symfony/archived-framework-bundle
1
0
Fork 0
mirror of https://github.com/symfony/framework-bundle.git synced 2026-03-24 01:12:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
8.1
archived-framework-bundle/Tests/Command/SecretsEncryptFromLocalCommandTest.php
Christian Flothmann 029303f5c3 Merge branch '7.3' into 7.4 
* 7.3:
  fix merge
  do not use PHPUnit mock objects without configured expectations
  do not use PHPUnit mock objects without configured expectations
  Typo
  [HttpClient] Fix and test replacing repeated headers with CachingHttpClient
  [Messenger] Fix processing batches
  do not use PHPUnit mock objects without configured expectations
  do not use PHPUnit mock objects without configured expectations
2026-01-06 13:34:24 +01:00

112 lines
3.5 KiB
PHP
Raw Permalink Blame History

<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Bundle\FrameworkBundle\Tests\Command;
use PHPUnit\Framework\Attributes\RequiresPhpExtension;
use PHPUnit\Framework\TestCase;
use Symfony\Bundle\FrameworkBundle\Command\SecretsEncryptFromLocalCommand;
use Symfony\Bundle\FrameworkBundle\Secrets\AbstractVault;
use Symfony\Bundle\FrameworkBundle\Secrets\SodiumVault;
use Symfony\Component\Console\Tester\CommandTester;
use Symfony\Component\Filesystem\Filesystem;
#[RequiresPhpExtension('sodium')]
class SecretsEncryptFromLocalCommandTest extends TestCase
{
private string $vaultDir;
private string $localVaultDir;
private Filesystem $fs;
protected function setUp(): void
{
$this->vaultDir = sys_get_temp_dir().'/sf_secrets/vault_'.uniqid();
$this->localVaultDir = sys_get_temp_dir().'/sf_secrets/local_'.uniqid();
$this->fs = new Filesystem();
$this->fs->remove([$this->vaultDir, $this->localVaultDir]);
}
protected function tearDown(): void
{
$this->fs->remove([$this->vaultDir, $this->localVaultDir]);
}
public function testFailsWhenLocalVaultIsDisabled()
{
$vault = $this->createStub(AbstractVault::class);
$command = new SecretsEncryptFromLocalCommand($vault, null);
$tester = new CommandTester($command);
$this->assertSame(1, $tester->execute([]));
$this->assertStringContainsString('The local vault is disabled.', $tester->getDisplay());
}
public function testEncryptsLocalOverrides()
{
$vault = new SodiumVault($this->vaultDir);
$vault->generateKeys();
$localVault = new SodiumVault($this->localVaultDir);
$localVault->generateKeys();
$vault->seal('MY_SECRET', 'prod-value');
$localVault->seal('MY_SECRET', 'local-value');
$command = new SecretsEncryptFromLocalCommand($vault, $localVault);
$tester = new CommandTester($command);
$exitCode = $tester->execute([]);
$this->assertSame(0, $exitCode);
$revealed = $vault->reveal('MY_SECRET');
$this->assertSame('local-value', $revealed);
}
public function testDoesNotSealIfSameValue()
{
$vault = new SodiumVault($this->vaultDir);
$vault->generateKeys();
$localVault = new SodiumVault($this->localVaultDir);
$localVault->generateKeys();
$vault->seal('SHARED_SECRET', 'same-value');
$localVault->seal('SHARED_SECRET', 'same-value');
$command = new SecretsEncryptFromLocalCommand($vault, $localVault);
$tester = new CommandTester($command);
$exitCode = $tester->execute([]);
$this->assertSame(0, $exitCode);
$revealed = $vault->reveal('SHARED_SECRET');
$this->assertSame('same-value', $revealed);
}
public function testStillSucceedsIfLocalSecretIsMissing()
{
$vault = new SodiumVault($this->vaultDir);
$vault->generateKeys();
$localVault = new SodiumVault($this->localVaultDir);
$localVault->generateKeys();
$vault->seal('MISSING_IN_LOCAL', 'prod-only');
$command = new SecretsEncryptFromLocalCommand($vault, $localVault);
$tester = new CommandTester($command);
$this->assertSame(0, $tester->execute([]));
$revealed = $vault->reveal('MISSING_IN_LOCAL');
$this->assertSame('prod-only', $revealed);
}
}
Reference in New Issue View Git Blame Copy Permalink