Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
.. image:: https://img.shields.io/pypi/v/pytest-testconfig.svg :target: https://pypi.org/project/pytest-testconfig :alt: PyPI version
.. image:: https://img.shields.io/pypi/pyversions/pytest-testconfig.svg :target: https://pypi.org/project/pytest-testconfig :alt: Python versions
.. image:: https://travis-ci.org/wojole/pytest-testconfig.svg?branch=master :target: https://travis-ci.org/wojole/pytest-testconfig :alt: See Build Status on Travis CI
Test configuration plugin for pytest.
Based on nose-testconfig by Jesse Noller. Rewritten for pytest by Wojciech Olejarz and Bartłomiej Skrobek.
This pytest
_ plugin was generated with Cookiecutter
_ along with @hackebrot
's cookiecutter-pytest-plugin
template.
pytest-testconfig is a plugin to the pytest test framework used for passing test-specific (or test-run specific) configuration data to the tests being executed.
Currently configuration files in the following formats should be supported:
PyYAML <http://pypi.python.org/pypi/PyYAML/>
_)ConfigParser <http://docs.python.org/lib/module-ConfigParser.html>
_)JSON <http://docs.python.org/library/json.html>
_)The plugin is meant
to be flexible, ergo the support of exec'ing arbitrary
python files as configuration files with no checks. The default format is
assumed to be ConfigParser ini-style format.
If multiple files are provided, the objects are merged. Later settings will override earlier ones.
The plugin provides a method of overriding certain parameters from the command line (assuming that the main "config" object is a dict) and can easily have additional parsers added to it.
A configuration file may not be provided. In this case, the config object is an emtpy dict. Any command line "overriding" paramters will be added to the dict.
requires pytest>=3.5.0
You can install "pytest-testconfig" via pip
_ from PyPI
_::
$ python3 -m pip install pytest-testconfig
Tests can import the "config" singleton from testconfig::
from pytest_testconfig import config
By default, YAML files parse into a nested dictionary, and ConfigParser ini files are also collapsed into a nested dictionary for foo[bar][baz] style access. Tests can obviously access configuration data by referencing the relevant dictionary keys::
from pytest_testconfig import config
def test_foo():
target_server_ip = config['servers']['webapp_ip']
Warning
: Given this is just a dictionary singleton, tests can easily write
into the configuration. This means that your tests can write into the config
space and possibly alter it. This also means that threaded access into the
configuration can be interesting.
When using pure python configuration - obviously the "sky is the the limit" - given that the configuration is loaded via an exec, you could potentially modify pytest, the plugin, etc. However, if you do not export a config{} dict as part of your python code, you obviously won't be able to import the config object from testconfig.
When using YAML-style configuration, you get a lot of the power of pure python without the danger of unprotected exec() - you can obviously use the pyaml python-specific objects and all of the other YAML creamy goodness.
Simple ConfigParser style::
[myapp_servers]
main_server = 10.1.1.1
secondary_server = 10.1.1.2
So your tests access the config options like this::
from pytest_testconfig import config
def test_foo():
main_server = config['myapp_servers']['main_server']
YAML style configuration:: myapp: servers: main_server: 10.1.1.1 secondary_server: 10.1.1.2
And your tests can access it thus::
from pytest_testconfig import config
def test_foo():
main_server = config['myapp']['servers']['main_server']
Python configuration file::
import socket
global config
config = {}
possible_main_servers = ['10.1.1.1', '10.1.1.2']
for srv in possible_main_servers:
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((srv, 80))
except:
continue
s.close()
config['main_server'] = srv
break
And lo, the config is thus::
from pytest_testconfig import config
def test_foo():
main_server = config['main_server']
If you need to put python code into your configuration, you either need to use the python-config file faculties, or you need to use the !!python tags within PyYAML/YAML - raw ini files no longer have any sort of eval magic.
After it is installed, the plugin adds the following command line flags to pytest::
--tc-file=TESTCONFIG Configuration file to parse and pass to tests
[PY_TEST_CONFIG_FILE]
If this is specified multiple times, all files
will be parsed. In all formats except python,
previous contents are preserved and the configs
are merged.
--tc-format=TESTCONFIGFORMAT Test config file format, default is
configparser ini format
[PY_TEST_CONFIG_FILE_FORMAT]
--tc=OVERRIDES Option:Value specific overrides.
--tc-exact Optional: Do not explode periods in override keys to
individual keys within the config dict, instead treat
them as config[my.toplevel.key] ala sqlalchemy.url in
pylons.
Contributions are very welcome. Tests can be run with tox
_, please ensure
the coverage at least stays the same before you submit a pull request.
Distributed under the terms of the Apache Software License 2.0
_ license, "pytest-testconfig" is free and open source software
If you encounter any problems, please file an issue
_ along with a detailed description.
.. _Cookiecutter
: https://github.com/audreyr/cookiecutter
.. _@hackebrot
: https://github.com/hackebrot
.. _MIT
: http://opensource.org/licenses/MIT
.. _BSD-3
: http://opensource.org/licenses/BSD-3-Clause
.. _GNU GPL v3.0
: http://www.gnu.org/licenses/gpl-3.0.txt
.. _Apache Software License 2.0
: http://www.apache.org/licenses/LICENSE-2.0
.. _cookiecutter-pytest-plugin
: https://github.com/pytest-dev/cookiecutter-pytest-plugin
.. _file an issue
: https://github.com/wojole/pytest-testconfig/issues
.. _pytest
: https://github.com/pytest-dev/pytest
.. _tox
: https://tox.readthedocs.io/en/latest/
.. _pip
: https://pypi.org/project/pip/
.. _PyPI
: https://pypi.org/project
FAQs
Test configuration plugin for pytest.
We found that pytest-testconfig demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.