This repository was archived by the owner on Jun 15, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 96
/
Copy pathseekrets.bats
129 lines (108 loc) · 3.63 KB
/
seekrets.bats
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
#!/usr/bin/env bats
#
# bats test file for testing git seekrets and
# seekrets rulesets
#
# Prerequisites:
# * git seekrets is installed (cf. seekrets-install)
#
# Installation:
# * Use the laptop script via ~/.laptop.local
#
# echo 'bats' >> ~/.laptop.local
#
# * homebrew method
#
# brew install bats-core
#
# Running Tests:
#
# bats seekrets.bat
load test_helper
@test "no args gives usage instructions" {
run git-seekret
[ $status -eq 0 ]
[ $(expr "${lines[2]}" : "USAGE:") -ne 0 ]
}
@test "option --version prints version number" {
run git-seekret --version
[ $status -eq 0 ]
[ $(expr "$output" : "git-seekret version [0-9][0-9.]*") -ne 0 ]
}
@test "config command with no options shows config" {
run git-seekret rules
[ $status -eq 0 ]
[ $(expr "${lines[0]}" : "List of rules:") -ne 0 ]
}
@test "rules command with no options gives a listing of rules" {
run git-seekret rules
[ $status -eq 0 ]
[ $(expr "${lines[0]}" : "List of rules:") -ne 0 ]
}
@test "git-seekrets does find aws secrets in test repo" {
run addFileWithAwsSecrets
[ $(echo "$output" | grep -c 'Found Secrets: 2') -eq 1 ]
}
@test "git-seekrets does find aws accounts in test repo" {
run addFileWithAwsAccounts
[ $(echo "$output" | grep -c 'Found Secrets: 1') -eq 1 ]
}
@test "git-seekrets does find aws access keys in test repo" {
run addFileWithAwsAccessKey
[ $(echo "$output" | grep -c 'Found Secrets: 2') -eq 1 ]
}
@test "git-seekrets does not find newrelic keys as aws keys in test repo" {
enableOnlyRuleFile "aws"
run addFileWithNewrelicSecrets
[ $(echo "$output" | grep -c 'Found Secrets: 0') -eq 1 ]
}
@test "git-seekrets does find newrelic secrets in test repo" {
run addFileWithNewrelicSecrets
[ $(echo "$output" | grep -c 'Found Secrets: 1') -eq 1 ]
}
@test "git-seekrets does not find newrelic false positives in test repo" {
run addFileWithFalseNewrelicSecrets
[ $(echo "$output" | grep -c 'Found Secrets: 0') -eq 1 ]
}
@test "git-seekrets only matches newrelic secrets in test repo" {
run addFileWithSomeNewrelicSecrets
[ $(echo "$output" | grep -c 'Found Secrets: 1') -eq 1 ]
}
@test "git-seekrets does find mandrill keys in test repo" {
run addFileWithMandrillKey
[ $(echo "$output" | grep -c 'Found Secrets: 1') -eq 1 ]
}
@test "git-seekrets does not find mandrill key false positives in test repo" {
run addFileWithFalseMandrillKey
[ $(echo "$output" | grep -c 'Found Secrets: 0') -eq 1 ]
}
@test "git-seekrets does find mandrill passwords in test repo" {
run addFileWithMandrillPassword
[ $(echo "$output" | grep -c 'Found Secrets: 2') -eq 1 ]
}
@test "git-seekrets does not find mandrill password false positives in test repo" {
run addFileWithFalseMandrillPassword
[ $(echo "$output" | grep -c 'Found Secrets: 0') -eq 1 ]
}
@test "git-seekrets does find mandrill usernames in test repo" {
run addFileWithMandrillUsername
[ $(echo "$output" | grep -c 'Found Secrets: 1') -eq 1 ]
}
@test "git-seekrets does find slack api token in test repo" {
run addFileWithSlackAPIToken
[ $(echo "$output" | grep -c 'Found Secrets: 1') -eq 1 ]
}
@test "git-seekrets does not find secrets in test repo" {
run addFileWithNoSecrets
[ $(echo "$output" | grep -c 'Found Secrets: 0') -eq 1 ]
}
@test "git-seekrets can disable all rulesets" {
run git-seekret rules --disable-all
[ $status -eq 0 ]
[ $(echo "$output" | grep -c '\[x\]') -eq 0 ]
}
@test "git-seekrets can enable all rulesets" {
run git-seekret rules --enable-all
[ $status -eq 0 ]
[ $(echo "$output" | grep -c '\[x\]') -gt 0 ]
}