search

getsops / sops

Simple and flexible tool for managing secrets
https://getsops.io/
Mozilla Public License 2.0
15.77k stars 842 forks source link

make fails in test TestLoadConfigFileWithVaultDestinationRules #620

Open nolash opened 4 years ago

nolash commented 4 years ago

Tried make with master (83a354e92fd5d0be1d5bdcfe7cf0b7f68f954ed9) and v3.5.0

$ make
GO15VENDOREXPERIMENT=1 GO111MODULE=on GOPROXY=https://proxy.golang.org go mod tidy
GO15VENDOREXPERIMENT=1 GO111MODULE=on GOPROXY=https://proxy.golang.org go mod vendor
gpg --import pgp/sops_functional_tests_key.asc 2>&1 1>/dev/null || exit 0
gpg: key 3D16CEE4A27381B4: "SOPS Functional Tests Key 1 (https://github.com/mozilla/sops/) <secops@mozilla.com>" not changed
gpg: key 3D16CEE4A27381B4: secret key imported
gpg: key D8720D957C3D3074: "SOPS Functional Tests Key 2 (https://github.com/mozilla/sops/) <secops@mozilla.com>" not changed
gpg: key D8720D957C3D3074: secret key imported
gpg: key 3D16CEE4A27381B4: "SOPS Functional Tests Key 1 (https://github.com/mozilla/sops/) <secops@mozilla.com>" not changed
gpg: key D8720D957C3D3074: "SOPS Functional Tests Key 2 (https://github.com/mozilla/sops/) <secops@mozilla.com>" not changed
gpg: key 19F9B5DAEA91FF86: "SOPS Functional Tests Key 3 (https://github.com/mozilla/sops/) <secops@mozilla.com>" not changed
gpg: Total number processed: 5
gpg:              unchanged: 5
gpg:       secret keys read: 2
gpg:  secret keys unchanged: 2
./test.sh
ok      go.mozilla.org/sops/v3  1.037s  coverage: 50.0% of statements
ok      go.mozilla.org/sops/v3/aes  1.263s  coverage: 76.9% of statements
?       go.mozilla.org/sops/v3/audit    [no test files]
ok      go.mozilla.org/sops/v3/azkv 1.008s  coverage: 25.5% of statements
?       go.mozilla.org/sops/v3/cmd/sops [no test files]
?       go.mozilla.org/sops/v3/cmd/sops/codes   [no test files]
?       go.mozilla.org/sops/v3/cmd/sops/common  [no test files]
ok      go.mozilla.org/sops/v3/cmd/sops/formats 1.006s  coverage: 100.0% of statements
?       go.mozilla.org/sops/v3/cmd/sops/subcommand/exec [no test files]
?       go.mozilla.org/sops/v3/cmd/sops/subcommand/groups   [no test files]
?       go.mozilla.org/sops/v3/cmd/sops/subcommand/keyservice   [no test files]
?       go.mozilla.org/sops/v3/cmd/sops/subcommand/publish  [no test files]
?       go.mozilla.org/sops/v3/cmd/sops/subcommand/updatekeys   [no test files]
--- FAIL: TestLoadConfigFileWithVaultDestinationRules (0.00s)
    config_test.go:326: 
            Error Trace:    config_test.go:326
            Error:          Not equal: 
                            expected: "http://127.0.0.1:8200/v1/secret/data/foobar/barfoo"
                            actual  : "https://127.0.0.1:8200/v1/secret/data/foobar/barfoo"

                            Diff:
                            --- Expected
                            +++ Actual
                            @@ -1 +1 @@
                            -http://127.0.0.1:8200/v1/secret/data/foobar/barfoo
                            +https://127.0.0.1:8200/v1/secret/data/foobar/barfoo
            Test:           TestLoadConfigFileWithVaultDestinationRules
    config_test.go:330: 
            Error Trace:    config_test.go:330
            Error:          Not equal: 
                            expected: "http://127.0.0.1:8200/v1/kv/barfoo/barfoo"
                            actual  : "https://127.0.0.1:8200/v1/kv/barfoo/barfoo"

                            Diff:
                            --- Expected
                            +++ Actual
                            @@ -1 +1 @@
                            -http://127.0.0.1:8200/v1/kv/barfoo/barfoo
                            +https://127.0.0.1:8200/v1/kv/barfoo/barfoo
            Test:           TestLoadConfigFileWithVaultDestinationRules
FAIL
coverage: 77.2% of statements
FAIL    go.mozilla.org/sops/v3/config   0.024s
FAIL
make: *** [Makefile:30: test] Error 1
autrilla commented 4 years ago

573 has more context.

nolash commented 4 years ago

Ok fine thanks, that part passes with:

VAULT_ADDR='http://127.0.0.1:8200' make

later I get:

running 23 tests
test tests::encrypt_json_file_kms ... ignored
test tests::decrypt_comments_unencrypted_comments ... ok
test tests::decrypt_comments ... ok
test tests::publish_json_file_s3 ... ignored
test tests::decrypt_file_no_mac ... ok
test tests::encrypt_comments_list ... ok
test tests::encrypt_json_file ... ok
test tests::roundtrip_kms_encryption_context ... ignored
test tests::encrypt_comments ... ok
test tests::encrypt_yaml_file ... ok
test tests::output_flag ... ok
test tests::extract_string ... ok
test tests::roundtrip_binary ... ok
test tests::set_yaml_file_insert ... ok
test tests::set_json_file_update ... ok
test tests::set_json_file_insert ... ok
test tests::test_decrypt_file_multiple_keys ... ok
test tests::roundtrip_shamir_missing_decryption_key ... ok
test tests::roundtrip_shamir ... ok
test tests::set_yaml_file_update ... ok
test tests::set_yaml_file_string ... ok
test tests::publish_json_file_vault ... FAILED
test tests::publish_json_file_vault_version_1 ... FAILED

failures:

---- tests::publish_json_file_vault stdout ----
thread 'tests::publish_json_file_vault' panicked at 'sops failed to publish a file to Vault', src/lib.rs:123:9
stack backtrace:
   0: <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt
   1: core::fmt::write
   2: std::io::Write::write_fmt
   3: std::io::impls::<impl std::io::Write for alloc::boxed::Box<W>>::write_fmt
   4: std::panicking::default_hook::{{closure}}
   5: std::panicking::default_hook
   6: std::panicking::rust_panic_with_hook
   7: std::panicking::begin_panic
             at /build/rust/src/rustc-1.40.0-src/src/libstd/panicking.rs:400
   8: functional_tests::tests::publish_json_file_vault
             at src/lib.rs:123
   9: functional_tests::tests::publish_json_file_vault::{{closure}}
             at src/lib.rs:108
  10: core::ops::function::FnOnce::call_once
             at /build/rust/src/rustc-1.40.0-src/src/libcore/ops/function.rs:227
  11: <alloc::boxed::Box<F> as core::ops::function::FnOnce<A>>::call_once
  12: __rust_maybe_catch_panic
  13: test::run_test::run_test_inner::{{closure}}
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.

---- tests::publish_json_file_vault_version_1 stdout ----
thread 'tests::publish_json_file_vault_version_1' panicked at 'sops failed to publish a file to Vault', src/lib.rs:152:9
stack backtrace:
   0: <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt
   1: core::fmt::write
   2: std::io::Write::write_fmt
   3: std::io::impls::<impl std::io::Write for alloc::boxed::Box<W>>::write_fmt
   4: std::panicking::default_hook::{{closure}}
   5: std::panicking::default_hook
   6: std::panicking::rust_panic_with_hook
   7: std::panicking::begin_panic
             at /build/rust/src/rustc-1.40.0-src/src/libstd/panicking.rs:400
   8: functional_tests::tests::publish_json_file_vault_version_1
             at src/lib.rs:152
   9: functional_tests::tests::publish_json_file_vault_version_1::{{closure}}
             at src/lib.rs:137
  10: core::ops::function::FnOnce::call_once
             at /build/rust/src/rustc-1.40.0-src/src/libcore/ops/function.rs:227
  11: <alloc::boxed::Box<F> as core::ops::function::FnOnce<A>>::call_once
  12: __rust_maybe_catch_panic
  13: test::run_test::run_test_inner::{{closure}}
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.

failures:
    tests::publish_json_file_vault
    tests::publish_json_file_vault_version_1

test result: FAILED. 18 passed; 2 failed; 3 ignored; 0 measured; 0 filtered out

error: test failed, to rerun pass '--lib'
make: *** [Makefile:43: functional-tests] Error 101

Doing export VAULT_ADDR='http://127.0.0.1:8200' first doesn't help

autrilla commented 4 years ago

There’s not enough information in those logs to debug unfortunately. I suggest looking at the test and trying to run sops manually as that test runs it to figure out why it’s failing.

On Sat, 1 Feb 2020 at 15:50, lash notifications@github.com wrote:

Ok fine thanks, that part passes with:

VAULT_ADDR='http://127.0.0.1:8200' make

later I get:

running 23 tests test tests::encrypt_json_file_kms ... ignored test tests::decrypt_comments_unencrypted_comments ... ok test tests::decrypt_comments ... ok test tests::publish_json_file_s3 ... ignored test tests::decrypt_file_no_mac ... ok test tests::encrypt_comments_list ... ok test tests::encrypt_json_file ... ok test tests::roundtrip_kms_encryption_context ... ignored test tests::encrypt_comments ... ok test tests::encrypt_yaml_file ... ok test tests::output_flag ... ok test tests::extract_string ... ok test tests::roundtrip_binary ... ok test tests::set_yaml_file_insert ... ok test tests::set_json_file_update ... ok test tests::set_json_file_insert ... ok test tests::test_decrypt_file_multiple_keys ... ok test tests::roundtrip_shamir_missing_decryption_key ... ok test tests::roundtrip_shamir ... ok test tests::set_yaml_file_update ... ok test tests::set_yaml_file_string ... ok test tests::publish_json_file_vault ... FAILED test tests::publish_json_file_vault_version_1 ... FAILED

failures:

---- tests::publish_json_file_vault stdout ---- thread 'tests::publish_json_file_vault' panicked at 'sops failed to publish a file to Vault', src/lib.rs:123:9 stack backtrace: 0: ::fmt 1: core::fmt::write 2: std::io::Write::write_fmt 3: std::io::impls::<impl std::io::Write for alloc::boxed::Box>::write_fmt 4: std::panicking::default_hook::{{closure}} 5: std::panicking::default_hook 6: std::panicking::rust_panic_with_hook 7: std::panicking::begin_panic at /build/rust/src/rustc-1.40.0-src/src/libstd/panicking.rs:400 8: functional_tests::tests::publish_json_file_vault at src/lib.rs:123 9: functional_tests::tests::publish_json_file_vault::{{closure}} at src/lib.rs:108 10: core::ops::function::FnOnce::call_once at /build/rust/src/rustc-1.40.0-src/src/libcore/ops/function.rs:227 11: <alloc::boxed::Box as core::ops::function::FnOnce>::call_once 12: __rust_maybe_catch_panic 13: test::run_test::run_test_inner::{{closure}} note: Some details are omitted, run with RUST_BACKTRACE=full for a verbose backtrace.

---- tests::publish_json_file_vault_version_1 stdout ---- thread 'tests::publish_json_file_vault_version_1' panicked at 'sops failed to publish a file to Vault', src/lib.rs:152:9 stack backtrace: 0: ::fmt 1: core::fmt::write 2: std::io::Write::write_fmt 3: std::io::impls::<impl std::io::Write for alloc::boxed::Box>::write_fmt 4: std::panicking::default_hook::{{closure}} 5: std::panicking::default_hook 6: std::panicking::rust_panic_with_hook 7: std::panicking::begin_panic at /build/rust/src/rustc-1.40.0-src/src/libstd/panicking.rs:400 8: functional_tests::tests::publish_json_file_vault_version_1 at src/lib.rs:152 9: functional_tests::tests::publish_json_file_vault_version_1::{{closure}} at src/lib.rs:137 10: core::ops::function::FnOnce::call_once at /build/rust/src/rustc-1.40.0-src/src/libcore/ops/function.rs:227 11: <alloc::boxed::Box as core::ops::function::FnOnce>::call_once 12: __rust_maybe_catch_panic 13: test::run_test::run_test_inner::{{closure}} note: Some details are omitted, run with RUST_BACKTRACE=full for a verbose backtrace.

failures: tests::publish_json_file_vault tests::publish_json_file_vault_version_1

test result: FAILED. 18 passed; 2 failed; 3 ignored; 0 measured; 0 filtered out

error: test failed, to rerun pass '--lib' make: *** [Makefile:43: functional-tests] Error 101

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/mozilla/sops/issues/620?email_source=notifications&email_token=AARH4V5BND45NEBDR6QFFSDRAWD3FA5CNFSM4KOTGX72YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEKQ6Z6Q#issuecomment-581037306, or unsubscribe https://github.com/notifications/unsubscribe-auth/AARH4V7M2NOJCQNWXNA35HTRAWD3FANCNFSM4KOTGX7Q .