It’s time to start validating your project’s configuration files as part of your CI/CD pipeline
Clayton Kehoe
Posted on March 26, 2024
Configuration files are often an overlooked part of the code base but syntax errors in config files are one of the main causes of production bugs. They can also cause failures in expensive CI/CD test operations such as infrastructure provisioning or functional test execution. You don’t want to wait until late in your pipeline to discover that there is a syntax error in your configuration files.
Teams mistakenly believe that their unit tests will catch errors in configuration file syntax but that often isn’t the case. Unit tests usually avoid reading in configuration files from the file system instead opting to mock the read-in configuration with an object. Even if tests do read in the configuration files there are typically different configuration files for each environment such as dev, test, staging, and prod so you’d have to make sure to cover each file in your tests. Also for some DevSecOps tools that are heavily driven by configuration files there is no unit test suite to use to validate the configuration files.
There are a couple tools to help with this:
- Dhall - configuration files as code
- config-file-validator - single tool to validate the syntax of every popular configuration file type. Has a github action that you can integrate into an existing GitHub actions workflow (full disclosure - this is my project)
These tools can run during the lint or static analysis stages of your pipeline and make sure that simple syntax errors are caught early in the pipeline rather than later during costly testing stages or production release
Posted on March 26, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.