TechQA.

How do I secure my Database credentials in the cypress.config.js file , I am using cypress-sql-server dependency

105 views Asked by At

I want to secure my credentials of database which is hosted on Microsoft Azure SQL while connecting it with Cypress. I am able to successfully connect and query the database and retrieve values from database when I am providing credentials in the config.js file itself.

cypress.config.js

const { defineConfig } = require('cypress')
const sqlServer = require('cypress-sql-server');

module.exports = defineConfig({
e2e: {
setupNodeEvents(on, config) {



tasks = sqlServer.loadDBPlugin(config.db);
on('task', tasks);

return config
},
},


"db": {
"userName": myusername,
"password": mypassword,
 "server": "myserver",
 "options": {
      "database": "mydb",
      "encrypt": true,
      "rowCollectionOnRequestCompletion": true
   }
  }
  })

I want to specify the myusername and mypassword elsewhere and use alias of that because the only loophole I am facing is that I don't want to commit these credentials in master repo (not a secure approach). I have to commit the file cypress.config.js inside the repo because it contains other config files as well. I am following the documentation of following dependency:

https://www.npmjs.com/package/cypress-sql-server?activeTab=readme

My Cypress version: Cypress package version: 12.8.1 Cypress binary version: 12.8.1 Electron version: 21.0.0 Bundled Node version: 16.16.0

I am new to Cypress and also with DB connectivity with automation, would really appreciate any help from the community.

I tried providing the alias of the connection parameters (username and password) in env section under

module.exports = defineConfig({

env: {

userNameDatabase:"DB_USER_int",
passwordDatabase: "DB_PASSWORD_int"

}

})

and defining actual values of DB_USER_int and DB_PASSWORD_int in cypress.env.json file , but getting error that Login failed error for user.

sql-server cypress automation-testing
Original Q&A
1

There are 1 answers

1
Hogan On

Don't put anything secret in cypress.config.js. That file needs to be in the public repository, so it's not the place for secrets.

cypress.env.json is ok if you have nothing else to depend on in this file, but that's no likely.

Best option is secrets.json, put only secret stuff here. Then add to .gitignore.

The rest is simple

const { defineConfig } = require('cypress')
const sqlServer = require('cypress-sql-server');
const secrets = require('./secrets.json')

module.exports = defineConfig({
  e2e: {
    setupNodeEvents(on, config) {
      tasks = sqlServer.loadDBPlugin(secrets.db);

Related Questions in SQL-SERVER

Related Questions in CYPRESS

Related Questions in AUTOMATION-TESTING

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions