1
0

More tests for pass backend
All checks were successful
Run Python tests (through Pytest) / Test (push) Successful in 24s
Verify Python project can be installed, loaded and have version checked / Test (push) Successful in 21s
Python Ruff Code Quality / ruff (push) Successful in 22s

This commit is contained in:
Jon Michael Aanes 2024-10-27 18:00:32 +01:00
parent 81264a3b6c
commit fa3f8f38b4
Signed by: Jmaa
SSH Key Fingerprint: SHA256:Ab0GfHGCblESJx7JRE4fj4bFy/KRpeLhi41y4pF3sNA
2 changed files with 46 additions and 6 deletions

View File

@ -110,6 +110,7 @@ class SecretLoader:
self.vault_client = None self.vault_client = None
self.env_key_prefix = None self.env_key_prefix = None
self.secret_folder = None self.secret_folder = None
self.pass_executable = '/usr/bin/pass' # noqa: S105
# Setup environment # Setup environment
self.env_key_prefix = self._load_or_none(ENV_KEY_PREFIX) self.env_key_prefix = self._load_or_none(ENV_KEY_PREFIX)
@ -198,12 +199,19 @@ class SecretLoader:
if self.pass_folder is None: if self.pass_folder is None:
return None return None
try:
process = subprocess.run( # noqa: S603 process = subprocess.run( # noqa: S603
['/usr/bin/pass', 'show', f'{self.pass_folder}/{secret_name.lower()}'], [
self.pass_executable,
'show',
f'{self.pass_folder}/{secret_name.lower()}',
],
capture_output=True, capture_output=True,
check=False, check=False,
shell=False, shell=False,
) )
except FileNotFoundError:
return None
return self._convert_pass_process_result_to_password( return self._convert_pass_process_result_to_password(
process.returncode, process.returncode,

View File

@ -36,6 +36,38 @@ def test_fail_hardcoded_prefix_with_trailing_underscore():
secret_loader.SecretLoader(ENV_KEY_PREFIX='TEST_') secret_loader.SecretLoader(ENV_KEY_PREFIX='TEST_')
def test_fail_to_load_from_password_store_due_to_status():
loader = secret_loader.SecretLoader(
PASS_STORE_SUBFOLDER='test', # noqa: S106
)
loader.pass_executable = '/usr/bin/false' # noqa: S105
with pytest.raises(
ValueError,
match='Failed to load secret with key:.*UNKNOWN.*',
):
assert loader.load_or_fail('UNKNOWN')
def test_load_empty_from_password_store():
loader = secret_loader.SecretLoader(
PASS_STORE_SUBFOLDER='test', # noqa: S106
)
loader.pass_executable = '/usr/bin/true' # noqa: S105
assert loader.load_or_fail('UNKNOWN') == ''
def test_fail_due_to_unknown_executable():
loader = secret_loader.SecretLoader(
PASS_STORE_SUBFOLDER='test', # noqa: S106
)
loader.pass_executable = '/not/an/executable' # noqa: S105
with pytest.raises(
ValueError,
match='Failed to load secret with key:.*UNKNOWN.*',
):
assert loader.load_or_fail('UNKNOWN')
def test_lookup_unknown_or_fail(): def test_lookup_unknown_or_fail():
loader = secret_loader.SecretLoader( loader = secret_loader.SecretLoader(
ENV_KEY_PREFIX='TEST', ENV_KEY_PREFIX='TEST',