[OT] Testing and credentials best practices?

Discussion in 'Python' started by Miki Tebeka, Apr 20, 2014.

  1. Miki Tebeka

    Miki Tebeka Guest

    Greetings,

    How do you deal with tests (both on dev machine and Jenkins) that need credentials (such as AWS keys)?. I know of the following methods:

    1. Test user with known (stored in source control) limited credentials
    2. ~/.secrets (or any other known location) RC file which is not in source control
    3. Credentials service (such as ZooKeeper) accessed only from VPN
    4. Credentials pre user encrypted (gpg) and stored in source control

    What method are you using? Are there any best practices in the subject?

    Thanks,
     
    Miki Tebeka, Apr 20, 2014
    #1
    1. Advertisements

  2. I've done several of these. Another option that may work in some
    contexts is to mock the test altogether; have a server that simulates
    whatever you needed credentials for, and accepts a key of all zeroes
    or equivalent. Obviously that key can happily go into the source code
    :)

    ChrisA
     
    Chris Angelico, Apr 20, 2014
    #2
    1. Advertisements

  3. Miki Tebeka

    Roy Smith Guest

    We've been looking at using etcd to store credentials (essentially the
    same solution as zookeeper). It seems like the right way to go.

    So far, my impression of etcd is "neat, promising, not ready for prime
    time yet" (to be fair, the etcd folks don't claim it's stable yet).
    ZooKeeper at least has the advantage of being in production use for a
    long time, so it should be pretty bullet-proof.
     
    Roy Smith, Apr 20, 2014
    #3
  4. Miki Tebeka

    Miki Tebeka Guest

    How do you deal with tests (both on dev machine and Jenkins) that need credentials (such as AWS keys)?.
    Thanks, but mocking is last resort for me, it reduces the value of testing greatly and has the burden of catching up with the mocked service.
     
    Miki Tebeka, Apr 21, 2014
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.