vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 07:30:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

test: share dotenv env key fixtures

Browse Source
This commit is contained in:
Peter Steinberger
2026-04-19 02:30:56 +01:00
parent 9380128193
commit 14435c8bdf
1 changed files with 49 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

128
src/infra/dotenv.test.ts
View File

@@ -5,11 +5,51 @@ import { describe, expect, it, vi } from "vitest";
import { loadCliDotEnv } from "../cli/dotenv.js";
import { loadDotEnv, loadWorkspaceDotEnvFile } from "./dotenv.js";
const CREDENTIAL_AND_GATEWAY_ENV_KEYS = [
"ANTHROPIC_API_KEY",
"ANTHROPIC_API_KEY_SECONDARY",
"ANTHROPIC_OAUTH_TOKEN",
"OPENAI_API_KEY",
"OPENAI_API_KEYS",
"OPENAI_API_KEY_SECONDARY",
"OPENCLAW_LIVE_ANTHROPIC_KEY",
"OPENCLAW_LIVE_ANTHROPIC_KEYS",
"OPENCLAW_LIVE_GEMINI_KEY",
"OPENCLAW_LIVE_OPENAI_KEY",
"OPENCLAW_GATEWAY_TOKEN",
"OPENCLAW_GATEWAY_PASSWORD",
"OPENCLAW_GATEWAY_SECRET",
] as const;
const BUNDLED_TRUST_ROOT_ENV_LINES = [
"OPENCLAW_BROWSER_CONTROL_MODULE=data:text/javascript,boom",
"OPENCLAW_BUNDLED_HOOKS_DIR=./attacker-hooks",
"OPENCLAW_BUNDLED_PLUGINS_DIR=./attacker-plugins",
"OPENCLAW_BUNDLED_SKILLS_DIR=./attacker-skills",
"OPENCLAW_SKIP_BROWSER_CONTROL_SERVER=1",
] as const;
const BUNDLED_TRUST_ROOT_ENV_KEYS = BUNDLED_TRUST_ROOT_ENV_LINES.map(
(line) => line.split("=")[0] ?? "",
);
async function writeEnvFile(filePath: string, contents: string) {
await fs.mkdir(path.dirname(filePath), { recursive: true });
await fs.writeFile(filePath, contents, "utf8");
}
function clearEnv(keys: readonly string[]) {
for (const key of keys) {
delete process.env[key];
}
}
function expectEnvUndefined(keys: readonly string[]) {
for (const key of keys) {
expect(process.env[key]).toBeUndefined();
}
}
async function withIsolatedEnvAndCwd(run: () => Promise<void>) {
const prevEnv = { ...process.env };
try {
@@ -210,35 +250,11 @@ describe("loadDotEnv", () => {
].join("\n"),
);
delete process.env.ANTHROPIC_API_KEY;
delete process.env.ANTHROPIC_API_KEY_SECONDARY;
delete process.env.ANTHROPIC_OAUTH_TOKEN;
delete process.env.OPENAI_API_KEY;
delete process.env.OPENAI_API_KEYS;
delete process.env.OPENAI_API_KEY_SECONDARY;
delete process.env.OPENCLAW_LIVE_ANTHROPIC_KEY;
delete process.env.OPENCLAW_LIVE_ANTHROPIC_KEYS;
delete process.env.OPENCLAW_LIVE_GEMINI_KEY;
delete process.env.OPENCLAW_LIVE_OPENAI_KEY;
delete process.env.OPENCLAW_GATEWAY_TOKEN;
delete process.env.OPENCLAW_GATEWAY_PASSWORD;
delete process.env.OPENCLAW_GATEWAY_SECRET;
clearEnv(CREDENTIAL_AND_GATEWAY_ENV_KEYS);
loadWorkspaceDotEnvFile(path.join(cwdDir, ".env"), { quiet: true });
expect(process.env.ANTHROPIC_API_KEY).toBeUndefined();
expect(process.env.ANTHROPIC_API_KEY_SECONDARY).toBeUndefined();
expect(process.env.ANTHROPIC_OAUTH_TOKEN).toBeUndefined();
expect(process.env.OPENAI_API_KEY).toBeUndefined();
expect(process.env.OPENAI_API_KEYS).toBeUndefined();
expect(process.env.OPENAI_API_KEY_SECONDARY).toBeUndefined();
expect(process.env.OPENCLAW_LIVE_ANTHROPIC_KEY).toBeUndefined();
expect(process.env.OPENCLAW_LIVE_ANTHROPIC_KEYS).toBeUndefined();
expect(process.env.OPENCLAW_LIVE_GEMINI_KEY).toBeUndefined();
expect(process.env.OPENCLAW_LIVE_OPENAI_KEY).toBeUndefined();
expect(process.env.OPENCLAW_GATEWAY_TOKEN).toBeUndefined();
expect(process.env.OPENCLAW_GATEWAY_PASSWORD).toBeUndefined();
expect(process.env.OPENCLAW_GATEWAY_SECRET).toBeUndefined();
expectEnvUndefined(CREDENTIAL_AND_GATEWAY_ENV_KEYS);
});
});
});
@@ -333,30 +349,13 @@ describe("loadDotEnv", () => {
it("blocks bundled trust-root vars from workspace .env", async () => {
await withIsolatedEnvAndCwd(async () => {
await withDotEnvFixture(async ({ cwdDir }) => {
await writeEnvFile(
path.join(cwdDir, ".env"),
[
"OPENCLAW_BROWSER_CONTROL_MODULE=data:text/javascript,boom",
"OPENCLAW_BUNDLED_HOOKS_DIR=./attacker-hooks",
"OPENCLAW_BUNDLED_PLUGINS_DIR=./attacker-plugins",
"OPENCLAW_BUNDLED_SKILLS_DIR=./attacker-skills",
"OPENCLAW_SKIP_BROWSER_CONTROL_SERVER=1",
].join("\n"),
);
await writeEnvFile(path.join(cwdDir, ".env"), [...BUNDLED_TRUST_ROOT_ENV_LINES].join("\n"));
delete process.env.OPENCLAW_BROWSER_CONTROL_MODULE;
delete process.env.OPENCLAW_BUNDLED_HOOKS_DIR;
delete process.env.OPENCLAW_BUNDLED_PLUGINS_DIR;
delete process.env.OPENCLAW_BUNDLED_SKILLS_DIR;
delete process.env.OPENCLAW_SKIP_BROWSER_CONTROL_SERVER;
clearEnv(BUNDLED_TRUST_ROOT_ENV_KEYS);
loadWorkspaceDotEnvFile(path.join(cwdDir, ".env"), { quiet: true });
expect(process.env.OPENCLAW_BROWSER_CONTROL_MODULE).toBeUndefined();
expect(process.env.OPENCLAW_BUNDLED_HOOKS_DIR).toBeUndefined();
expect(process.env.OPENCLAW_BUNDLED_PLUGINS_DIR).toBeUndefined();
expect(process.env.OPENCLAW_BUNDLED_SKILLS_DIR).toBeUndefined();
expect(process.env.OPENCLAW_SKIP_BROWSER_CONTROL_SERVER).toBeUndefined();
expectEnvUndefined(BUNDLED_TRUST_ROOT_ENV_KEYS);
});
});
});
@@ -411,19 +410,7 @@ describe("loadDotEnv", () => {
].join("\n"),
);
vi.spyOn(process, "cwd").mockReturnValue(cwdDir);
delete process.env.ANTHROPIC_API_KEY;
delete process.env.ANTHROPIC_API_KEY_SECONDARY;
delete process.env.ANTHROPIC_OAUTH_TOKEN;
delete process.env.OPENAI_API_KEY;
delete process.env.OPENAI_API_KEYS;
delete process.env.OPENAI_API_KEY_SECONDARY;
delete process.env.OPENCLAW_LIVE_ANTHROPIC_KEY;
delete process.env.OPENCLAW_LIVE_ANTHROPIC_KEYS;
delete process.env.OPENCLAW_LIVE_GEMINI_KEY;
delete process.env.OPENCLAW_LIVE_OPENAI_KEY;
delete process.env.OPENCLAW_GATEWAY_TOKEN;
delete process.env.OPENCLAW_GATEWAY_PASSWORD;
delete process.env.OPENCLAW_GATEWAY_SECRET;
clearEnv(CREDENTIAL_AND_GATEWAY_ENV_KEYS);
loadDotEnv({ quiet: true });
@@ -552,31 +539,14 @@ describe("loadCliDotEnv", () => {
it("blocks bundled trust-root vars from workspace .env during CLI startup", async () => {
await withIsolatedEnvAndCwd(async () => {
await withDotEnvFixture(async ({ cwdDir }) => {
await writeEnvFile(
path.join(cwdDir, ".env"),
[
"OPENCLAW_BROWSER_CONTROL_MODULE=data:text/javascript,boom",
"OPENCLAW_BUNDLED_HOOKS_DIR=./attacker-hooks",
"OPENCLAW_BUNDLED_PLUGINS_DIR=./attacker-plugins",
"OPENCLAW_BUNDLED_SKILLS_DIR=./attacker-skills",
"OPENCLAW_SKIP_BROWSER_CONTROL_SERVER=1",
].join("\n"),
);
await writeEnvFile(path.join(cwdDir, ".env"), [...BUNDLED_TRUST_ROOT_ENV_LINES].join("\n"));
delete process.env.OPENCLAW_BROWSER_CONTROL_MODULE;
delete process.env.OPENCLAW_BUNDLED_HOOKS_DIR;
delete process.env.OPENCLAW_BUNDLED_PLUGINS_DIR;
delete process.env.OPENCLAW_BUNDLED_SKILLS_DIR;
delete process.env.OPENCLAW_SKIP_BROWSER_CONTROL_SERVER;
clearEnv(BUNDLED_TRUST_ROOT_ENV_KEYS);
vi.spyOn(process, "cwd").mockReturnValue(cwdDir);
loadCliDotEnv({ quiet: true });
expect(process.env.OPENCLAW_BROWSER_CONTROL_MODULE).toBeUndefined();
expect(process.env.OPENCLAW_BUNDLED_HOOKS_DIR).toBeUndefined();
expect(process.env.OPENCLAW_BUNDLED_PLUGINS_DIR).toBeUndefined();
expect(process.env.OPENCLAW_BUNDLED_SKILLS_DIR).toBeUndefined();
expect(process.env.OPENCLAW_SKIP_BROWSER_CONTROL_SERVER).toBeUndefined();
expectEnvUndefined(BUNDLED_TRUST_ROOT_ENV_KEYS);
});
});
});