Log in
Log in
Log in
Book a Demo
Get Started
670.2K 484.3K 8.3K
Back to Repositories

Testing Secrets Management Workflow in Kamal

This test suite validates the secrets management functionality in Kamal, focusing on secret value retrieval, command interpolation, and destination-specific configurations. The tests ensure proper handling of environment variables and secret file processing.

Test Coverage Overview

The test suite provides comprehensive coverage of Kamal’s secrets management system.

Key areas tested include:
  • Basic secret value fetching
  • Command interpolation in secret values
  • Variable reference resolution
  • Destination-specific secret handling
  • Error handling for missing secret files

Implementation Analysis

The implementation uses Minitest’s ActiveSupport::TestCase framework for structured unit testing. The tests employ a helper method ‘with_test_secrets’ to set up isolated test environments, allowing controlled testing of various secret configurations and edge cases.

The testing approach validates both successful scenarios and error conditions, ensuring robust secret management functionality.

Technical Details

Testing infrastructure includes:
  • Minitest framework with ActiveSupport extensions
  • Custom test helper for secrets file simulation
  • Configuration error validation
  • Environment variable interpolation testing

Best Practices Demonstrated

The test suite exemplifies several testing best practices:

  • Isolated test environments for each scenario
  • Comprehensive error case coverage
  • Clear test naming conventions
  • Systematic validation of related functionality
  • Proper assertion usage for expected outcomes

basecamp/kamal

test/secrets_test.rb

            
require "test_helper"

class SecretsTest < ActiveSupport::TestCase
  test "fetch" do
    with_test_secrets("secrets" => "SECRET=ABC") do
      assert_equal "ABC", Kamal::Secrets.new["SECRET"]
    end
  end

  test "command interpolation" do
    with_test_secrets("secrets" => "SECRET=$(echo ABC)") do
      assert_equal "ABC", Kamal::Secrets.new["SECRET"]
    end
  end

  test "variable references" do
    with_test_secrets("secrets" => "SECRET1=ABC\nSECRET2=${SECRET1}DEF") do
      assert_equal "ABC", Kamal::Secrets.new["SECRET1"]
      assert_equal "ABCDEF", Kamal::Secrets.new["SECRET2"]
    end
  end

  test "destinations" do
    with_test_secrets("secrets.dest" => "SECRET=DEF", "secrets" => "SECRET=ABC", "secrets-common" => "SECRET=GHI\nSECRET2=JKL") do
      assert_equal "ABC", Kamal::Secrets.new["SECRET"]
      assert_equal "DEF", Kamal::Secrets.new(destination: "dest")["SECRET"]
      assert_equal "GHI", Kamal::Secrets.new(destination: "nodest")["SECRET"]

      assert_equal "JKL", Kamal::Secrets.new["SECRET2"]
      assert_equal "JKL", Kamal::Secrets.new(destination: "dest")["SECRET2"]
      assert_equal "JKL", Kamal::Secrets.new(destination: "nodest")["SECRET2"]
    end
  end

  test "no secrets files" do
    with_test_secrets do
      error = assert_raises(Kamal::ConfigurationError) do
        Kamal::Secrets.new["SECRET"]
      end
      assert_equal "Secret 'SECRET' not found, no secret files (.kamal/secrets-common, .kamal/secrets) provided", error.message

      error = assert_raises(Kamal::ConfigurationError) do
        Kamal::Secrets.new(destination: "dest")["SECRET"]
      end
      assert_equal "Secret 'SECRET' not found, no secret files (.kamal/secrets-common, .kamal/secrets.dest) provided", error.message
    end
  end
end