fnox 1.25.1

A flexible secret management tool supporting multiple providers and encryption methods
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

#!/usr/bin/env bats

setup() {
	load 'test_helper/common_setup'
	_common_setup
}

teardown() {
	_common_teardown
}

@test "fnox provider add supports all provider types" {
	# name|cli-type|serialized-type — single source of truth for all provider types
	local providers
	providers="onepass|1password|1password
agep|age|age
awssm|aws|aws-sm
awskms|aws-kms|aws-kms
awsps|aws-ps|aws-ps
azurekms|azure-kms|azure-kms
azuresm|azure-sm|azure-sm
gcpsm|gcp|gcp-sm
gcpkms|gcp-kms|gcp-kms
bitwarden|bitwarden|bitwarden
bws|bitwarden-sm|bitwarden-sm
infisical|infisical|infisical
keepass|keepass|keepass
keychain|keychain|keychain
passstore|password-store|password-store
passwordstate|passwordstate|passwordstate
plain|plain|plain
proton|proton-pass|proton-pass
vault|vault|vault"

	run "$FNOX_BIN" init --skip-wizard
	assert_success

	while IFS='|' read -r provider_name provider_type expected_type; do
		run "$FNOX_BIN" provider add "$provider_name" "$provider_type"
		assert_success
		assert_output --partial "Added provider '$provider_name'"
	done <<<"$providers"

	run cat "$FNOX_CONFIG_FILE"
	assert_success
	while IFS='|' read -r provider_name _ expected_type; do
		assert_output --partial "[providers.$provider_name]"
		assert_output --partial "type = \"$expected_type\""
	done <<<"$providers"
}

@test "fnox provider add creates Proton Pass provider config" {
	run "$FNOX_BIN" init --skip-wizard
	assert_success

	run "$FNOX_BIN" provider add mypass proton-pass
	assert_success

	run cat "$FNOX_CONFIG_FILE"
	assert_success
	assert_output --partial "[providers.mypass]"
	assert_output --partial 'type = "proton-pass"'
}

@test "fnox provider add with vault creates proper config" {
	run "$FNOX_BIN" init --skip-wizard
	assert_success

	run "$FNOX_BIN" provider add mypass proton-pass --vault "MyVault"
	assert_success

	run cat "$FNOX_CONFIG_FILE"
	assert_success
	assert_output --partial "[providers.mypass]"
	assert_output --partial 'type = "proton-pass"'
	assert_output --partial 'vault = "MyVault"'
}

@test "fnox provider add --vault fails for non-proton provider types" {
	run "$FNOX_BIN" init --skip-wizard
	assert_success

	run "$FNOX_BIN" provider add myage age --vault "bad-vault"
	assert_failure
	assert_output --partial "--vault is only supported for provider type"
}