| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152 |
- """S6: warn on unknown MFA_*/BAMBUDDY_* env vars so typos like
- ``MFA_ENCYPTION_KEY`` are not silently swallowed by ``extra="ignore"``."""
- from __future__ import annotations
- import importlib
- import logging
- import pytest
- @pytest.mark.unit
- def test_unknown_mfa_env_var_logs_info(monkeypatch, caplog):
- """A typo'd MFA_* env var must be logged at INFO so operators see it."""
- monkeypatch.setenv("MFA_ENCYPTION_KEY", "typo-value") # missing R
- import backend.app.core.config as cfg_mod
- with caplog.at_level(logging.INFO):
- importlib.reload(cfg_mod)
- assert any("MFA_ENCYPTION_KEY" in rec.message for rec in caplog.records)
- @pytest.mark.unit
- def test_unknown_bambuddy_env_var_logs_info(monkeypatch, caplog):
- """An unrecognised BAMBUDDY_* env var must also be logged."""
- monkeypatch.setenv("BAMBUDDY_NEW_FEATURE", "v1")
- import backend.app.core.config as cfg_mod
- with caplog.at_level(logging.INFO):
- importlib.reload(cfg_mod)
- assert any("BAMBUDDY_NEW_FEATURE" in rec.message for rec in caplog.records)
- @pytest.mark.unit
- def test_known_intentional_env_var_does_not_log(monkeypatch, caplog):
- """MFA_ENCRYPTION_KEY is declared in _INTENTIONAL_UNSETTINGS — must be silent."""
- monkeypatch.setenv("MFA_ENCRYPTION_KEY", "x" * 44) # invalid but not a typo
- import backend.app.core.config as cfg_mod
- with caplog.at_level(logging.INFO):
- importlib.reload(cfg_mod)
- # The intentional var must not produce a typo warning.
- typo_warnings = [
- rec for rec in caplog.records if "MFA_ENCRYPTION_KEY" in rec.message and "typo" in rec.message.lower()
- ]
- assert typo_warnings == []
|
