DevOps Test Integrations and APIs and DevOps Test Hub
You can publish test reports for tests run on HCL DevOps Test Integrations and APIs (Test Integrations and APIs) to HCL DevOps Test Hub (Test Hub). You can create secrets collections for your project and store them securely on Test Hub that you can retrieve the secrets from Test Hub during tests at runtime.
The secrets collections in Test Hub project have a separate access control list managed by the project owner. Earlier to 9.5.0, the secrets were stored in tags as an environment property in Test Integrations and APIs and they were visible to anybody who could see the project.
Test Hub
Test Hub is a new combined server that includes capabilities such as Docker-based distribution, installation, and execution of test cases.
- Publishing test suite reports to a project on Test Hub. For more information, see Publishing test results to DevOps Test Hub.
- Retrieving the stored secrets from a project configured in Test Hub for using the secrets in tests at runtime.
With the introduction of secrets (under secrets collections) for a project in Test Hub, managing access to separate environments is simplified. If a member of a project does not have access to a secret (for example, a server credential), then the member cannot accidentally or maliciously run tests against that server. For example, tests that require accessing the database server by using the server credentials to retrieve stored data can be executed by a member if the access to the secrets is enabled.
If the secrets are not stored on Test Hub, you must then store secrets as plain text as an environment property in Test Integrations and APIs. This means that a user can accidentally run a test against the wrong environment.
- As a project owner, you can configure a project in Test Hub for creating secrets collections. Secrets are key-value pairs that are created for your project in Test Hub under a secrets collection.
- You can decide to grant or restrict access to members in your organization to the secrets collections. Controlling access to secrets means controlling access to applications and systems under test. Members with access can access the secrets collection in Test Hub and use the secrets in test runs in Test Integrations and APIs.
- Members of Test Hub project must generate offline user tokens from the Test Hub and use the offline user token for gaining access to Test Hub. See Generating an offline user token.
- Members can access Test Hub from Test Integrations and APIs. See Accessing DevOps Test Hub.
- Members across the organization can retrieve the stored secrets from Test Hub for using the secrets in test runs in Test Integrations and APIs without the necessity to store the secrets as visible environment tags in their project in Test Integrations and APIs. See Retrieving secrets from DevOps Test Hub.