diff --git a/lib/kamal/secrets/adapters/aws_secrets_manager.rb b/lib/kamal/secrets/adapters/aws_secrets_manager.rb index 48add1ac3..74cda849c 100644 --- a/lib/kamal/secrets/adapters/aws_secrets_manager.rb +++ b/lib/kamal/secrets/adapters/aws_secrets_manager.rb @@ -36,7 +36,7 @@ def check_dependencies! end def cli_installed? - `aws --version 2> /dev/null` + system("aws --version", err: File::NULL) $?.success? end end diff --git a/lib/kamal/secrets/adapters/bitwarden.rb b/lib/kamal/secrets/adapters/bitwarden.rb index 6bd4fb259..2003e8e4e 100644 --- a/lib/kamal/secrets/adapters/bitwarden.rb +++ b/lib/kamal/secrets/adapters/bitwarden.rb @@ -75,7 +75,7 @@ def check_dependencies! end def cli_installed? - `bw --version 2> /dev/null` + system("bw --version", err: File::NULL) $?.success? end end diff --git a/lib/kamal/secrets/adapters/bitwarden_secrets_manager.rb b/lib/kamal/secrets/adapters/bitwarden_secrets_manager.rb index 66afbe70a..789f38d0f 100644 --- a/lib/kamal/secrets/adapters/bitwarden_secrets_manager.rb +++ b/lib/kamal/secrets/adapters/bitwarden_secrets_manager.rb @@ -66,7 +66,7 @@ def check_dependencies! end def cli_installed? - `bws --version 2> /dev/null` + system("bws --version", err: File::NULL) $?.success? end end diff --git a/lib/kamal/secrets/adapters/doppler.rb b/lib/kamal/secrets/adapters/doppler.rb index 90b2c63bf..38269b57c 100644 --- a/lib/kamal/secrets/adapters/doppler.rb +++ b/lib/kamal/secrets/adapters/doppler.rb @@ -12,7 +12,7 @@ def login(*) end def loggedin? - `doppler me --json 2> /dev/null` + system("doppler me --json", err: File::NULL) $?.success? end @@ -51,7 +51,7 @@ def check_dependencies! end def cli_installed? - `doppler --version 2> /dev/null` + system("doppler --version", err: File::NULL) $?.success? end end diff --git a/lib/kamal/secrets/adapters/enpass.rb b/lib/kamal/secrets/adapters/enpass.rb index 96dea11a5..272c8c0a2 100644 --- a/lib/kamal/secrets/adapters/enpass.rb +++ b/lib/kamal/secrets/adapters/enpass.rb @@ -27,7 +27,7 @@ def check_dependencies! end def cli_installed? - `enpass-cli version 2> /dev/null` + system("enpass-cli version", err: File::NULL) $?.success? end diff --git a/lib/kamal/secrets/adapters/gcp_secret_manager.rb b/lib/kamal/secrets/adapters/gcp_secret_manager.rb index 8ce381ff2..9c75438b0 100644 --- a/lib/kamal/secrets/adapters/gcp_secret_manager.rb +++ b/lib/kamal/secrets/adapters/gcp_secret_manager.rb @@ -94,7 +94,7 @@ def check_dependencies! end def cli_installed? - `gcloud --version 2> /dev/null` + system("gcloud --version", err: File::NULL) $?.success? end diff --git a/lib/kamal/secrets/adapters/last_pass.rb b/lib/kamal/secrets/adapters/last_pass.rb index dff872a84..a532996b7 100644 --- a/lib/kamal/secrets/adapters/last_pass.rb +++ b/lib/kamal/secrets/adapters/last_pass.rb @@ -34,7 +34,7 @@ def check_dependencies! end def cli_installed? - `lpass --version 2> /dev/null` + system("lpass --version", err: File::NULL) $?.success? end end diff --git a/lib/kamal/secrets/adapters/one_password.rb b/lib/kamal/secrets/adapters/one_password.rb index fe4543422..3022980c4 100644 --- a/lib/kamal/secrets/adapters/one_password.rb +++ b/lib/kamal/secrets/adapters/one_password.rb @@ -11,7 +11,7 @@ def login(account) end def loggedin?(account) - `op account get --account #{account.shellescape} 2> /dev/null` + system("op account get --account #{account.shellescape}", err: File::NULL) $?.success? end @@ -64,7 +64,7 @@ def check_dependencies! end def cli_installed? - `op --version 2> /dev/null` + system("op --version", err: File::NULL) $?.success? end end diff --git a/test/secrets/aws_secrets_manager_adapter_test.rb b/test/secrets/aws_secrets_manager_adapter_test.rb index 7616342db..d40a88680 100644 --- a/test/secrets/aws_secrets_manager_adapter_test.rb +++ b/test/secrets/aws_secrets_manager_adapter_test.rb @@ -2,8 +2,8 @@ class AwsSecretsManagerAdapterTest < SecretAdapterTestCase test "fails when errors are present" do - stub_ticks.with("aws --version 2> /dev/null") - stub_ticks + stub_command(:system).with("aws --version", err: File::NULL) + stub_command .with("aws secretsmanager batch-get-secret-value --secret-id-list unknown1 unknown2 --profile default") .returns(<<~JSON) { @@ -31,8 +31,8 @@ class AwsSecretsManagerAdapterTest < SecretAdapterTestCase end test "fetch" do - stub_ticks.with("aws --version 2> /dev/null") - stub_ticks + stub_command(:system).with("aws --version", err: File::NULL) + stub_command .with("aws secretsmanager batch-get-secret-value --secret-id-list secret/KEY1 secret/KEY2 secret2/KEY3 --profile default") .returns(<<~JSON) { @@ -74,8 +74,8 @@ class AwsSecretsManagerAdapterTest < SecretAdapterTestCase end test "fetch with string value" do - stub_ticks.with("aws --version 2> /dev/null") - stub_ticks + stub_command(:system).with("aws --version", err: File::NULL) + stub_command .with("aws secretsmanager batch-get-secret-value --secret-id-list secret secret2/KEY1 --profile default") .returns(<<~JSON) { @@ -116,8 +116,8 @@ class AwsSecretsManagerAdapterTest < SecretAdapterTestCase end test "fetch with secret names" do - stub_ticks.with("aws --version 2> /dev/null") - stub_ticks + stub_command(:system).with("aws --version", err: File::NULL) + stub_command .with("aws secretsmanager batch-get-secret-value --secret-id-list secret/KEY1 secret/KEY2 --profile default") .returns(<<~JSON) { @@ -148,7 +148,7 @@ class AwsSecretsManagerAdapterTest < SecretAdapterTestCase end test "fetch without CLI installed" do - stub_ticks_with("aws --version 2> /dev/null", succeed: false) + stub_command_with("aws --version", false, :system) error = assert_raises RuntimeError do JSON.parse(shellunescape(run_command("fetch", "SECRET1"))) diff --git a/test/secrets/bitwarden_adapter_test.rb b/test/secrets/bitwarden_adapter_test.rb index ad280791f..e16562b43 100644 --- a/test/secrets/bitwarden_adapter_test.rb +++ b/test/secrets/bitwarden_adapter_test.rb @@ -2,10 +2,10 @@ class BitwardenAdapterTest < SecretAdapterTestCase test "fetch" do - stub_ticks.with("bw --version 2> /dev/null") + stub_command(:system).with("bw --version", err: File::NULL) stub_unlocked - stub_ticks.with("bw sync").returns("") + stub_command.with("bw sync").returns("") stub_mypassword json = JSON.parse(shellunescape(run_command("fetch", "mypassword"))) @@ -16,10 +16,10 @@ class BitwardenAdapterTest < SecretAdapterTestCase end test "fetch with no login" do - stub_ticks.with("bw --version 2> /dev/null") + stub_command(:system).with("bw --version", err: File::NULL) stub_unlocked - stub_ticks.with("bw sync").returns("") + stub_command.with("bw sync").returns("") stub_noteitem error = assert_raises RuntimeError do @@ -29,10 +29,10 @@ class BitwardenAdapterTest < SecretAdapterTestCase end test "fetch with from" do - stub_ticks.with("bw --version 2> /dev/null") + stub_command(:system).with("bw --version", err: File::NULL) stub_unlocked - stub_ticks.with("bw sync").returns("") + stub_command.with("bw sync").returns("") stub_myitem json = JSON.parse(shellunescape(run_command("fetch", "--from", "myitem", "field1", "field2", "field3"))) @@ -45,10 +45,10 @@ class BitwardenAdapterTest < SecretAdapterTestCase end test "fetch all with from" do - stub_ticks.with("bw --version 2> /dev/null") + stub_command(:system).with("bw --version", err: File::NULL) stub_unlocked - stub_ticks.with("bw sync").returns("") + stub_command.with("bw sync").returns("") stub_noteitem_with_fields json = JSON.parse(shellunescape(run_command("fetch", "mynotefields"))) @@ -62,15 +62,15 @@ class BitwardenAdapterTest < SecretAdapterTestCase end test "fetch with multiple items" do - stub_ticks.with("bw --version 2> /dev/null") + stub_command(:system).with("bw --version", err: File::NULL) stub_unlocked - stub_ticks.with("bw sync").returns("") + stub_command.with("bw sync").returns("") stub_mypassword stub_myitem - stub_ticks + stub_command .with("bw get item myitem2") .returns(<<~JSON) { @@ -105,9 +105,9 @@ class BitwardenAdapterTest < SecretAdapterTestCase end test "fetch unauthenticated" do - stub_ticks.with("bw --version 2> /dev/null") + stub_command(:system).with("bw --version", err: File::NULL) - stub_ticks + stub_command .with("bw status") .returns( '{"serverUrl":null,"lastSync":null,"status":"unauthenticated"}', @@ -115,9 +115,9 @@ class BitwardenAdapterTest < SecretAdapterTestCase '{"serverUrl":null,"lastSync":"2024-09-04T10:11:12.433Z","userEmail":"email@example.com","userId":"aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee","status":"unlocked"}' ) - stub_ticks.with("bw login email@example.com").returns("1234567890") - stub_ticks.with("bw unlock --raw").returns("") - stub_ticks.with("bw sync").returns("") + stub_command.with("bw login email@example.com").returns("1234567890") + stub_command.with("bw unlock --raw").returns("") + stub_command.with("bw sync").returns("") stub_mypassword json = JSON.parse(shellunescape(run_command("fetch", "mypassword"))) @@ -128,23 +128,23 @@ class BitwardenAdapterTest < SecretAdapterTestCase end test "fetch locked" do - stub_ticks.with("bw --version 2> /dev/null") + stub_command(:system).with("bw --version", err: File::NULL) - stub_ticks + stub_command .with("bw status") .returns( '{"serverUrl":null,"lastSync":"2024-09-04T10:11:12.433Z","userEmail":"email@example.com","userId":"aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee","status":"locked"}' ) - stub_ticks + stub_command .with("bw status") .returns( '{"serverUrl":null,"lastSync":"2024-09-04T10:11:12.433Z","userEmail":"email@example.com","userId":"aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee","status":"unlocked"}' ) - stub_ticks.with("bw login email@example.com").returns("1234567890") - stub_ticks.with("bw unlock --raw").returns("") - stub_ticks.with("bw sync").returns("") + stub_command.with("bw login email@example.com").returns("1234567890") + stub_command.with("bw unlock --raw").returns("") + stub_command.with("bw sync").returns("") stub_mypassword json = JSON.parse(shellunescape(run_command("fetch", "mypassword"))) @@ -155,23 +155,24 @@ class BitwardenAdapterTest < SecretAdapterTestCase end test "fetch locked with session" do - stub_ticks.with("bw --version 2> /dev/null") + stub_command(:system).with("bw --version", err: File::NULL) - stub_ticks + + stub_command .with("bw status") .returns( '{"serverUrl":null,"lastSync":"2024-09-04T10:11:12.433Z","userEmail":"email@example.com","userId":"aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee","status":"locked"}' ) - stub_ticks + stub_command .with("BW_SESSION=0987654321 bw status") .returns( '{"serverUrl":null,"lastSync":"2024-09-04T10:11:12.433Z","userEmail":"email@example.com","userId":"aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee","status":"unlocked"}' ) - stub_ticks.with("bw login email@example.com").returns("1234567890") - stub_ticks.with("bw unlock --raw").returns("0987654321") - stub_ticks.with("BW_SESSION=0987654321 bw sync").returns("") + stub_command.with("bw login email@example.com").returns("1234567890") + stub_command.with("bw unlock --raw").returns("0987654321") + stub_command.with("BW_SESSION=0987654321 bw sync").returns("") stub_mypassword(session: "0987654321") json = JSON.parse(shellunescape(run_command("fetch", "mypassword"))) @@ -182,7 +183,7 @@ class BitwardenAdapterTest < SecretAdapterTestCase end test "fetch without CLI installed" do - stub_ticks_with("bw --version 2> /dev/null", succeed: false) + stub_command_with("bw --version", false, :system) error = assert_raises RuntimeError do JSON.parse(shellunescape(run_command("fetch", "mynote"))) @@ -202,7 +203,7 @@ def run_command(*command) end def stub_unlocked - stub_ticks + stub_command .with("bw status") .returns(<<~JSON) {"serverUrl":null,"lastSync":"2024-09-04T10:11:12.433Z","userEmail":"email@example.com","userId":"aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee","status":"unlocked"} @@ -210,7 +211,7 @@ def stub_unlocked end def stub_mypassword(session: nil) - stub_ticks + stub_command .with("#{"BW_SESSION=#{session} " if session}bw get item mypassword") .returns(<<~JSON) { @@ -233,7 +234,7 @@ def stub_mypassword(session: nil) end def stub_noteitem(session: nil) - stub_ticks + stub_command .with("#{"BW_SESSION=#{session} " if session}bw get item mynote") .returns(<<~JSON) { @@ -257,7 +258,7 @@ def stub_noteitem(session: nil) end def stub_noteitem_with_fields(session: nil) - stub_ticks + stub_command .with("#{"BW_SESSION=#{session} " if session}bw get item mynotefields") .returns(<<~JSON) { @@ -287,7 +288,7 @@ def stub_noteitem_with_fields(session: nil) end def stub_myitem - stub_ticks + stub_command .with("bw get item myitem") .returns(<<~JSON) { diff --git a/test/secrets/bitwarden_secrets_manager_adapter_test.rb b/test/secrets/bitwarden_secrets_manager_adapter_test.rb index 1723da420..05dba4d50 100644 --- a/test/secrets/bitwarden_secrets_manager_adapter_test.rb +++ b/test/secrets/bitwarden_secrets_manager_adapter_test.rb @@ -2,7 +2,7 @@ class BitwardenSecretsManagerAdapterTest < SecretAdapterTestCase test "fetch with no parameters" do - stub_ticks.with("bws --version 2> /dev/null") + stub_command(:system).with("bws --version", err: File::NULL) stub_login error = assert_raises RuntimeError do @@ -12,9 +12,9 @@ class BitwardenSecretsManagerAdapterTest < SecretAdapterTestCase end test "fetch all" do - stub_ticks.with("bws --version 2> /dev/null") + stub_command(:system).with("bws --version", err: File::NULL) stub_login - stub_ticks + stub_command .with("bws secret list -o env") .returns("KAMAL_REGISTRY_PASSWORD=\"some_password\"\nMY_OTHER_SECRET=\"my=weird\"secret\"") @@ -24,9 +24,9 @@ class BitwardenSecretsManagerAdapterTest < SecretAdapterTestCase end test "fetch all with from" do - stub_ticks.with("bws --version 2> /dev/null") + stub_command(:system).with("bws --version", err: File::NULL) stub_login - stub_ticks + stub_command .with("bws secret list -o env 82aeb5bd-6958-4a89-8197-eacab758acce") .returns("KAMAL_REGISTRY_PASSWORD=\"some_password\"\nMY_OTHER_SECRET=\"my=weird\"secret\"") @@ -36,9 +36,9 @@ class BitwardenSecretsManagerAdapterTest < SecretAdapterTestCase end test "fetch item" do - stub_ticks.with("bws --version 2> /dev/null") + stub_command(:system).with("bws --version", err: File::NULL) stub_login - stub_ticks + stub_command .with("bws secret get -o env 82aeb5bd-6958-4a89-8197-eacab758acce") .returns("KAMAL_REGISTRY_PASSWORD=\"some_password\"") @@ -48,12 +48,12 @@ class BitwardenSecretsManagerAdapterTest < SecretAdapterTestCase end test "fetch with multiple items" do - stub_ticks.with("bws --version 2> /dev/null") + stub_command(:system).with("bws --version", err: File::NULL) stub_login - stub_ticks + stub_command .with("bws secret get -o env 82aeb5bd-6958-4a89-8197-eacab758acce") .returns("KAMAL_REGISTRY_PASSWORD=\"some_password\"") - stub_ticks + stub_command .with("bws secret get -o env 6f8cdf27-de2b-4c77-a35d-07df8050e332") .returns("MY_OTHER_SECRET=\"my=weird\"secret\"") @@ -63,9 +63,9 @@ class BitwardenSecretsManagerAdapterTest < SecretAdapterTestCase end test "fetch all empty" do - stub_ticks.with("bws --version 2> /dev/null") + stub_command(:system).with("bws --version", err: File::NULL) stub_login - stub_ticks_with("bws secret list -o env", succeed: false).returns("Error:\n0: Received error message from server") + stub_command_with("bws secret list -o env").returns("Error:\n0: Received error message from server") error = assert_raises RuntimeError do (shellunescape(run_command("fetch", "all"))) @@ -74,9 +74,9 @@ class BitwardenSecretsManagerAdapterTest < SecretAdapterTestCase end test "fetch nonexistent item" do - stub_ticks.with("bws --version 2> /dev/null") + stub_command(:system).with("bws --version", err: File::NULL) stub_login - stub_ticks_with("bws secret get -o env 82aeb5bd-6958-4a89-8197-eacab758acce", succeed: false) + stub_command_with("bws secret get -o env 82aeb5bd-6958-4a89-8197-eacab758acce") .returns("ERROR (RuntimeError): Could not read 82aeb5bd-6958-4a89-8197-eacab758acce from Bitwarden Secrets Manager") error = assert_raises RuntimeError do @@ -86,8 +86,8 @@ class BitwardenSecretsManagerAdapterTest < SecretAdapterTestCase end test "fetch with no access token" do - stub_ticks.with("bws --version 2> /dev/null") - stub_ticks_with("bws run 'echo OK'", succeed: false) + stub_command(:system).with("bws --version", err: File::NULL) + stub_command_with("bws run 'echo OK'") error = assert_raises RuntimeError do (shellunescape(run_command("fetch", "all"))) @@ -96,7 +96,7 @@ class BitwardenSecretsManagerAdapterTest < SecretAdapterTestCase end test "fetch without CLI installed" do - stub_ticks_with("bws --version 2> /dev/null", succeed: false) + stub_command_with("bws --version", false, :system) error = assert_raises RuntimeError do shellunescape(run_command("fetch")) @@ -106,7 +106,7 @@ class BitwardenSecretsManagerAdapterTest < SecretAdapterTestCase private def stub_login - stub_ticks.with("bws run 'echo OK'").returns("OK") + stub_command.with("bws run 'echo OK'").returns("OK") end def run_command(*command) diff --git a/test/secrets/doppler_adapter_test.rb b/test/secrets/doppler_adapter_test.rb index c2b164682..062f8e79e 100644 --- a/test/secrets/doppler_adapter_test.rb +++ b/test/secrets/doppler_adapter_test.rb @@ -2,14 +2,14 @@ class DopplerAdapterTest < SecretAdapterTestCase setup do - `true` # Ensure $? is 0 + `exit 0` # Ensure $? is 0 end test "fetch" do - stub_ticks_with("doppler --version 2> /dev/null", succeed: true) - stub_ticks.with("doppler me --json 2> /dev/null") + stub_command_with("doppler --version", true, :system) + stub_command(:system).with("doppler me --json", err: File::NULL) - stub_ticks + stub_command .with("doppler secrets get SECRET1 FSECRET1 FSECRET2 --json -p my-project -c prd") .returns(<<~JSON) { @@ -47,10 +47,10 @@ class DopplerAdapterTest < SecretAdapterTestCase test "fetch having DOPPLER_TOKEN" do ENV["DOPPLER_TOKEN"] = "dp.st.xxxxxxxxxxxxxxxxxxxxxx" - stub_ticks_with("doppler --version 2> /dev/null", succeed: true) - stub_ticks.with("doppler me --json 2> /dev/null") + stub_command_with("doppler --version", true, :system) + stub_command(:system).with("doppler me --json", err: File::NULL) - stub_ticks + stub_command .with("doppler secrets get SECRET1 FSECRET1 FSECRET2 --json ") .returns(<<~JSON) { @@ -88,10 +88,10 @@ class DopplerAdapterTest < SecretAdapterTestCase end test "fetch with folder in secret" do - stub_ticks_with("doppler --version 2> /dev/null", succeed: true) - stub_ticks.with("doppler me --json 2> /dev/null") + stub_command_with("doppler --version", true, :system) + stub_command(:system).with("doppler me --json", err: File::NULL) - stub_ticks + stub_command .with("doppler secrets get SECRET1 FSECRET1 FSECRET2 --json -p my-project -c prd") .returns(<<~JSON) { @@ -127,8 +127,8 @@ class DopplerAdapterTest < SecretAdapterTestCase end test "fetch without --from" do - stub_ticks_with("doppler --version 2> /dev/null", succeed: true) - stub_ticks.with("doppler me --json 2> /dev/null") + stub_command_with("doppler --version", true, :system) + stub_command(:system).with("doppler me --json", err: File::NULL) error = assert_raises RuntimeError do run_command("fetch", "FSECRET1", "FSECRET2") @@ -138,10 +138,10 @@ class DopplerAdapterTest < SecretAdapterTestCase end test "fetch with signin" do - stub_ticks_with("doppler --version 2> /dev/null", succeed: true) - stub_ticks_with("doppler me --json 2> /dev/null", succeed: false) - stub_ticks_with("doppler login -y", succeed: true).returns("") - stub_ticks.with("doppler secrets get SECRET1 --json -p my-project -c prd").returns(single_item_json) + stub_command_with("doppler --version", true, :system) + stub_command_with("doppler me --json") + stub_command_with("doppler login -y", true).returns("") + stub_command.with("doppler secrets get SECRET1 --json -p my-project -c prd").returns(single_item_json) json = JSON.parse(shellunescape(run_command("fetch", "--from", "my-project/prd", "SECRET1"))) @@ -153,7 +153,7 @@ class DopplerAdapterTest < SecretAdapterTestCase end test "fetch without CLI installed" do - stub_ticks_with("doppler --version 2> /dev/null", succeed: false) + stub_command_with("doppler --version", false, :system) error = assert_raises RuntimeError do JSON.parse(shellunescape(run_command("fetch", "HOST", "PORT"))) diff --git a/test/secrets/enpass_adapter_test.rb b/test/secrets/enpass_adapter_test.rb index edc49613c..6be0a4f3f 100644 --- a/test/secrets/enpass_adapter_test.rb +++ b/test/secrets/enpass_adapter_test.rb @@ -2,7 +2,7 @@ class EnpassAdapterTest < SecretAdapterTestCase test "fetch without CLI installed" do - stub_ticks_with("enpass-cli version 2> /dev/null", succeed: false) + stub_command_with("enpass-cli version", false, :system) error = assert_raises RuntimeError do JSON.parse(shellunescape(run_command("fetch", "mynote"))) @@ -12,9 +12,9 @@ class EnpassAdapterTest < SecretAdapterTestCase end test "fetch one item" do - stub_ticks_with("enpass-cli version 2> /dev/null") + stub_command_with("enpass-cli version", true, :system) - stub_ticks + stub_command .with("enpass-cli -json -vault vault-path show FooBar") .returns(<<~JSON) [{"category":"computer","label":"SECRET_1","login":"","password":"my-password-1","title":"FooBar","type":"password"}] @@ -28,9 +28,9 @@ class EnpassAdapterTest < SecretAdapterTestCase end test "fetch multiple items" do - stub_ticks_with("enpass-cli version 2> /dev/null") + stub_command_with("enpass-cli version", true, :system) - stub_ticks + stub_command .with("enpass-cli -json -vault vault-path show FooBar") .returns(<<~JSON) [ @@ -48,9 +48,9 @@ class EnpassAdapterTest < SecretAdapterTestCase end test "fetch all with from" do - stub_ticks_with("enpass-cli version 2> /dev/null") + stub_command_with("enpass-cli version", true, :system) - stub_ticks + stub_command .with("enpass-cli -json -vault vault-path show FooBar") .returns(<<~JSON) [ diff --git a/test/secrets/gcp_secret_manager_adapter_test.rb b/test/secrets/gcp_secret_manager_adapter_test.rb index 682db1f48..82e88e8e8 100644 --- a/test/secrets/gcp_secret_manager_adapter_test.rb +++ b/test/secrets/gcp_secret_manager_adapter_test.rb @@ -14,8 +14,7 @@ class GcpSecretManagerAdapterTest < SecretAdapterTestCase end test "fetch unauthenticated" do - stub_ticks.with("gcloud --version 2> /dev/null") - + stub_gcloud_version stub_mypassword stub_unauthenticated @@ -129,7 +128,7 @@ class GcpSecretManagerAdapterTest < SecretAdapterTestCase end test "fetch without CLI installed" do - stub_gcloud_version(succeed: false) + stub_gcloud_version(false) error = assert_raises RuntimeError do JSON.parse(shellunescape(run_command("fetch", "item1"))) @@ -148,12 +147,12 @@ def run_command(*command, account: "default") end end - def stub_gcloud_version(succeed: true) - stub_ticks_with("gcloud --version 2> /dev/null", succeed: succeed) + def stub_gcloud_version(succeed = true) + stub_command_with("gcloud --version", succeed, :system) end def stub_authenticated - stub_ticks + stub_command .with("gcloud auth list --format=json") .returns(<<~JSON) [ @@ -166,11 +165,11 @@ def stub_authenticated end def stub_unauthenticated - stub_ticks + stub_command .with("gcloud auth list --format=json") .returns("[]") - stub_ticks + stub_command .with("gcloud auth login") .returns(<<~JSON) { @@ -181,7 +180,7 @@ def stub_unauthenticated end def stub_mypassword - stub_ticks + stub_command .with("gcloud secrets versions access latest --secret=mypassword --format=json") .returns(<<~JSON) { @@ -200,7 +199,7 @@ def stub_items(n, project: nil, account: nil, version: "latest", impersonate_ser { data: "c2VjcmV0Mg==", checksum: 2101741365 }, { data: "c2VjcmV0Mw==", checksum: 2402124854 } ] - stub_ticks + stub_command .with("gcloud secrets versions access #{version} " \ "--secret=item#{n + 1}" \ "#{" --project=#{project}" if project}" \ diff --git a/test/secrets/last_pass_adapter_test.rb b/test/secrets/last_pass_adapter_test.rb index ca1f346ca..5dc5be404 100644 --- a/test/secrets/last_pass_adapter_test.rb +++ b/test/secrets/last_pass_adapter_test.rb @@ -2,14 +2,14 @@ class LastPassAdapterTest < SecretAdapterTestCase setup do - `true` # Ensure $? is 0 + `exit 0` # Ensure $? is 0 end test "fetch" do - stub_ticks.with("lpass --version 2> /dev/null") - stub_ticks.with("lpass status --color never").returns("Logged in as email@example.com.") + stub_command(:system).with("lpass --version", err: File::NULL) + stub_command.with("lpass status --color never").returns("Logged in as email@example.com.") - stub_ticks + stub_command .with("lpass show SECRET1 FOLDER1/FSECRET1 FOLDER1/FSECRET2 --json") .returns(<<~JSON) [ @@ -64,10 +64,10 @@ class LastPassAdapterTest < SecretAdapterTestCase end test "fetch with from" do - stub_ticks.with("lpass --version 2> /dev/null") - stub_ticks.with("lpass status --color never").returns("Logged in as email@example.com.") + stub_command(:system).with("lpass --version", err: File::NULL) + stub_command.with("lpass status --color never").returns("Logged in as email@example.com.") - stub_ticks + stub_command .with("lpass show FOLDER1/FSECRET1 FOLDER1/FSECRET2 --json") .returns(<<~JSON) [ @@ -109,11 +109,11 @@ class LastPassAdapterTest < SecretAdapterTestCase end test "fetch with signin" do - stub_ticks.with("lpass --version 2> /dev/null") + stub_command(:system).with("lpass --version", err: File::NULL) - stub_ticks_with("lpass status --color never", succeed: false).returns("Not logged in.") - stub_ticks_with("lpass login email@example.com", succeed: true).returns("") - stub_ticks.with("lpass show SECRET1 --json").returns(single_item_json) + stub_command_with("lpass status --color never").returns("Not logged in.") + stub_command_with("lpass login email@example.com", true).returns("") + stub_command.with("lpass show SECRET1 --json").returns(single_item_json) json = JSON.parse(shellunescape(run_command("fetch", "SECRET1"))) @@ -125,7 +125,7 @@ class LastPassAdapterTest < SecretAdapterTestCase end test "fetch without CLI installed" do - stub_ticks_with("lpass --version 2> /dev/null", succeed: false) + stub_command_with("lpass --version", false, :system) error = assert_raises RuntimeError do JSON.parse(shellunescape(run_command("fetch", "SECRET1", "FOLDER1/FSECRET1", "FOLDER1/FSECRET2"))) diff --git a/test/secrets/one_password_adapter_test.rb b/test/secrets/one_password_adapter_test.rb index 36fab7c36..fd04e6d1b 100644 --- a/test/secrets/one_password_adapter_test.rb +++ b/test/secrets/one_password_adapter_test.rb @@ -2,10 +2,10 @@ class SecretsOnePasswordAdapterTest < SecretAdapterTestCase test "fetch" do - stub_ticks.with("op --version 2> /dev/null") - stub_ticks.with("op account get --account myaccount 2> /dev/null") + stub_command(:system).with("op --version", err: File::NULL) + stub_command(:system).with("op account get --account myaccount", err: File::NULL) - stub_ticks + stub_command .with("op item get myitem --vault \"myvault\" --fields \"label=section.SECRET1,label=section.SECRET2,label=section2.SECRET3\" --format \"json\" --account \"myaccount\"") .returns(<<~JSON) [ @@ -57,10 +57,10 @@ class SecretsOnePasswordAdapterTest < SecretAdapterTestCase end test "fetch with multiple items" do - stub_ticks.with("op --version 2> /dev/null") - stub_ticks.with("op account get --account myaccount 2> /dev/null") + stub_command(:system).with("op --version", err: File::NULL) + stub_command(:system).with("op account get --account myaccount", err: File::NULL) - stub_ticks + stub_command .with("op item get myitem --vault \"myvault\" --fields \"label=section.SECRET1,label=section.SECRET2\" --format \"json\" --account \"myaccount\"") .returns(<<~JSON) [ @@ -89,7 +89,7 @@ class SecretsOnePasswordAdapterTest < SecretAdapterTestCase ] JSON - stub_ticks + stub_command .with("op item get myitem2 --vault \"myvault\" --fields \"label=section2.SECRET3\" --format \"json\" --account \"myaccount\"") .returns(<<~JSON) { @@ -117,12 +117,12 @@ class SecretsOnePasswordAdapterTest < SecretAdapterTestCase end test "fetch with signin, no session" do - stub_ticks.with("op --version 2> /dev/null") + stub_command(:system).with("op --version", err: File::NULL) - stub_ticks_with("op account get --account myaccount 2> /dev/null", succeed: false) - stub_ticks_with("op signin --account \"myaccount\" --force --raw", succeed: true).returns("") + stub_command_with("op account get --account myaccount", false, :system) + stub_command_with("op signin --account \"myaccount\" --force --raw", true).returns("") - stub_ticks + stub_command .with("op item get myitem --vault \"myvault\" --fields \"label=section.SECRET1\" --format \"json\" --account \"myaccount\"") .returns(single_item_json) @@ -136,12 +136,12 @@ class SecretsOnePasswordAdapterTest < SecretAdapterTestCase end test "fetch with signin and session" do - stub_ticks.with("op --version 2> /dev/null") + stub_command(:system).with("op --version", err: File::NULL) - stub_ticks_with("op account get --account myaccount 2> /dev/null", succeed: false) - stub_ticks_with("op signin --account \"myaccount\" --force --raw", succeed: true).returns("1234567890") + stub_command_with("op account get --account myaccount", false, :system) + stub_command_with("op signin --account \"myaccount\" --force --raw", true).returns("1234567890") - stub_ticks + stub_command .with("op item get myitem --vault \"myvault\" --fields \"label=section.SECRET1\" --format \"json\" --account \"myaccount\" --session \"1234567890\"") .returns(single_item_json) @@ -155,7 +155,7 @@ class SecretsOnePasswordAdapterTest < SecretAdapterTestCase end test "fetch without CLI installed" do - stub_ticks_with("op --version 2> /dev/null", succeed: false) + stub_command_with("op --version") error = assert_raises RuntimeError do JSON.parse(shellunescape(run_command("fetch", "--from", "op://myvault/myitem", "section/SECRET1", "section/SECRET2", "section2/SECRET3"))) diff --git a/test/test_helper.rb b/test/test_helper.rb index f58118725..55e9e75e3 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -75,18 +75,18 @@ def teardown_test_secrets class SecretAdapterTestCase < ActiveSupport::TestCase setup do - `true` # Ensure $? is 0 + `exit 0` # Ensure $? is 0 end private - def stub_ticks - Kamal::Secrets::Adapters::Base.any_instance.stubs(:`) + def stub_command(format = :`) + Kamal::Secrets::Adapters::Base.any_instance.stubs(format) end - def stub_ticks_with(command, succeed: true) - # Sneakily run `false`/`true` after a match to set $? to 1/0 - stub_ticks.with { |c| c == command && (succeed ? `true` : `false`) } - Kamal::Secrets::Adapters::Base.any_instance.stubs(:`) + def stub_command_with(command, succeed = false, format = :`) + # Sneakily run `exit 1`/`exit 0` after a match to set $? to 1/0 + stub_command(format).with { |c| c == command && (succeed ? `exit 0` : `exit 1`) } + Kamal::Secrets::Adapters::Base.any_instance.stubs(format) end def shellunescape(string)