def test_simple_success(self, mock_rootdir):
with mock_repos_config({
'tracked': [
single_repo_config_factory(
'[email protected]:yelp/detect-secrets', ),
]
}), mock_repo_class('BaseTrackedRepo') as repo_class:
args = self.parse_args('--root-dir {}'.format(mock_rootdir))
initialize(args)
repo_class.assert_called_with(
repo='[email protected]:yelp/detect-secrets',
sha='',
crontab='0 0 * * *',
plugins={
'AWSKeyDetector': {},
'Base64HighEntropyString': {
'base64_limit': 4.5,
},
'BasicAuthDetector': {},
'HexHighEntropyString': {
'hex_limit': 3,
},
'KeywordDetector': {
'keyword_exclude': None,
},
'PrivateKeyDetector': {},
'SlackDetector': {},
},
rootdir=mock_rootdir,
baseline_filename=None,
exclude_regex=None,
s3_config=None,
)
def test_repo_config_overrides_defaults(self, mock_rootdir):
with mock_repos_config({
'tracked': [
single_repo_config_factory(
'[email protected]:yelp/detect-secrets',
plugins={
# This checks that CLI overrides config file
'HexHighEntropyString': {
'hex_limit': 5,
},
# This checks it overrides default values
'Base64HighEntropyString': {
'base64_limit': 2,
},
# This checks for disabling functionality
'PrivateKeyDetector': False,
},
# This checks it overrides CLI (non-plugin)
baseline_filename='will_be_overriden',
# This checks it overrides default value (non-plugin)
exclude_regex='something_here',
crontab='* * 4 * *',
)
],
}):
args = self.parse_args('--hex-limit 4 '
'--baseline baseline.file '
'--root-dir {}'.format(mock_rootdir))
with mock_repo_class('BaseTrackedRepo') as repo_class:
initialize(args)
repo_class.assert_called_with(
repo='[email protected]:yelp/detect-secrets',
sha='',
crontab='* * 4 * *',
plugins={
# (No PrivateKeyDetector due to being False above)
'AWSKeyDetector': {},
'Base64HighEntropyString': {
'base64_limit': 2.0,
},
'BasicAuthDetector': {},
'HexHighEntropyString': {
'hex_limit': 4.0,
},
'KeywordDetector': {
'keyword_exclude': None,
},
'SlackDetector': {},
},
rootdir=mock_rootdir,
baseline_filename='baseline.file',
exclude_regex='something_here',
s3_config=None,
)
def test_flags_set_tracked_repo_classes(self, data, expected_repo_class):
with mock_repos_config(
{'tracked': [
single_repo_config_factory(**data),
]}):
args = self.parse_args(has_s3=data.get('storage') == 's3')
with mock_repo_class(expected_repo_class) as repo_class:
initialize(args)
assert repo_class.called
def test_repo_config_overrides_defaults(self, mock_rootdir):
with mock_repos_config({
'tracked': [
single_repo_config_factory(
'[email protected]:yelp/detect-secrets',
plugins={
# This checks that CLI overrides config file
'HexHighEntropyString': {
'hex_limit': 5,
},
# This checks it overrides default values
'Base64HighEntropyString': {
'base64_limit': 2,
},
# This checks for disabling functionality
'PrivateKeyDetector': False,
},
# This checks it overrides CLI (non-plugin)
baseline_filename='will_be_overriden',
# This checks it overrides default value (non-plugin)
exclude_regex='something_here',
crontab='* * 4 * *',
)
],
}):
args = self.parse_args('--hex-limit 4 '
'--baseline baseline.file '
'--root-dir {}'.format(mock_rootdir))
with mock_repo_class('BaseTrackedRepo') as repo_class:
initialize(args)
kwargs = repo_class.call_args[1]
assert kwargs['repo'] == '[email protected]:yelp/detect-secrets'
assert kwargs['sha'] == ''
assert kwargs['crontab'] == '* * 4 * *'
# NOTE: This is disabled, since it's `False` above.
assert 'PrivateKeyDetector' not in kwargs['plugins']
assert kwargs['plugins']['Base64HighEntropyString'][
'base64_limit'] == 2.0
assert kwargs['plugins']['HexHighEntropyString'][
'hex_limit'] == 4.0
assert kwargs['rootdir'] == mock_rootdir
assert kwargs['baseline_filename'] == 'baseline.file'
assert kwargs['exclude_regex'] == 'something_here'
def test_simple_success(self, mock_rootdir):
with mock_repos_config({
'tracked': [
single_repo_config_factory(
'[email protected]:yelp/detect-secrets', ),
]
}), mock_repo_class('BaseTrackedRepo') as repo_class:
args = self.parse_args('--root-dir {}'.format(mock_rootdir))
initialize(args)
kwargs = repo_class.call_args[1]
assert kwargs['repo'] == '[email protected]:yelp/detect-secrets'
assert kwargs['sha'] == ''
assert kwargs['crontab'] == '0 0 * * *'
assert kwargs['rootdir'] == mock_rootdir