This tool allows you to easily run your cfn-guard tests against your cfn-guard rules.
cfn-guard-test is a tool that converts various reports into the JUnit format.
You can install the cfn-guard-test tool by running the following command:
pip install cfn_guard_testTypically, you would want to run your dependencies isolated. You can install cfn-guard-test in a venv
using the following commands:
python -m venv .venv
source .venv/bin/activate
pip install cfn_guard_testBuild the docker image
docker build -t cfn-guard-test-docker .Run the cfn-guard-test command as follows
docker run --rm -it -v `pwd`:/tests cfn-guard-test-docker cfn-guard-testTo use cfn-guard-test you just execute the following command:
cfn-guard-testThis will (by default) look for a test file in tests/reports and it there is a yaml file that matches the same name in
the reports folder. It will then validate the rules defined in the reports folder against the test definition.
You can get a more verbose output if you add one of the following commands:
cfn-guard-test -v
cfn-guard-test --verboseIf you use a different folder structure you can define the rules and test paths as followed:
cfn-guard-test \
--rules-path reports \
--test-path tests/reportsWhen you do not have the cfn-guard binary installed, and you need to supply an alternative path you can do that with
the following command:
cfn-guard-test \
--cfn-guard-path "/my/custom/path/cfn-guard"You can generate a JUnit XML Report using the --junit-path option. Once given it will generate a JUnit XML compatible
report at the given location. Example:
cfn-guard-test \
--junit-path "reports/cfn-guard.xml"