From 8a331566bfe05ccc85f25805693aa892cec449a5 Mon Sep 17 00:00:00 2001 From: "yuuji.yaginuma" Date: Fri, 15 Sep 2017 14:31:02 +0900 Subject: Add tests for credentials command --- railties/test/commands/credentials_test.rb | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'railties/test/commands') diff --git a/railties/test/commands/credentials_test.rb b/railties/test/commands/credentials_test.rb index fe52c306d2..743fb5f788 100644 --- a/railties/test/commands/credentials_test.rb +++ b/railties/test/commands/credentials_test.rb @@ -12,6 +12,21 @@ class Rails::Command::CredentialsCommandTest < ActiveSupport::TestCase teardown { teardown_app } + test "edit without editor gives hint" do + assert_match "No $EDITOR to open credentials in", run_edit_command(editor: "") + end + + test "edit credentials" do + # Run twice to ensure credentials can be reread after first edit pass. + 2.times do + assert_match(/access_key_id: 123/, run_edit_command) + end + end + + test "show credentials" do + assert_match(/access_key_id: 123/, run_show_command) + end + test "edit command does not add master key to gitignore when already exist" do run_edit_command @@ -27,4 +42,8 @@ class Rails::Command::CredentialsCommandTest < ActiveSupport::TestCase rails "credentials:edit" end end + + def run_show_command + rails "credentials:show" + end end -- cgit v1.2.3 From 59a02fb7bcbe68f26e1e7fdcec45c00c66e4a065 Mon Sep 17 00:00:00 2001 From: eileencodes Date: Tue, 26 Sep 2017 13:27:53 -0400 Subject: Implement H2 Early Hints for Rails When puma/puma#1403 is merged Puma will support the Early Hints status code for sending assets before a request has finished. While the Early Hints spec is still in draft, this PR prepares Rails to allowing this status code. If the proxy server supports Early Hints, it will send H2 pushes to the client. This PR adds a method for setting Early Hints Link headers via Rails, and also automatically sends Early Hints if supported from the `stylesheet_link_tag` and the `javascript_include_tag`. Once puma supports Early Hints the `--early-hints` argument can be passed to the server to enable this or set in the puma config with `early_hints(true)`. Note that for Early Hints to work in the browser the requirements are 1) a proxy that can handle H2, and 2) HTTPS. To start the server with Early Hints enabled pass `--early-hints` to `rails s`. This has been verified to work with h2o, Puma, and Rails with Chrome. The commit adds a new option to the rails server to enable early hints for Puma. Early Hints spec: https://tools.ietf.org/html/draft-ietf-httpbis-early-hints-04 [Eileen M. Uchitelle, Aaron Patterson] --- railties/test/commands/server_test.rb | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'railties/test/commands') diff --git a/railties/test/commands/server_test.rb b/railties/test/commands/server_test.rb index 556c2289e7..a6201e4f04 100644 --- a/railties/test/commands/server_test.rb +++ b/railties/test/commands/server_test.rb @@ -81,6 +81,18 @@ class Rails::ServerTest < ActiveSupport::TestCase assert_equal false, options[:caching] end + def test_early_hints_with_option + args = ["--early-hints"] + options = parse_arguments(args) + assert_equal true, options[:early_hints] + end + + def test_early_hints_is_nil_by_default + args = [] + options = parse_arguments(args) + assert_nil options[:early_hints] + end + def test_log_stdout with_rack_env nil do with_rails_env nil do -- cgit v1.2.3 From c4bbce969779179457218558be7554b4ee4b3230 Mon Sep 17 00:00:00 2001 From: "yuuji.yaginuma" Date: Sun, 8 Oct 2017 13:09:30 +0900 Subject: Simplify parse arguments in `ConsoleTest` If need a parse result of arguments, can obtain it by creating an instance of the command. --- railties/test/commands/console_test.rb | 19 +++---------------- 1 file changed, 3 insertions(+), 16 deletions(-) (limited to 'railties/test/commands') diff --git a/railties/test/commands/console_test.rb b/railties/test/commands/console_test.rb index 7eb26c355c..45ab8d87ff 100644 --- a/railties/test/commands/console_test.rb +++ b/railties/test/commands/console_test.rb @@ -172,21 +172,8 @@ class Rails::ConsoleTest < ActiveSupport::TestCase end def parse_arguments(args) - Rails::Command::ConsoleCommand.class_eval do - alias_method :old_perform, :perform - define_method(:perform) do - extract_environment_option_from_argument - - options - end - end - - Rails::Command.invoke(:console, args) - ensure - Rails::Command::ConsoleCommand.class_eval do - undef_method :perform - alias_method :perform, :old_perform - undef_method :old_perform - end + command = Rails::Command::ConsoleCommand.new([], args) + command.send(:extract_environment_option_from_argument) + command.options end end -- cgit v1.2.3 From edf167e84829e505b89e32f6ef4987f720f19627 Mon Sep 17 00:00:00 2001 From: Pierre Hedkvist Date: Fri, 13 Oct 2017 13:21:11 +0000 Subject: Added test case for starting rails with daemon option, this should set the option[:daemonize] to true, otherwise the option[:daemonize] will be set to false --- railties/test/commands/server_test.rb | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'railties/test/commands') diff --git a/railties/test/commands/server_test.rb b/railties/test/commands/server_test.rb index a6201e4f04..60bb8ca1db 100644 --- a/railties/test/commands/server_test.rb +++ b/railties/test/commands/server_test.rb @@ -22,6 +22,18 @@ class Rails::ServerTest < ActiveSupport::TestCase assert_nil options[:server] end + def test_server_option_with_daemon + args = ["-d"] + options = parse_arguments(args) + assert_equal true, options[:daemonize] + end + + def test_server_option_without_daemon + args = [] + options = parse_arguments(args) + assert_equal false, options[:daemonize] + end + def test_server_option_without_environment args = ["thin"] with_rack_env nil do -- cgit v1.2.3 From 6a7559417f91429f9f2006c5406e0387923c7312 Mon Sep 17 00:00:00 2001 From: "yuuji.yaginuma" Date: Sat, 14 Oct 2017 07:27:12 +0900 Subject: Fix test name for daemon option test In this test file, "server option" refers to the server used to start Rails(e.g. `puma`, `thin`). But this test, "server option" is not specified. Therefore, I think that it is incorrect that `server_option` is included in the test name. --- railties/test/commands/server_test.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'railties/test/commands') diff --git a/railties/test/commands/server_test.rb b/railties/test/commands/server_test.rb index 60bb8ca1db..33715ea75f 100644 --- a/railties/test/commands/server_test.rb +++ b/railties/test/commands/server_test.rb @@ -22,13 +22,13 @@ class Rails::ServerTest < ActiveSupport::TestCase assert_nil options[:server] end - def test_server_option_with_daemon + def test_daemon_with_option args = ["-d"] options = parse_arguments(args) assert_equal true, options[:daemonize] end - def test_server_option_without_daemon + def test_daemon_without_option args = [] options = parse_arguments(args) assert_equal false, options[:daemonize] -- cgit v1.2.3 From bb30f05f3858f97791f0e1530e625b7ea2c6c5e2 Mon Sep 17 00:00:00 2001 From: Kasper Timm Hansen Date: Sun, 12 Nov 2017 17:32:52 +0100 Subject: Deprecate encrypted secrets in favor of credentials. Allow edits of existing encrypted secrets generated on Rails 5.1, but refer to credentials when attempting to setup. This also removes the need for any of the setup code, so the generator can be ripped out altogether. --- railties/test/commands/secrets_test.rb | 49 +++++++++++++++++++++++++--------- 1 file changed, 37 insertions(+), 12 deletions(-) (limited to 'railties/test/commands') diff --git a/railties/test/commands/secrets_test.rb b/railties/test/commands/secrets_test.rb index 66a81826e3..6b9f284a0c 100644 --- a/railties/test/commands/secrets_test.rb +++ b/railties/test/commands/secrets_test.rb @@ -8,21 +8,38 @@ require "rails/commands/secrets/secrets_command" class Rails::Command::SecretsCommandTest < ActiveSupport::TestCase include ActiveSupport::Testing::Isolation, EnvHelpers - def setup - build_app + setup :build_app + teardown :teardown_app + + test "edit without editor gives hint" do + assert_match "No $EDITOR to open decrypted secrets in", run_edit_command(editor: "") end - def teardown - teardown_app + test "encrypted secrets are deprecated when using credentials" do + assert_match "Encrypted secrets is deprecated", run_setup_command + assert_equal 1, $?.exitstatus + assert_not File.exist?("config/secrets.yml.enc") end - test "edit without editor gives hint" do - assert_match "No $EDITOR to open decrypted secrets in", run_edit_command(editor: "") + test "encrypted secrets are deprecated when running edit without setup" do + assert_match "Encrypted secrets is deprecated", run_setup_command + assert_equal 1, $?.exitstatus + assert_not File.exist?("config/secrets.yml.enc") + end + + test "encrypted secrets are deprecated for 5.1 config/secrets.yml apps" do + Dir.chdir(app_path) do + FileUtils.rm("config/credentials.yml.enc") + FileUtils.touch("config/secrets.yml") + + assert_match "Encrypted secrets is deprecated", run_setup_command + assert_equal 1, $?.exitstatus + assert_not File.exist?("config/secrets.yml.enc") + end end test "edit secrets" do - # Runs setup before first edit. - assert_match(/Adding config\/secrets\.yml\.key to store the encryption key/, run_edit_command) + prevent_deprecation # Run twice to ensure encrypted secrets can be reread after first edit pass. 2.times do @@ -31,22 +48,30 @@ class Rails::Command::SecretsCommandTest < ActiveSupport::TestCase end test "show secrets" do - run_setup_command + prevent_deprecation + assert_match(/external_api_key: 1466aac22e6a869134be3d09b9e89232fc2c2289/, run_show_command) end private + def prevent_deprecation + Dir.chdir(app_path) do + File.write("config/secrets.yml.key", "f731758c639da2604dfb6bf3d1025de8") + File.write("config/secrets.yml.enc", "sEB0mHxDbeP1/KdnMk00wyzPFACl9K6t0cZWn5/Mfx/YbTHvnI07vrneqHg9kaH3wOS7L6pIQteu1P077OtE4BSx/ZRc/sgQPHyWu/tXsrfHqnPNpayOF/XZqizE91JacSFItNMWpuPsp9ynbzz+7cGhoB1S4aPNIU6u0doMrzdngDbijsaAFJmsHIQh6t/QHoJx--8aMoE0PvUWmw1Iqz--ldFqnM/K0g9k17M8PKoN/Q==") + end + end + def run_edit_command(editor: "cat") switch_env("EDITOR", editor) do - rails "secrets:edit" + rails "secrets:edit", allow_failure: true end end def run_show_command - rails "secrets:show" + rails "secrets:show", allow_failure: true end def run_setup_command - rails "secrets:setup" + rails "secrets:setup", allow_failure: true end end -- cgit v1.2.3 From 7a8728a03986489e1c843ed850afc2c16fb6eb06 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wojciech=20Wn=C4=99trzak?= Date: Tue, 14 Nov 2017 11:44:23 +0100 Subject: Add CLI to manage encrypted files/configs. To edit/show encrypted file: ``` bin/rails encrypted:edit config/staging_tokens.yml.enc bin/rails encrypted:edit config/staging_tokens.yml.enc --key config/staging.key bin/rails encrypted:show config/staging_tokens.yml.enc ``` Also provides a backing Rails.application.encrypted API for Ruby access: ```ruby Rails.application.encrypted("config/staging_tokens.yml.enc").read Rails.application.encrypted("config/staging_tokens.yml.enc").config Rails.application.encrypted("config/staging_tokens.yml.enc", key: "config/staging.key") ``` --- railties/test/commands/credentials_test.rb | 5 +- railties/test/commands/encrypted_test.rb | 80 ++++++++++++++++++++++++++++++ 2 files changed, 84 insertions(+), 1 deletion(-) create mode 100644 railties/test/commands/encrypted_test.rb (limited to 'railties/test/commands') diff --git a/railties/test/commands/credentials_test.rb b/railties/test/commands/credentials_test.rb index 743fb5f788..4ef827fcf1 100644 --- a/railties/test/commands/credentials_test.rb +++ b/railties/test/commands/credentials_test.rb @@ -13,7 +13,10 @@ class Rails::Command::CredentialsCommandTest < ActiveSupport::TestCase teardown { teardown_app } test "edit without editor gives hint" do - assert_match "No $EDITOR to open credentials in", run_edit_command(editor: "") + run_edit_command(editor: "").tap do |output| + assert_match "No $EDITOR to open file in", output + assert_match "bin/rails credentials:edit", output + end end test "edit credentials" do diff --git a/railties/test/commands/encrypted_test.rb b/railties/test/commands/encrypted_test.rb new file mode 100644 index 0000000000..0461493f2a --- /dev/null +++ b/railties/test/commands/encrypted_test.rb @@ -0,0 +1,80 @@ +# frozen_string_literal: true + +require "isolation/abstract_unit" +require "env_helpers" +require "rails/command" +require "rails/commands/encrypted/encrypted_command" + +class Rails::Command::EncryptedCommandTest < ActiveSupport::TestCase + include ActiveSupport::Testing::Isolation, EnvHelpers + + setup :build_app + teardown :teardown_app + + test "edit without editor gives hint" do + run_edit_command("config/tokens.yml.enc", editor: "").tap do |output| + assert_match "No $EDITOR to open file in", output + assert_match "bin/rails encrypted:edit", output + end + end + + test "edit encrypted file" do + # Run twice to ensure file can be reread after first edit pass. + 2.times do + assert_match(/access_key_id: 123/, run_edit_command("config/tokens.yml.enc")) + end + end + + test "edit command does not add master key to gitignore when already exist" do + run_edit_command("config/tokens.yml.enc") + + Dir.chdir(app_path) do + assert_match "/config/master.key", File.read(".gitignore") + end + end + + test "edit encrypts file with custom key" do + run_edit_command("config/tokens.yml.enc", key: "config/tokens.key") + + Dir.chdir(app_path) do + assert File.exist?("config/tokens.yml.enc") + assert File.exist?("config/tokens.key") + + assert_match "/config/tokens.key", File.read(".gitignore") + end + + assert_match(/access_key_id: 123/, run_edit_command("config/tokens.yml.enc", key: "config/tokens.key")) + end + + test "show encrypted file with custom key" do + run_edit_command("config/tokens.yml.enc", key: "config/tokens.key") + + assert_match(/access_key_id: 123/, run_show_command("config/tokens.yml.enc", key: "config/tokens.key")) + end + + test "won't corrupt encrypted file when passed wrong key" do + run_edit_command("config/tokens.yml.enc", key: "config/tokens.key") + + assert_match "passed the wrong key", + run_edit_command("config/tokens.yml.enc", allow_failure: true) + + assert_match(/access_key_id: 123/, run_show_command("config/tokens.yml.enc", key: "config/tokens.key")) + end + + private + def run_edit_command(file, key: nil, editor: "cat", **options) + switch_env("EDITOR", editor) do + rails "encrypted:edit", prepare_args(file, key), **options + end + end + + def run_show_command(file, key: nil) + rails "encrypted:show", prepare_args(file, key) + end + + def prepare_args(file, key) + args = [ file ] + args.push("--key", key) if key + args + end +end -- cgit v1.2.3 From f7e3c686685fb89e67293440d24356f93fa34847 Mon Sep 17 00:00:00 2001 From: "yuuji.yaginuma" Date: Thu, 30 Nov 2017 08:01:21 +0900 Subject: Do not overwrite by default if credentials already exists Fixes #31286 --- railties/test/commands/credentials_test.rb | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'railties/test/commands') diff --git a/railties/test/commands/credentials_test.rb b/railties/test/commands/credentials_test.rb index 4ef827fcf1..f1bb1ef08a 100644 --- a/railties/test/commands/credentials_test.rb +++ b/railties/test/commands/credentials_test.rb @@ -39,6 +39,14 @@ class Rails::Command::CredentialsCommandTest < ActiveSupport::TestCase end end + test "edit command does not overwrite by default if credentials already exists" do + run_edit_command(editor: "eval echo api_key: abc >") + assert_match(/api_key: abc/, run_show_command) + + run_edit_command + assert_match(/api_key: abc/, run_show_command) + end + private def run_edit_command(editor: "cat") switch_env("EDITOR", editor) do -- cgit v1.2.3