diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-01-20 21:14:18 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-01-20 21:14:18 +0300 |
commit | 39cb2fdf01699eb5ac000c918f469c58dc75f7e8 (patch) | |
tree | 5de21a06dfe8b97c793f892032be45949aa482db /spec/lib | |
parent | c17eb7c97062d25cdf1b44573e4c0241f52aa2fe (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/lib')
-rw-r--r-- | spec/lib/gitlab/ci/config/entry/root_spec.rb | 18 | ||||
-rw-r--r-- | spec/lib/gitlab/ci/config/entry/script_spec.rb | 109 | ||||
-rw-r--r-- | spec/lib/gitlab/ci/yaml_processor_spec.rb | 46 | ||||
-rw-r--r-- | spec/lib/gitlab/config/entry/factory_spec.rb | 6 | ||||
-rw-r--r-- | spec/lib/gitlab/endpoint_attributes_spec.rb | 5 | ||||
-rw-r--r-- | spec/lib/gitlab/rack_attack/request_spec.rb | 88 | ||||
-rw-r--r-- | spec/lib/gitlab/ssh_public_key_spec.rb | 91 | ||||
-rw-r--r-- | spec/lib/gitlab/web_ide/config/entry/global_spec.rb | 2 | ||||
-rw-r--r-- | spec/lib/gitlab/web_ide/config_spec.rb | 2 |
9 files changed, 194 insertions, 173 deletions
diff --git a/spec/lib/gitlab/ci/config/entry/root_spec.rb b/spec/lib/gitlab/ci/config/entry/root_spec.rb index 749d1386ed9..daf58aff116 100644 --- a/spec/lib/gitlab/ci/config/entry/root_spec.rb +++ b/spec/lib/gitlab/ci/config/entry/root_spec.rb @@ -55,13 +55,13 @@ RSpec.describe Gitlab::Ci::Config::Entry::Root do } end - context 'when deprecated types keyword is defined' do + context 'when deprecated types/type keywords are defined' do let(:project) { create(:project, :repository) } let(:user) { create(:user) } let(:hash) do { types: %w(test deploy), - rspec: { script: 'rspec' } } + rspec: { script: 'rspec', type: 'test' } } end before do @@ -69,11 +69,15 @@ RSpec.describe Gitlab::Ci::Config::Entry::Root do end it 'returns array of types as stages with a warning' do + expect(root.jobs_value[:rspec][:stage]).to eq 'test' expect(root.stages_value).to eq %w[test deploy] - expect(root.warnings).to match_array(["root `types` is deprecated in 9.0 and will be removed in 15.0."]) + expect(root.warnings).to match_array([ + "root `types` is deprecated in 9.0 and will be removed in 15.0.", + "jobs:rspec `type` is deprecated in 9.0 and will be removed in 15.0." + ]) end - it 'logs usage of types keyword' do + it 'logs usage of keywords' do expect(Gitlab::AppJsonLogger).to( receive(:info) .with(event: 'ci_used_deprecated_keyword', @@ -350,9 +354,9 @@ RSpec.describe Gitlab::Ci::Config::Entry::Root do root.compose! end - context 'when before script is not an array' do + context 'when before script is a number' do let(:hash) do - { before_script: 'ls' } + { before_script: 123 } end describe '#valid?' do @@ -364,7 +368,7 @@ RSpec.describe Gitlab::Ci::Config::Entry::Root do describe '#errors' do it 'reports errors from child nodes' do expect(root.errors) - .to include 'before_script config should be an array containing strings and arrays of strings' + .to include 'before_script config should be a string or a nested array of strings up to 10 levels deep' end end end diff --git a/spec/lib/gitlab/ci/config/entry/script_spec.rb b/spec/lib/gitlab/ci/config/entry/script_spec.rb deleted file mode 100644 index 1ddf7881e81..00000000000 --- a/spec/lib/gitlab/ci/config/entry/script_spec.rb +++ /dev/null @@ -1,109 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' - -RSpec.describe Gitlab::Ci::Config::Entry::Script do - let(:entry) { described_class.new(config) } - - describe 'validations' do - context 'when entry config value is array of strings' do - let(:config) { %w(ls pwd) } - - describe '#value' do - it 'returns array of strings' do - expect(entry.value).to eq config - end - end - - describe '#errors' do - it 'does not append errors' do - expect(entry.errors).to be_empty - end - end - - describe '#valid?' do - it 'is valid' do - expect(entry).to be_valid - end - end - end - - context 'when entry config value is array of arrays of strings' do - let(:config) { [['ls'], ['pwd', 'echo 1']] } - - describe '#value' do - it 'returns array of strings' do - expect(entry.value).to eq ['ls', 'pwd', 'echo 1'] - end - end - - describe '#errors' do - it 'does not append errors' do - expect(entry.errors).to be_empty - end - end - - describe '#valid?' do - it 'is valid' do - expect(entry).to be_valid - end - end - end - - context 'when entry config value is array containing strings and arrays of strings' do - let(:config) { ['ls', ['pwd', 'echo 1']] } - - describe '#value' do - it 'returns array of strings' do - expect(entry.value).to eq ['ls', 'pwd', 'echo 1'] - end - end - - describe '#errors' do - it 'does not append errors' do - expect(entry.errors).to be_empty - end - end - - describe '#valid?' do - it 'is valid' do - expect(entry).to be_valid - end - end - end - - context 'when entry value is string' do - let(:config) { 'ls' } - - describe '#errors' do - it 'saves errors' do - expect(entry.errors) - .to include 'script config should be an array containing strings and arrays of strings' - end - end - - describe '#valid?' do - it 'is not valid' do - expect(entry).not_to be_valid - end - end - end - - context 'when entry value is multi-level nested array' do - let(:config) { [['ls', ['echo 1']], 'pwd'] } - - describe '#errors' do - it 'saves errors' do - expect(entry.errors) - .to include 'script config should be an array containing strings and arrays of strings' - end - end - - describe '#valid?' do - it 'is not valid' do - expect(entry).not_to be_valid - end - end - end - end -end diff --git a/spec/lib/gitlab/ci/yaml_processor_spec.rb b/spec/lib/gitlab/ci/yaml_processor_spec.rb index 20af84ce648..2fed4549dba 100644 --- a/spec/lib/gitlab/ci/yaml_processor_spec.rb +++ b/spec/lib/gitlab/ci/yaml_processor_spec.rb @@ -710,16 +710,16 @@ module Gitlab end end - context 'when script is array of arrays of strings' do + context 'when script is nested arrays of strings' do let(:config) do { - before_script: [["global script", "echo 1"], ["ls"], "pwd"], + before_script: [[["global script"], "echo 1"], "echo 2", ["ls"], "pwd"], test: { script: ["script"] } } end it "return commands with scripts concatenated" do - expect(subject[:options][:before_script]).to eq(["global script", "echo 1", "ls", "pwd"]) + expect(subject[:options][:before_script]).to eq(["global script", "echo 1", "echo 2", "ls", "pwd"]) end end end @@ -737,15 +737,15 @@ module Gitlab end end - context 'when script is array of arrays of strings' do + context 'when script is nested arrays of strings' do let(:config) do { - test: { script: [["script"], ["echo 1"], "ls"] } + test: { script: [[["script"], "echo 1", "echo 2"], "ls"] } } end it "return commands with scripts concatenated" do - expect(subject[:options][:script]).to eq(["script", "echo 1", "ls"]) + expect(subject[:options][:script]).to eq(["script", "echo 1", "echo 2", "ls"]) end end end @@ -790,16 +790,16 @@ module Gitlab end end - context 'when script is array of arrays of strings' do + context 'when script is nested arrays of strings' do let(:config) do { - after_script: [["global script", "echo 1"], ["ls"], "pwd"], + after_script: [[["global script"], "echo 1"], "echo 2", ["ls"], "pwd"], test: { script: ["script"] } } end it "return after_script in options" do - expect(subject[:options][:after_script]).to eq(["global script", "echo 1", "ls", "pwd"]) + expect(subject[:options][:after_script]).to eq(["global script", "echo 1", "echo 2", "ls", "pwd"]) end end end @@ -2469,40 +2469,16 @@ module Gitlab it_behaves_like 'returns errors', 'jobs:rspec:tags config should be an array of strings' end - context 'returns errors if before_script parameter is invalid' do - let(:config) { YAML.dump({ before_script: "bundle update", rspec: { script: "test" } }) } - - it_behaves_like 'returns errors', 'before_script config should be an array containing strings and arrays of strings' - end - context 'returns errors if job before_script parameter is not an array of strings' do let(:config) { YAML.dump({ rspec: { script: "test", before_script: [10, "test"] } }) } - it_behaves_like 'returns errors', 'jobs:rspec:before_script config should be an array containing strings and arrays of strings' - end - - context 'returns errors if job before_script parameter is multi-level nested array of strings' do - let(:config) { YAML.dump({ rspec: { script: "test", before_script: [["ls", ["pwd"]], "test"] } }) } - - it_behaves_like 'returns errors', 'jobs:rspec:before_script config should be an array containing strings and arrays of strings' - end - - context 'returns errors if after_script parameter is invalid' do - let(:config) { YAML.dump({ after_script: "bundle update", rspec: { script: "test" } }) } - - it_behaves_like 'returns errors', 'after_script config should be an array containing strings and arrays of strings' + it_behaves_like 'returns errors', 'jobs:rspec:before_script config should be a string or a nested array of strings up to 10 levels deep' end context 'returns errors if job after_script parameter is not an array of strings' do let(:config) { YAML.dump({ rspec: { script: "test", after_script: [10, "test"] } }) } - it_behaves_like 'returns errors', 'jobs:rspec:after_script config should be an array containing strings and arrays of strings' - end - - context 'returns errors if job after_script parameter is multi-level nested array of strings' do - let(:config) { YAML.dump({ rspec: { script: "test", after_script: [["ls", ["pwd"]], "test"] } }) } - - it_behaves_like 'returns errors', 'jobs:rspec:after_script config should be an array containing strings and arrays of strings' + it_behaves_like 'returns errors', 'jobs:rspec:after_script config should be a string or a nested array of strings up to 10 levels deep' end context 'returns errors if image parameter is invalid' do diff --git a/spec/lib/gitlab/config/entry/factory_spec.rb b/spec/lib/gitlab/config/entry/factory_spec.rb index 260b5cf0ade..be4dfd31651 100644 --- a/spec/lib/gitlab/config/entry/factory_spec.rb +++ b/spec/lib/gitlab/config/entry/factory_spec.rb @@ -5,8 +5,8 @@ require 'spec_helper' RSpec.describe Gitlab::Config::Entry::Factory do describe '#create!' do before do - stub_const('Script', Class.new(Gitlab::Config::Entry::Node)) - Script.class_eval do + stub_const('Commands', Class.new(Gitlab::Config::Entry::Node)) + Commands.class_eval do include Gitlab::Config::Entry::Validatable validations do @@ -15,7 +15,7 @@ RSpec.describe Gitlab::Config::Entry::Factory do end end - let(:entry) { Script } + let(:entry) { Commands } let(:factory) { described_class.new(entry) } context 'when setting a concrete value' do diff --git a/spec/lib/gitlab/endpoint_attributes_spec.rb b/spec/lib/gitlab/endpoint_attributes_spec.rb index 4d4cfed57fa..53f5b302f05 100644 --- a/spec/lib/gitlab/endpoint_attributes_spec.rb +++ b/spec/lib/gitlab/endpoint_attributes_spec.rb @@ -1,8 +1,9 @@ # frozen_string_literal: true require 'fast_spec_helper' -require_relative "../../support/matchers/be_request_urgency" -require_relative "../../../lib/gitlab/endpoint_attributes" +require_relative '../../support/matchers/be_request_urgency' +require_relative '../../../lib/gitlab/endpoint_attributes/config' +require_relative '../../../lib/gitlab/endpoint_attributes' RSpec.describe Gitlab::EndpointAttributes do let(:base_controller) do diff --git a/spec/lib/gitlab/rack_attack/request_spec.rb b/spec/lib/gitlab/rack_attack/request_spec.rb index ecdcc23e588..72592832a89 100644 --- a/spec/lib/gitlab/rack_attack/request_spec.rb +++ b/spec/lib/gitlab/rack_attack/request_spec.rb @@ -5,6 +5,19 @@ require 'spec_helper' RSpec.describe Gitlab::RackAttack::Request do using RSpec::Parameterized::TableSyntax + let(:env) { {} } + let(:session) { {} } + let(:request) do + ::Rack::Attack::Request.new( + env.reverse_merge( + 'REQUEST_METHOD' => 'GET', + 'PATH_INFO' => path, + 'rack.input' => StringIO.new, + 'rack.session' => session + ) + ) + end + describe 'FILES_PATH_REGEX' do subject { described_class::FILES_PATH_REGEX } @@ -16,11 +29,80 @@ RSpec.describe Gitlab::RackAttack::Request do it { is_expected.not_to match('/api/v4/projects/some/nested/repo/repository/files/README') } end + describe '#api_request?' do + subject { request.api_request? } + + where(:path, :expected) do + '/' | false + '/groups' | false + + '/api' | true + '/api/v4/groups/1' | true + end + + with_them do + it { is_expected.to eq(expected) } + end + end + + describe '#web_request?' do + subject { request.web_request? } + + where(:path, :expected) do + '/' | true + '/groups' | true + + '/api' | false + '/api/v4/groups/1' | false + end + + with_them do + it { is_expected.to eq(expected) } + end + end + + describe '#frontend_request?', :allow_forgery_protection do + subject { request.send(:frontend_request?) } + + let(:path) { '/' } + + # Define these as local variables so we can use them in the `where` block. + valid_token = SecureRandom.base64(ActionController::RequestForgeryProtection::AUTHENTICITY_TOKEN_LENGTH) + other_token = SecureRandom.base64(ActionController::RequestForgeryProtection::AUTHENTICITY_TOKEN_LENGTH) + + where(:session, :env, :expected) do + {} | {} | false # rubocop:disable Lint/BinaryOperatorWithIdenticalOperands + {} | { 'HTTP_X_CSRF_TOKEN' => valid_token } | false + { _csrf_token: valid_token } | { 'HTTP_X_CSRF_TOKEN' => other_token } | false + { _csrf_token: valid_token } | { 'HTTP_X_CSRF_TOKEN' => valid_token } | true + end + + with_them do + it { is_expected.to eq(expected) } + end + + context 'when the feature flag is disabled' do + before do + stub_feature_flags(rate_limit_frontend_requests: false) + end + + where(:session, :env) do + {} | {} # rubocop:disable Lint/BinaryOperatorWithIdenticalOperands + {} | { 'HTTP_X_CSRF_TOKEN' => valid_token } + { _csrf_token: valid_token } | { 'HTTP_X_CSRF_TOKEN' => other_token } + { _csrf_token: valid_token } | { 'HTTP_X_CSRF_TOKEN' => valid_token } + end + + with_them do + it { is_expected.to be(false) } + end + end + end + describe '#deprecated_api_request?' do - let(:env) { { 'REQUEST_METHOD' => 'GET', 'rack.input' => StringIO.new, 'PATH_INFO' => path, 'QUERY_STRING' => query } } - let(:request) { ::Rack::Attack::Request.new(env) } + subject { request.send(:deprecated_api_request?) } - subject { !!request.__send__(:deprecated_api_request?) } + let(:env) { { 'QUERY_STRING' => query } } where(:path, :query, :expected) do '/' | '' | false diff --git a/spec/lib/gitlab/ssh_public_key_spec.rb b/spec/lib/gitlab/ssh_public_key_spec.rb index 38486b313cb..131cf572308 100644 --- a/spec/lib/gitlab/ssh_public_key_spec.rb +++ b/spec/lib/gitlab/ssh_public_key_spec.rb @@ -129,6 +129,26 @@ RSpec.describe Gitlab::SSHPublicKey, lib: true do let(:key) { attributes_for(factory)[:key] } it { is_expected.to be_valid } + + context 'when key begins with options' do + let(:key) { "restrict,command='dump /home' #{attributes_for(factory)[:key]}" } + + it { is_expected.to be_valid } + end + + context 'when key is in known_hosts format' do + context "when key begins with 'example.com'" do + let(:key) { "example.com #{attributes_for(factory)[:key]}" } + + it { is_expected.to be_valid } + end + + context "when key begins with '@revoked other.example.com'" do + let(:key) { "@revoked other.example.com #{attributes_for(factory)[:key]}" } + + it { is_expected.to be_valid } + end + end end end @@ -137,6 +157,40 @@ RSpec.describe Gitlab::SSHPublicKey, lib: true do it { is_expected.not_to be_valid } end + + context 'when an unsupported SSH key algorithm' do + let(:key) { "unsupported-#{attributes_for(:rsa_key_2048)[:key]}" } + + it { is_expected.not_to be_valid } + end + end + + shared_examples 'raises error when the key is represented by a class that is not in the list of supported technologies' do + context 'when the key is represented by a class that is not in the list of supported technologies' do + it 'raises error' do + klass = Class.new + key = klass.new + + allow(public_key).to receive(:key).and_return(key) + + expect { subject }.to raise_error("Unsupported key type: #{key.class}") + end + end + + context 'when the key is represented by a subclass of the class that is in the list of supported technologies' do + it 'raises error' do + rsa_subclass = Class.new(described_class.technology(:rsa).key_class) do + def initialize + end + end + + key = rsa_subclass.new + + allow(public_key).to receive(:key).and_return(key) + + expect { subject }.to raise_error("Unsupported key type: #{key.class}") + end + end end describe '#type' do @@ -162,6 +216,8 @@ RSpec.describe Gitlab::SSHPublicKey, lib: true do it { is_expected.to be_nil } end + + include_examples 'raises error when the key is represented by a class that is not in the list of supported technologies' end describe '#bits' do @@ -190,6 +246,8 @@ RSpec.describe Gitlab::SSHPublicKey, lib: true do it { is_expected.to be_nil } end + + include_examples 'raises error when the key is represented by a class that is not in the list of supported technologies' end describe '#fingerprint' do @@ -220,18 +278,18 @@ RSpec.describe Gitlab::SSHPublicKey, lib: true do end end - describe '#fingerprint in SHA256 format' do - subject { public_key.fingerprint("SHA256").gsub("SHA256:", "") if public_key.fingerprint("SHA256") } + describe '#fingerprint_sha256' do + subject { public_key.fingerprint_sha256 } where(:factory, :fingerprint_sha256) do [ - [:rsa_key_2048, 'GdtgO0eHbwLB+mK47zblkoXujkqKRZjgMQrHH6Kks3E'], - [:rsa_key_4096, 'ByDU7hQ1JB95l6p53rHrffc4eXvEtqGUtQhS+Dhyy7g'], - [:rsa_key_5120, 'PCCupLbFHScm4AbEufbGDvhBU27IM0MVAor715qKQK8'], - [:rsa_key_8192, 'CtHFQAS+9Hb8z4vrv4gVQPsHjNN0WIZhWODaB1mQLs4'], - [:dsa_key_2048, '+a3DQ7cU5GM+gaYOfmc0VWNnykHQSuth3VRcCpWuYNI'], - [:ecdsa_key_256, 'C+I5k3D+IGeM6k5iBR1ZsphqTKV+7uvL/XZ5hcrTr7g'], - [:ed25519_key_256, 'DCKAjzxWrdOTjaGKBBjtCW8qY5++GaiAJflrHPmp6W0'] + [:rsa_key_2048, 'SHA256:GdtgO0eHbwLB+mK47zblkoXujkqKRZjgMQrHH6Kks3E'], + [:rsa_key_4096, 'SHA256:ByDU7hQ1JB95l6p53rHrffc4eXvEtqGUtQhS+Dhyy7g'], + [:rsa_key_5120, 'SHA256:PCCupLbFHScm4AbEufbGDvhBU27IM0MVAor715qKQK8'], + [:rsa_key_8192, 'SHA256:CtHFQAS+9Hb8z4vrv4gVQPsHjNN0WIZhWODaB1mQLs4'], + [:dsa_key_2048, 'SHA256:+a3DQ7cU5GM+gaYOfmc0VWNnykHQSuth3VRcCpWuYNI'], + [:ecdsa_key_256, 'SHA256:C+I5k3D+IGeM6k5iBR1ZsphqTKV+7uvL/XZ5hcrTr7g'], + [:ed25519_key_256, 'SHA256:DCKAjzxWrdOTjaGKBBjtCW8qY5++GaiAJflrHPmp6W0'] ] end @@ -249,10 +307,19 @@ RSpec.describe Gitlab::SSHPublicKey, lib: true do end describe '#key_text' do - let(:key) { 'this is not a key' } + where(:key_value) do + [ + 'this is not a key', + nil + ] + end - it 'carries the unmodified key data' do - expect(public_key.key_text).to eq(key) + with_them do + let(:key) { key_value } + + it 'carries the unmodified key data' do + expect(public_key.key_text).to eq(key) + end end end end diff --git a/spec/lib/gitlab/web_ide/config/entry/global_spec.rb b/spec/lib/gitlab/web_ide/config/entry/global_spec.rb index 9af21685c9e..66c9bb00ee9 100644 --- a/spec/lib/gitlab/web_ide/config/entry/global_spec.rb +++ b/spec/lib/gitlab/web_ide/config/entry/global_spec.rb @@ -108,7 +108,7 @@ RSpec.describe Gitlab::WebIde::Config::Entry::Global do describe '#errors' do it 'reports errors about missing script' do expect(global.errors) - .to include "terminal:before_script config should be an array containing strings and arrays of strings" + .to include "terminal:before_script config should be a string or a nested array of strings up to 10 levels deep" end end end diff --git a/spec/lib/gitlab/web_ide/config_spec.rb b/spec/lib/gitlab/web_ide/config_spec.rb index 7a9011d03c0..7ee9d40410c 100644 --- a/spec/lib/gitlab/web_ide/config_spec.rb +++ b/spec/lib/gitlab/web_ide/config_spec.rb @@ -56,7 +56,7 @@ RSpec.describe Gitlab::WebIde::Config do end context 'when config logic is incorrect' do - let(:yml) { 'terminal: { before_script: "ls" }' } + let(:yml) { 'terminal: { before_script: 123 }' } describe '#valid?' do it 'is not valid' do |