Comments (6)
johananl
commented on July 18, 2024
Can get inspiration from https://github.com/hashicorp/terraform/blob/master/command/e2etest/primary_test.go.
At the moment, Clisso can only work in interactive mode. This isn't ideal for testing (because we have to use Expect-like functionality for e2e tests), and it also doesn't allow Clisso to easily be used in scripts.
A possible solution is to allow specifying all user input as CLI arguments, and prompting the user only when a required input is missing (similar to how Terraform behaves with variables). Off the top of my head, this includes only username, password and OTP. Things like selecting an MFA device from a list can simply be skipped in tests as long as we test tricky areas in unit tests.
from clisso.
commented on July 18, 2024
Side note on allowing password as a parameter: This will stored in shell history and poses a security thread. Currently if you have added the password to the system keychain, stored the username in the config file and only have one MFA device no input is needed on the shell. For testing we would need to additionally mock the Linux password storage and would be good to go.
from clisso.
lahavsavir
commented on July 18, 2024
I agree that Password as a parameter is something we should avoid.
Lahav
…--
*Kind Regards,*
[image: allcloud-signature-icon-3.png]
Lahav Savir
Founder, EVP and Chief Architect
AllCloud, Cloud Platforms
m: +972 (54) 4321688
w: www.allcloud.io e: [email protected]
Thoughts on our interaction? *Provide feedback here
<https://www.surveymonkey.com/r/[email protected]>*
On Fri, Jan 4, 2019 at 11:08 AM Jonathan ***@***.***> wrote:
Side note on allowing password as a parameter: This will stored in shell
history and poses a security thread. Currently if you have added the
password to the system keychain, stored the username in the config file and
only have one MFA device no input is needed on the shell. For testing we
would need to additionally mock the Linux password storage and would be
good to go.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#71 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AEFW6MCpZdEvVromWpSlpf9hKPMZC1woks5u_xoBgaJpZM4Wlqji>
.
--
This message and the information contained herein is proprietary and
confidential and subject to the AllCloud policy statement, you may review
it here <https://bit.ly/2Mu90e4>.
from clisso.
johananl
commented on July 18, 2024
Sure, having clear-text passwords in the history is definitely a bad idea. I'm not suggesting an actual design change, my main point is that we need tests. In the current state we have no confidence that we didn't break things when making a code change, and we've already had cases where we accidentally broke stuff when introducing something new. The codebase is starting to grow and we must have tests in place.
In addition, there is a lot of refactoring that I'd love to do, but I can't do that in confidence without tests covering the important areas.
from clisso.
lahavsavir
commented on July 18, 2024
Got it.
How do then suggest to have this feature? undocumented? or
--unsecure-password=xxx
Lahav
…--
*Kind Regards,*
[image: allcloud-signature-icon-3.png]
Lahav Savir
Founder, EVP and Chief Architect
AllCloud, Cloud Platforms
m: +972 (54) 4321688
w: www.allcloud.io e: [email protected]
Thoughts on our interaction? *Provide feedback here
<https://www.surveymonkey.com/r/[email protected]>*
On Fri, Jan 4, 2019 at 1:15 PM Johannes Liebermann ***@***.***> wrote:
Sure, having clear-text passwords in the history is definitely a bad idea.
I'm not suggesting an actual design change, my main point is that we need
tests. In the current state we have no confidence that we didn't break
things when making a code change. The codebase is starting to grow and we
must have tests in place.
In addition, there is a lot of refactoring that I'd love to do, but I
can't do that in confidence without tests covering the important areas.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#71 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AEFW6IJ6oGwbK1I2u_C-gB-kOBUZFqXhks5u_zfngaJpZM4Wlqji>
.
--
This message and the information contained herein is proprietary and
confidential and subject to the AllCloud policy statement, you may review
it here <https://bit.ly/2Mu90e4>.
from clisso.
johananl
commented on July 18, 2024
I'm not sure yet. My main goal is to make e2e tests possible for Clisso. Ideally, it should be possible to test a CLI tool by simply calling the binary with a fixed set of arguments and verify the output against a known file or so. We could go a different route and actually "type" things interactively like a user using goexpect for example, but this kind of testing is much more fragile.
I'll look into it a bit more and look at similar projects and how they've addressed the problem.
from clisso.
Related Issues (20)
- Rename release to 0.7.0 HOT 3
- Error should be handled first HOT 2
- Could not get temporary credentials: generating SAML assertion: doing HTTP request: 401 Unauthorized HOT 8
- Get a group of apps HOT 6
- Question: how to assign a default AWS region? HOT 1
- Error - Could not get temporary credentials: EOF HOT 3
- Could not get temporary credentials: generating SAML assertion: doing HTTP request: 404 Not Found HOT 2
- No way to specify pretty names for IAM roles HOT 2
- Abstract Regex patterns into their own functions
- Move Spinner code to function
- Reduce nested if statements
- Can't use brew install anymore HOT 2
- Clisso newer than 0.7 causes 500 errors in OneLogin HOT 4
- Issue with brew install HOT 1
- Support AWS Multi Account App - OneLogin HOT 1
- Add support for pre/post execution HOT 4
- Support Okta fastpass HOT 1
- Okta FastPass HOT 1
- Could not get temporary credentials: no valid AWS roles were returned HOT 3
- invalid memoy address when trying to connect HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from clisso.