 1
- Improper if Usage seems to miss a valid case HOT 1
- Jsonnet parser cannot handle relative imports HOT 4
- Critical vulnerability in github.com/hashicorp/go-getter: CVE-2024-3817 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from conftest.