def testGetDataMultipleManagerServiceNoDatas(self):
secret_service_manager = SecretManager()
self.master.config.secretsProviders = [FakeSecretStorage({"foo": "bar",
"other": "value"}),
FakeSecretStorage({"foo2": "bar",
"other2": "value"})
]
SecretManager.master = self.master
secret_result = yield secret_service_manager.get("foo3")
self.assertEqual(secret_result, None)
def testGetDataMultipleManagerServiceNoDatas(self):
secret_service_manager = SecretManager()
fakeStorageService = FakeSecretStorage()
fakeStorageService.reconfigService(secretdict={"foo": "bar",
"other": "value"})
otherFakeStorageService = FakeSecretStorage()
otherFakeStorageService.reconfigService(secretdict={"foo2": "bar",
"other2": "value"})
secret_service_manager.services = [fakeStorageService, otherFakeStorageService]
secret_result = yield secret_service_manager.get("foo3")
self.assertEqual(secret_result, None)
def testGetDataMultipleManagerValues(self):
secret_service_manager = SecretManager()
fakeStorageService = FakeSecretStorage()
fakeStorageService.reconfigService(secretdict={"foo": "bar",
"other": ""})
otherFakeStorageService = FakeSecretStorage()
otherFakeStorageService.reconfigService(secretdict={"foo2": "bar2",
"other": ""})
secret_service_manager.services = [fakeStorageService, otherFakeStorageService]
expectedSecretDetail = SecretDetails(FakeSecretStorage.__name__,
"other",
"")
secret_result = yield secret_service_manager.get("other")
self.assertEqual(secret_result, expectedSecretDetail)
def masterConfig(use_with=False):
c = {}
from buildbot.config import BuilderConfig
from buildbot.process.factory import BuildFactory
from buildbot.plugins import schedulers, steps
c['schedulers'] = [
schedulers.ForceScheduler(name="force", builderNames=["testy"])
]
c['secretsProviders'] = [
FakeSecretStorage(secretdict={
"foo": "bar",
"something": "more"
})
]
f = BuildFactory()
if use_with:
secrets_list = [("pathA", Interpolate('%(secret:something)s'))]
with f.withSecrets(secrets_list):
f.addStep(
steps.ShellCommand(command=Interpolate('echo %(secret:foo)s')))
else:
f.addSteps(
[steps.ShellCommand(command=Interpolate('echo %(secret:foo)s'))],
withSecrets=[("pathA", Interpolate('%(secret:something)s'))])
c['builders'] = [
BuilderConfig(name="testy", workernames=["local1"], factory=f)
]
return c
def masterConfig():
c = {}
from buildbot.config import BuilderConfig
from buildbot.process.factory import BuildFactory
from buildbot.plugins import schedulers, steps
c['services'] = [FakeSecretReporter('http://example.com/hook',
auth=('user', Interpolate('%(secret:httppasswd)s')))]
c['schedulers'] = [
schedulers.ForceScheduler(
name="force",
builderNames=["testy"])]
c['secretsProviders'] = [FakeSecretStorage(
secretdict={"foo": "bar", "something": "more", 'httppasswd': 'myhttppasswd'})]
f = BuildFactory()
if os.name == "posix":
f.addStep(steps.ShellCommand(command=Interpolate(
'echo %(secret:foo)s | sed "s/bar/The password was there/"')))
else:
f.addStep(steps.ShellCommand(command=Interpolate(
'echo %(secret:foo)s')))
c['builders'] = [
BuilderConfig(name="testy",
workernames=["local1"],
factory=f)]
return c
def setUp(self):
self.master = fakemaster.make_master()
self.master.config.secretsProviders = [FakeSecretStorage({"foo": "bar",
"other": "value"})]
self.secretsrv = SecretManager()
self.secretsrv.setServiceParent(self.master)
self.build = FakeBuildWithMaster(self.master)
def setUp(self):
self.setUpTestReactor()
if requests is None:
raise unittest.SkipTest("Need to install requests to test oauth2")
self.patch(requests, 'request', mock.Mock(spec=requests.request))
self.patch(requests, 'post', mock.Mock(spec=requests.post))
self.patch(requests, 'get', mock.Mock(spec=requests.get))
self.giteaAuth = GiteaAuth('https://gitea.test', 'client-id',
'client-secret')
self._master = master = self.make_master(url='h:/a/b/',
auth=self.giteaAuth)
self.giteaAuth.reconfigAuth(master, master.config)
self.giteaAuth_secret = GiteaAuth('https://gitea.test',
Secret("client-id"),
Secret("client-secret"))
self._master = master = self.make_master(url='h:/a/b/',
auth=self.giteaAuth_secret)
fake_storage_service = FakeSecretStorage()
fake_storage_service.reconfigService(
secretdict={
"client-id": "secretClientId",
"client-secret": "secretClientSecret"
})
secret_service = SecretManager()
secret_service.services = [fake_storage_service]
secret_service.setServiceParent(self._master)
self.giteaAuth_secret.reconfigAuth(master, master.config)
def setUp(self):
self.master = fakemaster.make_master()
self.master.config.secretsProviders = [
FakeSecretStorage(secretdict={
"foo": "bar",
"other": "value"
})
]
def setUp(self):
self.master = fakemaster.make_master()
fakeStorageService = FakeSecretStorage()
fakeStorageService.reconfigService(secretdict={"foo": "bar",
"other": "value"})
self.secretsrv = SecretManager()
self.secretsrv.services = [fakeStorageService]
self.secretsrv.setServiceParent(self.master)
self.build = FakeBuildWithMaster(self.master)
def test_secretReconfig(self):
c = masterConfig()
yield self.setupConfig(c)
c['secretsProviders'] = [FakeSecretStorage(
secretdict={"foo": "different_value", "something": "more"})]
yield self.master.reconfig()
build = yield self.doForceBuild(wantSteps=True, wantLogs=True)
self.assertEqual(build['buildid'], 1)
res = yield self.checkBuildStepLogExist(build, "echo different_value")
self.assertTrue(res)
def setUp(self):
self.setUpTestReactor()
if requests is None:
raise unittest.SkipTest("Need to install requests to test oauth2")
self.patch(requests, 'request', mock.Mock(spec=requests.request))
self.patch(requests, 'post', mock.Mock(spec=requests.post))
self.patch(requests, 'get', mock.Mock(spec=requests.get))
self.googleAuth = oauth2.GoogleAuth("ggclientID", "clientSECRET")
self.githubAuth = oauth2.GitHubAuth("ghclientID", "clientSECRET")
self.githubAuth_v4 = oauth2.GitHubAuth("ghclientID",
"clientSECRET",
apiVersion=4)
self.githubAuth_v4_teams = oauth2.GitHubAuth("ghclientID",
"clientSECRET",
apiVersion=4,
getTeamsMembership=True)
self.githubAuthEnt = oauth2.GitHubAuth(
"ghclientID",
"clientSECRET",
serverURL="https://git.corp.fakecorp.com")
self.githubAuthEnt_v4 = oauth2.GitHubAuth(
"ghclientID",
"clientSECRET",
apiVersion=4,
getTeamsMembership=True,
serverURL="https://git.corp.fakecorp.com")
self.gitlabAuth = oauth2.GitLabAuth("https://gitlab.test/",
"glclientID", "clientSECRET")
self.bitbucketAuth = oauth2.BitbucketAuth("bbclientID", "clientSECRET")
for auth in [
self.googleAuth, self.githubAuth, self.githubAuth_v4,
self.githubAuth_v4_teams, self.githubAuthEnt, self.gitlabAuth,
self.bitbucketAuth, self.githubAuthEnt_v4
]:
self._master = master = self.make_master(url='h:/a/b/', auth=auth)
auth.reconfigAuth(master, master.config)
self.githubAuth_secret = oauth2.GitHubAuth(Secret("client-id"),
Secret("client-secret"),
apiVersion=4)
self._master = master = self.make_master(url='h:/a/b/', auth=auth)
fake_storage_service = FakeSecretStorage()
fake_storage_service.reconfigService(
secretdict={
"client-id": "secretClientId",
"client-secret": "secretClientSecret"
})
secret_service = SecretManager()
secret_service.services = [fake_storage_service]
yield secret_service.setServiceParent(self._master)
self.githubAuth_secret.reconfigAuth(master, master.config)
def setUp(self):
self.setUpTestReactor()
self.master = fakemaster.make_master(self)
fakeStorageService = FakeSecretStorage(secretdict={"foo": "bar",
"other": "value"})
self.secretsrv = SecretManager()
self.secretsrv.services = [fakeStorageService]
self.secretsrv.setServiceParent(self.master)
self.srvtest = FakeServiceUsingSecrets()
self.srvtest.setServiceParent(self.master)
self.successResultOf(self.master.startService())
def setUp(self):
self.setup_test_reactor()
self.master = fakemaster.make_master(self)
fakeStorageService = FakeSecretStorage()
password = "******"
fakeStorageService.reconfigService(
secretdict={"foo": password, "other": password + "random", "empty": ""})
self.secretsrv = SecretManager()
self.secretsrv.services = [fakeStorageService]
yield self.secretsrv.setServiceParent(self.master)
self.build = FakeBuildWithMaster(self.master)
def setUp(self):
self.setUpTestReactor()
self.master = fakemaster.make_master(self)
fakeStorageService = FakeSecretStorage()
password = "******"
secretdict = {"foo": password, "other": password + 'random'}
fakeStorageService.reconfigService(secretdict=secretdict)
self.secretsrv = SecretManager()
self.secretsrv.services = [fakeStorageService]
yield self.secretsrv.setServiceParent(self.master)
self.build = FakeBuildWithMaster(self.master)
def test_constructor_secrets(self):
fake_storage_service = FakeSecretStorage()
secret_service = SecretManager()
secret_service.services = [fake_storage_service]
yield secret_service.setServiceParent(self.master)
fake_storage_service.reconfigService(secretdict={"passkey": "1234"})
bs = yield self.createWorker('bot', util.Secret('passkey'))
yield bs.startService()
self.assertEqual(bs.password, '1234')
def testGetDataMultipleManagerValues(self):
secret_service_manager = SecretManager()
self.master.config.secretsProviders = [FakeSecretStorage({"foo": "bar",
"other": ""}),
OtherFakeSecretStorage({"foo2": "bar2", "other": ""})
]
SecretManager.master = self.master
expectedSecretDetail = SecretDetails(FakeSecretStorage.__name__,
"other",
"")
secret_result = yield secret_service_manager.get("other")
self.assertEqual(secret_result, expectedSecretDetail)
def setUp(self):
self.setup_test_reactor()
self.master = fakemaster.make_master(self)
fakeStorageService = FakeSecretStorage(secretdict={
"foo": "bar",
"other": "value"
})
self.secretsrv = SecretManager()
self.secretsrv.services = [fakeStorageService]
yield self.secretsrv.setServiceParent(self.master)
self.srvtest = FakeServiceUsingSecrets()
yield self.srvtest.setServiceParent(self.master)
yield self.master.startService()
def setUp(self):
self.setUpTestReactor()
yield self.setUpChangeSource()
fake_storage_service = FakeSecretStorage()
secret_service = SecretManager()
secret_service.services = [fake_storage_service]
yield secret_service.setServiceParent(self.master)
yield self.master.startService()
fake_storage_service.reconfigService(secretdict={"token": "1234"})
def test_secretReconfig(self):
c = masterConfig()
yield self.setupConfig(c)
c['secretsProviders'] = [FakeSecretStorage(
secretdict={"foo": "different_value", "something": "more"})]
yield self.master.reconfig()
build = yield self.doForceBuild(wantSteps=True, wantLogs=True)
self.assertEqual(build['buildid'], 1)
res = yield self.checkBuildStepLogExist(build, "echo <foo>")
self.assertTrue(res)
# at this point, build contains all the log and steps info that is in the db
# we check that our secret is not in there!
self.assertNotIn("different_value", repr(build))
def setUp(self):
self.setUpTestReactor()
fakeStorageService = FakeSecretStorage()
fakeStorageService.reconfigService(
secretdict={"secret_key": self._SECRET})
secretService = SecretManager()
secretService.services = [fakeStorageService]
self.changeHook = _prepare_github_change_hook(
self, strict=True, secret=util.Secret("secret_key"))
self.changeHook.master.addService(secretService)
def setUp(self):
self.setup_test_reactor()
self.master = fakeMasterForHooks(self)
fakeStorageService = FakeSecretStorage()
fakeStorageService.reconfigService(secretdict={"secret_key": self._SECRET})
self.secretService = SecretManager()
self.secretService.services = [fakeStorageService]
self.master.addService(self.secretService)
self.changeHook = change_hook.ChangeHookResource(
dialects={'gitlab': {'secret': util.Secret("secret_key")}},
master=self.master)
def testGetManagerService(self):
secret_service_manager = SecretManager()
fakeStorageService = FakeSecretStorage()
fakeStorageService.reconfigService(secretdict={"foo": "bar",
"other": "value"})
secret_service_manager.services = [fakeStorageService]
expectedClassName = FakeSecretStorage.__name__
expectedSecretDetail = SecretDetails(expectedClassName, "foo", "bar")
secret_result = yield secret_service_manager.get("foo")
strExpectedSecretDetail = str(secret_result)
self.assertEqual(secret_result, expectedSecretDetail)
self.assertEqual(secret_result.key, "foo")
self.assertEqual(secret_result.value, "bar")
self.assertEqual(secret_result.source, expectedClassName)
self.assertEqual(strExpectedSecretDetail,
"FakeSecretStorage foo: 'bar'")
def masterConfig(use_interpolation):
c = {}
from buildbot.config import BuilderConfig
from buildbot.process.factory import BuildFactory
from buildbot.plugins import schedulers, steps, util
c['services'] = [
FakeSecretReporter('http://example.com/hook',
auth=('user', Interpolate('%(secret:httppasswd)s')))
]
c['schedulers'] = [
schedulers.ForceScheduler(name="force", builderNames=["testy"])
]
c['secretsProviders'] = [
FakeSecretStorage(
secretdict={
"foo": "secretvalue",
"something": "more",
'httppasswd': 'myhttppasswd'
})
]
f = BuildFactory()
if use_interpolation:
if os.name == "posix":
# on posix we can also check whether the password was passed to the command
command = Interpolate(
'echo %(secret:foo)s | ' +
'sed "s/secretvalue/The password was there/"')
else:
command = Interpolate('echo %(secret:foo)s')
else:
command = ['echo', util.Secret('foo')]
f.addStep(steps.ShellCommand(command=command))
c['builders'] = [
BuilderConfig(name="testy", workernames=["local1"], factory=f)
]
return c
def masterConfig():
c = {}
from buildbot.config import BuilderConfig
from buildbot.process.factory import BuildFactory
from buildbot.plugins import schedulers, steps
c['schedulers'] = [
schedulers.ForceScheduler(
name="force",
builderNames=["testy"])]
c['secretsProviders'] = [FakeSecretStorage(
secretdict={"foo": "bar", "something": "more"})]
f = BuildFactory()
f.addStep(steps.ShellCommand(command=Interpolate('echo %(secrets:foo)s')))
c['builders'] = [
BuilderConfig(name="testy",
workernames=["local1"],
factory=f)]
return c
