From 039380e3eeb24ed17f1824183b94638f0cfff747 Mon Sep 17 00:00:00 2001 From: David Heinemeier Hansson Date: Thu, 23 Feb 2017 15:55:15 +0100 Subject: Revert "Add encrypted secrets" (#28127) --- railties/test/generators/app_generator_test.rb | 1 - .../generators/encrypted_secrets_generator_test.rb | 42 -------- railties/test/isolation/abstract_unit.rb | 1 - railties/test/secrets_test.rb | 108 --------------------- 4 files changed, 152 deletions(-) delete mode 100644 railties/test/generators/encrypted_secrets_generator_test.rb delete mode 100644 railties/test/secrets_test.rb (limited to 'railties/test') diff --git a/railties/test/generators/app_generator_test.rb b/railties/test/generators/app_generator_test.rb index 986afb6d2a..1ac2b4cde0 100644 --- a/railties/test/generators/app_generator_test.rb +++ b/railties/test/generators/app_generator_test.rb @@ -335,7 +335,6 @@ class AppGeneratorTest < Rails::Generators::TestCase end assert_file "config/environments/production.rb" do |content| assert_match(/# config\.action_mailer\.raise_delivery_errors = false/, content) - assert_match(/^ config\.read_encrypted_secrets = true/, content) end end diff --git a/railties/test/generators/encrypted_secrets_generator_test.rb b/railties/test/generators/encrypted_secrets_generator_test.rb deleted file mode 100644 index 747abf19ed..0000000000 --- a/railties/test/generators/encrypted_secrets_generator_test.rb +++ /dev/null @@ -1,42 +0,0 @@ -require "generators/generators_test_helper" -require "rails/generators/rails/encrypted_secrets/encrypted_secrets_generator" - -class EncryptedSecretsGeneratorTest < Rails::Generators::TestCase - include GeneratorsTestHelper - - def setup - super - cd destination_root - end - - def test_generates_key_file_and_encrypted_secrets_file - run_generator - - assert_file "config/secrets.yml.key", /[\w\d]+/ - - assert File.exist?("config/secrets.yml.enc") - assert_no_match(/production:\n# external_api_key: [\w\d]+/, IO.binread("config/secrets.yml.enc")) - assert_match(/production:\n# external_api_key: [\w\d]+/, Rails::Secrets.read) - end - - def test_appends_to_gitignore - FileUtils.touch(".gitignore") - - run_generator - - assert_file ".gitignore", /config\/secrets.yml.key/, /(?!config\/secrets.yml.enc)/ - end - - def test_warns_when_ignore_is_missing - assert_match(/Add this to your ignore file/i, run_generator) - end - - def test_doesnt_generate_a_new_key_file_if_already_opted_in_to_encrypted_secrets - FileUtils.mkdir("config") - File.open("config/secrets.yml.enc", "w") { |f| f.puts "already secrety" } - - run_generator - - assert_no_file "config/secrets.yml.key" - end -end diff --git a/railties/test/isolation/abstract_unit.rb b/railties/test/isolation/abstract_unit.rb index 924503a522..1902eac862 100644 --- a/railties/test/isolation/abstract_unit.rb +++ b/railties/test/isolation/abstract_unit.rb @@ -22,7 +22,6 @@ require "active_support/core_ext/object/blank" require "active_support/testing/isolation" require "active_support/core_ext/kernel/reporting" require "tmpdir" -require "rails/secrets" module TestHelpers module Paths diff --git a/railties/test/secrets_test.rb b/railties/test/secrets_test.rb deleted file mode 100644 index 36e42cf1f9..0000000000 --- a/railties/test/secrets_test.rb +++ /dev/null @@ -1,108 +0,0 @@ -require "abstract_unit" -require "isolation/abstract_unit" -require "rails/generators" -require "rails/generators/rails/encrypted_secrets/encrypted_secrets_generator" -require "rails/secrets" - -class Rails::SecretsTest < ActiveSupport::TestCase - include ActiveSupport::Testing::Isolation - - def setup - build_app - - @old_read_encrypted_secrets, Rails::Secrets.read_encrypted_secrets = - Rails::Secrets.read_encrypted_secrets, true - end - - def teardown - Rails::Secrets.read_encrypted_secrets = @old_read_encrypted_secrets - - teardown_app - end - - test "setting read to false skips parsing" do - Rails::Secrets.read_encrypted_secrets = false - - Dir.chdir(app_path) do - assert_equal Hash.new, Rails::Secrets.parse(%w( config/secrets.yml.enc ), env: "production") - end - end - - test "raises when reading secrets without a key" do - run_secrets_generator do - FileUtils.rm("config/secrets.yml.key") - - assert_raises Rails::Secrets::MissingKeyError do - Rails::Secrets.key - end - end - end - - test "reading with ENV variable" do - run_secrets_generator do - begin - old_key = ENV["RAILS_MASTER_KEY"] - ENV["RAILS_MASTER_KEY"] = IO.binread("config/secrets.yml.key").strip - FileUtils.rm("config/secrets.yml.key") - - assert_match "production:\n# external_api_key", Rails::Secrets.read - ensure - ENV["RAILS_MASTER_KEY"] = old_key - end - end - end - - test "reading from key file" do - run_secrets_generator do - File.binwrite("config/secrets.yml.key", "How do I know you feel it?") - - assert_equal "How do I know you feel it?", Rails::Secrets.key - end - end - - test "editing" do - run_secrets_generator do - decrypted_path = nil - - Rails::Secrets.read_for_editing do |tmp_path| - decrypted_path = tmp_path - - assert_match(/production:\n# external_api_key/, File.read(tmp_path)) - - File.write(tmp_path, "Empty streets, empty nights. The Downtown Lights.") - end - - assert_not File.exist?(decrypted_path) - assert_equal "Empty streets, empty nights. The Downtown Lights.", Rails::Secrets.read - end - end - - test "merging secrets with encrypted precedence" do - run_secrets_generator do - File.write("config/secrets.yml", <<-end_of_secrets) - test: - yeah_yeah: lets-go-walking-down-this-empty-street - end_of_secrets - - Rails::Secrets.write(<<-end_of_secrets) - test: - yeah_yeah: lets-walk-in-the-cool-evening-light - end_of_secrets - - Rails.application.config.root = app_path - Rails.application.instance_variable_set(:@secrets, nil) # Dance around caching 💃🕺 - assert_equal "lets-walk-in-the-cool-evening-light", Rails.application.secrets.yeah_yeah - end - end - - private - def run_secrets_generator - Dir.chdir(app_path) do - capture(:stdout) do - Rails::Generators::EncryptedSecretsGenerator.start - end - - yield - end - end -end -- cgit v1.2.3