I've entered login information during tests but I no longer want this data to be present in the source code which will be uploaded to GitHub soon. How can I make use of this data in the tests without storing the login info in the source code? Is it safe to store it in an environment variable? A database? A local file? What's the best way to go about encrypting and decrypting this info?
Asked
Active
Viewed 440 times
2
-
store it in an environment variable or as a secret within your CI build server which runs the unit tests – rv.kvetch Sep 22 '21 at 04:18
-
1But that’s right, these are *unit* tests, I forget you don’t need sensitive info at all. You can mock everything in Python! In some languages like Go, there are few exceptions. But not in Python! You can mock just about anything at all. – rv.kvetch Sep 22 '21 at 05:34
2 Answers
1
If your project working fine , you can use/add spy method in to code and validate/add unit test for the login file. (spyse used to get actual response from methods to test files, its inbuild feature in unit tests).
If you use secret for login, anybody can add console and check your credentials, I'm not sure that's good idea if you upload to github.
Mr Robot
- 307
- 2
- 12
1
Keep in mind that the sensitive data will still be in the Git repository. If you want to delete some sensitive data from the Git history, have a look at this question: Remove sensitive files and their commits from Git history
For login informations i would try to mock the login process. Otherwise others who want to run the tests somehow need to get theses sensitive informations.
WorkingAccount
- 111
- 9