diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-07-28 21:11:01 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-07-28 21:11:01 +0300 |
| commit | 7c5f1bfac791045e54386b9c9bb56ee24afc68ca (patch) | |
| tree | a11c8dff3994899c25acacb383c0a70522a24cd1 /spec/lib | |
| parent | d62fd6e04c272d48dccde4033529ca97c27502f6 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/lib')
3 files changed, 118 insertions, 3 deletions
diff --git a/spec/lib/generators/gitlab/analytics/internal_events_generator_spec.rb b/spec/lib/generators/gitlab/analytics/internal_events_generator_spec.rb index d9acd59aa71..ef09ad7aed4 100644 --- a/spec/lib/generators/gitlab/analytics/internal_events_generator_spec.rb +++ b/spec/lib/generators/gitlab/analytics/internal_events_generator_spec.rb @@ -83,7 +83,7 @@ RSpec.describe Gitlab::Analytics::InternalEventsGenerator, :silence_stdout, feat let(:identifiers) { %w[project user namespace] } let(:event_definition) do { - "category" => "GitlabInternalEvents", + "category" => "InternalEventTracking", "action" => event, "description" => description, "product_section" => section, diff --git a/spec/lib/gitlab/ci/reports/sbom/component_spec.rb b/spec/lib/gitlab/ci/reports/sbom/component_spec.rb index b36924d42a5..d62d25aeefe 100644 --- a/spec/lib/gitlab/ci/reports/sbom/component_spec.rb +++ b/spec/lib/gitlab/ci/reports/sbom/component_spec.rb @@ -27,6 +27,28 @@ RSpec.describe Gitlab::Ci::Reports::Sbom::Component, feature_category: :dependen ) end + describe '#name' do + subject { component.name } + + it { is_expected.to eq(name) } + + context 'with namespace' do + let(:purl) do + 'pkg:maven/org.NameSpace/Name@v0.0.1' + end + + it { is_expected.to eq('org.NameSpace/Name') } + + context 'when needing normalization' do + let(:purl) do + 'pkg:pypi/org.NameSpace/Name@v0.0.1' + end + + it { is_expected.to eq('org.namespace/name') } + end + end + end + describe '#<=>' do where do { @@ -47,7 +69,7 @@ RSpec.describe Gitlab::Ci::Reports::Sbom::Component, feature_category: :dependen a_type: 'library', b_type: 'library', a_purl: 'pkg:npm/component-a@1.0.0', - b_purl: 'pkg:npm/component-a@1.0.0', + b_purl: 'pkg:npm/component-b@1.0.0', a_version: '1.0.0', b_version: '1.0.0', expected: -1 @@ -57,7 +79,7 @@ RSpec.describe Gitlab::Ci::Reports::Sbom::Component, feature_category: :dependen b_name: 'component-a', a_type: 'library', b_type: 'library', - a_purl: 'pkg:npm/component-a@1.0.0', + a_purl: 'pkg:npm/component-b@1.0.0', b_purl: 'pkg:npm/component-a@1.0.0', a_version: '1.0.0', b_version: '1.0.0', diff --git a/spec/lib/gitlab/content_security_policy/config_loader_spec.rb b/spec/lib/gitlab/content_security_policy/config_loader_spec.rb index 44887a86aff..dd633820ad9 100644 --- a/spec/lib/gitlab/content_security_policy/config_loader_spec.rb +++ b/spec/lib/gitlab/content_security_policy/config_loader_spec.rb @@ -4,6 +4,9 @@ require 'spec_helper' RSpec.describe Gitlab::ContentSecurityPolicy::ConfigLoader, feature_category: :shared do let(:policy) { ActionDispatch::ContentSecurityPolicy.new } + let(:lfs_enabled) { false } + let(:proxy_download) { false } + let(:csp_config) do { enabled: true, @@ -20,6 +23,32 @@ RSpec.describe Gitlab::ContentSecurityPolicy::ConfigLoader, feature_category: :s } end + let(:lfs_config) do + { + enabled: lfs_enabled, + remote_directory: 'lfs-objects', + connection: object_store_connection_config, + direct_upload: false, + proxy_download: proxy_download, + storage_options: {} + } + end + + let(:object_store_connection_config) do + { + provider: 'AWS', + aws_access_key_id: 'AWS_ACCESS_KEY_ID', + aws_secret_access_key: 'AWS_SECRET_ACCESS_KEY' + } + end + + before do + stub_lfs_setting(enabled: lfs_enabled) + allow(LfsObjectUploader) + .to receive(:object_store_options) + .and_return(GitlabSettings::Options.build(lfs_config)) + end + describe '.default_enabled' do let(:enabled) { described_class.default_enabled } @@ -170,6 +199,70 @@ RSpec.describe Gitlab::ContentSecurityPolicy::ConfigLoader, feature_category: :s end end + describe 'LFS connect-src headers' do + let(:url_for_provider) { described_class.send(:build_lfs_url) } + + context 'when LFS is enabled' do + let(:lfs_enabled) { true } + + context 'and direct downloads are enabled' do + let(:provider) { LfsObjectUploader.object_store_options.connection.provider } + + context 'when provider is AWS' do + it { expect(provider).to eq('AWS') } + + it { expect(url_for_provider).to be_present } + + it { expect(directives['connect_src']).to include(url_for_provider) } + end + + context 'when provider is AzureRM' do + let(:object_store_connection_config) do + { + provider: 'AzureRM', + azure_storage_account_name: 'azuretest', + azure_storage_access_key: 'ABCD1234' + } + end + + it { expect(provider).to eq('AzureRM') } + + it { expect(url_for_provider).to be_present } + + it { expect(directives['connect_src']).to include(url_for_provider) } + end + + context 'when provider is Google' do + let(:object_store_connection_config) do + { + provider: 'Google', + google_project: 'GOOGLE_PROJECT', + google_application_default: true + } + end + + it { expect(provider).to eq('Google') } + + it { expect(url_for_provider).to be_present } + + it { expect(directives['connect_src']).to include(url_for_provider) } + end + end + + context 'but direct downloads are disabled' do + let(:proxy_download) { true } + + it { expect(directives['connect_src']).not_to include(url_for_provider) } + end + end + + context 'when LFS is disabled' do + let(:proxy_download) { true } + + it { expect(directives['connect_src']).not_to include(url_for_provider) } + end + end + describe 'CDN connections' do before do allow(described_class).to receive(:allow_letter_opener) |