5

I'm trying to keep usernames and passwords for a cucumber project out of version control.

Is there a way to manually pass variables on the command line like usernames and passwords to a cucumber script?

My backup plan was to put them in a YML file and add that file to the gitignore so they aren't put in version control.

Chad Brewbaker
  • 2,523
  • 2
  • 19
  • 26
  • 2
    Don't put passwords on the command-line. It's easy to sniff them from the process list, which will defeat your purpose. Follow your idea of using your .gitignore file to prevent them from being stored then make sure your machine, and the file, is secure. – the Tin Man Apr 03 '14 at 18:54
  • 1
    Yeah, I think I am going to just do the .gitignore, but still it would be nice to know if you can pass command line variables to cucumber. – Chad Brewbaker Apr 03 '14 at 19:07

2 Answers2

12

So, I saw your comments with the Tin Man, and answer is Yes. 

cucumber PASSWORD=my_password

PASSWORD is set as an environment variable and you can use its value by referring to it as ENV['PASSWORD']. For an example, browser.text_field(:id => 'pwd').set ENV['PASSWORD']

Another way is indirect. What I did in past was to pass profile name and that profile will do something that I want. So, for example, I have a profile name as firefox and a firefox profile in cucumber.yml has a variable named BROWSER_TYPE with its value assigned to firefox. And this variable (BROWSER_TYPE) is used by my method that opens the browser. If its value is firefox, than this method opens firefox browser.

So, what I did here was -

  1. Pass a profile. Name of the profile is firefox
  2. firefox profile is defined in cucumber.yml. You can any thing with the profiles, but in this case, I define a variable named BROWSER_TYPE and assign its value as firefox.
  3. Then I have a method that uses BROWSER_TYPE variable and uses its value to open browser.

Code for these steps -

  1. cucumber -p firefox

  2. My cucumber.yml file looks like firefox: BROWSER_TYPE=firefox PLATFORM=beta

  3. My method to open browser looks similar to -

    @browser = Watir::Browser.new ENV['BROWSER_TYPE']

So, ideally you can create a profile that sets an environment variable with password, and pass that profile name to cucumber.

davnicwil
  • 28,487
  • 16
  • 107
  • 123
Parva Thakkar
  • 637
  • 1
  • 8
  • 25
  • No matter what you do, you're still embedding the password in a file. The OP wants a way to keep that file convenient to his code, without it being committed to his code-repository. Obscuring where the password is hidden would only slow, not stop, someone from finding it. You can't hide them, you have to protect/secure them. In addition, putting the environment assignment on the command-line the way you show still results in a visible password, so don't do that. The assignment precedes the command, it doesn't trail it. – the Tin Man Apr 03 '14 at 20:15
  • 1
    Other uses for command line like telling it which browser to test with and not having to dig I to a file. – Chad Brewbaker Apr 03 '14 at 20:34
  • 1
    I agree, the Tin Man. I won't recommend this solution. I read thru' your comments and Chad's reply to it. So, this is just in a spirit of providing solution.. and I think Chad understands it as well. His comments say that he is going to go with .gitignore. – Parva Thakkar Apr 03 '14 at 20:38
0

Two thoughts:

1) I've had the same concern, and I created some shell scripts (Mac an Unix) that store credentials in a directory off ~ that are encrypted with machine-specific passwords. I can then use "Given the credentials named blah" in my Cucumber scenarios and then use @username = testcred get #{credname} username @username = testcred get #{credname} password in my step definitions to make this work with no chance that my credentials are ever anyplace they could mistakenly get into a repo. See https://github.com/usethedata/credstore.git for where I've put this into github (early work)

2) Lastpass has a command line version that works. I've also played with sharing my test credentials with a LastPass account that's used for just test credentials. I've used the credstore stuff above to store the lastpass master password for that account (never for my real master password) and then used the lastpass command line to get the usernames and passwords. This has the advantage of when I change the credentials in Lastpass, they get updated automatically everywhere they're used

UseTheData
  • 1