def test_exclude_by_keys_and_values(configfile, src):
args = parse_args([fixture_path(src)])
args.config = core.load_config(config_path(configfile), FIXTURE_PATH)
secrets = core.run(args)
assert next(secrets).key == "hardcoded_password"
with pytest.raises(StopIteration):
next(secrets)
def test_exclude_files():
args = parse_args([fixture_path()])
args.config = core.load_config(config_path("exclude_files.yml"),
FIXTURE_PATH)
secrets = core.run(args)
with pytest.raises(StopIteration):
next(secrets)
def test_include_files():
args = parse_args([fixture_path()])
args.config = core.load_config(config_path("include_files.yml"),
FIXTURE_PATH)
secrets = core.run(args)
assert next(secrets).value == "hardcoded"
with pytest.raises(StopIteration):
next(secrets)
def test_load_config():
config = core.load_config(config_path("example.yml"), FIXTURE_PATH)
assert set(config["exclude"]["files"]) == set([
Path(fixture_path(".npmrc")),
Path(fixture_path("hardcoded.json")),
Path(fixture_path("hardcoded.yml")),
Path(fixture_path("hardcoded.xml")),
])
assert config["exclude"]["keys"] == [
re.compile("SECRET_VALUE_KEY", flags=re.IGNORECASE)
]
assert config["exclude"]["values"] == [
re.compile("SECRET_VALUE_PLACEHOLDER", flags=re.IGNORECASE)
]
(fixture_path("folder"), pytest.raises(StopIteration)),
],
)
def test_run(filename, expectation):
with expectation:
args = parse_args([filename])
next(core.run(args))
@pytest.mark.parametrize(
("filename", "expectation"),
[
(f"/tmp/File404-{urandom(30).hex()}",
pytest.raises(FileNotFoundError)),
("/dev/null", pytest.raises(TypeError)),
(config_path("invalid.yml"), pytest.raises(ParserError)),
(config_path("empty.yml"), pytest.raises(NameError)),
(config_path("example.yml"), does_not_raise()),
],
)
def test_load_config_exception(filename, expectation):
with expectation:
core.load_config(filename, FIXTURE_PATH)
def test_load_config():
config = core.load_config(config_path("example.yml"), FIXTURE_PATH)
assert set(config["exclude"]["files"]) == set([
Path(fixture_path(".npmrc")),
Path(fixture_path("hardcoded.json")),
Path(fixture_path("hardcoded.yml")),
def test_cli_parser():
assert isinstance(cli_parser(), ArgumentParser)
@pytest.mark.parametrize(
("arguments", "expectation", "result"),
[
([], pytest.raises(SystemExit), None),
(["src"], does_not_raise(), {
"config": None,
"output": None,
"rules": "all",
"src": "src"
}),
(
["-c", config_path("detection_by_value.yml"), "src"],
does_not_raise(),
{
"config": {
"exclude": {
"keys": [re.compile("^file$", re.IGNORECASE)],
"files": [],
"values": []
},
"include": {
"files": ["**/*"]
},
"rules": {},
},
"src": "src",
},
@pytest.mark.parametrize(
("arguments", "expectation"),
[
([], pytest.raises(SystemExit)),
(["-v"], pytest.raises(SystemExit)),
(["-i"], pytest.raises(SystemExit)),
(["-c", "whispers.yml"], pytest.raises(SystemExit)),
(["-r", "whis,pers"], pytest.raises(SystemExit)),
(["-o", "/tmp/whispers"], pytest.raises(SystemExit)),
(["/dev/null/bin"], pytest.raises(FileNotFoundError)),
([fixture_path("hardcoded.json")], does_not_raise()),
([fixture_path("hardcoded.json"), "-o", "/tmp/whispers"
], does_not_raise()),
([fixture_path("hardcoded.json"), "-c",
config_path("example.yml")], does_not_raise()),
],
)
def test_cli(arguments, expectation):
with expectation:
assert cli(arguments) is None
def test_cli_info():
mock_print = StringIO()
with patch("sys.stdout", mock_print):
cli_info()
result = mock_print.getvalue()
assert "available rules" in result
for rule_id in WhisperRules().rules.keys():
assert rule_id in result
