Vault And Environment Variables - TestlumFramework/Testlum GitHub Wiki
π Using Vault and System Variables in Configurations
In many cases, your test configuration will require the use of sensitive data such as tokens, passwords, or environment-specific values. To ensure flexibility and security, Testlum supports the usage of both Vault-stored secrets and system environment variables directly in your XML configuration files.
This page will guide you through:
- β Referencing system environment variables dynamically
- π Injecting secrets securely from Vault
- π‘ Best practices for managing dynamic and sensitive values
These features allow you to:
- Avoid hardcoding credentials and environment-specific values
- Manage different test environments (e.g., staging, production) with ease
- Securely handle API keys, DB credentials, and tokens
Letβs explore how to integrate these powerful tools in your setup! π
It is a command, for interaction with the Vault service, and creation of variables for configurations. It offers features for secret storage, dynamic secret generation, authentication.
<vault> <host>HOST</host> <port>PORT</port> <scheme>SCHEME</scheme> <token>TOKEN</token> </vault>
π§Ύ Properties
| Property | Type | Required | Description |
|---|---|---|---|
| host | String | true | Host for vault URL |
| port | String | true | Port for vault URL |
| scheme | String | true | Scheme for vault URL (For example - http, https) |
| token | String | true | Token for vault account |
After proper set up you can use secrets from vault in
integration.xmlandui.xmlto any field with the format - {{path_to_vault_variable}}.Example with Vault secrets:
<rabbitmqIntegration> <rabbitmq alias="ALIAS" enabled="true" truncate="true"> <host>{{secret/data/rabbit/host.host}}</host> <port>{{secret/data/rabbit/port.port}}</port> <username>{{secret/data/rabbit/user.username}}</username> <password>{{secret/data/rabbit/password.password}}</password> </rabbitmq> </rabbitmqIntegration>
It is also possible to write a variable in the config from personal computer, in ui and integration files to any field with the format - ${PC_variable_name}.
Example:
<rabbitmqIntegration> <rabbitmq alias="ALIAS" enabled="true" truncate="true"> <host>${rabbit_host}</host> <port>${rabbit_port}</port> <username>${rabbit_username}</username> <password>${rabbit_password}</password> </rabbitmq> </rabbitmqIntegration>
β οΈ WarningRestart requirement
If these are new variables then restart your development environment tool before running the tests (because the development environment tool needs to get new up-to-date data from PC variables).