From 8ceb1268d5305a220a5a85fa6d9334798866f1c4 Mon Sep 17 00:00:00 2001
From: ptiurin <petro.tiurin@firebolt.io>
Date: Fri, 25 Aug 2023 17:10:46 +0100
Subject: [PATCH] test: Safe printing of secrets

---
 tests/integration/conftest.py | 27 +++++++++++++++++++++++----
 1 file changed, 23 insertions(+), 4 deletions(-)

diff --git a/tests/integration/conftest.py b/tests/integration/conftest.py
index de382b8c3ac..363dd5d1ffe 100644
--- a/tests/integration/conftest.py
+++ b/tests/integration/conftest.py
@@ -16,6 +16,25 @@
 SERVICE_SECRET_ENV = "SERVICE_SECRET"
 
 
+class Secret:
+    """
+    Class to hold sensitive data in testing. This prevents passwords
+    and such to be printed in logs or any other reports.
+    More info: https://github.com/pytest-dev/pytest/issues/8613
+    NOTE: be careful, assert Secret("") == "" would still print
+    on failure
+    """
+
+    def __init__(self, value):
+        self.value = value
+
+    def __repr__(self):
+        return "Secret(********)"
+
+    def __str___(self):
+        return "*******"
+
+
 def must_env(var_name: str) -> str:
     assert var_name in environ, f"Expected {var_name} to be provided in environment"
     LOGGER.info(f"{var_name}: {environ[var_name]}")
@@ -53,10 +72,10 @@ def service_id() -> str:
 
 
 @fixture(scope="session")
-def service_secret() -> str:
-    return must_env(SERVICE_SECRET_ENV)
+def service_secret() -> Secret:
+    return Secret(must_env(SERVICE_SECRET_ENV))
 
 
 @fixture(scope="session")
-def auth(service_id, service_secret) -> ClientCredentials:
-    return ClientCredentials(service_id, service_secret)
+def auth(service_id: str, service_secret: Secret) -> ClientCredentials:
+    return ClientCredentials(service_id, service_secret.value)