github.com/tooploox/oya@v0.0.21-0.20230524103240-1cda1861aad6/features/secrets.feature (about) 1 Feature: Manage Secrets for oya 2 3 Background: 4 Given I'm in project dir 5 6 Scenario: It loads values from secrets.oya if present 7 Given file ./Oyafile containing 8 """ 9 Project: Secrets 10 Values: 11 foo: bar 12 13 all: | 14 echo ${Oya[foo]} 15 echo ${Oya[bar]} 16 """ 17 And file ./secrets.oya containing 18 """ 19 bar: banana 20 """ 21 And I run "oya secrets encrypt secrets.oya" 22 When I run "oya run all" 23 Then the command succeeds 24 And the command outputs 25 """ 26 bar 27 banana 28 29 """ 30 31 Scenario: Encrypts secrets file 32 Given file ./secrets.oya containing 33 """ 34 foo: SECRETPHRASE 35 """ 36 When I run "oya secrets encrypt secrets.oya" 37 Then the command succeeds 38 And file ./secrets.oya does not contain 39 """ 40 SECRETPHRASE 41 """ 42 43 Scenario: Views secrets file 44 Given file ./secrets.oya containing 45 """ 46 foo: SECRETPHRASE 47 """ 48 Then file ./secrets.oya contains 49 """ 50 foo: SECRETPHRASE 51 """ 52 And I run "oya secrets encrypt secrets.oya" 53 Then the command succeeds 54 When I run "oya secrets view secrets.oya" 55 Then the command succeeds 56 And the command outputs 57 """ 58 foo: SECRETPHRASE 59 """ 60 61 Scenario: It correctly merges secrets 62 Given file ./Oyafile containing 63 """ 64 Project: Secrets 65 Values: 66 foo: 67 bar: xxx 68 baz: apple 69 70 all: | 71 echo ${Oya[foo.bar]} 72 echo ${Oya[foo.baz]} 73 echo ${Oya[foo.qux]} 74 """ 75 And file ./secrets.oya containing 76 """ 77 foo: 78 bar: banana 79 qux: peach 80 """ 81 And I run "oya secrets encrypt secrets.oya" 82 When I run "oya run all" 83 Then the command succeeds 84 And the command outputs 85 """ 86 banana 87 apple 88 peach 89 90 """ 91 92 Scenario: It can quickly generate and import PGP key 93 Given file ./Oyafile containing 94 """ 95 Project: Secrets 96 all: | 97 echo ${Oya[foo.bar]} 98 echo ${Oya[foo.baz]} 99 """ 100 And file ./secrets2.oya containing 101 """ 102 foo: 103 bar: banana 104 baz: peach 105 """ 106 And the SOPS_PGP_FP environment variable set to "" 107 When I run "oya secrets init --name 'Oya test key' --email 'oya@example.com'" 108 And I run "oya secrets encrypt secrets2.oya" 109 And I run "oya run all" 110 Then the command succeeds 111 And the command outputs 112 """ 113 banana 114 peach 115 116 """ 117 And secrets2.oya is encrypted using PGP key in .sops.yaml