Skip to content

Commit cacec56

Browse files
committed
Add overridden secret integration test.
1 parent 61aa70c commit cacec56

File tree

8 files changed

+40
-24
lines changed

8 files changed

+40
-24
lines changed
Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
error: Readonly secret
2+
--> tests_failed/secret_overridden.hurl:6:11
3+
|
4+
| GET http://localhost:8000/hello
5+
| ...
6+
6 | variable: name=a_public_value
7+
| ^^^^^^^^^^^^^^^^^^^ secret 'name' can't be reassigned
8+
|
9+
Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
3
Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
# We check that variable can't override secret because a secret becoming
2+
# a public variable will leak it previous secret value.
3+
GET http://localhost:8000/hello
4+
x-header: a_secret_value
5+
[Options]
6+
variable: name=a_public_value
7+
HTTP 200
Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
Set-StrictMode -Version latest
2+
$ErrorActionPreference = 'Stop'
3+
4+
hurl --secret name=a_secret_value tests_failed/secret_overridden.hurl
Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
#!/bin/bash
2+
set -Eeuo pipefail
3+
4+
hurl --secret name=a_secret_value tests_failed/secret_overridden.hurl

packages/hurl/src/cli/options/matches.rs

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -408,15 +408,17 @@ pub fn retry_interval(arg_matches: &ArgMatches) -> Result<Duration, CliOptionsEr
408408
get_duration(&s, DurationUnit::MilliSecond)
409409
}
410410

411-
pub fn secret(matches: &ArgMatches) -> Result<HashMap<String, Value>, CliOptionsError> {
411+
pub fn secret(matches: &ArgMatches) -> Result<HashMap<String, String>, CliOptionsError> {
412412
let mut secrets = HashMap::new();
413413
if let Some(secret) = get_strings(matches, "secret") {
414414
for s in secret {
415415
let (name, value) = variables::parse(&s)?;
416-
secrets.insert(name.to_string(), value);
416+
// Secrets can only be string.
417+
if let Value::String(value) = value {
418+
secrets.insert(name, value);
419+
}
417420
}
418421
}
419-
420422
Ok(secrets)
421423
}
422424

packages/hurl/src/cli/options/mod.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -90,7 +90,7 @@ pub struct CliOptions {
9090
pub resolves: Vec<String>,
9191
pub retry: Option<Count>,
9292
pub retry_interval: Duration,
93-
pub secrets: HashMap<String, Value>,
93+
pub secrets: HashMap<String, String>,
9494
pub ssl_no_revoke: bool,
9595
pub tap_file: Option<PathBuf>,
9696
pub test: bool,

packages/hurl/src/runner/variable.rs

Lines changed: 9 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -108,15 +108,17 @@ impl VariableSet {
108108
return Err(Error::ReadOnlySecret(name));
109109
}
110110
let variable = Variable::new(value, VariableKind::Public);
111-
self.variables.insert(name.to_string(), variable);
111+
self.variables.insert(name, variable);
112112
Ok(())
113113
}
114114

115-
/// Inserts a secret variable named `name` with `value` into the variable set.
115+
/// Inserts a secret variable named `name` with a string `value` into the variable set.
116116
///
117117
/// Contrary to [`VariableSet::insert`], this method can not fail: a secret can override a
118-
/// public variable and a secret variable.
119-
pub fn insert_secret(&mut self, name: String, value: Value) {
118+
/// public variable and a secret variable. Secret are only string, that's why `value` is a
119+
/// `String` and not a `[Value::String]`.
120+
pub fn insert_secret(&mut self, name: String, value: String) {
121+
let value = Value::String(value.to_string());
120122
let variable = Variable::new(value, VariableKind::Secret);
121123
self.variables.insert(name, variable);
122124
}
@@ -126,20 +128,10 @@ impl VariableSet {
126128
self.variables.get(name)
127129
}
128130

129-
/// Returns true if the variable set contains no variables.
130-
pub fn is_empty(&self) -> bool {
131-
self.variables.is_empty()
132-
}
133-
134131
/// Returns an iterator over all the variables values.
135132
pub fn iter(&self) -> impl Iterator<Item = (&String, &Variable)> {
136133
self.variables.iter()
137134
}
138-
139-
/// Returns the number of variables in the set.
140-
pub fn len(&self) -> usize {
141-
self.variables.len()
142-
}
143135
}
144136

145137
#[cfg(test)]
@@ -151,7 +143,6 @@ mod test {
151143
#[test]
152144
fn simple_variable_set() {
153145
let mut variables = VariableSet::new();
154-
assert!(variables.is_empty());
155146

156147
variables
157148
.insert("foo".to_string(), Value::String("xxx".to_string()))
@@ -165,9 +156,7 @@ mod test {
165156
variables
166157
.insert("baz".to_string(), Value::Number(Float(1.0)))
167158
.unwrap();
168-
variables.insert_secret("quic".to_string(), Value::Number(Integer(42)));
169-
170-
assert_eq!(variables.len(), 4);
159+
variables.insert_secret("quic".to_string(), "42".to_string());
171160

172161
assert_eq!(
173162
variables.get("foo"),
@@ -191,7 +180,7 @@ mod test {
191180
assert_eq!(
192181
variables.get("quic"),
193182
Some(&Variable::new(
194-
Value::Number(Integer(42)),
183+
Value::String("42".to_string()),
195184
VariableKind::Secret
196185
))
197186
);
@@ -232,7 +221,7 @@ mod test {
232221
#[test]
233222
fn secret_cant_be_reassigned() {
234223
let mut variables = VariableSet::new();
235-
variables.insert_secret("foo".to_string(), Value::Number(Integer(42)));
224+
variables.insert_secret("foo".to_string(), "42".to_string());
236225
assert!(variables
237226
.insert("foo".to_string(), Value::String("xxx".to_string()))
238227
.is_err());

0 commit comments

Comments
 (0)