Skip to main content

Test files and branch names encryption

Knapsack Pro collects a minimal amount of data about your project:

  • File paths of your tests (e.g., spec/models/user_spec.rb)
  • Branch name
  • Commit hash
  • Number of parallel CI nodes
  • CI node index
  • Tests execution time

If you consider test file names or branch names sensitive data, you can encrypt them with Digest::SHA2.hexdigest and a 64-char salt before they are sent to the Knapsack Pro API. Thanks to the salt, only you will be able to decrypt test file names or branch names.

Enable encryption

Caveats

When you enable encryption, your first test suite split will not be optimal because Knapsack Pro needs to re-record test timings again.

Also, note that the following branch names won't be encrypted to allow the Knapsack Pro API to determine timings for test files on newly created branches:

  • master
  • main
  • develop
  • development
  • dev
  • staging
  • production
  • full list of non-encryptable branches

Debug test file names

You can check what's the hash of a particular test file name with:

KNAPSACK_PRO_SALT=MY_SALT bundle exec rake "knapsack_pro:encrypted_test_file_names[rspec]"

Pass your test runner to the rake task (e.g., rspec, minitest, test_unit, cucumber, spinach).

Debug branch names

You can check what's the hash of a particular branch name with:

# All local branches
KNAPSACK_PRO_SALT=MY_SALT bundle exec rake knapsack_pro:encrypted_branch_names

# Specific branch
KNAPSACK_PRO_SALT=MY_SALT bundle exec rake "knapsack_pro:encrypted_branch_names[MY_UNENCRYPTED_BRANCH_NAME]"