Pytest mock hide expected password

Question

I am testing a function that gets a login and a password from the command line. The code below works as expected:

# ---------- Function part ----------
import getpass

def my_function():
    login = input('Login: ')
    password = getpass.getpass()

    # example to simulate connection to a identification server
    if login+password == 'foobar':
        return True
    else:
        return False

# ---------- Test part ----------
from unittest.mock import patch

@patch("getpass.getpass")
@patch("builtins.input")
def test_my_function(input, getpass):
    input.return_value = 'foo'
    getpass.return_value = 'bar'
    assert my_function()

Now I would like to hide the expected password (bar) so as to publish the tests to a public repository.

I have thought about coding the getpass input, but that would lead in a connection fail. And all the other solutions I can think of expose the password more or less clearly to anyone that can read the code.

Is there a solution to store the password so that it is usable by the connection function, and it is not readable to anyone that read the sources?

Read the passwords from file + don't version that file? – hoefling Mar 02 '18 at 09:19 — hoefling, Mar 02 '18 at 09:19

score 2 · Accepted Answer · edited Mar 02 '18 at 11:19

2

How about make it a shell environment?

When you want to run your test, use export PASSWORD=bar first.

In your code, read password from os.environ['PASSWORD'].

edited Mar 02 '18 at 11:19

Ignacio Vergara Kausel

5,521
4
31
41

answered Mar 02 '18 at 09:32

scriptboy

777
8
25

That's a simple and so evident answer! That perfectly fits my needs. Thx – Simpom Mar 02 '18 at 10:58
That's a common way to store some sensitive values like DB's password, tokens, etc. – scriptboy Mar 02 '18 at 13:21
This has the advantage of fitting well into DevOps pipelines. – sourcream Apr 18 '22 at 21:17

Pytest mock hide expected password

1 Answers1