Extract diffing to separate credentials:diff command

6db2c426 · Kasper Timm Hansen · b4112f45 · 6db2c426 · 6db2c426 · 6db2c426
3 changed file
--- a/railties/lib/rails/commands/credentials/credentials_command.rb
+++ b/railties/lib/rails/commands/credentials/credentials_command.rb
@@ -43,24 +43,27 @@ def edit
        say "Couldn't decrypt #{content_path}. Perhaps you passed the wrong key?"
      end

-      def show(git_textconv_path = nil)
-        if git_textconv_path
-          default_environment = extract_environment_from_path(git_textconv_path)
-          fallback_message = File.read(git_textconv_path)
-        end
+      def show
+        extract_environment_option_from_argument(default_environment: nil)
+        require_application!

-        extract_environment_option_from_argument(default_environment: default_environment)
+        say credentials.read.presence || missing_credentials_message
+      end
+
+      def diff(content_path)
+        @content_path = content_path
+
+        extract_environment_option_from_argument(default_environment: extract_environment_from_path(content_path))
        require_application!

-        say credentials(git_textconv_path).read.presence || fallback_message || missing_credentials_message
-      rescue => e
-        raise(e) unless git_textconv_path
-        fallback_message
+        say credentials.read.presence || credentials.content_path.read
+      rescue
+        say credentials.content_path.read
      end

      private
-        def credentials(content = nil)
-          Rails.application.encrypted(content || content_path, key_path: key_path)
+        def credentials
+          Rails.application.encrypted(content_path, key_path: key_path)
        end

        def ensure_encryption_key_has_been_added
@@ -90,8 +93,9 @@ def missing_credentials_message
          end
        end

+
        def content_path
-          options[:environment] ? "config/credentials/#{options[:environment]}.yml.enc" : "config/credentials.yml.enc"
+          @content_path ||= options[:environment] ? "config/credentials/#{options[:environment]}.yml.enc" : "config/credentials.yml.enc"
        end

        def key_path
@@ -99,15 +103,7 @@ def key_path
        end

        def extract_environment_from_path(path)
-          regex = %r{
-            ([A-Za-z0-9]+)     # match the environment
-            (?<!credentials)   # don't match if file contains the word "credentials"
-                               # in such case, the environment should be the default one
-            \.yml\.enc         # look for `.yml.enc` file extension
-          }x
-          path.match(regex)
-
-          Regexp.last_match(1)
+          available_environments.find { |env| path.include? env } if path.match?(/\.yml\.enc$/)
        end

        def encryption_key_file_generator

--- a/railties/lib/rails/commands/credentials/credentials_command/diffing.rb
+++ b/railties/lib/rails/commands/credentials/credentials_command/diffing.rb
@@ -24,7 +24,7 @@ def enabled?
    end

    def enable
-      system_call("git config diff.rails_credentials.textconv 'bin/rails credentials:show'", accepted_codes: [0])
+      system_call("git config diff.rails_credentials.textconv 'bin/rails credentials:diff'", accepted_codes: [0])

      git_attributes = Rails.root.join(".gitattributes")
      File.open(git_attributes, "a+") do |file|

--- a/railties/test/commands/credentials_test.rb
+++ b/railties/test/commands/credentials_test.rb
@@ -10,9 +10,8 @@
 class Rails::Command::CredentialsCommandTest < ActiveSupport::TestCase
  include ActiveSupport::Testing::Isolation, EnvHelpers

-  setup { build_app }
-
-  teardown { teardown_app }
+  setup :build_app
+  teardown :teardown_app

  test "edit without editor gives hint" do
    run_edit_command(editor: "").tap do |output|
@@ -125,7 +124,7 @@ class Rails::Command::CredentialsCommandTest < ActiveSupport::TestCase
    assert(File.exist?(git_attributes))
    assert_equal(expected, File.read(git_attributes))
    Dir.chdir(app_path) do
-      assert_equal("bin/rails credentials:show\n", `git config --get 'diff.rails_credentials.textconv'`)
+      assert_equal "bin/rails credentials:diff", `git config --get 'diff.rails_credentials.textconv'`.strip
    end
  ensure
    file.close!
@@ -148,47 +147,41 @@ class Rails::Command::CredentialsCommandTest < ActiveSupport::TestCase
    assert_match(/access_key_id: 123/, run_show_command)
  end

-  test "show command when argument is provided (from git diff left file)" do
+  test "diff from git diff left file" do
    run_edit_command(environment: "development")

-    assert_match(/access_key_id: 123/, run_show_command("config/credentials/development.yml.enc"))
+    assert_match(/access_key_id: 123/, run_diff_command("config/credentials/development.yml.enc"))
  end

-  test "show command when argument is provided (from git diff right file)" do
+  test "diff from git diff right file" do
    run_edit_command(environment: "development")

-    dir = Dir.mktmpdir
-    file_path = File.join(dir, "KnAM4a_development.yml.enc")
-    file_content = File.read(app_path("config", "credentials", "development.yml.enc"))
-    File.write(file_path, file_content)
+    content_path = app_path("config", "credentials", "KnAM4a_development.yml.enc")
+    File.write(content_path,
+      File.read(app_path("config", "credentials", "development.yml.enc")))

-    assert_match(/access_key_id: 123/, run_show_command(file_path))
-  ensure
-    FileUtils.rm_rf(dir)
+    assert_match(/access_key_id: 123/, run_diff_command(content_path))
  end

-  test "show command when argument is provided (git diff) and filename is the master credentials" do
-    assert_match(/access_key_id: 123/, run_show_command("config/credentials.yml.enc"))
+  test "diff for main credentials" do
+    assert_match(/access_key_id: 123/, run_diff_command("config/credentials.yml.enc"))
  end

-  test "show command when argument is provided (git diff) and master key is not available" do
+  test "diff when master key is not available" do
    remove_file "config/master.key"

    raw_content = File.read(app_path("config", "credentials.yml.enc"))
-    assert_match(raw_content, run_show_command("config/credentials.yml.enc"))
+    assert_match(raw_content, run_diff_command("config/credentials.yml.enc"))
  end

-  test "show command when argument is provided (git diff) return the raw encrypted content in an error occurs" do
+  test "diff returns raw encrypted content when errors occur" do
    run_edit_command(environment: "development")

-    dir = Dir.mktmpdir
-    file_path = File.join(dir, "20190807development.yml.enc")
-    file_content = File.read(app_path("config", "credentials", "development.yml.enc"))
-    File.write(file_path, file_content)
+    content_path = app_path("20190807development.yml.enc")
+    encrypted_content = File.read(app_path("config", "credentials", "development.yml.enc"))
+    File.write(content_path, encrypted_content + "ruin decryption")

-    assert_match(file_content, run_show_command(file_path))
-  ensure
-    FileUtils.rm_rf(dir)
+    assert_match(encrypted_content, run_diff_command(content_path))
  end

  test "show command raises error when require_master_key is specified and key does not exist" do
@@ -227,9 +220,12 @@ def run_edit_command(editor: "cat", environment: nil, **options)
      end
    end

-    def run_show_command(path = nil, environment: nil, **options)
+    def run_show_command(environment: nil, **options)
      args = environment ? ["--environment", environment] : []
-      args.unshift(path)
      rails "credentials:show", args, **options
    end
+
+    def run_diff_command(path, **options)
+      rails "credentials:diff", path, **options
+    end
 end