How would you test against policies which are stored in a database? #1589
-
|
I really like your way of testing like described here. Currently I am thinking about which way is best to store policies. Because I would like to use the API for changes while runtime I would like to use MySQL. But I am struggling with testing. How would you test against policies which are stored in a database? Thanks again, |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
The Cerbos testing framework is designed with the GitOps workflow in mind. The expectation is that any policy changes would go through a review process before being promoted to production. During that process the tests can be automatically run by the CI system to catch any problems. If you are using a database to store the policies because they need to modified on the fly, then does it make much sense to test them because you'd be doing that after they have already gone live? If you still want to go ahead with testing the policies you have in the database, you could use the |
Beta Was this translation helpful? Give feedback.
-
|
Makes sense. Thank you |
Beta Was this translation helpful? Give feedback.
The Cerbos testing framework is designed with the GitOps workflow in mind. The expectation is that any policy changes would go through a review process before being promoted to production. During that process the tests can be automatically run by the CI system to catch any problems.
If you are using a database to store the policies because they need to modified on the fly, then does it make much sense to test them because you'd be doing that after they have already gone live?
If you still want to go ahead with testing the policies you have in the database, you could use the
cerbosctl getcommand to pull down the currently active policies and write them to disk. Then you can copy over your…