spacebar/kamal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7da03fd94c00b122010e265e2e3ef17873fd3f19
kamal/test/secrets/passbolt_adapter.rb
acidtib aa12dc1d12 remove unnecessary blank lines
2025-02-21 17:52:17 -07:00

475 lines
16 KiB
Ruby
Raw Blame History

require "test_helper"
class PassboltAdapterTest < SecretAdapterTestCase
setup do
`true` # Ensure $? is 0
end
test "fetch" do
stub_ticks_with("passbolt --version 2> /dev/null", succeed: true)
stub_ticks.with("passbolt verify 2> /dev/null", succeed: true)
stub_ticks
.with("passbolt list resources --filter 'Name == \"SECRET1\" || Name == \"FSECRET1\" || Name == \"FSECRET2\"' --json")
.returns(<<~JSON)
[
{
"id": "4c116996-f6d0-4342-9572-0d676f75b3ac",
"folder_parent_id": "",
"name": "FSECRET1",
"username": "",
"uri": "",
"password": "fsecret1",
"description": "",
"created_timestamp": "2025-02-21T06:04:29Z",
"modified_timestamp": "2025-02-21T06:04:29Z"
},
{
"id": "62949b26-4957-43fe-9523-294d66861499",
"folder_parent_id": "",
"name": "FSECRET2",
"username": "",
"uri": "",
"password": "fsecret2",
"description": "",
"created_timestamp": "2025-02-21T06:04:34Z",
"modified_timestamp": "2025-02-21T06:04:34Z"
},
{
"id": "dd32963c-0db5-4303-a6fc-22c5229dabef",
"folder_parent_id": "",
"name": "SECRET1",
"username": "",
"uri": "",
"password": "secret1",
"description": "",
"created_timestamp": "2025-02-21T06:04:23Z",
"modified_timestamp": "2025-02-21T06:04:23Z"
}
]
JSON
json = JSON.parse(
shellunescape run_command("fetch", "SECRET1", "FSECRET1", "FSECRET2")
)
expected_json = {
"SECRET1"=>"secret1",
"FSECRET1"=>"fsecret1",
"FSECRET2"=>"fsecret2"
}
assert_equal expected_json, json
end
test "fetch with --from" do
stub_ticks_with("passbolt --version 2> /dev/null", succeed: true)
stub_ticks.with("passbolt verify 2> /dev/null", succeed: true)
stub_ticks
.with("passbolt list folders --filter 'Name == \"my-project\"' --json")
.returns(<<~JSON)
[
{
"id": "dcbe0e39-42d8-42db-9637-8256b9f2f8e3",
"folder_parent_id": "",
"name": "my-project",
"created_timestamp": "2025-02-21T19:52:50Z",
"modified_timestamp": "2025-02-21T19:52:50Z"
}
]
JSON
stub_ticks
.with("passbolt list resources --filter '(Name == \"SECRET1\" && FolderParentID == \"dcbe0e39-42d8-42db-9637-8256b9f2f8e3\") || (Name == \"FSECRET1\" && FolderParentID == \"dcbe0e39-42d8-42db-9637-8256b9f2f8e3\") || (Name == \"FSECRET2\" && FolderParentID == \"dcbe0e39-42d8-42db-9637-8256b9f2f8e3\")' --folder dcbe0e39-42d8-42db-9637-8256b9f2f8e3 --json")
.returns(<<~JSON)
[
{
"id": "4c116996-f6d0-4342-9572-0d676f75b3ac",
"folder_parent_id": "dcbe0e39-42d8-42db-9637-8256b9f2f8e3",
"name": "FSECRET1",
"username": "",
"uri": "",
"password": "fsecret1",
"description": "",
"created_timestamp": "2025-02-21T06:04:29Z",
"modified_timestamp": "2025-02-21T06:04:29Z"
},
{
"id": "62949b26-4957-43fe-9523-294d66861499",
"folder_parent_id": "dcbe0e39-42d8-42db-9637-8256b9f2f8e3",
"name": "FSECRET2",
"username": "",
"uri": "",
"password": "fsecret2",
"description": "",
"created_timestamp": "2025-02-21T06:04:34Z",
"modified_timestamp": "2025-02-21T06:04:34Z"
},
{
"id": "dd32963c-0db5-4303-a6fc-22c5229dabef",
"folder_parent_id": "dcbe0e39-42d8-42db-9637-8256b9f2f8e3",
"name": "SECRET1",
"username": "",
"uri": "",
"password": "secret1",
"description": "",
"created_timestamp": "2025-02-21T06:04:23Z",
"modified_timestamp": "2025-02-21T06:04:23Z"
}
]
JSON
json = JSON.parse(
shellunescape run_command("fetch", "--from", "my-project", "SECRET1", "FSECRET1", "FSECRET2")
)
expected_json = {
"SECRET1"=>"secret1",
"FSECRET1"=>"fsecret1",
"FSECRET2"=>"fsecret2"
}
assert_equal expected_json, json
end
test "fetch with folder in secret" do
stub_ticks_with("passbolt --version 2> /dev/null", succeed: true)
stub_ticks.with("passbolt verify 2> /dev/null", succeed: true)
stub_ticks
.with("passbolt list folders --filter 'Name == \"my-project\"' --json")
.returns(<<~JSON)
[
{
"id": "dcbe0e39-42d8-42db-9637-8256b9f2f8e3",
"folder_parent_id": "",
"name": "my-project",
"created_timestamp": "2025-02-21T19:52:50Z",
"modified_timestamp": "2025-02-21T19:52:50Z"
}
]
JSON
stub_ticks
.with("passbolt list resources --filter '(Name == \"SECRET1\" && FolderParentID == \"dcbe0e39-42d8-42db-9637-8256b9f2f8e3\") || (Name == \"FSECRET1\" && FolderParentID == \"dcbe0e39-42d8-42db-9637-8256b9f2f8e3\") || (Name == \"FSECRET2\" && FolderParentID == \"dcbe0e39-42d8-42db-9637-8256b9f2f8e3\")' --folder dcbe0e39-42d8-42db-9637-8256b9f2f8e3 --json")
.returns(<<~JSON)
[
{
"id": "4c116996-f6d0-4342-9572-0d676f75b3ac",
"folder_parent_id": "dcbe0e39-42d8-42db-9637-8256b9f2f8e3",
"name": "FSECRET1",
"username": "",
"uri": "",
"password": "fsecret1",
"description": "",
"created_timestamp": "2025-02-21T06:04:29Z",
"modified_timestamp": "2025-02-21T06:04:29Z"
},
{
"id": "62949b26-4957-43fe-9523-294d66861499",
"folder_parent_id": "dcbe0e39-42d8-42db-9637-8256b9f2f8e3",
"name": "FSECRET2",
"username": "",
"uri": "",
"password": "fsecret2",
"description": "",
"created_timestamp": "2025-02-21T06:04:34Z",
"modified_timestamp": "2025-02-21T06:04:34Z"
},
{
"id": "dd32963c-0db5-4303-a6fc-22c5229dabef",
"folder_parent_id": "dcbe0e39-42d8-42db-9637-8256b9f2f8e3",
"name": "SECRET1",
"username": "",
"uri": "",
"password": "secret1",
"description": "",
"created_timestamp": "2025-02-21T06:04:23Z",
"modified_timestamp": "2025-02-21T06:04:23Z"
}
]
JSON
json = JSON.parse(
shellunescape run_command("fetch", "my-project/SECRET1", "my-project/FSECRET1", "my-project/FSECRET2")
)
expected_json = {
"SECRET1"=>"secret1",
"FSECRET1"=>"fsecret1",
"FSECRET2"=>"fsecret2"
}
assert_equal expected_json, json
end
test "fetch from multiple folders" do
stub_ticks_with("passbolt --version 2> /dev/null", succeed: true)
stub_ticks.with("passbolt verify 2> /dev/null", succeed: true)
stub_ticks
.with("passbolt list folders --filter 'Name == \"my-project\" || Name == \"other-project\"' --json")
.returns(<<~JSON)
[
{
"id": "dcbe0e39-42d8-42db-9637-8256b9f2f8e3",
"folder_parent_id": "",
"name": "my-project",
"created_timestamp": "2025-02-21T19:52:50Z",
"modified_timestamp": "2025-02-21T19:52:50Z"
},
{
"id": "14e11dd8-b279-4689-8bd9-fa33ebb527da",
"folder_parent_id": "",
"name": "other-project",
"created_timestamp": "2025-02-21T20:00:29Z",
"modified_timestamp": "2025-02-21T20:00:29Z"
}
]
JSON
stub_ticks
.with("passbolt list resources --filter '(Name == \"SECRET1\" && FolderParentID == \"dcbe0e39-42d8-42db-9637-8256b9f2f8e3\") || (Name == \"FSECRET1\" && FolderParentID == \"dcbe0e39-42d8-42db-9637-8256b9f2f8e3\") || (Name == \"FSECRET2\" && FolderParentID == \"14e11dd8-b279-4689-8bd9-fa33ebb527da\")' --folder dcbe0e39-42d8-42db-9637-8256b9f2f8e3 --folder 14e11dd8-b279-4689-8bd9-fa33ebb527da --json")
.returns(<<~JSON)
[
{
"id": "4c116996-f6d0-4342-9572-0d676f75b3ac",
"folder_parent_id": "dcbe0e39-42d8-42db-9637-8256b9f2f8e3",
"name": "FSECRET1",
"username": "",
"uri": "",
"password": "fsecret1",
"description": "",
"created_timestamp": "2025-02-21T06:04:29Z",
"modified_timestamp": "2025-02-21T06:04:29Z"
},
{
"id": "62949b26-4957-43fe-9523-294d66861499",
"folder_parent_id": "14e11dd8-b279-4689-8bd9-fa33ebb527da",
"name": "FSECRET2",
"username": "",
"uri": "",
"password": "fsecret2",
"description": "",
"created_timestamp": "2025-02-21T06:04:34Z",
"modified_timestamp": "2025-02-21T06:04:34Z"
},
{
"id": "dd32963c-0db5-4303-a6fc-22c5229dabef",
"folder_parent_id": "dcbe0e39-42d8-42db-9637-8256b9f2f8e3",
"name": "SECRET1",
"username": "",
"uri": "",
"password": "secret1",
"description": "",
"created_timestamp": "2025-02-21T06:04:23Z",
"modified_timestamp": "2025-02-21T06:04:23Z"
}
]
JSON
json = JSON.parse(
shellunescape run_command("fetch", "my-project/SECRET1", "my-project/FSECRET1", "other-project/FSECRET2")
)
expected_json = {
"SECRET1"=>"secret1",
"FSECRET1"=>"fsecret1",
"FSECRET2"=>"fsecret2"
}
assert_equal expected_json, json
end
test "fetch from nested folder" do
stub_ticks_with("passbolt --version 2> /dev/null", succeed: true)
stub_ticks.with("passbolt verify 2> /dev/null", succeed: true)
stub_ticks
.with("passbolt list folders --filter 'Name == \"my-project\"' --json")
.returns(<<~JSON)
[
{
"id": "dcbe0e39-42d8-42db-9637-8256b9f2f8e3",
"folder_parent_id": "",
"name": "my-project",
"created_timestamp": "2025-02-21T19:52:50Z",
"modified_timestamp": "2025-02-21T19:52:50Z"
}
]
JSON
stub_ticks
.with("passbolt list folders --filter 'Name == \"subfolder\" && FolderParentID == \"dcbe0e39-42d8-42db-9637-8256b9f2f8e3\"' --json")
.returns(<<~JSON)
[
{
"id": "6a3f21fc-aa40-4ba9-852c-7477fdd0310d",
"folder_parent_id": "dcbe0e39-42d8-42db-9637-8256b9f2f8e3",
"name": "subfolder",
"created_timestamp": "2025-02-21T19:52:50Z",
"modified_timestamp": "2025-02-21T19:52:50Z"
}
]
JSON
stub_ticks
.with("passbolt list resources --filter '(Name == \"SECRET1\" && FolderParentID == \"6a3f21fc-aa40-4ba9-852c-7477fdd0310d\") || (Name == \"FSECRET1\" && FolderParentID == \"6a3f21fc-aa40-4ba9-852c-7477fdd0310d\") || (Name == \"FSECRET2\" && FolderParentID == \"6a3f21fc-aa40-4ba9-852c-7477fdd0310d\")' --folder dcbe0e39-42d8-42db-9637-8256b9f2f8e3 --folder 6a3f21fc-aa40-4ba9-852c-7477fdd0310d --json")
.returns(<<~JSON)
[
{
"id": "4c116996-f6d0-4342-9572-0d676f75b3ac",
"folder_parent_id": "6a3f21fc-aa40-4ba9-852c-7477fdd0310d",
"name": "FSECRET1",
"username": "",
"uri": "",
"password": "fsecret1",
"description": "",
"created_timestamp": "2025-02-21T06:04:29Z",
"modified_timestamp": "2025-02-21T06:04:29Z"
},
{
"id": "62949b26-4957-43fe-9523-294d66861499",
"folder_parent_id": "6a3f21fc-aa40-4ba9-852c-7477fdd0310d",
"name": "FSECRET2",
"username": "",
"uri": "",
"password": "fsecret2",
"description": "",
"created_timestamp": "2025-02-21T06:04:34Z",
"modified_timestamp": "2025-02-21T06:04:34Z"
},
{
"id": "dd32963c-0db5-4303-a6fc-22c5229dabef",
"folder_parent_id": "6a3f21fc-aa40-4ba9-852c-7477fdd0310d",
"name": "SECRET1",
"username": "",
"uri": "",
"password": "secret1",
"description": "",
"created_timestamp": "2025-02-21T06:04:23Z",
"modified_timestamp": "2025-02-21T06:04:23Z"
}
]
JSON
json = JSON.parse(
shellunescape run_command("fetch", "--from", "my-project/subfolder", "SECRET1", "FSECRET1", "FSECRET2")
)
expected_json = {
"SECRET1"=>"secret1",
"FSECRET1"=>"fsecret1",
"FSECRET2"=>"fsecret2"
}
assert_equal expected_json, json
end
test "fetch from nested folder in secret" do
stub_ticks_with("passbolt --version 2> /dev/null", succeed: true)
stub_ticks.with("passbolt verify 2> /dev/null", succeed: true)
stub_ticks
.with("passbolt list folders --filter 'Name == \"my-project\"' --json")
.returns(<<~JSON)
[
{
"id": "dcbe0e39-42d8-42db-9637-8256b9f2f8e3",
"folder_parent_id": "",
"name": "my-project",
"created_timestamp": "2025-02-21T19:52:50Z",
"modified_timestamp": "2025-02-21T19:52:50Z"
}
]
JSON
stub_ticks
.with("passbolt list folders --filter 'Name == \"subfolder\" && FolderParentID == \"dcbe0e39-42d8-42db-9637-8256b9f2f8e3\"' --json")
.returns(<<~JSON)
[
{
"id": "6a3f21fc-aa40-4ba9-852c-7477fdd0310d",
"folder_parent_id": "dcbe0e39-42d8-42db-9637-8256b9f2f8e3",
"name": "subfolder",
"created_timestamp": "2025-02-21T19:52:50Z",
"modified_timestamp": "2025-02-21T19:52:50Z"
}
]
JSON
stub_ticks
.with("passbolt list resources --filter '(Name == \"SECRET1\" && FolderParentID == \"6a3f21fc-aa40-4ba9-852c-7477fdd0310d\") || (Name == \"FSECRET1\" && FolderParentID == \"6a3f21fc-aa40-4ba9-852c-7477fdd0310d\") || (Name == \"FSECRET2\" && FolderParentID == \"6a3f21fc-aa40-4ba9-852c-7477fdd0310d\")' --folder dcbe0e39-42d8-42db-9637-8256b9f2f8e3 --folder 6a3f21fc-aa40-4ba9-852c-7477fdd0310d --json")
.returns(<<~JSON)
[
{
"id": "4c116996-f6d0-4342-9572-0d676f75b3ac",
"folder_parent_id": "6a3f21fc-aa40-4ba9-852c-7477fdd0310d",
"name": "FSECRET1",
"username": "",
"uri": "",
"password": "fsecret1",
"description": "",
"created_timestamp": "2025-02-21T06:04:29Z",
"modified_timestamp": "2025-02-21T06:04:29Z"
},
{
"id": "62949b26-4957-43fe-9523-294d66861499",
"folder_parent_id": "6a3f21fc-aa40-4ba9-852c-7477fdd0310d",
"name": "FSECRET2",
"username": "",
"uri": "",
"password": "fsecret2",
"description": "",
"created_timestamp": "2025-02-21T06:04:34Z",
"modified_timestamp": "2025-02-21T06:04:34Z"
},
{
"id": "dd32963c-0db5-4303-a6fc-22c5229dabef",
"folder_parent_id": "6a3f21fc-aa40-4ba9-852c-7477fdd0310d",
"name": "SECRET1",
"username": "",
"uri": "",
"password": "secret1",
"description": "",
"created_timestamp": "2025-02-21T06:04:23Z",
"modified_timestamp": "2025-02-21T06:04:23Z"
}
]
JSON
json = JSON.parse(
shellunescape run_command("fetch", "my-project/subfolder/SECRET1", "my-project/subfolder/FSECRET1", "my-project/subfolder/FSECRET2")
)
expected_json = {
"SECRET1"=>"secret1",
"FSECRET1"=>"fsecret1",
"FSECRET2"=>"fsecret2"
}
assert_equal expected_json, json
end
test "fetch without CLI installed" do
stub_ticks_with("passbolt --version 2> /dev/null", succeed: false)
error = assert_raises RuntimeError do
JSON.parse(shellunescape(run_command("fetch", "HOST", "PORT")))
end
assert_equal "Passbolt CLI is not installed", error.message
end
private
def run_command(*command)
stdouted do
Kamal::Cli::Secrets.start \
[ *command,
"-c", "test/fixtures/deploy_with_accessories.yml",
"--adapter", "passbolt" ]
end
end
end
Reference in New Issue View Git Blame Copy Permalink