bu5hm4nn/vault-dash
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test: force Turnstile test mode in CI
Some checks failed
CI / lint (push) Successful in 9s
Details
CI / type-check (push) Successful in 16s
Details
CI / test (push) Failing after 2m7s
Details

Browse Source
This commit is contained in:
Bu5hm4nn
2026-04-08 16:47:37 +02:00
parent 52f883fa8f
commit eb262189cf
3 changed files with 30 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitea/workflows/ci.yaml
View File

@@ -56,6 +56,8 @@ jobs:
runs-on: [linux, docker] runs-on: [linux, docker]
container: container:
image: mcr.microsoft.com/playwright:v1.58.0-noble image: mcr.microsoft.com/playwright:v1.58.0-noble
env:
APP_ENV: test
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Set up Python - name: Set up Python

15
app/services/turnstile.py
View File

@@ -33,8 +33,19 @@ def load_turnstile_settings() -> TurnstileSettings:
enabled = os.getenv("TURNSTILE_ENABLED", "true").lower() not in {"0", "false", "no"} enabled = os.getenv("TURNSTILE_ENABLED", "true").lower() not in {"0", "false", "no"}
env = _environment() env = _environment()
if not site_key or not secret_key: known_test_pairs = {
if env in {"development", "test"}: (DEFAULT_TURNSTILE_TEST_SITE_KEY, DEFAULT_TURNSTILE_TEST_SECRET_KEY),
(ALWAYS_FAIL_TURNSTILE_TEST_SITE_KEY, ALWAYS_FAIL_TURNSTILE_TEST_SECRET_KEY),
}
if env == "test":
if (site_key, secret_key) not in known_test_pairs:
if site_key or secret_key:
logger.info("Ignoring configured Turnstile credentials in test environment and using test keys")
site_key = DEFAULT_TURNSTILE_TEST_SITE_KEY
secret_key = DEFAULT_TURNSTILE_TEST_SECRET_KEY
elif not site_key or not secret_key:
if env == "development":
site_key = site_key or DEFAULT_TURNSTILE_TEST_SITE_KEY site_key = site_key or DEFAULT_TURNSTILE_TEST_SITE_KEY
secret_key = secret_key or DEFAULT_TURNSTILE_TEST_SECRET_KEY secret_key = secret_key or DEFAULT_TURNSTILE_TEST_SECRET_KEY
else: else:

15
tests/test_turnstile.py
View File

@@ -114,6 +114,21 @@ def test_turnstile_verification_returns_false_on_transport_error(monkeypatch) ->
assert turnstile_module.verify_turnstile_token("token") is False assert turnstile_module.verify_turnstile_token("token") is False
def test_turnstile_settings_ignore_real_credentials_in_test_environment(monkeypatch) -> None:
from app.services import turnstile as turnstile_module
monkeypatch.setenv("APP_ENV", "test")
monkeypatch.setenv("TURNSTILE_SITE_KEY", "real-site-key")
monkeypatch.setenv("TURNSTILE_SECRET_KEY", "real-secret-key")
settings = turnstile_module.load_turnstile_settings()
assert settings.site_key == turnstile_module.DEFAULT_TURNSTILE_TEST_SITE_KEY
assert settings.secret_key == turnstile_module.DEFAULT_TURNSTILE_TEST_SECRET_KEY
assert settings.enabled is True
assert settings.uses_test_keys is True
def test_turnstile_settings_support_always_fail_test_keys(monkeypatch) -> None: def test_turnstile_settings_support_always_fail_test_keys(monkeypatch) -> None:
from app.services import turnstile as turnstile_module from app.services import turnstile as turnstile_module