There is a need to hide sensitive data from allure reports.
From what I understand there could be some kind of interceptor that at the moment when allure report is created will replace data with *** or some message 'hidden data' or so.
That's why I thought about aspectJ, as I understand it can help with such kind of tasks.
And here is where I stopped: https://github.com/anagornaia/allure-cucumber-aspectj
With this result:
Parameters are not hidden, in step name, there is 'sensitive data', but a sub-step was created... that has 'sensitive data' replaced with 'hidden data'.
The question:
Is there a possibility to hide data without creating some strange sub-step... and hide values from the parameters section?
If yes, what I do wrong? Where I should look? Are there any examples of removing sensitive data from allure report that I missed?
I found a solution by creating plugin on AllureCucumber5Jvm bases. I changed lines where parameters where set and replaced in step names variables, also introduced a Boolean variable that gets value from configuration where it says to hide or not to hide information from report. Soon will update project in GitHub for other interested people.
Related
This question already has an answer here:
How to add an option to Cucumber report to remove scenarios that have a certain tag
(1 answer)
Closed 1 year ago.
I am already using Error log in logback-test.xml I am also using log modifier to hide secret keys in request and response.
Everything in karate report looks good and all data is masked as expected like the header name is "Authorization" which is coming as masked in karate report in this variable "authToken" value is getting passed from karate-config.js. In cucumber report too same header is masked but cucumber report is showing additional information and displaying karate-config.js file contents which has all data. What can I do to hide this information in cucumber report?
I have tried this as well it doesn't display request and response but still prints all contents of karate-config.js in cucumber report.
This only happens for the first feature file when project executes it displays the contents of karate-config.js
//ConfigurereportstonotshowrawHTTPrequests/responses,andtoskipnon-BDD(asterisk)steps
karate.configure('report',{showLog:false,showAllSteps:false})
EDITED
Thanks Peter atleast now I understood the issue. We have to call one feature file from Karate-config.js once only for whole project. To do that we are doing below
var sample = karate.callSingle('classpath:sample/test.feature#test1',config);
As we are calling this from karate-config.js so in cucumber report it is showing the complete list of variables and then calling this feature file once. This contains very sensitive data which we can't show in report. I tried adding annotation #report=false with scenario in test.feature#test1 it is still showing the variables list. As we are passing arguments as config in callSingle it will show list of variables in report. Please guide on this how to tackle such issue.
Please read the section on "Log Masking Caveats". If you use a call in any form, parameters will be printed to the log by default.
https://github.com/karatelabs/karate#log-masking-caveats
Note that you can call a feature file, which has the #report=false annotation, and that might be the easy solution.
EDIT: A feature request has been logged: https://github.com/karatelabs/karate/issues/1837
The link above also provides a workaround you can use until the feature is released.
I want to have an option on the cucumber report to mute/hide scenarios with a given tag from the results and numbers.
We have a bamboo build that runs our karate repository of features and scenarios. At the end it produces nice cucumber html reports. On the "overview-features.html" I would like to have an option added to the top right, which includes "Features", "Tags", "Steps" and "Failures", that says "Excluded Fails" or something like that. That when clicked provides the same exact information that the overview-features.html does, except that any scenario that's tagged with a special tag, for example #bug=abc-12345, is removed from the report and excluded from the numbers.
Why I need this. We have some existing scenarios that fail. They fail due to defects in our own software, that might not get fixed for 6 months to a year. We've tagged them with a specified tag, "#bug=abc-12345". I want them muted/excluded from the cucumber report that's produced at the end of the bamboo build for karate so I can quickly look at the number of passed features/scenarios and see if it's 100% or not. If it is, great that build is good. If not, I need to look into it further as we appear to have some regression. Without these scenarios that are expected to fail, and continue to fail until they're resolved, it is very tedious and time consuming to go through all the individual feature file reports and look at the failing scenarios and then look into why. I don't want them removed completely as when they start to pass I need to know so I can go back and remove the tag from the scenario.
Any ideas on how to accomplish this?
Karate 1.0 has overhauled the reporting system with the following key changes.
after the Runner completes you can massage the results and even re-try some tests
you can inject a custom HTML report renderer
This will require you to get into the details (some of this is not documented yet) and write some Java code. If that is not an option, you have to consider that what you are asking for is not supported by Karate.
If you are willing to go down that path, here are the links you need to get started.
a) Example of how to "post process" result-data before rendering a report: RetryTest.java and also see https://stackoverflow.com/a/67971681/143475
b) The code responsible for "pluggable" reports, where you can implement a new SuiteReports in theory. And in the Runner, there is a suiteReports() method you can call to provide your implementation.
Also note that there is an experimental "doc" keyword, by which you can inject custom HTML into a test-report: https://twitter.com/getkarate/status/1338892932691070976
Also see: https://twitter.com/KarateDSL/status/1427638609578967047
We are currently looking at Testrail as an alternative to using the Zephyr plugin within JIRA as Testrail looks to give us better test case and reporting management than Zephyr does.
Currently faced with the usual problem when changing tools of how to migrate our existing test cases from one to the other.
I know there are importer tools to get Excel spreadsheet cases into Testrail, so that is ok.
The problem I'm facing is how to get the test scripts out of Zephyr.
Does anyone know of any similar plugins to export test cases/scripts from Zephyr to Excel?
I've tried using the inbuilt export function, but it only seems to export the basic case details, not the individual test steps.
Any help greatly appreciated.
the inbuilt export definitely exports the test steps. I am looking at my own exported test cases with test steps right now in xls and csv formats
However the export has many many columns, the test step part is easy to miss.
In my XLS the test steps are in columns BF, BG, and BH. Of course yours are likely to be different, I am only giving you those column names as an example of how many columns you will have to scroll past.
XLS: For example test case EX-123 with 4 steps there will 4 rows merged together until the test steps col. So the "key", "Summary" columns will be 4 rows merged together..
CSV: The all the info is on the 1'st row.. and then at the test step column each test step has a row.
Just take a test case you know has steps, and start to scroll right through the columns and you'll see the steps .
Having done some further investigation myself, it appears there are multiple ways to extract parts of the tests from Zephyr.
If you use the 'Search' function to locate a test and then choose to Export via the Export button in the test case frame itself then you get a summary of the test information but WITHOUT the test steps.
If you use the 'Search' function to locate a test and then choose to Export via the Export button in the test case frame itself then you get a summary of the test information but WITHOUT the test steps.
If you use the Export button from the top of the window (there should be 'Share', 'Export' and 'Tools' buttons) you get additional options.
Selecting the option for 'Excel (All fields)' will extract full test case information, including all the fields.
A slightly quicker way to extract them is to Search for executed tests and from the 'Executed Tests Summary', select a test via the checkbox next to the test and select 'Export'.
This gives the option to extract the test information, including test steps, as CSV, XLS, HTML, XML or RSS.
As stated above, this is a large file and the test step information not readily apparent. (My steps were started in column CH!)
It is also worth noting that each line within the test step appears in a different cell, so importing to another tool will definitely require a lot of reformatting of the test step information.
We want to "Categorize" our work orders more systematically. So far, we've been using Description, but we feel it is not a reliable way. We were hoping to use Failure Class as a starting point, but we find that having on a different tab discourages technicians and the help desk from classifying the work order.
Is it possible to add/duplicate the Failure Class field to Work Order Tracking screen?
Normally, I wouldn't ask, but was not clear if this was possible because Failure Class, Codes, and Tracking are different tables in Maximo. So, I wasn't sure how this would work exactly...
The simple answer is to use Application Designer's copy / paste functionality to duplicate the field. The specific field in question is on the top level of the Work Order Tracking application and facilitates interaction with the FAILURECODE attribute of the Main Object of the application, which is WORKORDER. Therefore, a copy / paste operation should be all you need. (Note: Application Designer's copy / paste functionality is used via that application's toolbar buttons, not Ctrl+C / Ctrl+V.) And if using Application Designer's copy / paste functionality doesn't work to your satisfaction, I would recommend exporting the XML for the application, copying the line of XML as desired and giving it a unique id, and importing the updated XML back in to Maximo. (Application Designer has toolbar buttons for exporting and importing an application's XML.)
You mentioned difficulty getting users to fill it in as a driver for asking the question. Another solution, which you can do as well as or instead of copying the field, is to specify the Failure Class on each Asset. Then, when an Asset is put on a Work Order, its Failure Class will be copied over, saving the users work and risk of not choosing correctly. And another idea is to highlight the Failure tab until a Failure Class is supplied.
And you also mentioned that the driver behind getting them to fill in the Failure Class, and etc, was to help categorize work. To that point, you should know that Failure Classes, in specific, and Failure Codes, in general, are intended to be used to help you determine what's going wrong with your assets, how often, and how the problems are being fixed. So, using them to categorize work is a bad idea. Instead, you should be using the Work Type field and Classifications, because categorizing work is what these are meant to be used for. The Work Type field is already on the Work Order tab, and Classifications fields are on the Specifications tab. You could copy the Classifications fields the same as I directed above for the Failure Class field.
When someone creates a force build on CC.Net dashboard, is there a way to log who created the build (a name of a person/dept) or a field entry for that? Any pointers please would be appreciated.
Anything that is logged in the "super build results" file...can be displayed, if you write a custom .xsl for it, or edit an existing .xsl.
To see the build log, click on "View Log File" from the CCNET project page.
See if the piece of information you're after is in the file.
If so, then you can "fish" for that piece of information.
Here is an example of editing an existing .xsl file....and "fishing" for the svn-revision number.
It's not exactly what you're looking for, but it can be a basic "how to".
http://www.richard-banks.org/2007/01/add-subversion-revision-to.html
According to the ccnet docs it's the property: CCNetUser
http://cruisecontrolnet.org/projects/ccnet/wiki/Integration_Properties
So if you're using Nant you could echo ${CCNetUser} to see who forced the build.
That's only valid if security is on. If security is not on(most likely it's not if anyone can force the build) you could present the user with a textbox or dropdown to enter/select their username. See http://cruisecontrolnet.org/projects/ccnet/wiki/Parameters for how to do that. Of course it's then up to the user whether they enter the correct information.