def test_success(self, mock_logic, mock_rootdir):
mock_open = mock.mock_open(read_data=metadata_factory(
'[email protected]:yelp/detect-secrets',
baseline_filename='foobar',
plugins={
'HexHighEntropyString': {
'hex_limit': 3.5,
},
},
json=True,
), )
repo = mock_logic(mock_open)
mock_open.assert_called_with('{}/tracked/{}.json'.format(
mock_rootdir,
FileStorage.hash_filename('will_be_mocked'),
))
assert repo.last_commit_hash == 'sha256-hash'
assert repo.repo == '[email protected]:yelp/detect-secrets'
assert repo.crontab == '0 0 * * *'
assert repo.plugin_config == {
'HexHighEntropyString': {
'hex_limit': 3.5,
},
}
assert repo.baseline_filename == 'foobar'
assert not repo.exclude_regex
assert isinstance(repo.storage, FileStorage)
def test_add_local_repo(self, mock_file_operations, mock_rootdir):
# This just needs to exist; no actual operations will be done to this.
repo = 'examples'
git_calls = [
# repo.update
SubprocessMock(
expected_input='git rev-parse HEAD',
mocked_output='mocked_sha',
),
]
with mock_git_calls(*git_calls):
args = self.parse_args(
'add {} --baseline .secrets.baseline --local --root-dir {}'.
format(
repo,
mock_rootdir,
))
add_repo(args)
mock_file_operations.write.assert_called_with(
metadata_factory(
sha='mocked_sha',
repo=os.path.abspath(
os.path.join(
os.path.dirname(__file__),
'../../examples',
), ),
baseline_filename='.secrets.baseline',
json=True,
), )
def wrapped(mock_open=None, **kwargs):
"""
:type mock_open: mock.mock_open
:param mock_open: allows for customized mock_open,
so can do assertions outside this function.
"""
if not mock_open:
defaults = {
'repo': '[email protected]:yelp/detect-secrets',
'baseline_filename': 'foobar',
}
defaults.update(kwargs)
mock_open = mock.mock_open(
read_data=metadata_factory(
json=True,
**defaults
),
)
with mock.patch(
'detect_secrets_server.storage.file.open',
mock_open
), mock.patch(
'detect_secrets_server.storage.base.os.makedirs',
):
return BaseTrackedRepo.load_from_file(
'will_be_mocked',
mock_rootdir,
)
def test_writes_crontab(self, mock_crontab, mock_rootdir, mock_metadata):
args = self.parse_args(mock_rootdir)
with mock_metadata(remote_files=(metadata_factory(
repo='[email protected]:yelp/detect-secrets',
json=True,
), ),
local_files=(metadata_factory(
repo='examples',
json=True,
), )):
install_mapper(args)
assert mock_crontab.content == textwrap.dedent("""
0 0 * * * detect-secrets-server scan [email protected]:yelp/detect-secrets --root-dir {}
0 0 * * * detect-secrets-server scan examples --local --root-dir {}
""").format(mock_rootdir, mock_rootdir)[1:-1]
mock_crontab.write_to_user.assert_called_with(user=True)
def test_add_non_local_repo(self, mock_file_operations, mock_rootdir):
self.add_non_local_repo(mock_rootdir)
mock_file_operations.write.assert_called_with(
metadata_factory(
repo='[email protected]:yelp/detect-secrets',
sha='mocked_sha',
json=True,
), )
def assert_writes_accurately(mock_open, mock_rootdir):
mock_open.assert_called_with(
'{}/tracked/{}.json'.format(
mock_rootdir,
FileStorage.hash_filename('yelp/detect-secrets'),
),
'w',
)
mock_open().write.assert_called_with(
metadata_factory(
'[email protected]:yelp/detect-secrets',
baseline_filename='foobar',
json=True,
), )
def wrapped(is_local=False):
klass = S3LocalTrackedRepo if is_local else S3TrackedRepo
with mock.patch(
'detect_secrets_server.storage.file.open',
mock.mock_open(read_data=metadata_factory(
'[email protected]:yelp/detect-secrets',
json=True,
), )), mock.patch(
'detect_secrets_server.storage.file.os.path.isdir',
return_value=True,
):
yield (mocked_boto,
klass.load_from_file(
'mocked_repository_name',
mock_rootdir,
mock_s3_config(),
))
def test_crontab_writes_with_output_hook(
self,
mock_crontab,
mock_rootdir,
mock_metadata,
):
args = self.parse_args(mock_rootdir,
'--output-hook examples/standalone_hook.py')
with mock_metadata(remote_files=(metadata_factory(
repo='[email protected]:yelp/detect-secrets',
crontab='1 2 3 4 5',
json=True,
), ), ):
install_mapper(args)
assert mock_crontab.content == (
'1 2 3 4 5 detect-secrets-server scan [email protected]:yelp/detect-secrets'
' --output-hook examples/standalone_hook.py')
mock_crontab.write_to_user.assert_called_with(user=True)
def test_does_not_override_existing_crontab(
self,
mock_crontab,
mock_rootdir,
mock_metadata,
):
mock_crontab.old_content = textwrap.dedent("""
* * * * * detect-secrets-server scan old_config_will_be_deleted --local
* * * * * some_content_here
""")[1:]
args = self.parse_args(mock_rootdir)
with mock_metadata(local_files=(metadata_factory(
repo='examples',
crontab='1 2 3 4 5',
json=True,
), ), ):
install_mapper(args)
assert mock_crontab.content == textwrap.dedent("""
* * * * * some_content_here
1 2 3 4 5 detect-secrets-server scan examples --local --root-dir {}
""").format(mock_rootdir)[1:-1]
