Skip to content

Commit

Permalink
WIP: Switch from secrets to rails credentials
Browse files Browse the repository at this point in the history 
Here's what you have to do:
1) Apply the commit here to switch to credentials
2) Edit rails credentials in the rails application (manageiq) in the test environment:
IMPORTANT: cd to manageiq and not the rails engine directory.  It looks for the encryption key and encrypted
credentials file relative to the rails application, not the engine.

EDITOR=vi be rails credentials:edit --environment test

Specify the default or real values in your editor:

autosde_defaults: &autosde_defaults
  appliance_host: autosde-appliance-host
  site_manager_user: autosde
  site_manager_password: change_me
autosde:
  <<: *autosde_defaults

Save this.  It should generate the following files in the rails app:

* config/credentials/test.key (if not previously created)
* an encrypted credentials file in config/credentials/test.yml.enc

Both files should be .gitignored.

You can now run tests locally.
  • Loading branch information
@jrafanie
jrafanie committed Nov 6, 2024
1 parent c6f8ab3 commit 733c49d
Show file tree
Hide file tree
Showing 11 changed files with 43 additions and 57 deletions.
8 changes: 0 additions & 8 deletions config/secrets.defaults.yml
View file

This file was deleted.

6 changes: 0 additions & 6 deletions lib/manageiq/providers/autosde/engine.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,6 @@ class Engine < ::Rails::Engine

config.autoload_paths << root.join('lib').to_s

initializer :append_secrets do |app|
app.config.paths["config/secrets"] << root.join("config", "secrets.defaults.yml").to_s
app.config.paths["config/secrets"] << root.join("config", "secrets.yml").to_s
end


def self.vmdb_plugin?
true
end
Expand Down
4 changes: 2 additions & 2 deletions spec/factories/autosde_manager.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,8 @@
after(:create) do |ems, _|
ems.authentications << FactoryBot.create(
:authentication,
:userid => Rails.application.secrets.autosde[:site_manager_user],
:password => Rails.application.secrets.autosde[:site_manager_password]
:userid => Rails.application.credentials.autosde[:site_manager_user],
:password => Rails.application.credentials.autosde[:site_manager_password]
)
end
end
Expand Down
2 changes: 1 addition & 1 deletion spec/models/manageiq/providers/autosde/autosde_client_all_storage_models_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
#
let!(:client) do
ManageIQ::Providers::Autosde::StorageManager::AutosdeClient.new(
:host => Rails.application.secrets.autosde[:appliance_host],
:host => Rails.application.credentials.autosde[:appliance_host],
:username => 'autosde',
:password => 'change_me',
:scheme => 'https'
Expand Down
52 changes: 26 additions & 26 deletions spec/models/manageiq/providers/autosde/autosde_client_spec.rb
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
describe ManageIQ::Providers::Autosde::StorageManager::AutosdeClient do
it "logs in with right credentials" do
client = ManageIQ::Providers::Autosde::StorageManager::AutosdeClient.new(
:host => Rails.application.secrets.autosde[:appliance_host],
:host => Rails.application.credentials.autosde[:appliance_host],
#:scheme => 'http',
:username => Rails.application.secrets.autosde[:site_manager_user],
:password => Rails.application.secrets.autosde[:site_manager_password]
:username => Rails.application.credentials.autosde[:site_manager_user],
:password => Rails.application.credentials.autosde[:site_manager_password]
)

VCR.use_cassette("correct_login_spec", :record => :once) do
Expand All @@ -15,10 +15,10 @@

it "raises on login with wrong credentials" do
client = ManageIQ::Providers::Autosde::StorageManager::AutosdeClient.new(
:host => Rails.application.secrets.autosde[:appliance_host],
:host => Rails.application.credentials.autosde[:appliance_host],
#:scheme => 'http',
:username => 'wrong_user',
:password => Rails.application.secrets.autosde[:site_manager_password]
:password => Rails.application.credentials.autosde[:site_manager_password]
)

VCR.use_cassette("incorrect_login_spec", :record => :once) do
Expand All @@ -28,10 +28,10 @@

it "gets a list of storage systems -autosde gem v1" do
client = ManageIQ::Providers::Autosde::StorageManager::AutosdeClient.new(
:host => Rails.application.secrets.autosde[:appliance_host],
:host => Rails.application.credentials.autosde[:appliance_host],
# :scheme => 'http',
:username => Rails.application.secrets.autosde[:site_manager_user],
:password => Rails.application.secrets.autosde[:site_manager_password]
:username => Rails.application.credentials.autosde[:site_manager_user],
:password => Rails.application.credentials.autosde[:site_manager_password]
)

temp = {}
Expand All @@ -46,10 +46,10 @@

it "gets a list of storage systems -autosde gem v2" do
client = ManageIQ::Providers::Autosde::StorageManager::AutosdeClient.new(
:host => Rails.application.secrets.autosde[:appliance_host],
:host => Rails.application.credentials.autosde[:appliance_host],
# :scheme => 'http',
:username => Rails.application.secrets.autosde[:site_manager_user],
:password => Rails.application.secrets.autosde[:site_manager_password]
:username => Rails.application.credentials.autosde[:site_manager_user],
:password => Rails.application.credentials.autosde[:site_manager_password]
)

temp = {}
Expand All @@ -64,9 +64,9 @@

it "does not fail when token is bad (ie expired) and re-login -autosde gem v1" do
client = ManageIQ::Providers::Autosde::StorageManager::AutosdeClient.new(
:host => Rails.application.secrets.autosde[:appliance_host],
:username => Rails.application.secrets.autosde[:site_manager_user],
:password => Rails.application.secrets.autosde[:site_manager_password]
:host => Rails.application.credentials.autosde[:appliance_host],
:username => Rails.application.credentials.autosde[:site_manager_user],
:password => Rails.application.credentials.autosde[:site_manager_password]
)

temp = {}
Expand All @@ -83,10 +83,10 @@

it "does not fail when token is bad (ie expired) and re-login -autosde gem v2" do
client = ManageIQ::Providers::Autosde::StorageManager::AutosdeClient.new(
:host => Rails.application.secrets.autosde[:appliance_host],
:host => Rails.application.credentials.autosde[:appliance_host],
#:scheme => 'http',
:username => Rails.application.secrets.autosde[:site_manager_user],
:password => Rails.application.secrets.autosde[:site_manager_password]
:username => Rails.application.credentials.autosde[:site_manager_user],
:password => Rails.application.credentials.autosde[:site_manager_password]
)

temp = {}
Expand All @@ -103,15 +103,15 @@

it "proves clients stuffs are different" do
client1 = ManageIQ::Providers::Autosde::StorageManager::AutosdeClient.new(
:host => Rails.application.secrets.autosde[:appliance_host],
:username => Rails.application.secrets.autosde[:site_manager_user],
:password => Rails.application.secrets.autosde[:site_manager_password]
:host => Rails.application.credentials.autosde[:appliance_host],
:username => Rails.application.credentials.autosde[:site_manager_user],
:password => Rails.application.credentials.autosde[:site_manager_password]
)

client2 = ManageIQ::Providers::Autosde::StorageManager::AutosdeClient.new(
:host => Rails.application.secrets.autosde[:appliance_host],
:username => Rails.application.secrets.autosde[:site_manager_user],
:password => Rails.application.secrets.autosde[:site_manager_password]
:host => Rails.application.credentials.autosde[:appliance_host],
:username => Rails.application.credentials.autosde[:site_manager_user],
:password => Rails.application.credentials.autosde[:site_manager_password]
)

expect(client1.object_id).not_to(eq(client2.object_id))
Expand All @@ -120,9 +120,9 @@
end
it "works with object with arguments" do
client = ManageIQ::Providers::Autosde::StorageManager::AutosdeClient.new(
:host => Rails.application.secrets.autosde[:appliance_host],
:username => Rails.application.secrets.autosde[:site_manager_user],
:password => Rails.application.secrets.autosde[:site_manager_password]
:host => Rails.application.credentials.autosde[:appliance_host],
:username => Rails.application.credentials.autosde[:site_manager_user],
:password => Rails.application.credentials.autosde[:site_manager_password]
)

vol_to_create = client.VolumeCreate(:service => 's1', :name => 'vol_name', :size => 10)
Expand Down
2 changes: 1 addition & 1 deletion spec/models/manageiq/providers/autosde/storage_manager/refresher_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
let(:ems) do
FactoryBot.create(:autosde_storage_manager,
:with_autosde_credentials,
:hostname => Rails.application.secrets.autosde[:appliance_host])
:hostname => Rails.application.credentials.autosde[:appliance_host])
end

describe "#refresh" do
Expand Down
2 changes: 1 addition & 1 deletion spec/models/manageiq/providers/autosde/storage_manager/refresher_spec_v2.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
let(:ems) do
FactoryBot.create(:autosde_storage_manager,
:with_autosde_credentials,
:hostname => Rails.application.secrets.autosde[:appliance_host])
:hostname => Rails.application.credentials.autosde[:appliance_host])
end

describe "#refresh - autosde gem v2" do
Expand Down
4 changes: 2 additions & 2 deletions spec/models/manageiq/providers/autosde/storage_manager_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@

it "can get storage systems -autosde gem v1" do
# use special trait: with_autosde_credentials, to supply real credentials when first run
ems = FactoryBot.create(:autosde_storage_manager, :with_autosde_credentials, :hostname => Rails.application.secrets.autosde[:appliance_host])
ems = FactoryBot.create(:autosde_storage_manager, :with_autosde_credentials, :hostname => Rails.application.credentials.autosde[:appliance_host])

VCR.use_cassette("get_storage_systems_from_storage_manager_v1") do
systems = ems.autosde_client.StorageSystemApi.storage_systems_get
Expand All @@ -27,7 +27,7 @@

it "can get storage systems -autosde gem v2" do
# use special trait: with_autosde_credentials, to supply real credentials when first run
ems = FactoryBot.create(:autosde_storage_manager, :with_autosde_credentials, :hostname => Rails.application.secrets.autosde[:appliance_host])
ems = FactoryBot.create(:autosde_storage_manager, :with_autosde_credentials, :hostname => Rails.application.credentials.autosde[:appliance_host])

VCR.use_cassette("get_storage_systems_from_storage_manager_v2", :record => :once) do
systems = ems.autosde_client.StorageSystemApi.storage_systems_get
Expand Down
2 changes: 1 addition & 1 deletion spec/models/manageiq/providers/autosde/storage_service_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
FactoryBot.create(
:autosde_storage_manager,
:with_autosde_credentials,
:hostname => Rails.application.secrets.autosde[:appliance_host],
:hostname => Rails.application.credentials.autosde[:appliance_host],
:capabilities => {
:cap1 => [{'uuid' => "111", 'value' => "True"}, {'uuid' => "222", 'value' => "False"}],
:cap2 => [{'uuid' => "333", 'value' => "True"}, {'uuid' => "444", 'value' => "False"}],
Expand Down
12 changes: 6 additions & 6 deletions spec/models/manageiq/providers/autosde/wwpn_candidates_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
it "can get storage fc wwpn candidates -autosde gem v1" do
VCR.use_cassette("get_storage_systems_wwpn_candidates_v1", :record => :once) do
client = ManageIQ::Providers::Autosde::StorageManager::AutosdeClient.new(
:host => Rails.application.secrets.autosde[:appliance_host],
:username => Rails.application.secrets.autosde[:site_manager_user],
:password => Rails.application.secrets.autosde[:site_manager_password]
:host => Rails.application.credentials.autosde[:appliance_host],
:username => Rails.application.credentials.autosde[:site_manager_user],
:password => Rails.application.credentials.autosde[:site_manager_password]
)
result = client.StorageHostWWPNCandidatesApi.storage_hosts_wwpn_candidates_get
expect(result).to(be_an_instance_of(Array))
Expand All @@ -20,9 +20,9 @@
it "can get storage fc wwpn candidates -autosde gem v2" do
VCR.use_cassette("get_storage_systems_wwpn_candidates_v2", :record => :once) do
client = ManageIQ::Providers::Autosde::StorageManager::AutosdeClient.new(
:host => Rails.application.secrets.autosde[:appliance_host],
:username => Rails.application.secrets.autosde[:site_manager_user],
:password => Rails.application.secrets.autosde[:site_manager_password]
:host => Rails.application.credentials.autosde[:appliance_host],
:username => Rails.application.credentials.autosde[:site_manager_user],
:password => Rails.application.credentials.autosde[:site_manager_password]
)
result = client.StorageHostWWPNCandidatesApi.storage_hosts_wwpn_candidates_get
expect(result).to(be_an_instance_of(Array))
Expand Down
6 changes: 3 additions & 3 deletions spec/spec_helper.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,9 @@
config.default_cassette_options = {:record => :none, :allow_unused_http_interactions => true}
config.hook_into :webmock

Rails.application.secrets.autosde_defaults.keys.each do |secret|
config.define_cassette_placeholder(Rails.application.secrets.autosde_defaults[secret]) do
Rails.application.secrets.autosde[secret]
Rails.application.credentials.autosde_defaults.keys.each do |secret|
config.define_cassette_placeholder(Rails.application.credentials.autosde_defaults[secret]) do
Rails.application.credentials.autosde[secret]
end
end
end

0 comments on commit 733c49d

Please sign in to comment.