diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-17 14:59:07 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-17 14:59:07 +0300 |
| commit | 8b573c94895dc0ac0e1d9d59cf3e8745e8b539ca (patch) | |
| tree | 544930fb309b30317ae9797a9683768705d664c4 /spec/initializers | |
| parent | 4b1de649d0168371549608993deac953eb692019 (diff) | |
Add latest changes from gitlab-org/gitlab@13-7-stable-eev13.7.0-rc42
Diffstat (limited to 'spec/initializers')
| -rw-r--r-- | spec/initializers/lograge_spec.rb | 28 | ||||
| -rw-r--r-- | spec/initializers/secret_token_spec.rb | 36 |
2 files changed, 41 insertions, 23 deletions
diff --git a/spec/initializers/lograge_spec.rb b/spec/initializers/lograge_spec.rb index de722764bf4..d5f9ef569c7 100644 --- a/spec/initializers/lograge_spec.rb +++ b/spec/initializers/lograge_spec.rb @@ -153,32 +153,22 @@ RSpec.describe 'lograge', type: :request do end end - context 'with transaction' do - let(:transaction) { Gitlab::Metrics::WebTransaction.new({}) } - - before do - allow(Gitlab::Metrics::Transaction).to receive(:current).and_return(transaction) - end - + context 'with db payload' do context 'when RequestStore is enabled', :request_store do - context 'with db payload' do - it 'includes db counters', :request_store do - ActiveRecord::Base.connection.execute('SELECT pg_sleep(0.1);') - subscriber.process_action(event) + it 'includes db counters' do + ActiveRecord::Base.connection.execute('SELECT pg_sleep(0.1);') + subscriber.process_action(event) - expect(log_data).to include("db_count" => 1, "db_write_count" => 0, "db_cached_count" => 0) - end + expect(log_data).to include("db_count" => a_value >= 1, "db_write_count" => 0, "db_cached_count" => 0) end end context 'when RequestStore is disabled' do - context 'with db payload' do - it 'does not include db counters' do - ActiveRecord::Base.connection.execute('SELECT pg_sleep(0.1);') - subscriber.process_action(event) + it 'does not include db counters' do + ActiveRecord::Base.connection.execute('SELECT pg_sleep(0.1);') + subscriber.process_action(event) - expect(log_data).not_to include("db_count" => 1, "db_write_count" => 0, "db_cached_count" => 0) - end + expect(log_data).not_to include("db_count", "db_write_count", "db_cached_count") end end end diff --git a/spec/initializers/secret_token_spec.rb b/spec/initializers/secret_token_spec.rb index 362371e0962..ab16dbad3fc 100644 --- a/spec/initializers/secret_token_spec.rb +++ b/spec/initializers/secret_token_spec.rb @@ -11,17 +11,20 @@ RSpec.describe 'create_tokens' do let(:rsa_key) { /\A-----BEGIN RSA PRIVATE KEY-----\n.+\n-----END RSA PRIVATE KEY-----\n\Z/m.freeze } before do - allow(File).to receive(:write) - allow(File).to receive(:delete) allow(Rails).to receive_message_chain(:application, :secrets).and_return(secrets) allow(Rails).to receive_message_chain(:root, :join) { |string| string } + + allow(File).to receive(:write).and_call_original + allow(File).to receive(:write).with(Rails.root.join('config/secrets.yml')) + allow(File).to receive(:delete).and_call_original + allow(File).to receive(:delete).with(Rails.root.join('.secret')) allow(self).to receive(:warn) allow(self).to receive(:exit) end describe 'ensure acknowledged secrets in any installations' do let(:acknowledged_secrets) do - %w[secret_key_base otp_key_base db_key_base openid_connect_signing_key] + %w[secret_key_base otp_key_base db_key_base openid_connect_signing_key encrypted_settings_key_base rotated_encrypted_settings_key_base] end it 'does not allow to add a new secret without a proper handling' do @@ -87,6 +90,7 @@ RSpec.describe 'create_tokens' do expect(new_secrets['otp_key_base']).to eq(secrets.otp_key_base) expect(new_secrets['db_key_base']).to eq(secrets.db_key_base) expect(new_secrets['openid_connect_signing_key']).to eq(secrets.openid_connect_signing_key) + expect(new_secrets['encrypted_settings_key_base']).to eq(secrets.encrypted_settings_key_base) end create_tokens @@ -103,9 +107,10 @@ RSpec.describe 'create_tokens' do before do secrets.db_key_base = 'db_key_base' secrets.openid_connect_signing_key = 'openid_connect_signing_key' + secrets.encrypted_settings_key_base = 'encrypted_settings_key_base' allow(File).to receive(:exist?).with('.secret').and_return(true) - allow(File).to receive(:read).with('.secret').and_return('file_key') + stub_file_read('.secret', content: 'file_key') end context 'when secret_key_base exists in the environment and secrets.yml' do @@ -155,6 +160,7 @@ RSpec.describe 'create_tokens' do expect(secrets.otp_key_base).to eq('otp_key_base') expect(secrets.db_key_base).to eq('db_key_base') expect(secrets.openid_connect_signing_key).to eq('openid_connect_signing_key') + expect(secrets.encrypted_settings_key_base).to eq('encrypted_settings_key_base') end it 'deletes the .secret file' do @@ -205,12 +211,34 @@ RSpec.describe 'create_tokens' do create_tokens end end + + context 'when rotated_encrypted_settings_key_base does not exist' do + before do + secrets.secret_key_base = 'secret_key_base' + secrets.otp_key_base = 'otp_key_base' + secrets.openid_connect_signing_key = 'openid_connect_signing_key' + secrets.encrypted_settings_key_base = 'encrypted_settings_key_base' + end + + it 'does not warn about the missing secrets' do + expect(self).not_to receive(:warn_missing_secret).with('rotated_encrypted_settings_key_base') + + create_tokens + end + + it 'does not update secrets.yml' do + expect(File).not_to receive(:write) + + create_tokens + end + end end context 'when db_key_base is blank but exists in secrets.yml' do before do secrets.otp_key_base = 'otp_key_base' secrets.secret_key_base = 'secret_key_base' + secrets.encrypted_settings_key_base = 'encrypted_settings_key_base' yaml_secrets = secrets.to_h.stringify_keys.merge('db_key_base' => '<%= an_erb_expression %>') allow(File).to receive(:exist?).with('.secret').and_return(false) |