YubicoLabs · jpreese · Mar 12, 2025 · Mar 12, 2025 · Mar 12, 2025 · Mar 12, 2025
diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml
@@ -7,12 +7,13 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: setup go
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v5
         with:
-          go-version: 1.15.x
+          go-version: 1.24
+          cache: false
 
       - name: checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: unit test
         run: go test -v ./...
@@ -26,12 +27,14 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: run action
         uses: './'
         with:
+          add-comment: false
           files: '.github/test/resources'
+          pull-url: 'https://github.com/YubicoLabs/action-conftest/tree/main/.github/test/policy'
           policy: '.github/test/policy/always_warn.rego'
           gh-token: ${{ secrets.GITHUB_TOKEN }}
           gh-comment-url: ${{ github.event.pull_request.comments_url }}
diff --git a/Dockerfile b/Dockerfile
@@ -1,6 +1,6 @@
-FROM instrumenta/conftest:v0.20.0 as conftest
+FROM openpolicyagent/conftest:v0.58.0 AS conftest
 
-FROM golang:1.15-alpine as builder
+FROM golang:1.24-alpine AS builder
 COPY --from=conftest /conftest /usr/local/bin/conftest
 COPY main.go .
 RUN go build -o /entrypoint main.go

diff --git a/action.yml b/action.yml
@@ -3,7 +3,8 @@ description: "Easily run Conftest, pull remote policies, surface the results, an
 branding:
   icon: "check-square"
   color: "purple"
-inputs: 
+
+inputs:
   files:
     description: "Files and/or folders for Conftest to test (space delimited)"
     required: true
@@ -59,6 +60,7 @@ inputs:
     description: "Name of the key in the details object that stores the policy ID"
     default: "policyID"
     required: false
+
 runs:
   using: 'docker'
   image: 'Dockerfile'

diff --git a/go.mod b/go.mod
@@ -0,0 +1,3 @@
+module github.com/YubicoLabs/action-conftest
+
+go 1.22.2
diff --git a/main.go b/main.go
@@ -35,24 +35,29 @@ type commentData struct {
 	DocsURL string
 }
 
-type jsonResult struct {
+// Result describes the result of a single rule evaluation.
+type Result struct {
 	Message  string                 `json:"msg"`
 	Metadata map[string]interface{} `json:"metadata,omitempty"`
+	Outputs  []string               `json:"outputs,omitempty"`
 }
 
-type jsonCheckResult struct {
-	Filename  string       `json:"filename"`
-	Successes []jsonResult `json:"successes"`
-	Warnings  []jsonResult `json:"warnings,omitempty"`
-	Failures  []jsonResult `json:"failures,omitempty"`
+type CheckResult struct {
+	FileName   string   `json:"filename"`
+	Namespace  string   `json:"namespace"`
+	Successes  int      `json:"successes"`
+	Skipped    []Result `json:"skipped,omitempty"`
+	Warnings   []Result `json:"warnings,omitempty"`
+	Failures   []Result `json:"failures,omitempty"`
+	Exceptions []Result `json:"exceptions,omitempty"`
 }
 
 type metricsSubmission struct {
-	SourceID  string            `json:"sourceID"`
-	Successes int               `json:"successes,omitempty"`
-	Warnings  metricsSeverity   `json:"warns,omitempty"`
-	Failures  metricsSeverity   `json:"fails,omitempty"`
-	Details   []jsonCheckResult `json:"details,omitempty"`
+	SourceID  string          `json:"sourceID"`
+	Successes int             `json:"successes,omitempty"`
+	Warnings  metricsSeverity `json:"warns,omitempty"`
+	Failures  metricsSeverity `json:"fails,omitempty"`
+	Details   []CheckResult   `json:"details,omitempty"`
 }
 
 type metricsSeverity struct {
@@ -111,10 +116,10 @@ func run() error {
 	var fails, warns []string
 	var successes int
 	for _, result := range results {
-		successes += len(result.Successes)
+		successes += result.Successes
 
 		for _, fail := range result.Failures {
-			fails = append(fails, fmt.Sprintf("%s - %s", result.Filename, fail.Message))
+			fails = append(fails, fmt.Sprintf("%s - %s", result.FileName, fail.Message))
 			policyID, err := getPolicyIDFromMetadata(fail.Metadata, policyIDKey)
 			if err != nil {
 				continue
@@ -125,7 +130,7 @@ func run() error {
 		}
 
 		for _, warn := range result.Warnings {
-			warns = append(warns, fmt.Sprintf("%s - %s", result.Filename, warn.Message))
+			warns = append(warns, fmt.Sprintf("%s - %s", result.FileName, warn.Message))
 			policyID, err := getPolicyIDFromMetadata(warn.Metadata, policyIDKey)
 			if err != nil {
 				continue
@@ -264,7 +269,7 @@ func runConftestPull(url string) error {
 	return nil
 }
 
-func runConftestTest() ([]jsonCheckResult, error) {
+func runConftestTest() ([]CheckResult, error) {
 	args := []string{"test", "--no-color", "--output", "json"}
 	flags := getFlagsFromEnv()
 	args = append(args, flags...)
@@ -274,9 +279,9 @@ func runConftestTest() ([]jsonCheckResult, error) {
 	cmd := exec.Command("conftest", args...)
 	out, _ := cmd.CombinedOutput() // intentionally ignore errors so we can parse the results
 
-	var results []jsonCheckResult
+	var results []CheckResult
 	if err := json.Unmarshal(out, &results); err != nil {
-		return nil, fmt.Errorf("%s", string(out))
+		return nil, fmt.Errorf("%s -- error is: %v", string(out), err)
 	}
 
 	return results, nil
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		module github.com/YubicoLabs/action-conftest

		go 1.22.2