Alternative to conftest
Iristyle opened this issue · comments
Looks like it might be possible to use this as an alternative to the conftest tool? Have you considered the possibility?
I really like the idea of being able to interactively debug the rego tests (which conftest does not support since it doesn't have a REPL). I'm not sure what might be necessary to make that happen, but I think at the very least, data loading at #205 seems necessary.
That sounds like a great idea. I don't think fregot
should be a full alternative to conftest
but it definitely should be able to help debugging tests. I'll see if there's any further glue I need to add to make fregot
understand the conftest
conventions.
@Iristyle So I had a try with this. I create policy/deployment.rego
which has a main
package with deny
specified. I also created deployment.yaml
. I started fregot using:
fregot repl --watch --input deployment.yaml policy/
And was then able to start debugging the conftest policies using:
:break main.deny
data[_].deny
Does that suffice for your use case? I'm not sure how we can make this more convenient -- should we have a conftest helper that runs all deny
statements? For simple debugging, it just seems to work. Could you give this a try and see what is missing?