Python print_summary Beispiele

Beispiel #1

Datei: output_test.py Projekt: IBM/detect-secrets

    def test_print_summary_all_failed_conditions(self, capsys):
        unaudited_return_code = live_return_code = audited_real_return_code = 1

        print_summary(
            unaudited_return_code,
            live_return_code,
            audited_real_return_code,
            baseline_filename,
            True,
            True,
            True,
            False,
        )

        captured = capsys.readouterr()

        assert captured.out == '\nFailed conditions:\n\n{}\n{}\n{}\n{}\n{}\n{}{}{}\n{}\n'.format(
            colorize('\t- Unaudited secrets were found', AnsiColor.BOLD),
            '\n\t\tRun detect-secrets audit {}, and audit all potential secrets.\n'
            .format(baseline_filename, ),
            colorize('\t- Live secrets were found', AnsiColor.BOLD),
            '\n\t\tRevoke all live secrets and remove them from the codebase.'
            ' Afterwards, run detect-secrets scan --update {} to re-scan.\n'.
            format(baseline_filename, ),
            colorize('\t- Audited true secrets were found', AnsiColor.BOLD),
            '\n\t\tIf any active secrets meet this condition, revoke them.',
            ' Then, remove secrets that were audited as real from the codebase and',
            ' run detect-secrets scan --update {} to re-scan.\n'.format(
                baseline_filename, ),
            'For additional help, run detect-secrets audit --help.\n',
        )

Beispiel #2

Datei: output_test.py Projekt: IBM/detect-secrets

    def test_print_summary_only_live_fail_omit_instructions(self, capsys):
        unaudited_return_code = live_return_code = audited_real_return_code = 1

        print_summary(
            unaudited_return_code,
            live_return_code,
            audited_real_return_code,
            baseline_filename,
            True,
            False,
            False,
            True,
        )

        captured = capsys.readouterr()

        assert captured.out == '\nFailed conditions:\n\n{}\n\n'.format(
            colorize('\t- Live secrets were found', AnsiColor.BOLD), )

Beispiel #3

Datei: output_test.py Projekt: IBM/detect-secrets

    def test_print_summary_only_unaudited_pass(self, capsys):
        unaudited_return_code = live_return_code = audited_real_return_code = 0

        print_summary(
            unaudited_return_code,
            live_return_code,
            audited_real_return_code,
            baseline_filename,
            False,
            True,
            False,
            False,
        )

        captured = capsys.readouterr()

        assert captured.out == '{}\n\n'.format(
            colorize('\t- No unaudited secrets were found', AnsiColor.BOLD), )

Beispiel #4

Datei: output_test.py Projekt: IBM/detect-secrets

    def test_print_summary_only_unaudited_fail(self, capsys):
        unaudited_return_code = live_return_code = audited_real_return_code = 1

        print_summary(
            unaudited_return_code,
            live_return_code,
            audited_real_return_code,
            baseline_filename,
            False,
            True,
            False,
            False,
        )

        captured = capsys.readouterr()

        assert captured.out == '\nFailed conditions:\n\n{}\n{}\n{}\n'.format(
            colorize('\t- Unaudited secrets were found', AnsiColor.BOLD),
            '\n\t\tRun detect-secrets audit {}, and audit all potential secrets.'
            .format(baseline_filename, ),
            '\nFor additional help, run detect-secrets audit --help.\n',
        )

Beispiel #5

Datei: output_test.py Projekt: IBM/detect-secrets

    def test_print_summary_no_failed_conditions(self, capsys):
        unaudited_return_code = live_return_code = audited_real_return_code = 0

        print_summary(
            unaudited_return_code,
            live_return_code,
            audited_real_return_code,
            baseline_filename,
            True,
            True,
            True,
            True,
        )

        captured = capsys.readouterr()

        assert captured.out == '{}\n\n{}\n\n{}\n\n'.format(
            colorize('\t- No unaudited secrets were found', AnsiColor.BOLD),
            colorize('\t- No live secrets were found', AnsiColor.BOLD),
            colorize('\t- No secrets that were audited as real were found',
                     AnsiColor.BOLD),
        )

Beispiel #6

Datei: output_test.py Projekt: IBM/detect-secrets

    def test_print_summary_only_live_fail(self, capsys):
        unaudited_return_code = live_return_code = audited_real_return_code = 1

        print_summary(
            unaudited_return_code,
            live_return_code,
            audited_real_return_code,
            baseline_filename,
            True,
            False,
            False,
            False,
        )

        captured = capsys.readouterr()

        assert captured.out == '\nFailed conditions:\n\n{}\n{}\n{}\n'.format(
            colorize('\t- Live secrets were found', AnsiColor.BOLD),
            '\n\t\tRevoke all live secrets and remove them from the codebase.'
            ' Afterwards, run detect-secrets scan --update {} to re-scan.'.
            format(baseline_filename, ),
            '\nFor additional help, run detect-secrets audit --help.\n',
        )

Beispiel #7

Datei: report.py Projekt: IBM/detect-secrets

def execute(args) -> None:
    """
    Executes a report based off the given arguments.

    This feature extends the audit subcommand; it is recommended to be run as a
    CI / CD build stage for users who would like to have a Detect Secrets report
    in their pipeline.

    It will cause Detect Secrets to exit with an error code if secrets
    within a baseline fail a user-provided set of conditions:

    1. if they are active (--fail-on-live)
    2. if have not been audited  (--fail-on-unaudited)
    3. if they have been marked as real secrets when audited (--fail-on-audited-real)

    A detailed report will be output that lists information about the secrets which failed
    said conditions, including line number, filename, condition failed.There will be no
    raw secret values in this output

    Alternatively, assuming all conditions pass, Detect secrets will complete with zero exit status,
    outputting a short summary stating that the checks passed, allowing the CI / CD build to
    continue onto the next stage.

    If no fail-on options are provided, all of the conditions will be
    checked by default, but the report will always exit with zero.
    """
    unaudited_secrets = live_secrets = audited_real_secrets = []
    unaudited_return_code = live_return_code = audited_real_return_code = ReportExitCode.PASS.value
    default_conditions = False

    # If no fail conditions provided, run report using all fail conditions, but exit with 0
    if (
        args.report
        and not args.fail_on_unaudited
        and not args.fail_on_audited_real
        and not args.fail_on_live
    ):
        default_conditions = True

    if args.fail_on_unaudited or default_conditions:
        (unaudited_return_code, unaudited_secrets) = fail_on_unaudited(
            args.filename[0],
        )

    if args.fail_on_live or default_conditions:
        (live_return_code, live_secrets) = fail_on_live(args.filename[0])

    if args.fail_on_audited_real or default_conditions:
        (audited_real_return_code, audited_real_secrets) = fail_on_audited_real(
            args.filename[0],
        )

    if args.json:
        print_json_report(
            live_secrets,
            unaudited_secrets,
            audited_real_secrets,
            args.filename[0],
            True if default_conditions else args.fail_on_live,
            True if default_conditions else args.fail_on_unaudited,
            True if default_conditions else args.fail_on_audited_real,
        ),
    else:
        print_stats(
            live_secrets,
            unaudited_secrets,
            audited_real_secrets,
            args.filename[0],
            True if default_conditions else args.fail_on_live,
            True if default_conditions else args.fail_on_unaudited,
            True if default_conditions else args.fail_on_audited_real,
        )
        print_table_report(
            live_secrets,
            unaudited_secrets,
            audited_real_secrets,
        )
        print_summary(
            unaudited_return_code,
            live_return_code,
            audited_real_return_code,
            args.filename[0],
            True if default_conditions else args.fail_on_live,
            True if default_conditions else args.fail_on_unaudited,
            True if default_conditions else args.fail_on_audited_real,
            True if args.omit_instructions else False,
        )

    if (
        unaudited_return_code
        == live_return_code
        == audited_real_return_code
        == ReportExitCode.PASS.value
    ):
        sys.exit(ReportExitCode.PASS.value)
    elif default_conditions:
        sys.exit(ReportExitCode.PASS.value)
    else:
        sys.exit(ReportExitCode.FAIL.value)