zuul/zuul
Code Issues Proposed changes

Merge "zuul-client: test encryption of large secrets"

Browse Source
This commit is contained in:
Zuul
2021-01-29 02:17:55 +00:00
committed by Gerrit Code Review
parent d12e582148 c6c4b190e3
commit a8ebbd6711
1 changed files with 21 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
tests/zuul_client/test_zuulclient.py
View File

@@ -40,6 +40,7 @@ class TestZuulClientEncrypt(BaseTestWeb):
tenant_config_file = 'config/secrets/main.yaml'
config_file = 'zuul-admin-web.conf'
secret = {'password': 'zuul-client'}
large_secret = {'key': (('a' * 79 + '\n') * 50)[:-1]}
def setUp(self):
super(TestZuulClientEncrypt, self).setUp()
@@ -52,6 +53,21 @@ class TestZuulClientEncrypt(BaseTestWeb):
secrets.append(pb['secrets'])
return secrets
def test_encrypt_large_secret(self):
"""Test that we can use zuul-client to encrypt a large secret"""
p = subprocess.Popen(
['zuul-client',
'--zuul-url', self.base_url,
'encrypt', '--tenant', 'tenant-one', '--project', 'org/project2',
'--secret-name', 'my_secret', '--field-name', 'key'],
stdout=subprocess.PIPE, stdin=subprocess.PIPE)
p.stdin.write(
str.encode(self.large_secret['key'])
)
output, error = p.communicate()
p.stdin.close()
self._test_encrypt(self.large_secret, output, error)
def test_encrypt(self):
"""Test that we can use zuul-client to generate a project secret"""
p = subprocess.Popen(
@@ -65,7 +81,7 @@ class TestZuulClientEncrypt(BaseTestWeb):
)
output, error = p.communicate()
p.stdin.close()
self._test_encrypt(output, error)
self._test_encrypt(self.secret, output, error)
def test_encrypt_outfile(self):
"""Test that we can use zuul-client to generate a project secret to a
@@ -84,7 +100,7 @@ class TestZuulClientEncrypt(BaseTestWeb):
_, error = p.communicate()
p.stdin.close()
output = outfile.read()
self._test_encrypt(output, error)
self._test_encrypt(self.secret, output, error)
def test_encrypt_infile(self):
"""Test that we can use zuul-client to generate a project secret from
@@ -103,9 +119,9 @@ class TestZuulClientEncrypt(BaseTestWeb):
stdout=subprocess.PIPE)
output, error = p.communicate()
os.unlink(infile.name)
self._test_encrypt(output, error)
self._test_encrypt(self.secret, output, error)
def _test_encrypt(self, output, error):
def _test_encrypt(self, _secret, output, error):
self.assertEqual(None, error, error)
self.assertTrue(b'- secret:' in output, output.decode())
new_repo_conf = output.decode()
@@ -151,7 +167,7 @@ class TestZuulClientEncrypt(BaseTestWeb):
secrets = self._getSecrets('project2-secret', 'playbooks')
self.assertEqual(
secrets,
[{'my_secret': self.secret}],
[{'my_secret': _secret}],
secrets)