7000pctAUTO/env-guard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Files
42612788d3c9c583fd649d26813fc94f05e1bb0f
env-guard/tests/secrets_test.rs
CI Bot fc90e05ebb
Some checks failed
CI / test (push) Failing after 9s
Details
CI / binary (push) Has been skipped
Details
CI / release (push) Has been skipped
Details
Initial commit: env-guard CLI tool with CI/CD
2026-02-06 10:01:25 +00:00

113 lines
3.3 KiB
Rust
Raw Blame History

#[cfg(test)]
mod secrets_tests {
use env_guard::secrets::{
scan_file, redact_secret, format_secret_match,
get_builtin_patterns, SecretSeverity
};
use std::fs;
#[test]
fn test_redact_secret_short() {
assert_eq!(redact_secret("abc"), "***");
}
#[test]
fn test_redact_secret_long() {
let result = redact_secret("my-secret-api-key-12345");
assert!(result.starts_with("my-s"));
assert!(result.contains('*'));
assert!(result.len() < 30);
}
#[test]
fn test_redact_secret_exact_8_chars() {
let result = redact_secret("12345678");
assert_eq!(result, "********");
}
#[test]
fn test_get_builtin_patterns() {
let patterns = get_builtin_patterns();
assert!(!patterns.is_empty());
let has_aws = patterns.iter().any(|p| p.name.contains("AWS"));
let has_github = patterns.iter().any(|p| p.name.contains("GitHub"));
let has_jwt = patterns.iter().any(|p| p.name.contains("JWT"));
assert!(has_aws);
assert!(has_github);
assert!(has_jwt);
}
#[test]
fn test_scan_file_with_secrets() {
let content = r#"
const apiKey = "sk-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
const password = "super_secret_password";
const awsKey = "AKIAIOSFODNN7EXAMPLE";
"#;
let test_file = "test_secrets_temp.txt";
fs::write(test_file, content).unwrap();
let matches = scan_file(test_file, false).unwrap();
assert!(!matches.is_empty());
let has_api_key = matches.iter().any(|m| m.secret_type.contains("API") || m.secret_type.contains("OpenAI"));
assert!(has_api_key);
fs::remove_file(test_file).ok();
}
#[test]
fn test_scan_file_without_secrets() {
let content = r#"
const apiUrl = "https://api.example.com";
const port = 3000;
const debug = true;
"#;
let test_file = "test_no_secrets_temp.txt";
fs::write(test_file, content).unwrap();
let matches = scan_file(test_file, false).unwrap();
assert!(matches.is_empty());
fs::remove_file(test_file).ok();
}
#[test]
fn test_secret_severity_levels() {
assert_eq!(SecretSeverity::Critical.as_str(), "CRITICAL");
assert_eq!(SecretSeverity::High.as_str(), "HIGH");
assert_eq!(SecretSeverity::Medium.as_str(), "MEDIUM");
assert_eq!(SecretSeverity::Low.as_str(), "LOW");
}
#[test]
fn test_github_token_pattern() {
let content = r#"const token = "ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";"#;
let test_file = "test_github_temp.txt";
fs::write(test_file, content).unwrap();
let matches = scan_file(test_file, false).unwrap();
let has_github = matches.iter().any(|m| m.secret_type.contains("GitHub"));
assert!(has_github);
fs::remove_file(test_file).ok();
}
#[test]
fn test_jwt_pattern() {
let content = r#"const jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0.dozjgNryP4J3jVmNHl0w5N_XgL0n3I9PlFUP0THsR8U";"#;
let test_file = "test_jwt_temp.txt";
fs::write(test_file, content).unwrap();
let matches = scan_file(test_file, false).unwrap();
let has_jwt = matches.iter().any(|m| m.secret_type.contains("JWT"));
assert!(has_jwt);
fs::remove_file(test_file).ok();
}
}
Reference in New Issue View Git Blame Copy Permalink