Integrate Vault with Django testing

I’ve integrated Vault into a Django application, but didn’t want to mock it out during testing. I had to verify that the secret was written into the correct path.

Vault is a database, but for secrets. When testing with a database, you want to achieve test isolation. Most test frameworks allow you to add setup and teardown hooks. In these hooks we will invoke the cleanup code to reset the state of the database.

The vault client is set up in the settings file, so it can be used everywhere when importing the settings:

from django.conf import settings

I’ve also wrapped the CRUD interfaces of the HVAC library to be able to target the correct database (VAULT_MOUNTPOINT).

Finally, you can use the following cleanup script to recursively delete all keys in your setup and teardown hooks:

I used it with pytest the following way:

You’re probably wondering why to call it in the setup hook as well. This is in order to reset your Vault in case a previous test run crashed and didn’t call the teardown.

The used HVAC library can be found here: https://github.com/hvac/hvac

I hope this will help you in your Vault journey.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store