Copilot commented on code in PR #13624:
URL: https://github.com/apache/apisix/pull/13624#discussion_r3490101761
##########
t/node/data_encrypt.t:
##########
@@ -573,3 +573,173 @@ apisix:
}
--- response_body
["bar","test"]
+
+
+
+=== TEST 14: limit-count redis_password is encrypted in etcd
+--- yaml_config
+apisix:
+ data_encryption:
+ enable_encrypt_fields: true
+ keyring:
+ - edd1c9f0985e76a2
+--- config
+ location /t {
+ content_by_lua_block {
+ local json = require("toolkit.json")
+ local t = require("lib.test_admin").test
+ local code, body = t('/apisix/admin/routes/1',
+ ngx.HTTP_PUT,
+ [[{
+ "plugins": {
+ "limit-count": {
+ "count": 1,
+ "time_window": 60,
+ "policy": "redis",
+ "redis_host": "127.0.0.1",
+ "redis_password": "foobar"
Review Comment:
The new encryption behavior for `limit-count` also includes
`sentinel_password`, but the added tests only validate `redis_password`. This
leaves the `sentinel_password` path unverified (especially important since it’s
only present under the `redis-sentinel` policy). Add a test case that
configures `policy: "redis-sentinel"` with `sentinel_password`, then assert
Admin API returns the plaintext while the raw etcd value is encrypted.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]