Skip to content

Add default EU support for HMSL #990

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
agateau-gg merged 1 commit into from
Oct 29, 2024
Merged

Add default EU support for HMSL #990

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 7 additions & 6 deletions ggshield/core/config/config.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -142,14 +142,15 @@ def add_ignored_match(self, *args: Any, **kwargs: Any) -> None:
@property
def saas_api_url(self) -> str:
"""
The GIM SaaS instance (used to get JWT tokens).
It is not configurable, but can be overridden with the
GITGUARDIAN_SAAS_URL environment variable for tests.
The GIM SaaS instance used to get JWT tokens.
This can be overridden with the GITGUARDIAN_SAAS_URL environment variable.
If the HMSL URL is different from the default, we derive the SaaS API from it.
Otherwise the SaaS API URL is actually the one derived from the dashboard
"""
if "api" in self.hmsl_url: # case https://api.hasmysecretleaked.[...]
if self.hmsl_url != DEFAULT_HMSL_URL and "api" in self.hmsl_url:
default_value = self.hmsl_url.replace("hasmysecretleaked", "gitguardian")
else: # case https://hasmysecretleaked.[...]
default_value = self.hmsl_url.replace("hasmysecretleaked", "api")
else:
default_value = self.api_url

return os.environ.get(
"GITGUARDIAN_SAAS_URL",
Expand Down
26 changes: 22 additions & 4 deletions tests/unit/verticals/hmsl/test_hmsl_utils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,13 +49,31 @@ def test_hmsl_other_env_config_values(isolated_fs, hmsl_no_env_vars, monkeypatch
WHEN getting HasMySecretLeaked config values
THEN the values are correctly set
"""
# If the user defines a custom HMSL URL
monkeypatch.setenv(
"GITGUARDIAN_HMSL_URL", "https://hasmysecretleaked.secretdomain.net"
"GITGUARDIAN_HMSL_URL", "https://hasmysecretleaked.env.gitguardian.com"
)
# They are also expected to set a corresponding GitGuardian instance
monkeypatch.setenv("GITGUARDIAN_INSTANCE", "https://dashboard.env.gitguardian.com")
config = Config()
assert config.hmsl_url == "https://hasmysecretleaked.secretdomain.net"
assert config.hmsl_audience == "https://hasmysecretleaked.secretdomain.net"
assert config.saas_api_url == "https://api.secretdomain.net"
assert config.hmsl_url == "https://hasmysecretleaked.env.gitguardian.com"
assert config.hmsl_audience == "https://hasmysecretleaked.env.gitguardian.com"
assert config.saas_api_url == "https://api.env.gitguardian.com"


def test_hmsl_region_specific_config_values(isolated_fs, hmsl_no_env_vars, monkeypatch):
"""
GIVEN another SaaS environment
WHEN getting HasMySecretLeaked config values
THEN the values are correctly set
"""
monkeypatch.setenv(
"GITGUARDIAN_INSTANCE", "https://dashboard.region3.gitguardian.com"
)
config = Config()
assert config.hmsl_url == "https://api.hasmysecretleaked.com"
assert config.hmsl_audience == "https://api.hasmysecretleaked.com"
assert config.saas_api_url == "https://api.region3.gitguardian.com"


def test_no_token(isolated_fs, hmsl_no_env_vars):
Expand Down
Loading