Secrets decrypt fails request

diogodh · May 3, 2024, 8:42am

Hello. I just tried to PR my app and keeps failing.

I have encrypt the API key using PowerShell and command

pixlet encrypt ISS "MY-SECRET-API-KEY" (ISS is my app name)

when I run the code:

def main(config):
    api_key = secret.decrypt("AV6+xWcEI9kUxz7pH8hzcZ6lekCk18gWTFtZA3vzx1p8SXa82ZJBMUEQaY2pA1GDLxP4X3yYFzrN67eflXmwgzxWcByF3lfVqNC1Ox76cV5C/3MdBWPZUu1VsYphn8SPzAuw1NWpTG9v6AlOFCzig29BZSlVrmZNbRXxr670LQ==")
    url = 'https://api.n2yo.com/rest/v1/satellite/visualpasses/%s/%s/%s/%s/%s/%s/&apiKey=%s' % (SAT_ID, lat, lng, ALTITUDE, NUM_DAYS, MIN_DURATION, api_key)
    data = get_data(url)

it fails either locally (expected) but also when I PR to tidbyt Github

“Build and Test / check (pull_request) Failing after 8s”

However, if i use unencrypted API, it works, like this:

def main(config):
    api_key = MY-SECRET-API-KEY
    url = 'https://api.n2yo.com/rest/v1/satellite/visualpasses/%s/%s/%s/%s/%s/%s/&apiKey=%s' % (SAT_ID, lat, lng, ALTITUDE, NUM_DAYS, MIN_DURATION, api_key)
    data = get_data(url)

I am importing secrets module.

So, any help?

Thanks

Rjison9000 · July 10, 2024, 6:25am

I had this same issue, and finally figured out what is going on after talking with someone from Tidbyt.
They said “when the continuous integration pipeline runs this app, secret.decrypt() will return None”. So that means while your code would work (assuming you encrypted your secret properly) when deployed, it fails the test.

This seems like something they’ll have to address, but for now, I think the best way around this is to check for “None” as the return value for your api_key, and in that case use test data instead of calling your ‘get_data’ function.

Doing this will let you pass the test and get your PR merged. Then seeing your application work. The big issue though is that while the test passed, there was no test of the get_data function, which is probably the most important thing to test in your app.