Docs
Common Use Cases
Conftest
Conftest Policy Checking

Conftest Policy Checking

Require Conftest (opens in a new tab) policies to pass for a Plan operation to succeed.

workflows:
  - tag_query: ""
    plan:
      - type: init
      - type: plan
      - type: run
        cmd: ["bash", "-c",
          "terraform show -json ${TERRATEAM_PLAN_FILE} > ${TERRATEAM_PLAN_FILE}.json && \
           conftest test ${TERRATEAM_PLAN_FILE}.json ."]
        capture_output: true

Conftest will look for policies in the policy directory where Terrateam is operating against. For example, if a pull request contains a change for the file foo/bar/main.tf in the root of your repository, then conftest will look for rego policy files in the foo/bar/policy/ directory. This can be overriden with the --policy flag.

The full list of conftest configuration options can be found here: https://www.conftest.dev/options/ (opens in a new tab)