def test_success(self, mock_logic, mock_rootdir): mock_open = mock.mock_open(read_data=metadata_factory( '[email protected]:yelp/detect-secrets', baseline_filename='foobar', plugins={ 'HexHighEntropyString': { 'hex_limit': 3.5, }, }, json=True, ), ) repo = mock_logic(mock_open) mock_open.assert_called_with('{}/tracked/{}.json'.format( mock_rootdir, FileStorage.hash_filename('will_be_mocked'), )) assert repo.last_commit_hash == 'sha256-hash' assert repo.repo == '[email protected]:yelp/detect-secrets' assert repo.crontab == '0 0 * * *' assert repo.plugin_config == { 'HexHighEntropyString': { 'hex_limit': 3.5, }, } assert repo.baseline_filename == 'foobar' assert not repo.exclude_regex assert isinstance(repo.storage, FileStorage)
def test_add_local_repo(self, mock_file_operations, mock_rootdir): # This just needs to exist; no actual operations will be done to this. repo = 'examples' git_calls = [ # repo.update SubprocessMock( expected_input='git rev-parse HEAD', mocked_output='mocked_sha', ), ] with mock_git_calls(*git_calls): args = self.parse_args( 'add {} --baseline .secrets.baseline --local --root-dir {}'. format( repo, mock_rootdir, )) add_repo(args) mock_file_operations.write.assert_called_with( metadata_factory( sha='mocked_sha', repo=os.path.abspath( os.path.join( os.path.dirname(__file__), '../../examples', ), ), baseline_filename='.secrets.baseline', json=True, ), )
def wrapped(mock_open=None, **kwargs): """ :type mock_open: mock.mock_open :param mock_open: allows for customized mock_open, so can do assertions outside this function. """ if not mock_open: defaults = { 'repo': '[email protected]:yelp/detect-secrets', 'baseline_filename': 'foobar', } defaults.update(kwargs) mock_open = mock.mock_open( read_data=metadata_factory( json=True, **defaults ), ) with mock.patch( 'detect_secrets_server.storage.file.open', mock_open ), mock.patch( 'detect_secrets_server.storage.base.os.makedirs', ): return BaseTrackedRepo.load_from_file( 'will_be_mocked', mock_rootdir, )
def test_writes_crontab(self, mock_crontab, mock_rootdir, mock_metadata): args = self.parse_args(mock_rootdir) with mock_metadata(remote_files=(metadata_factory( repo='[email protected]:yelp/detect-secrets', json=True, ), ), local_files=(metadata_factory( repo='examples', json=True, ), )): install_mapper(args) assert mock_crontab.content == textwrap.dedent(""" 0 0 * * * detect-secrets-server scan [email protected]:yelp/detect-secrets --root-dir {} 0 0 * * * detect-secrets-server scan examples --local --root-dir {} """).format(mock_rootdir, mock_rootdir)[1:-1] mock_crontab.write_to_user.assert_called_with(user=True)
def test_add_non_local_repo(self, mock_file_operations, mock_rootdir): self.add_non_local_repo(mock_rootdir) mock_file_operations.write.assert_called_with( metadata_factory( repo='[email protected]:yelp/detect-secrets', sha='mocked_sha', json=True, ), )
def assert_writes_accurately(mock_open, mock_rootdir): mock_open.assert_called_with( '{}/tracked/{}.json'.format( mock_rootdir, FileStorage.hash_filename('yelp/detect-secrets'), ), 'w', ) mock_open().write.assert_called_with( metadata_factory( '[email protected]:yelp/detect-secrets', baseline_filename='foobar', json=True, ), )
def wrapped(is_local=False): klass = S3LocalTrackedRepo if is_local else S3TrackedRepo with mock.patch( 'detect_secrets_server.storage.file.open', mock.mock_open(read_data=metadata_factory( '[email protected]:yelp/detect-secrets', json=True, ), )), mock.patch( 'detect_secrets_server.storage.file.os.path.isdir', return_value=True, ): yield (mocked_boto, klass.load_from_file( 'mocked_repository_name', mock_rootdir, mock_s3_config(), ))
def test_crontab_writes_with_output_hook( self, mock_crontab, mock_rootdir, mock_metadata, ): args = self.parse_args(mock_rootdir, '--output-hook examples/standalone_hook.py') with mock_metadata(remote_files=(metadata_factory( repo='[email protected]:yelp/detect-secrets', crontab='1 2 3 4 5', json=True, ), ), ): install_mapper(args) assert mock_crontab.content == ( '1 2 3 4 5 detect-secrets-server scan [email protected]:yelp/detect-secrets' ' --output-hook examples/standalone_hook.py') mock_crontab.write_to_user.assert_called_with(user=True)
def test_does_not_override_existing_crontab( self, mock_crontab, mock_rootdir, mock_metadata, ): mock_crontab.old_content = textwrap.dedent(""" * * * * * detect-secrets-server scan old_config_will_be_deleted --local * * * * * some_content_here """)[1:] args = self.parse_args(mock_rootdir) with mock_metadata(local_files=(metadata_factory( repo='examples', crontab='1 2 3 4 5', json=True, ), ), ): install_mapper(args) assert mock_crontab.content == textwrap.dedent(""" * * * * * some_content_here 1 2 3 4 5 detect-secrets-server scan examples --local --root-dir {} """).format(mock_rootdir)[1:-1]