Testing your components and applications
You can ensure that your applications are stable, secure, compliant, and mutually compatible by implementing tests for Konflux to run on their components. There are currently 3 types of tests in Konflux:
-
Build-time tests
-
Custom tests
-
Integration tests
The following sections explain each of these test types in greater detail.
Build-time tests
Build-time tests in Konflux ensure the stability and security of the application, its components, its build pipeline, and the environment in which it is being tested.
The build-time tests used in Konflux are executed in the form of Tekton tasks. The utility used for validating container information is conftest. A full listing of Konflux surface-level tests is available in this document: Build-time tests.
Build-time tests include the following security-focused tests:
-
Vulnerability scanning via Clair
-
Anti-virus scanning via ClamAV
-
Code scanning via SAST tools
-
You can enable the Snyk test by following these instructions.
-
You can also create your own build-time tests. To add a custom build-time test for a component, customize its build pipeline to include the test as another Tekton task.
These tests are coupled with the building of artifacts. In order to rerun the tests, the build pipeline will need to be rerun and the newly produced artifact will be tested as described in retriggering build pipelines.
Integration tests
Integration tests ensure that all components within an application are able to work together at the same time. You can add an integration test, simply by giving Konflux the address to a GitHub repo, and the path within that repo to an IntegrationTestScenario (ITS). An ITS is a YAML file, one that contains a Tekton Pipeline that defines an integration test.
Konflux runs integration tests after it successfully builds the various components of an application. As part of the build process, Konflux creates an image for each component and stores them in a repository. Images of all the components are then compiled into a snapshot of the application. Konflux tests the snapshot against user-defined IntegrationTestScenarios, which, again, is a YAML file in a GitHub repository.
As with build-time tests, you can also create your own integration tests. To add your own test that runs on all components of an application, create a custom integration test.
The integration service provides users with the ability to reset their component’s Global Candidate List to a desired state with a manually created override
, you can create an override snapshot and provide a valid container image for component to reset the component’s Global Candidate List.
While these tests are triggered after new artifacts are built (for example after build pipelines have successfully completed), their execution can be retriggered without building new artifacts. This process is described in retriggering integration tests.