Move test assertions to separate file
This commit is contained in:
Floris van der Grinten
43
.github/workflows/test.yml
vendored
43
.github/workflows/test.yml
vendored
@@ -22,31 +22,7 @@ jobs:
|
|||||||
- name: Print environment variables with masked secrets
|
- name: Print environment variables with masked secrets
|
||||||
run: printenv
|
run: printenv
|
||||||
- name: Assert test secret values
|
- name: Assert test secret values
|
||||||
env:
|
run: ./tests/assert-env-set.sh
|
||||||
EXPECTED_SECRET: RGVhciBzZWN1cml0eSByZXNlYXJjaGVyLCB0aGlzIGlzIGp1c3QgYSBkdW1teSBzZWNyZXQuIFBsZWFzZSBkb24ndCByZXBvcnQgaXQu
|
|
||||||
EXPECTED_MULTILINE_SECRET: |-
|
|
||||||
-----BEGIN PRIVATE KEY-----
|
|
||||||
RGVhciBzZWN1cml0eSByZXNlYXJjaGVyLApXaGls
|
|
||||||
ZSB3ZSBkZWVwbHkgYXBwcmVjaWF0ZSB5b3VyIHZp
|
|
||||||
Z2lsYW5jZSBhbmQgZWZmb3J0cyB0byBtYWtlIHRo
|
|
||||||
ZSB3b3JsZCBtb3JlIHNlY3VyZSwgSSdtIGFmcmFp
|
|
||||||
ZCBJIG11c3QgdGVsbCB5b3UgdGhhdCB0aGlzIHZh
|
|
||||||
bHVlIGlzIG5vdCBhIGFjdHVhbCBwcml2YXRlIGtl
|
|
||||||
eS4gCkl0J3MgYSBqdXN0IGEgZHVtbXkgc2VjcmV0
|
|
||||||
IHRoYXQgd2UgdXNlIHRvIHRlc3QgdmFyaW91cyAx
|
|
||||||
UGFzc3dvcmQgc2VjcmV0cyBpbnRlZ3JhdGlvbnMu
|
|
||||||
IApTbyBwbGVhc2UgZG9uJ3QgcmVwb3J0IGl0IQo=
|
|
||||||
-----END PRIVATE KEY-----
|
|
||||||
run: |
|
|
||||||
if [ "$SECRET" != "$EXPECTED_SECRET" ]; then
|
|
||||||
echo -e "Expected test SECRET to be set to:\n$EXPECTED_SECRET\nBut got:\n$SECRET"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ "$MULTILINE_SECRET" != "$EXPECTED_MULTILINE_SECRET" ]; then
|
|
||||||
echo -e "Expected MULTILINE_SECRET to be set to:\n$EXPECTED_MULTILINE_SECRET\nBut got:\n$MULTILINE_SECRET"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
- name: Remove secrets
|
- name: Remove secrets
|
||||||
uses: ./
|
uses: ./
|
||||||
with:
|
with:
|
||||||
@@ -54,24 +30,15 @@ jobs:
|
|||||||
- name: Print environment variables with secrets removed
|
- name: Print environment variables with secrets removed
|
||||||
run: printenv
|
run: printenv
|
||||||
- name: Assert removed secrets
|
- name: Assert removed secrets
|
||||||
run: |
|
run: ./tests/assert-env-unset.sh
|
||||||
if [ -n "$SECRET" ] || [ -n "$MULTILINE_SECRET" ]; then
|
|
||||||
echo "Expected secrets from 1Password to be unset"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
- name: Load secret again
|
- name: Load secret again
|
||||||
uses: ./
|
uses: ./
|
||||||
env:
|
env:
|
||||||
OP_CONNECT_HOST: http://localhost:8080
|
OP_CONNECT_HOST: http://localhost:8080
|
||||||
OP_CONNECT_TOKEN: ${{ secrets.OP_CONNECT_TOKEN }}
|
OP_CONNECT_TOKEN: ${{ secrets.OP_CONNECT_TOKEN }}
|
||||||
SECRET: op://v5pz6venw4roosmkzdq2nhpv6u/hrgkzhrlvscomepxlgafb2m3ca/password
|
SECRET: op://v5pz6venw4roosmkzdq2nhpv6u/hrgkzhrlvscomepxlgafb2m3ca/password
|
||||||
|
MULTILINE_SECRET: op://v5pz6venw4roosmkzdq2nhpv6u/ghtz3jvcc6dqmzc53d3r3eskge/notesPlain
|
||||||
- name: Print environment variables with masked secrets
|
- name: Print environment variables with masked secrets
|
||||||
run: printenv
|
run: printenv
|
||||||
- name: Assert test secret value
|
- name: Assert test secret values again
|
||||||
env:
|
run: ./tests/assert-env-set.sh
|
||||||
EXPECTED_SECRET: RGVhciBzZWN1cml0eSByZXNlYXJjaGVyLCB0aGlzIGlzIGp1c3QgYSBkdW1teSBzZWNyZXQuIFBsZWFzZSBkb24ndCByZXBvcnQgaXQu
|
|
||||||
run: |
|
|
||||||
if [ "$SECRET" != "$EXPECTED_SECRET" ]; then
|
|
||||||
echo -e "Expected test SECRET to be set to:\n$EXPECTED_SECRET\nBut got:\n$SECRET"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|||||||
25
tests/assert-env-set.sh
Executable file
25
tests/assert-env-set.sh
Executable file
@@ -0,0 +1,25 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
assert_env_equals() {
|
||||||
|
if [ "$(printenv $1)" != "$2" ]; then
|
||||||
|
echo -e "Expected $1 to be set to:\n$2\nBut got:\n$(printenv $1)"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
assert_env_equals "SECRET" "RGVhciBzZWN1cml0eSByZXNlYXJjaGVyLCB0aGlzIGlzIGp1c3QgYSBkdW1teSBzZWNyZXQuIFBsZWFzZSBkb24ndCByZXBvcnQgaXQu"
|
||||||
|
|
||||||
|
assert_env_equals "MULTILINE_SECRET" "$(cat << EOF
|
||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
RGVhciBzZWN1cml0eSByZXNlYXJjaGVyLApXaGls
|
||||||
|
ZSB3ZSBkZWVwbHkgYXBwcmVjaWF0ZSB5b3VyIHZp
|
||||||
|
Z2lsYW5jZSBhbmQgZWZmb3J0cyB0byBtYWtlIHRo
|
||||||
|
ZSB3b3JsZCBtb3JlIHNlY3VyZSwgSSdtIGFmcmFp
|
||||||
|
ZCBJIG11c3QgdGVsbCB5b3UgdGhhdCB0aGlzIHZh
|
||||||
|
bHVlIGlzIG5vdCBhIGFjdHVhbCBwcml2YXRlIGtl
|
||||||
|
eS4gCkl0J3MgYSBqdXN0IGEgZHVtbXkgc2VjcmV0
|
||||||
|
IHRoYXQgd2UgdXNlIHRvIHRlc3QgdmFyaW91cyAx
|
||||||
|
UGFzc3dvcmQgc2VjcmV0cyBpbnRlZ3JhdGlvbnMu
|
||||||
|
IApTbyBwbGVhc2UgZG9uJ3QgcmVwb3J0IGl0IQo=
|
||||||
|
-----END PRIVATE KEY-----
|
||||||
|
EOF
|
||||||
|
)"
|
||||||
10
tests/assert-env-unset.sh
Executable file
10
tests/assert-env-unset.sh
Executable file
@@ -0,0 +1,10 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
assert_env_unset() {
|
||||||
|
if [ -n "$(printenv $1)" ]; then
|
||||||
|
echo "Expected secret $1 to be unset"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
assert_env_unset "SECRET"
|
||||||
|
assert_env_unset "MULTILINE_SECRET"
|
||||||
Reference in New Issue
Block a user