1

I am new to Tavern API Testing and I am trying to pass a token as an env var (my api is written in nodejs). Here is my code

test_name: POST /logs
marks:
  - post_logs
stages:
  - name: post a log entry
    request:
      url: "{host:s}:{port:d}{base_path:s}/investigate/api/{version:s}/logs"
      method: POST
      headers:
        Authorization: "Basic {tavern.env_vars.TOKEN}"
        content-type: application/json
      params:
        body:
          log: blahblahblah
    response:
      status_code: 204

My problem is I do not know where to add my token in env_vars? is it a special .env tavern file I need to add?

Learner
  • 1,686
  • 4
  • 19
  • 38

1 Answers1

2

You need to define your token as an environment variable in the shell from which you run Tavern tests. There are many ways to define an environment variable. My examples use Bash syntax; you may need to look up the right syntax if you are using a different shell. For testing with a short-lived token, you can define an environment variable right on the same command line that runs the tests:

TOKEN="some_token_value" py.test

The problem with that approach is that the token value gets saved in your shell command history, which is not a good security practice. A better approach is to create a file to store confidential data like a long-lived authentication token. The file name does not matter, but a common choice is .env. The contents of the file should be:

export TOKEN="some_token_value"

If using Git, add .env to your .gitignore file so that credentials are never added to your repo. Source the .env file to set the environment variables prior to running tests:

source .env
py.test

Environment variables only last as long as the shell session, so you need to source the file every time you open a new shell (terminal window or SSH session).

Craig Finch
  • 978
  • 7
  • 21