formidable/internal/data/format/yaml/encoder_test.go

89 lines
2.0 KiB
Go
Raw Permalink Normal View History

package yaml
import (
"fmt"
"io"
"net/url"
"os"
"os/exec"
"strings"
"testing"
"github.com/pkg/errors"
yaml "gopkg.in/yaml.v3"
)
// YAML string containing an ansible-vault encrypted variable
const ansibleVaultYAML = `
unencrypted: foo
encrypted: !vault |
$ANSIBLE_VAULT;1.1;AES256
63393636613562663937383964323839376239663230366130386566393131313963386265303632
3133356532346437653338343032303732646530303431660a383862353766326334306138613734
36313438626564623435373365616531353533663765663335616134656430323134323537336661
3437653863343331370a393136653735643333373962633631663539653664313936303964303866
3933
`
func TestEncoderAnsibleVault(t *testing.T) {
_, err := exec.LookPath("ansible")
if err != nil {
t.Skip("The 'ansible' command seems not to be available on this system. Skipping.")
return
}
var data interface{}
if err := yaml.Unmarshal([]byte(ansibleVaultYAML), &data); err != nil {
t.Fatal(errors.WithStack(err))
}
encoder := NewEncoderHandler()
url, err := url.Parse("stdout://local.yml?ansible_vault=yes")
if err != nil {
t.Fatal(errors.WithStack(err))
}
reader, err := encoder.Encode(url, data)
if err != nil {
t.Fatal(errors.WithStack(err))
}
temp, err := os.CreateTemp(os.TempDir(), "formidable_test_*.yml")
if err != nil {
t.Fatal(errors.WithStack(err))
}
defer func() {
if err := os.Remove(temp.Name()); err != nil {
panic(errors.WithStack(err))
}
}()
t.Logf("Writing encoded YAML content in file '%s'...", temp.Name())
if _, err := io.Copy(temp, reader); err != nil {
t.Fatal(errors.WithStack(err))
}
args := []string{
"localhost",
"-m", "debug",
"--vault-password-file", "./testdata/vault.txt",
"-e", fmt.Sprintf("@%s", temp.Name()),
"-a", "var=encrypted",
}
t.Logf("Running command 'ansible %s'", strings.Join(args, " "))
cmd := exec.Command("ansible", args...)
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
if err := cmd.Run(); err != nil {
t.Fatal(errors.WithStack(err))
}
}