upstream/packer
1
0
Fork 0
mirror of https://github.com/hashicorp/packer.git synced 2026-05-19 08:25:21 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
packer/command/build_sensitive_multiline_test.go

46 lines
1.3 KiB
Go
Raw Permalink Blame History

// Copyright IBM Corp. 2013, 2025
// SPDX-License-Identifier: BUSL-1.1
package command
import (
"path/filepath"
"runtime"
"strings"
"testing"
)
func TestBuildScrubsSensitiveMultilineShellLocalOutput(t *testing.T) {
templatePath := filepath.Join(testFixture("repro-sensitive-multiline"), testBuildSensitiveMultilineShellLocalFixture(runtime.GOOS))
c := &BuildCommand{
Meta: TestMetaFile(t),
}
if exitCode := c.Run([]string{templatePath}); exitCode != 0 {
out, stderr := GetStdoutAndErrFromTestMeta(t, c.Meta)
t.Fatalf("build failed with exit code %d\nstdout: %q\nstderr: %q", exitCode, out, stderr)
}
out, stderr := GetStdoutAndErrFromTestMeta(t, c.Meta)
output := out + "\n" + stderr
secret := "line-one-secret\nline-two-secret\nline-three-secret"
if strings.Contains(output, secret) {
t.Fatalf("multiline sensitive value leaked to build output: %q", output)
}
if strings.Contains(output, "line-one-secret") {
t.Fatalf("sensitive line leaked to build output: %q", output)
}
if !strings.Contains(output, "<sensitive>") {
t.Fatalf("expected scrubbed output, got: %q", output)
}
}
func testBuildSensitiveMultilineShellLocalFixture(goos string) string {
if goos == "windows" {
return "multi-pwd.windows.pkr.hcl"
}
return "multi-pwd.unix.pkr.hcl"
}
Reference in a new issue View git blame Copy permalink