rails--rails/railties/test/commands/secrets_test.rb

require "isolation/abstract_unit"
require "rails/command"
require "rails/commands/secrets/secrets_command"

class Rails::Command::SecretsCommandTest < ActiveSupport::TestCase
  include ActiveSupport::Testing::Isolation

  def setup
    build_app
  end

  def teardown
    teardown_app
  end

  test "edit without editor gives hint" do
    assert_match "No $EDITOR to open decrypted secrets in", run_edit_command(editor: "")
  end

  test "edit secrets" do
    # Runs setup before first edit.
    assert_match(/Adding config\/secrets\.yml\.key to store the encryption key/, run_edit_command)

    # Run twice to ensure encrypted secrets can be reread after first edit pass.
    2.times do
      assert_match(/external_api_key: 1466aac22e6a869134be3d09b9e89232fc2c2289/, run_edit_command)
    end
  end

  test "show secrets" do
    run_setup_command
    assert_match(/external_api_key: 1466aac22e6a869134be3d09b9e89232fc2c2289/, run_show_command)
  end

  private
    def run_edit_command(editor: "cat")
      Dir.chdir(app_path) { `EDITOR="#{editor}" bin/rails secrets:edit` }
    end

    def run_show_command
      Dir.chdir(app_path) { `bin/rails secrets:show` }
    end

    def run_setup_command
      Dir.chdir(app_path) { `bin/rails secrets:setup` }
    end
end
Tell users how to assign a $EDITOR. In case there's no $EDITOR assigned users would see a cryptic: ``` % EDITOR= bin/rails secrets:edit Waiting for secrets file to be saved. Abort with Ctrl-C. sh: /var/folders/wd/xnncwqp96rj0v1y2nms64mq80000gn/T/secrets.yml.enc: Permission denied New secrets encrypted and saved. ``` That error is misleading, so give a hint in this easily detectable case. Fixes #28143. 2017-03-01 14:40:39 -05:00			`require "isolation/abstract_unit"`
			`require "rails/command"`
			`require "rails/commands/secrets/secrets_command"`

			`class Rails::Command::SecretsCommandTest < ActiveSupport::TestCase`
			`include ActiveSupport::Testing::Isolation`

			`def setup`
			`build_app`
			`end`

			`def teardown`
			`teardown_app`
			`end`

			`test "edit without editor gives hint" do`
			`assert_match "No $EDITOR to open decrypted secrets in", run_edit_command(editor: "")`
			`end`

Add secrets edit test 2017-03-09 19:21:53 -05:00			`test "edit secrets" do`
Reorder first secrets edit flow. Setup config/secrets.yml.enc with template contents for people to edit. Then generate encryption key and encrypt the initial secrets. 2017-05-23 15:54:01 -04:00			`# Runs setup before first edit.`
			`assert_match(/Adding config\/secrets\.yml\.key to store the encryption key/, run_edit_command)`
Add secrets edit test 2017-03-09 19:21:53 -05:00
			`# Run twice to ensure encrypted secrets can be reread after first edit pass.`
			`2.times do`
Do not use UTF8 in test SecretsCommandTest#test_edit_secrets 2017-05-24 14:43:01 -04:00			`assert_match(/external_api_key: 1466aac22e6a869134be3d09b9e89232fc2c2289/, run_edit_command)`
Add secrets edit test 2017-03-09 19:21:53 -05:00			`end`
			`end`

Add `rails secrets:show` command When secrets confirmed with the `secrets:edit` command, `secrets.yml.enc` will change without updating the secrets. Therefore, even if only want to check secrets, the difference will come out. This is a little inconvenient. In order to solve this problem, added the `secrets:show` command. If just want to check secrets, no difference will occur use this command. 2017-07-06 08:40:33 -04:00			`test "show secrets" do`
			`run_setup_command`
			`assert_match(/external_api_key: 1466aac22e6a869134be3d09b9e89232fc2c2289/, run_show_command)`
			`end`

Tell users how to assign a $EDITOR. In case there's no $EDITOR assigned users would see a cryptic: ``` % EDITOR= bin/rails secrets:edit Waiting for secrets file to be saved. Abort with Ctrl-C. sh: /var/folders/wd/xnncwqp96rj0v1y2nms64mq80000gn/T/secrets.yml.enc: Permission denied New secrets encrypted and saved. ``` That error is misleading, so give a hint in this easily detectable case. Fixes #28143. 2017-03-01 14:40:39 -05:00			`private`
			`def run_edit_command(editor: "cat")`
			Dir.chdir(app_path) { `EDITOR="#{editor}" bin/rails secrets:edit` }
			`end`
Add `rails secrets:show` command When secrets confirmed with the `secrets:edit` command, `secrets.yml.enc` will change without updating the secrets. Therefore, even if only want to check secrets, the difference will come out. This is a little inconvenient. In order to solve this problem, added the `secrets:show` command. If just want to check secrets, no difference will occur use this command. 2017-07-06 08:40:33 -04:00
			`def run_show_command`
			Dir.chdir(app_path) { `bin/rails secrets:show` }
			`end`

			`def run_setup_command`
			Dir.chdir(app_path) { `bin/rails secrets:setup` }
			`end`
Tell users how to assign a $EDITOR. In case there's no $EDITOR assigned users would see a cryptic: ``` % EDITOR= bin/rails secrets:edit Waiting for secrets file to be saved. Abort with Ctrl-C. sh: /var/folders/wd/xnncwqp96rj0v1y2nms64mq80000gn/T/secrets.yml.enc: Permission denied New secrets encrypted and saved. ``` That error is misleading, so give a hint in this easily detectable case. Fixes #28143. 2017-03-01 14:40:39 -05:00			`end`