104 lines
3.5 KiB
TypeScript
104 lines
3.5 KiB
TypeScript
import { describe, it, expect } from "vitest";
|
|
import type { EnvironmentVariable } from "../app/v3/environmentVariables/repository";
|
|
import {
|
|
isBlacklistedVariable,
|
|
isReservedForExternalSync,
|
|
removeBlacklistedVariables,
|
|
} from "~/v3/environmentVariableRules.server";
|
|
|
|
describe("removeBlacklistedVariables", () => {
|
|
it("should remove exact match blacklisted variables", () => {
|
|
const variables: EnvironmentVariable[] = [
|
|
{ key: "TRIGGER_SECRET_KEY", value: "secret123" },
|
|
{ key: "TRIGGER_API_URL", value: "https://api.example.com" },
|
|
{ key: "NORMAL_VAR", value: "normal" },
|
|
];
|
|
|
|
const result = removeBlacklistedVariables(variables);
|
|
|
|
expect(result).toEqual([{ key: "NORMAL_VAR", value: "normal" }]);
|
|
});
|
|
|
|
it("should handle empty input array", () => {
|
|
const variables: EnvironmentVariable[] = [];
|
|
|
|
const result = removeBlacklistedVariables(variables);
|
|
|
|
expect(result).toEqual([]);
|
|
});
|
|
|
|
it("should handle mixed case variables", () => {
|
|
const variables: EnvironmentVariable[] = [
|
|
{ key: "trigger_secret_key", value: "secret123" }, // Different case
|
|
{ key: "NORMAL_VAR", value: "normal" },
|
|
];
|
|
|
|
const result = removeBlacklistedVariables(variables);
|
|
|
|
// Should keep only the whitelisted OTEL_LOG_LEVEL and NORMAL_VAR
|
|
// Note: The function is case-sensitive, so different case variables should pass through
|
|
expect(result).toEqual([
|
|
{ key: "trigger_secret_key", value: "secret123" },
|
|
{ key: "NORMAL_VAR", value: "normal" },
|
|
]);
|
|
});
|
|
|
|
it("should handle variables with empty values", () => {
|
|
const variables: EnvironmentVariable[] = [
|
|
{ key: "TRIGGER_SECRET_KEY", value: "" },
|
|
{ key: "NORMAL_VAR", value: "" },
|
|
];
|
|
|
|
const result = removeBlacklistedVariables(variables);
|
|
|
|
expect(result).toEqual([{ key: "NORMAL_VAR", value: "" }]);
|
|
});
|
|
|
|
it("should handle all types of rules in a single array", () => {
|
|
const variables: EnvironmentVariable[] = [
|
|
// Exact matches (should be removed)
|
|
{ key: "TRIGGER_SECRET_KEY", value: "secret123" },
|
|
{ key: "TRIGGER_API_URL", value: "https://api.example.com" },
|
|
// Normal variables (should be kept)
|
|
{ key: "NORMAL_VAR", value: "normal" },
|
|
{ key: "DATABASE_URL", value: "postgres://..." },
|
|
];
|
|
|
|
const result = removeBlacklistedVariables(variables);
|
|
|
|
expect(result).toEqual([
|
|
{ key: "NORMAL_VAR", value: "normal" },
|
|
{ key: "DATABASE_URL", value: "postgres://..." },
|
|
]);
|
|
});
|
|
});
|
|
|
|
describe("isBlacklistedVariable", () => {
|
|
it("blacklists the platform-managed keys", () => {
|
|
expect(isBlacklistedVariable("TRIGGER_SECRET_KEY")).toBe(true);
|
|
expect(isBlacklistedVariable("TRIGGER_API_URL")).toBe(true);
|
|
});
|
|
|
|
it("allows ordinary user keys", () => {
|
|
expect(isBlacklistedVariable("DATABASE_URL")).toBe(false);
|
|
expect(isBlacklistedVariable("MY_API_KEY")).toBe(false);
|
|
});
|
|
});
|
|
|
|
describe("isReservedForExternalSync", () => {
|
|
it("reserves every key the repository would reject", () => {
|
|
expect(isReservedForExternalSync("TRIGGER_SECRET_KEY")).toBe(true);
|
|
expect(isReservedForExternalSync("TRIGGER_API_URL")).toBe(true);
|
|
});
|
|
|
|
it("reserves deploy-managed keys that are not blacklisted", () => {
|
|
expect(isReservedForExternalSync("TRIGGER_VERSION")).toBe(true);
|
|
expect(isReservedForExternalSync("TRIGGER_PREVIEW_BRANCH")).toBe(true);
|
|
});
|
|
|
|
it("does not reserve ordinary user keys", () => {
|
|
expect(isReservedForExternalSync("DATABASE_URL")).toBe(false);
|
|
expect(isReservedForExternalSync("MY_API_KEY")).toBe(false);
|
|
});
|
|
});
|