add tests, test sample files and minor refactor of exit codes in actual hook in order to facilitate testing

2015-06-12 19:20:56 +04:00 · 2015-06-12 19:20:56 +04:00 · 02e8bdc9d8
parent 88725503c4
commit 02e8bdc9d8
6 changed files with 66 additions and 2 deletions
--- a/pre_commit_hooks/detect_aws_credentials.py
+++ b/pre_commit_hooks/detect_aws_credentials.py
@ -3,6 +3,7 @@ from __future__ import unicode_literals

 import argparse
 import os
+
 from six.moves import configparser


@ -12,7 +13,7 @@ def get_your_keys(credentials_file):
    """
    aws_credentials_file_path = os.path.expanduser(credentials_file)
    if not os.path.exists(aws_credentials_file_path):
-        exit(2)
+        return None

    parser = configparser.ConfigParser()
    parser.read(aws_credentials_file_path)
@ -37,13 +38,15 @@ def main(argv=None):
    parser = argparse.ArgumentParser()
    parser.add_argument('filenames', nargs='*', help='Filenames to run')
    parser.add_argument(
-        "--credentials-file", 
+        "--credentials-file",
        default='~/.aws/credentials',
        help="location of aws credentials file from which to get the secret "
             "keys we're looking for",
    )
    args = parser.parse_args(argv)
    keys = get_your_keys(args.credentials_file)
+    if not keys:
+        return 2

    retv = 0
    for filename in args.filenames:
--- a/testing/resources/nonsense.txt
+++ b/testing/resources/nonsense.txt
@ -0,0 +1,6 @@
+some nonsense text generated at https://baconipsum.com/
+Bacon ipsum dolor amet ipsum fugiat pastrami pork belly, non ball tip flank est short loin. Fatback landjaeger meatloaf flank. Sunt boudin duis occaecat mollit velit. Capicola lorem frankfurter doner strip steak jerky rump elit laborum mollit. Venison cupidatat laboris duis ut chuck proident mollit. Minim do rump, eu jerky ham turkey chuck in tempor venison pariatur voluptate landjaeger beef.
+
+Duis aliqua esse, exercitation in ball tip ut capicola sausage dolore frankfurter occaecat. Duis in nulla consequat salami. Est shoulder tempor commodo shankle short ribs. In meatball aliqua boudin tenderloin, meatloaf leberkas hamburger quis pig dolore ea eu. Ham hock ex laboris, filet mignon sunt doner cillum short loin prosciutto voluptate.
+
+Occaecat pork doner meatloaf nulla biltong ullamco tenderloin culpa brisket. Culpa jowl ea shank t-bone shankle voluptate nostrud incididunt leberkas pork loin. Bacon kevin jerky pork belly t-bone labore duis. Boudin corned beef adipisicing aute, fatback ribeye nulla pancetta anim venison. Short ribs kevin pastrami cow drumstick velit. Turkey exercitation jowl, fatback labore swine do voluptate.
--- a/testing/resources/sample_aws_credentials
+++ b/testing/resources/sample_aws_credentials
@ -0,0 +1,10 @@
+# this is an aws credentials configuration file. obviously not real credentials :P
+[default]
+aws_access_key_id = AKIASLARTIBARTFAST11
+aws_secret_access_key = 7xebzorgm5143ouge9gvepxb2z70bsb2rtrh099e
+[production]
+aws_access_key_id = AKIAVOGONSVOGONS0042
+aws_secret_access_key = z2rpgs5uit782eapz5l1z0y2lurtsyyk6hcfozlb
+[staging]
+aws_access_key_id = AKIAJIMMINYCRICKET0A
+aws_secret_access_key = ixswosj8gz3wuik405jl9k3vdajsnxfhnpui38ez
--- a/testing/resources/with_no_secrets.txt
+++ b/testing/resources/with_no_secrets.txt
@ -0,0 +1,5 @@
+# file with an access key but no secrets
+# you'll notice it is a redacted section of sample_aws_credentials
+
+[production]
+aws_access_key_id = AKIASLARTIBARTFAST11
--- a/testing/resources/with_secrets.txt
+++ b/testing/resources/with_secrets.txt
@ -0,0 +1,5 @@
+#file with a secret key, you'll notice it is a section of sample_aws_credentials
+
+[production]
+aws_access_key_id = AKIAVOGONSVOGONS0042
+aws_secret_access_key = z2rpgs5uit782eapz5l1z0y2lurtsyyk6hcfozlb
--- a/tests/detect_aws_credentials_test.py
+++ b/tests/detect_aws_credentials_test.py
@ -0,0 +1,35 @@
+import pytest
+
+from pre_commit_hooks.detect_aws_credentials import main
+from testing.util import get_resource_path
+
+
+# Input filename, expected return value
+TESTS = (
+    ('with_no_secrets.txt', 0),
+    ('with_secrets.txt', 1),
+    ('nonsense.txt', 0),
+    ('ok_json.json', 0),
+)
+
+NO_CREDENTIALS_TEST = (
+    ('with_secrets.txt', 2),
+)
+
+
+@pytest.mark.parametrize(('filename', 'expected_retval'), TESTS)
+def test_detect_aws_credentials(filename, expected_retval):
+    # with a valid credentials file
+    ret = main(
+        [get_resource_path(filename), "--credentials-file=testing/resources/sample_aws_credentials"]
+    )
+    assert ret == expected_retval
+
+
+@pytest.mark.parametrize(('filename', 'expected_retval'), NO_CREDENTIALS_TEST)
+def test_non_existent_credentials(filename, expected_retval):
+    # with a non-existent credentials file
+    ret = main(
+        [get_resource_path(filename), "--credentials-file=testing/resources/credentailsfilethatdoesntexist"]
+    )
+    assert ret == expected_retval