github.com/anant-s-kamat/talisman@v0.3.2/acceptance_test.go (about) 1 package main 2 3 import ( 4 "fmt" 5 "io" 6 "io/ioutil" 7 "os" 8 "strings" 9 "testing" 10 11 "github.com/stretchr/testify/assert" 12 git "github.com/thoughtworks/talisman/git_testing" 13 ) 14 15 func TestNotHavingAnyOutgoingChangesShouldNotFail(t *testing.T) { 16 withNewTmpGitRepo(func(gitPath string) { 17 git.SetupBaselineFiles(gitPath, "simple-file") 18 assert.Equal(t, 0, runTalisman(gitPath), "Expected run() to return 0 if no input is available on stdin. This happens when there are no outgoing changes") 19 }) 20 } 21 22 func TestAddingSimpleFileShouldExitZero(t *testing.T) { 23 withNewTmpGitRepo(func(gitPath string) { 24 git.SetupBaselineFiles(gitPath, "simple-file") 25 exitStatus := runTalisman(gitPath) 26 assert.Equal(t, 0, exitStatus, "Expected run() to return 0 and pass as no suspicious files are in the repo") 27 }) 28 } 29 30 func TestAddingSecretKeyShouldExitOne(t *testing.T) { 31 withNewTmpGitRepo(func(gitPath string) { 32 git.SetupBaselineFiles(gitPath, "simple-file") 33 git.CreateFileWithContents(gitPath, "private.pem", "secret") 34 git.AddAndcommit(gitPath, "*", "add private key") 35 36 exitStatus := runTalisman(gitPath) 37 assert.Equal(t, 1, exitStatus, "Expected run() to return 1 and fail as pem file was present in the repo") 38 }) 39 } 40 41 func TestAddingSecretKeyAsFileContentShouldExitOne(t *testing.T) { 42 const awsAccessKeyIDExample string = "accessKey=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY" 43 44 withNewTmpGitRepo(func(gitPath string) { 45 git.SetupBaselineFiles(gitPath, "simple-file") 46 git.CreateFileWithContents(gitPath, "contains_keys.properties", awsAccessKeyIDExample) 47 git.AddAndcommit(gitPath, "*", "add private key as content") 48 49 exitStatus := runTalisman(gitPath) 50 assert.Equal(t, 1, exitStatus, "Expected run() to return 1 and fail as file contains some secrets") 51 }) 52 } 53 54 func TestAddingSecretKeyShouldExitZeroIfPEMFilesAreIgnored(t *testing.T) { 55 withNewTmpGitRepo(func(gitPath string) { 56 git.SetupBaselineFiles(gitPath, "simple-file") 57 git.CreateFileWithContents(gitPath, "private.pem", "secret") 58 git.CreateFileWithContents(gitPath, ".talismanignore", "*.pem") 59 git.AddAndcommit(gitPath, "*", "add private key") 60 61 exitStatus := runTalisman(gitPath) 62 assert.Equal(t, 0, exitStatus, "Expected run() to return 0 and pass as pem file was ignored") 63 }) 64 } 65 66 func TestStagingSecretKeyShouldExitOneWhenPreCommitFlagIsSet(t *testing.T) { 67 withNewTmpGitRepo(func(gitPath string) { 68 git.SetupBaselineFiles(gitPath, "simple-file") 69 git.CreateFileWithContents(gitPath, "private.pem", "secret") 70 git.Add(gitPath, "*") 71 72 options := Options{ 73 debug: false, 74 githook: "pre-commit", 75 } 76 77 exitStatus := runTalismanWithOptions(gitPath, options) 78 assert.Equal(t, 1, exitStatus, "Expected run() to return 1 and fail as pem file was present in the repo") 79 }) 80 } 81 82 func runTalisman(gitPath string) int { 83 options := Options{ 84 debug: false, 85 githook: "pre-push", 86 } 87 return runTalismanWithOptions(gitPath, options) 88 } 89 90 func runTalismanWithOptions(gitPath string, options Options) int { 91 os.Chdir(gitPath) 92 return run(mockStdIn(git.EarliestCommit(gitPath), git.LatestCommit(gitPath)), options) 93 } 94 95 func withNewTmpGitRepo(gitOp func(gitPath string)) { 96 WithNewTmpDirNamed("talisman-acceptance-test", func(gitPath string) { 97 git.Init(gitPath) 98 gitOp(gitPath) 99 }) 100 } 101 102 type DirOp func(dirName string) 103 104 func WithNewTmpDirNamed(dirName string, dop DirOp) { 105 path, err := ioutil.TempDir(os.TempDir(), dirName) 106 if err != nil { 107 panic(err) 108 } 109 defer os.RemoveAll(path) 110 dop(path) 111 } 112 113 func mockStdIn(oldSha string, newSha string) io.Reader { 114 return strings.NewReader(fmt.Sprintf("master %s master %s\n", newSha, oldSha)) 115 }