I'm trying to keep usernames and passwords for a cucumber project out of version control.
Is there a way to manually pass variables on the command line like usernames and passwords to a cucumber script?
My backup plan was to put them in a YML file and add that file to the gitignore so they aren't put in version control.
So, I saw your comments with the Tin Man, and answer is Yes.
cucumber PASSWORD=my_password
PASSWORD is set as an environment variable and you can use its value by referring to it as ENV['PASSWORD']. For an example, browser.text_field(:id => 'pwd').set ENV['PASSWORD']
Another way is indirect.
What I did in past was to pass profile name and that profile will do something that I want. So, for example, I have a profile name as firefox and a firefox profile in cucumber.yml has a variable named BROWSER_TYPE with its value assigned to firefox. And this variable (BROWSER_TYPE) is used by my method that opens the browser. If its value is firefox, than this method opens firefox browser.
So, what I did here was -
Pass a profile. Name of the profile is firefox
firefox profile is defined in cucumber.yml. You can any thing with the profiles, but in this case, I define a variable named BROWSER_TYPE and assign its value as firefox.
Then I have a method that uses BROWSER_TYPE variable and uses its value to open browser.
Code for these steps -
cucumber -p firefox
My cucumber.yml file looks like
firefox: BROWSER_TYPE=firefox PLATFORM=beta
My method to open browser looks similar to -
#browser = Watir::Browser.new ENV['BROWSER_TYPE']
So, ideally you can create a profile that sets an environment variable with password, and pass that profile name to cucumber.
Two thoughts:
1) I've had the same concern, and I created some shell scripts (Mac an Unix) that store credentials in a directory off ~ that are encrypted with machine-specific passwords. I can then use "Given the credentials named blah" in my Cucumber scenarios and then use #username = testcred get #{credname} username #username = testcred get #{credname} password in my step definitions to make this work with no chance that my credentials are ever anyplace they could mistakenly get into a repo. See https://github.com/usethedata/credstore.git for where I've put this into github (early work)
2) Lastpass has a command line version that works. I've also played with sharing my test credentials with a LastPass account that's used for just test credentials. I've used the credstore stuff above to store the lastpass master password for that account (never for my real master password) and then used the lastpass command line to get the usernames and passwords. This has the advantage of when I change the credentials in Lastpass, they get updated automatically everywhere they're used
Related
I would like to make a bash script that will iterate over different user agent options, open Firefox with the selected user agent, wait for x seconds, and then close, and loop.
Is there a command-line option for firefox to specify the user agent?
There is no flag for this specific purpose, but you can create a set of Firefox profiles, where each profile will specify a particular user agent.
There is an about:config option general.useragent.override, which you can specify in the user.js file in the profile folder with a line like:
user_pref("general.useragent.override", "Mozilla/5.0 AppleWebKit/…")
You can then start Firefox with the -P flag, providing the name to the specific profile.
I have a Google Service Account that my app uses to retrieve data from Google Analytics.
When I created the account I downloaded a client_secrets file with all the necessary information for authorization via OAuth, and I recorded the path to this file in an environment variable called GOOGLE_APPLICATION_CREDENTIALS as per Google's documentation.
I can now get an authenticated client like this:
authorization = Google::Auth.get_application_default(scopes)
This method reads the credentials out of the file, which works locally, but my app is hosted on Heroku where file storage is impossible.
The documentation states that I can either provide this file (can’t), run my app on an official Google Service (won’t), or experience an error.
How can I authenticate my service account without the client_secrets file?
I found the answer in the source code of the google-auth-library-ruby gem.
It turns out that there is another option: take the values from the client_secrets file and put them in environment variables named GOOGLE_ACCOUNT_TYPE, GOOGLE_CLIENT_ID, GOOGLE_CLIENT_EMAIL and GOOGLE_PRIVATE_KEY respectively.
If these keys are populated, the credentials will load from there. Not a whisper of this in the docs, though.
Since this is one of the main results that returns when searching google for "google service credentials ruby," I thought I would add my very recent experience to the list of possible answers.
Though you can do the method mentioned in the first answer, I found an alternate solution that works well with Heroku. I know it has been somewhat mentioned in another post, but the key thing that was left out was how to properly store the full GOOGLE_APPLICATION_CREDENTIALS .json file so that it can all be kept within one env on Heroku and not have special characters blow up your app when tryin to
I detail my steps below:
Obtain your GOOGLE_APPLICATION_CREDENTIALS json file by following Google's instructions here: Getting Started with Authentication
That will, of course, contain a json object with all the spaces, line returns, and quotations that heroku simply doesn't need. So, strip out all spaces and line breaks...AND PAY ATTENTION HERE -> EXCEPT FOR THE LINE BREAKS WITHIN THE 'BEGIN PRIVATE KEY' SEGMENT. Basically turn the json into one long string. Use whatever method you feel comfortable with.
Once you have a single line json file with whitespace and line breaks removed, you will need to add it to Heroku by running the following command:
heroku config:set GOOGLE_APPLICATION_CREDENTIALS="$(< /Users/whoever/Downloads/[CREDENTIAL_JSON_FILENAME].json)" --app your-app
For my situation, I needed to have the service account available on initialization, so I placed this in an initializer in my rails app:
GOOGLE_SERVICE_ACCOUNT_CREDENTIALS=Google::Auth::ServiceAccountCredentials.make_creds(
json_key_io: StringIO.new(ENV['GOOGLE_APPLICATION_CREDENTIALS'])
)
Notice the StringIO.new() method. the #make_creds wants a file. So, fake it as such by using StringIO.new.
This method works perfectly.
If you need this to work differently on your local machine, you can always store the .json somewhere in the project and reference it through a file location string. Here is my full initializer:
require 'googleauth'
#https://www.rubydoc.info/github/google/google-auth-library-ruby/Google/Auth/ServiceAccountCredentials
if Rails.env == "test"
GOOGLE_SERVICE_ACCOUNT_CREDENTIALS =
Google::Auth::ServiceAccountCredentials.make_creds(
json_key_io: File.open('lib/google/google_application_credentials.json')
)
elsif Rails.env != "development"
GOOGLE_SERVICE_ACCOUNT_CREDENTIALS =
Google::Auth::ServiceAccountCredentials.make_creds(
json_key_io: StringIO.new(ENV['GOOGLE_APPLICATION_CREDENTIALS'])
)
end
If you are using a gem like dotenv you can store the formatted json string as an ENV or you can just reference the file location in the ENV
I hope this helps someone.
I found this
require "google/cloud/bigquery"
ENV["BIGQUERY_PROJECT"] = "my-project-id"
ENV["BIGQUERY_CREDENTIALS"] = "path/to/keyfile.json"
bigquery = Google::Cloud::Bigquery.new
more detail:
https://github.com/googleapis/google-cloud-ruby/blob/master/google-cloud-bigquery/AUTHENTICATION.md
I am developing a Ruby script designed for CLI which is based on a REST API. This API needs a token as credentials in order to recognize the user and allows him to retrieve his informations.
For now, this scripts asks the 30-length token in the console every time it is launched.
Now I'd like to store this token to avoid asking it every time the user wants to use the script. I don't know what the best way is, do I have to create a hidden file, containing the token, or ask the user to store it in an environment variable ?
I wanted to use the environment variable solution, but I don't know if it will work the same way for Windows or Linux.
Compose all approaches. Something like this:
def get_my_token()
if ENV["MY_TOKEN"]
return ENV["MY_TOKEN"]
end
token_path = File.expand_path("~/.my_token") # will be expanded to user's home (Documents or smth) in windows, check it yourself as I don't have running windows around here
if File.exists?(token_path)
return File.read(token_path).strip
end
# resort to asking user for token here
end
ENV should go first - so you'll be able to override your config if needed for some testing purpose. Also note that you can run your script as MY_TOKEN=xxxx ruby my_app.rb as well.
I saved a publish profile into an .xml along wit all the login info. But when i import this XML to another computer and try to publish, it'll say that my password is incorrect.
What can I do to have the password correctly saved into the publish profile and compatible with other computer?
My guess is that the program purposely obfuscates the passwords using the current PC's "salt" and generates a unique hash. Thus, preventing the passwords from being stolen via the profile publish function.
As mentioned by user1785999, you can save the password in plain text, just add the password element to your .pubxml file:
<UserName>YourName</UserName>
<Password>YourPassword</Password>
If you want the publishing profile to work across different computers, you need to save the password in plain text.
Just to add an additional answer, this may be version specific for .pubxml, but you can add these line to ensure visual studio save the password.
Make sure to use the ".\" prefix for a local account, and "domain\" prefix for an Active Directory account.
<UserName>.\PubUser1</UserName>
<UserPWD>Password1234</UserPWD>
<_SavePWD>True</_SavePWD>
My Firefox extension needs to replace/delete key3.db in the Firefox profile, is there a way to do that? I tried to nsIFile.copyTo() but the file is not overwritten, nsIFile.remove() but it returns NS_ERROR_FILE_IS_LOCKED.
No, replacing a file while it's being used isn't a good idea. Instead you should be using the XPCOM functionality meant to manipulate this file (meaning the master password). Something like this should work:
var pk11db = Components.classes["#mozilla.org/security/pk11tokendb;1"]
.getService(Components.interfaces.nsIPK11TokenDB);
var token = pk11db.getInternalKeyToken();
token.changePassword("", "foobar");
Using "" instead of "foobar" should remove the master password. However, I'm not entirely sure that changing the master password will work without querying the current password. Firefox Mobile can be used as a relatively simple code example.