Protecting API test assets by using secrets

Secrets are key-value pairs that are created for your project in HCL OneTest™ Server under a secrets collection. You can create secrets collections for your project that enable you or members in your project to use secrets at test runtime either in HCL OneTest Server or in desktop clients.
The secrets collections in the HCL OneTest Server project have a separate access control list managed by the project owner. Controlling access to secrets means controlling access to applications and systems under test. The introduction of secrets (under secrets collections) for a project has simplified managing access to separate environments. If a member of a project does not have access to a secret, for example, a server credential then the member cannot accidentally or maliciously run tests against that server. For example, tests that must access the database server by using the server credentials to retrieve stored data can only be run by a member if the access to the secrets is enabled.
Note: Secrets and secrets collections are applicable to test assets authored in HCL OneTest API that enable running tests in defined environments. Secrets are not applicable to tests authored in HCL OneTest UI or HCL OneTest Performance.

As a project owner, you can grant or restrict access to secrets collections, edit secrets, and delete secrets. Members with access can access secrets collections in the HCL OneTest Server and view secrets, edit secrets, delete secrets, or use secrets at test runtime.

Table 1 shows the role-based operations that you can perform in your project.

Table 1. Role-based operations
Operation Owner Tester with Access to Secrets Collection Viewer with Access to Secrets Collection

Creating a secrets collection

Image of the tick-mark icon.

Image of the cross-mark icon.

Image of the cross-mark icon.

Creating a secret under a secrets collection

Image of the tick-mark icon.

Image of the tick-mark icon.

Image of the tick-mark icon.

Granting access to members

Image of the tick-mark icon.

Image of the cross-mark icon.

Image of the cross-mark icon.

Editing a secret

Image of the tick-mark icon.

Image of the tick-mark icon.

Image of the tick-mark icon.

Viewing a secret

Image of the tick-mark icon.

Image of the tick-mark icon.

Image of the tick-mark icon.

Deleting a secret

Image of the tick-mark icon.

Image of the tick-mark icon.

Image of the tick-mark icon.

Editing a secrets collection

Image of the tick-mark icon.

Image of the cross-mark icon.

Image of the cross-mark icon.

Deleting a secrets collection

Image of the tick-mark icon.

Image of the cross-mark icon.

Image of the cross-mark icon.

Using secrets in test runs

Image of the tick-mark icon.

Image of the tick-mark icon.

Image of the cross-mark icon.

If you are configuring your project that contains an API Suite and the project test asset contains environment variables that are required for test runs, you must configure the environment variables as secrets under a secrets collection by using the Secrets tab. You must complete the following tasks:
  1. Create a secrets collection. See Step 1 in Creating, editing, or deleting a secrets collection.
  2. Add secrets under the secrets collection created. See Step 1 in Creating a secret under a secrets collection.
  3. Grant access to project members who can access the secrets collection. See Step 1 in Granting access to members.

You can perform the following operations on secrets and secrets collections anytime after you create a project.

Creating, editing, or deleting a secrets collection

You can create secrets under a secrets collection for your project. Secrets are credentials required in certain tests during test runs. Secrets stored in the collection can be used by members to run tests on different environments and eliminates the need to store secrets in multiple locations. You can opt to edit or delete a secrets collection that you configured for your project anytime after you create a secrets collection.

Before you begin

You must have completed the following tasks: You must have completed the following tasks before you edit or delete a secrets collection:
  • Configured a secrets collection in your project.
  • Been a project owner to edit or delete a secrets collection.
  • Created secrets under the selected secrets collection.

About this task

You must configure secrets collections in your project so that the members of the project can use secrets contained in a collection during test runs. You can configure secrets so that you can use them in different test environments.

You can opt to edit or delete a secrets collection that you configured for your project anytime after you create a secrets collection. For example, you might want to edit the secrets collection name or delete the secrets collection if the testing environment has changed and if secrets that are configured earlier are not required.
Note: You must be a project owner to create, edit, or delete a secrets collection.
  • To create a secrets collection, go to Step 1.
  • To edit or delete a secrets collection, go to Step 4.

Procedure

To create a secrets collection:

  1. To create a secrets collection while configuring a new project in the HCL OneTest Server UI, open the Secrets tab in the Project Configuration and create a secrets collection. Use Add Collection.
  2. Alternatively, to create a secrets collection in an existing project, complete the following steps:
    1. Log in to HCL OneTest Server and from the User Interface (UI) open the project listed under My Projects for which you want to create a secrets collection.
    2. Open the Project Configuration page, and then open the Secrets tab to create a secrets collection.
  3. Enter a name for the secrets collection as its Identifier.
    Tip: You can create a secrets collection that contains secrets for a particular test environment in your project. For example, the secrets collection test_env can contain secrets that application testers can use in tests that they run while the secrets collection dev_env can contain secrets that application developers can use in tests they run.

    A message is displayed for successful creation of the secrets collection.

    The secrets collection created is displayed.

To edit or delete a secrets collection:

  1. Log in to HCL OneTest Server and from the UI open the project listed under My Projects.
  2. Open the secrets collection from the Secrets tab in the Project Configuration page. If there are multiple secrets collections in the project, select the secrets collection that you want from the list.
    • To edit a secrets collection, go to Step 6.
    • To delete a secrets collection, go to Step 7.
  3. To edit a secrets collection, complete the following steps:
    1. Click the Edit icon Image of the edit icon. to edit the selected secrets collection.
      Note: The Edit icon Image of the edit icon. is displayed only for the project owner.
    2. Edit the name of the secrets collection, and update the secrets collection.

      The secrets collection is updated with the updated name.

  4. To delete a secrets collection, click the Delete icon Image of the delete icon. to delete the selected secrets collection.
    Note: The Delete icon Image of the delete icon. is displayed only for the project owner.

    The selected secrets collection is removed from the list of secrets collections configured for the project.

Results

You have completed the following tasks:
  • Created a secrets collection for your project.
  • Edited the name of a secrets collection in your project.
  • Removed a secrets collection from your project.

What to do next

Creating a secret under a secrets collection

You must create secrets under the secrets collections configured in your project so that the secrets contained in a collection can be used in certain tests by members of the project with access to the secrets collections during an API suite run.

Before you begin

You must have completed the following tasks:

About this task

You can also configure secrets such that the secrets can be used across different test environments by members with access to the secrets collection. Secrets correspond to the environment variables or tags that you create in a HCL OneTest API project specific to an environment.

Procedure

  1. To create a secret under a secrets collection while configuring a new project in the HCL OneTest Server UI, select the secrets collection listed in the Secrets tab in the Project Configuration page and create a secret under the secrets collection.
  2. Alternatively, to create a secret under a secrets collection in an existing project, complete the following tasks:
    1. Log in to HCL OneTest Server and from the UI open the project listed under My Projects.
    2. Open the secrets collection from the Secrets tab in the Project Configuration page.
  3. Enter a name for the secret as its Identifier and enter the password as the Value for the secret. For example, under the secrets collection (named as test_env), enter the name of the secret to access a database as dbcred and enter the password required to access the database as its value.

    A message is displayed for successful creation of the secret.

Results

You have created secrets under the selected secrets collection for your project.

What to do next

  • You can view, edit, or delete the secrets created under a secrets collection anytime you want. See Viewing, editing, or deleting a secret.
  • You can use the secrets in the tests that require these secrets during test runs.

Granting access to members

You can grant or revoke access to the secrets collection in your project to members with different roles. Without access to the secrets collection, members cannot view, create, edit, delete, or use the secrets in the secrets collection.

Before you begin

You must have completed the following tasks:

Procedure

  1. To grant access to a secrets collection while configuring a new project in HCL OneTest Server UI, select the secrets collection listed in the Secrets tab in the Project Configuration page.
  2. Alternatively, to grant access to a secrets collection in an existing project, complete the following tasks:
    1. Log in to HCL OneTest Server and from the UI open the project listed under My Projects.
    2. Open the secrets collection from the Secrets tab in the Project Configuration page. If there are multiple secrets collections in the project, select the secrets collection that you want from the list.
  3. Select members to grant access to the selected secrets collection by entering the name or the email ID of the member.
    Important: Irrespective of the role that the member (Tester or Viewer) was assigned in the project, the access to the secrets collections has to be specifically granted to the member in the Secrets tab.

    The members with access are displayed under people with access to the secrets collection.

Removing access to a secrets collection

  1. To remove access granted to a member, select the member with access to the secrets collection from the list and delete the member by clicking the Delete icon image of the delete icon.
    The member is removed from the displayed list.
    Note: Only a project owner can remove access of members to the secrets collections.

Results

You have added members from your project to the access list of people who can access secrets in the selected secrets collection or you have removed members from the access list.

What to do next

You can create secrets under secrets collections for your project. See Creating a secret under a secrets collection.

Viewing, editing, or deleting a secret

You can view, edit, or delete the secrets configured under a secrets collection anytime after you have created secrets or after you were granted access to the secrets collection. You can change the value of the secret by editing the secret. You can delete secrets that you no longer require in your test environment.

Before you begin

You must have completed the following tasks:
  • Created a project on HCL OneTest Server. See Creating a project.
  • Configured the repository that contains the test assets in your project. See Adding repositories.
  • Configured a secrets collection in your project. See Creating, editing, or deleting a secrets collection.
  • You must have created secrets under the selected secrets collection or the secrets collection must contain secrets to view.
  • Been a project owner or member with access to the secrets collection.

Procedure

  1. Log in to HCL OneTest Server and from the UI open the project listed under My Projects.
  2. Open the secrets collection from the Secrets tab in the Project Configuration page. If there are multiple secrets collections in the project, select the secrets collection that you want from the list.

    The secrets configured in the selected secrets collection are displayed.

    • To view a secret value, go to Step 3.
    • To edit a secret value, go to Step 4.
    • To delete a secret, go to Step 5.

Viewing a secret value

  1. Click the Show icon Image of the show password icon. for the secret you want to view its value, which most likely is a password for the secret.

    The value configured for the secret is displayed.

Editing a secret value

  1. Click the Edit icon Image of the edit icon. for the secret you want to edit, and enter a new value for the secret as its Value. The value can be a password for the secret.
    Note: You can only change the value of the secret.

Deleting a secret

  1. Click the Delete icon Image of the delete secret icon. in the row of the secret you want to delete. After deleting it, the secrets list in the collection is removed from the list.

Results

  • You viewed the password configured of the secret under a secrets collection that you created or were granted access.
  • You changed the secret value of the secret under a secrets collection in your project.
  • You deleted and removed the secret from the selected secrets collection in your project.

What to do next

You can use secrets in the tests that require these secrets during test runs. See Running tests.

Feedback