aboutsummaryrefslogtreecommitdiffstats
path: root/railties/test/commands/credentials_test.rb
diff options
context:
space:
mode:
Diffstat (limited to 'railties/test/commands/credentials_test.rb')
-rw-r--r--railties/test/commands/credentials_test.rb152
1 files changed, 58 insertions, 94 deletions
diff --git a/railties/test/commands/credentials_test.rb b/railties/test/commands/credentials_test.rb
index 3dec6fbe10..974b34836b 100644
--- a/railties/test/commands/credentials_test.rb
+++ b/railties/test/commands/credentials_test.rb
@@ -10,9 +10,8 @@ require "tempfile"
class Rails::Command::CredentialsCommandTest < ActiveSupport::TestCase
include ActiveSupport::Testing::Isolation, EnvHelpers
- setup { build_app }
-
- teardown { teardown_app }
+ setup :build_app
+ teardown :teardown_app
test "edit without editor gives hint" do
run_edit_command(editor: "").tap do |output|
@@ -90,134 +89,95 @@ class Rails::Command::CredentialsCommandTest < ActiveSupport::TestCase
assert_match(/secret_key_base/, output)
end
- test "edit ask the user to opt in to pretty credentials" do
- assert_match(/Would you like to make the credentials diff from git/, run_edit_command)
+
+ test "show credentials" do
+ assert_match(/access_key_id: 123/, run_show_command)
end
- test "edit doesn't ask the user to opt in to pretty credentials when alreasy asked" do
- app_file("tmp/rails_pretty_credentials", "")
+ test "show command raises error when require_master_key is specified and key does not exist" do
+ remove_file "config/master.key"
+ add_to_config "config.require_master_key = true"
- assert_no_match(/Would you like to make the credentials diff from git/, run_edit_command)
+ assert_match(/Missing encryption key to decrypt file with/, run_show_command(allow_failure: true))
end
- test "edit doesn't ask the user to opt in when user already opted in" do
- content = <<~EOM
- [diff "rails_credentials"]
- textconv = bin/rails credentials:show
- EOM
- app_file(".git/config", content)
+ test "show command does not raise error when require_master_key is false and master key does not exist" do
+ remove_file "config/master.key"
+ add_to_config "config.require_master_key = false"
- assert_no_match(/Would you like to make the credentials diff from git/, run_edit_command)
+ assert_match(/Missing 'config\/master\.key' to decrypt credentials/, run_show_command)
end
- test "edit ask the user to opt in to pretty credentials, user accepts" do
- file = Tempfile.open("credentials_test")
- file.write("y")
- file.rewind
+ test "show command displays content specified by environment option" do
+ run_edit_command(environment: "production")
- run_edit_command(stdin: file.path)
+ assert_match(/access_key_id: 123/, run_show_command(environment: "production"))
+ end
- git_attributes = app_path(".gitattributes")
- expected = <<~EOM
- config/credentials/*.yml.enc diff=rails_credentials
- config/credentials.yml.enc diff=rails_credentials
- EOM
- assert(File.exist?(git_attributes))
- assert_equal(expected, File.read(git_attributes))
- Dir.chdir(app_path) do
- assert_equal("bin/rails credentials:show\n", `git config --get 'diff.rails_credentials.textconv'`)
- end
- ensure
- file.close!
+ test "show command properly expands environment option" do
+ run_edit_command(environment: "production")
+
+ output = run_show_command(environment: "prod")
+ assert_match(/access_key_id: 123/, output)
+ assert_no_match(/secret_key_base/, output)
end
- test "edit ask the user to opt in to pretty credentials, user refuses" do
- file = Tempfile.open("credentials_test")
- file.write("n")
- file.rewind
- run_edit_command(stdin: file.path)
+ test "diff enroll diffing" do
+ assert_match("successfully enrolled", run_diff_command(enroll: true))
- git_attributes = app_path(".gitattributes")
- assert_not(File.exist?(git_attributes))
- ensure
- file.close!
+ assert_equal <<~EOM, File.read(app_path(".gitattributes"))
+ config/credentials/*.yml.enc diff=rails_credentials
+ config/credentials.yml.enc diff=rails_credentials
+ EOM
end
- test "show credentials" do
- assert_match(/access_key_id: 123/, run_show_command)
+ test "running edit after enrolling in diffing sets diff driver" do
+ run_diff_command(enroll: true)
+ run_edit_command
+
+ Dir.chdir(app_path) do
+ assert_equal "bin/rails credentials:diff", `git config --get 'diff.rails_credentials.textconv'`.strip
+ end
end
- test "show command when argument is provided (from git diff left file)" do
+ test "diff from git diff left file" do
run_edit_command(environment: "development")
- assert_match(/access_key_id: 123/, run_show_command("config/credentials/development.yml.enc"))
+ assert_match(/access_key_id: 123/, run_diff_command("config/credentials/development.yml.enc"))
end
- test "show command when argument is provided (from git diff right file)" do
+ test "diff from git diff right file" do
run_edit_command(environment: "development")
- dir = Dir.mktmpdir
- file_path = File.join(dir, "KnAM4a_development.yml.enc")
- file_content = File.read(app_path("config", "credentials", "development.yml.enc"))
- File.write(file_path, file_content)
+ content_path = app_path("config", "credentials", "KnAM4a_development.yml.enc")
+ File.write(content_path,
+ File.read(app_path("config", "credentials", "development.yml.enc")))
- assert_match(/access_key_id: 123/, run_show_command(file_path))
- ensure
- FileUtils.rm_rf(dir)
+ assert_match(/access_key_id: 123/, run_diff_command(content_path))
end
- test "show command when argument is provided (git diff) and filename is the master credentials" do
- assert_match(/access_key_id: 123/, run_show_command("config/credentials.yml.enc"))
+ test "diff for main credentials" do
+ assert_match(/access_key_id: 123/, run_diff_command("config/credentials.yml.enc"))
end
- test "show command when argument is provided (git diff) and master key is not available" do
+ test "diff when master key is not available" do
remove_file "config/master.key"
raw_content = File.read(app_path("config", "credentials.yml.enc"))
- assert_match(raw_content, run_show_command("config/credentials.yml.enc"))
+ assert_match(raw_content, run_diff_command("config/credentials.yml.enc"))
end
- test "show command when argument is provided (git diff) return the raw encrypted content in an error occurs" do
+ test "diff returns raw encrypted content when errors occur" do
run_edit_command(environment: "development")
- dir = Dir.mktmpdir
- file_path = File.join(dir, "20190807development.yml.enc")
- file_content = File.read(app_path("config", "credentials", "development.yml.enc"))
- File.write(file_path, file_content)
+ content_path = app_path("20190807development.yml.enc")
+ encrypted_content = File.read(app_path("config", "credentials", "development.yml.enc"))
+ File.write(content_path, encrypted_content + "ruin decryption")
- assert_match(file_content, run_show_command(file_path))
- ensure
- FileUtils.rm_rf(dir)
+ assert_match(encrypted_content, run_diff_command(content_path))
end
- test "show command raises error when require_master_key is specified and key does not exist" do
- remove_file "config/master.key"
- add_to_config "config.require_master_key = true"
-
- assert_match(/Missing encryption key to decrypt file with/, run_show_command(allow_failure: true))
- end
-
- test "show command does not raise error when require_master_key is false and master key does not exist" do
- remove_file "config/master.key"
- add_to_config "config.require_master_key = false"
-
- assert_match(/Missing 'config\/master\.key' to decrypt credentials/, run_show_command)
- end
-
- test "show command displays content specified by environment option" do
- run_edit_command(environment: "production")
-
- assert_match(/access_key_id: 123/, run_show_command(environment: "production"))
- end
-
- test "show command properly expands environment option" do
- run_edit_command(environment: "production")
-
- output = run_show_command(environment: "prod")
- assert_match(/access_key_id: 123/, output)
- assert_no_match(/secret_key_base/, output)
- end
private
def run_edit_command(editor: "cat", environment: nil, **options)
@@ -227,9 +187,13 @@ class Rails::Command::CredentialsCommandTest < ActiveSupport::TestCase
end
end
- def run_show_command(path = nil, environment: nil, **options)
+ def run_show_command(environment: nil, **options)
args = environment ? ["--environment", environment] : []
- args.unshift(path)
rails "credentials:show", args, **options
end
+
+ def run_diff_command(path = nil, enroll: nil, **options)
+ args = enroll ? ["--enroll"] : [path]
+ rails "credentials:diff", args, **options
+ end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 04:40:37 +0000