Copilot commented on code in PR #13624:
URL: https://github.com/apache/apisix/pull/13624#discussion_r3490101761


##########
t/node/data_encrypt.t:
##########
@@ -573,3 +573,173 @@ apisix:
     }
 --- response_body
 ["bar","test"]
+
+
+
+=== TEST 14: limit-count redis_password is encrypted in etcd
+--- yaml_config
+apisix:
+    data_encryption:
+        enable_encrypt_fields: true
+        keyring:
+            - edd1c9f0985e76a2
+--- config
+    location /t {
+        content_by_lua_block {
+            local json = require("toolkit.json")
+            local t = require("lib.test_admin").test
+            local code, body = t('/apisix/admin/routes/1',
+                ngx.HTTP_PUT,
+                [[{
+                    "plugins": {
+                        "limit-count": {
+                            "count": 1,
+                            "time_window": 60,
+                            "policy": "redis",
+                            "redis_host": "127.0.0.1",
+                            "redis_password": "foobar"

Review Comment:
   The new encryption behavior for `limit-count` also includes 
`sentinel_password`, but the added tests only validate `redis_password`. This 
leaves the `sentinel_password` path unverified (especially important since it’s 
only present under the `redis-sentinel` policy). Add a test case that 
configures `policy: "redis-sentinel"` with `sentinel_password`, then assert 
Admin API returns the plaintext while the raw etcd value is encrypted.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to