Revert "Merge branch '48098-mutual-auth-cluster-applications' into 'master'"

This reverts merge request !20801
author: Mayra Cabrera <mcabrera@gitlab.com> 2018-07-31 16:15:18 +0300
committer: Mayra Cabrera <mcabrera@gitlab.com> 2018-07-31 16:15:18 +0300
commit: b21730116ea14fc1ac153478ed058e505bceed17 (patch)
tree: b3c6c481f1a3368ad13cb2b1471b94a4b1034965 /spec/models
parent: 5a3948a5733d7d4dc09bfa2daeaad5cc15ba2a00 (diff)
5 files changed, 50 insertions, 167 deletions
diff --git a/spec/models/clusters/applications/helm_spec.rb b/spec/models/clusters/applications/helm_spec.rb
index e5b2bdc8a4e..0eb1e3876e2 100644
--- a/spec/models/clusters/applications/helm_spec.rb
+++ b/spec/models/clusters/applications/helm_spec.rb
@@ -6,24 +6,13 @@ describe Clusters::Applications::Helm do
   describe '.installed' do
     subject { described_class.installed }
 
-    let!(:installed_cluster) { create(:clusters_applications_helm, :installed) }
+    let!(:cluster) { create(:clusters_applications_helm, :installed) }
 
     before do
       create(:clusters_applications_helm, :errored)
     end
 
-    it { is_expected.to contain_exactly(installed_cluster) }
-  end
-
-  describe '#issue_client_cert' do
-    let(:application) { create(:clusters_applications_helm) }
-    subject { application.issue_client_cert }
-
-    it 'returns a new cert' do
-      is_expected.to be_kind_of(Gitlab::Kubernetes::Helm::Certificate)
-      expect(subject.cert_string).not_to eq(application.ca_cert)
-      expect(subject.key_string).not_to eq(application.ca_key)
-    end
+    it { is_expected.to contain_exactly(cluster) }
   end
 
   describe '#install_command' do
@@ -36,16 +25,5 @@ describe Clusters::Applications::Helm do
     it 'should be initialized with 1 arguments' do
       expect(subject.name).to eq('helm')
     end
-
-    it 'should have cert files' do
-      expect(subject.files[:'ca.pem']).to be_present
-      expect(subject.files[:'ca.pem']).to eq(helm.ca_cert)
-
-      expect(subject.files[:'cert.pem']).to be_present
-      expect(subject.files[:'key.pem']).to be_present
-
-      cert = OpenSSL::X509::Certificate.new(subject.files[:'cert.pem'])
-      expect(cert.not_after).to be > 999.years.from_now
-    end
   end
 end
diff --git a/spec/models/clusters/applications/ingress_spec.rb b/spec/models/clusters/applications/ingress_spec.rb
index c76aae432f9..bb5b2ef3a47 100644
--- a/spec/models/clusters/applications/ingress_spec.rb
+++ b/spec/models/clusters/applications/ingress_spec.rb
@@ -74,43 +74,18 @@ describe Clusters::Applications::Ingress do
       expect(subject.name).to eq('ingress')
       expect(subject.chart).to eq('stable/nginx-ingress')
       expect(subject.version).to be_nil
-      expect(subject.files).to eq(ingress.files)
+      expect(subject.values).to eq(ingress.values)
     end
   end
 
-  describe '#files' do
-    let(:application) { ingress }
-    subject { application.files }
-    let(:values) { subject[:'values.yaml'] }
+  describe '#values' do
+    subject { ingress.values }
 
-    it 'should include ingress valid keys in values' do
-      expect(values).to include('image')
-      expect(values).to include('repository')
-      expect(values).to include('stats')
-      expect(values).to include('podAnnotations')
-    end
-
-    context 'when the helm application does not have a ca_cert' do
-      before do
-        application.cluster.application_helm.ca_cert = nil
-      end
-
-      it 'should not include cert files' do
-        expect(subject[:'ca.pem']).not_to be_present
-        expect(subject[:'cert.pem']).not_to be_present
-        expect(subject[:'key.pem']).not_to be_present
-      end
-    end
-
-    it 'should include cert files' do
-      expect(subject[:'ca.pem']).to be_present
-      expect(subject[:'ca.pem']).to eq(application.cluster.application_helm.ca_cert)
-
-      expect(subject[:'cert.pem']).to be_present
-      expect(subject[:'key.pem']).to be_present
-
-      cert = OpenSSL::X509::Certificate.new(subject[:'cert.pem'])
-      expect(cert.not_after).to be < 60.minutes.from_now
+    it 'should include ingress valid keys' do
+      is_expected.to include('image')
+      is_expected.to include('repository')
+      is_expected.to include('stats')
+      is_expected.to include('podAnnotations')
     end
   end
 end
diff --git a/spec/models/clusters/applications/jupyter_spec.rb b/spec/models/clusters/applications/jupyter_spec.rb
index a8cf44ac8a8..65750141e65 100644
--- a/spec/models/clusters/applications/jupyter_spec.rb
+++ b/spec/models/clusters/applications/jupyter_spec.rb
@@ -38,46 +38,23 @@ describe Clusters::Applications::Jupyter do
       expect(subject.chart).to eq('jupyter/jupyterhub')
       expect(subject.version).to be_nil
       expect(subject.repository).to eq('https://jupyterhub.github.io/helm-chart/')
-      expect(subject.files).to eq(jupyter.files)
+      expect(subject.values).to eq(jupyter.values)
     end
   end
 
-  describe '#files' do
-    let(:application) { create(:clusters_applications_jupyter) }
-    subject { application.files }
-    let(:values) { subject[:'values.yaml'] }
+  describe '#values' do
+    let(:jupyter) { create(:clusters_applications_jupyter) }
 
-    it 'should include cert files' do
-      expect(subject[:'ca.pem']).to be_present
-      expect(subject[:'ca.pem']).to eq(application.cluster.application_helm.ca_cert)
-
-      expect(subject[:'cert.pem']).to be_present
-      expect(subject[:'key.pem']).to be_present
-
-      cert = OpenSSL::X509::Certificate.new(subject[:'cert.pem'])
-      expect(cert.not_after).to be < 60.minutes.from_now
-    end
-
-    context 'when the helm application does not have a ca_cert' do
-      before do
-        application.cluster.application_helm.ca_cert = nil
-      end
-
-      it 'should not include cert files' do
-        expect(subject[:'ca.pem']).not_to be_present
-        expect(subject[:'cert.pem']).not_to be_present
-        expect(subject[:'key.pem']).not_to be_present
-      end
-    end
+    subject { jupyter.values }
 
     it 'should include valid values' do
-      expect(values).to include('ingress')
-      expect(values).to include('hub')
-      expect(values).to include('rbac')
-      expect(values).to include('proxy')
-      expect(values).to include('auth')
-      expect(values).to match(/clientId: '?#{application.oauth_application.uid}/)
-      expect(values).to match(/callbackUrl: '?#{application.callback_url}/)
+      is_expected.to include('ingress')
+      is_expected.to include('hub')
+      is_expected.to include('rbac')
+      is_expected.to include('proxy')
+      is_expected.to include('auth')
+      is_expected.to include("clientId: #{jupyter.oauth_application.uid}")
+      is_expected.to include("callbackUrl: #{jupyter.callback_url}")
     end
   end
 end
diff --git a/spec/models/clusters/applications/prometheus_spec.rb b/spec/models/clusters/applications/prometheus_spec.rb
index 313bd741f88..e4b61552033 100644
--- a/spec/models/clusters/applications/prometheus_spec.rb
+++ b/spec/models/clusters/applications/prometheus_spec.rb
@@ -153,44 +153,21 @@ describe Clusters::Applications::Prometheus do
       expect(command.name).to eq('prometheus')
       expect(command.chart).to eq('stable/prometheus')
       expect(command.version).to eq('6.7.3')
-      expect(command.files).to eq(prometheus.files)
+      expect(command.values).to eq(prometheus.values)
     end
   end
 
-  describe '#files' do
-    let(:application) { create(:clusters_applications_prometheus) }
-    subject { application.files }
-    let(:values) { subject[:'values.yaml'] }
-
-    it 'should include cert files' do
-      expect(subject[:'ca.pem']).to be_present
-      expect(subject[:'ca.pem']).to eq(application.cluster.application_helm.ca_cert)
-
-      expect(subject[:'cert.pem']).to be_present
-      expect(subject[:'key.pem']).to be_present
-
-      cert = OpenSSL::X509::Certificate.new(subject[:'cert.pem'])
-      expect(cert.not_after).to be < 60.minutes.from_now
-    end
-
-    context 'when the helm application does not have a ca_cert' do
-      before do
-        application.cluster.application_helm.ca_cert = nil
-      end
+  describe '#values' do
+    let(:prometheus) { create(:clusters_applications_prometheus) }
 
-      it 'should not include cert files' do
-        expect(subject[:'ca.pem']).not_to be_present
-        expect(subject[:'cert.pem']).not_to be_present
-        expect(subject[:'key.pem']).not_to be_present
-      end
-    end
+    subject { prometheus.values }
 
     it 'should include prometheus valid values' do
-      expect(values).to include('alertmanager')
-      expect(values).to include('kubeStateMetrics')
-      expect(values).to include('nodeExporter')
-      expect(values).to include('pushgateway')
-      expect(values).to include('serverFiles')
+      is_expected.to include('alertmanager')
+      is_expected.to include('kubeStateMetrics')
+      is_expected.to include('nodeExporter')
+      is_expected.to include('pushgateway')
+      is_expected.to include('serverFiles')
     end
   end
 end
diff --git a/spec/models/clusters/applications/runner_spec.rb b/spec/models/clusters/applications/runner_spec.rb
index 65aaa1ee882..b12500d0acd 100644
--- a/spec/models/clusters/applications/runner_spec.rb
+++ b/spec/models/clusters/applications/runner_spec.rb
@@ -33,55 +33,31 @@ describe Clusters::Applications::Runner do
       expect(subject.chart).to eq('runner/gitlab-runner')
       expect(subject.version).to be_nil
       expect(subject.repository).to eq('https://charts.gitlab.io')
-      expect(subject.files).to eq(gitlab_runner.files)
+      expect(subject.values).to eq(gitlab_runner.values)
     end
   end
 
-  describe '#files' do
-    let(:application) { create(:clusters_applications_runner, runner: ci_runner) }
-
-    subject { application.files }
-    let(:values) { subject[:'values.yaml'] }
-
-    it 'should include cert files' do
-      expect(subject[:'ca.pem']).to be_present
-      expect(subject[:'ca.pem']).to eq(application.cluster.application_helm.ca_cert)
-
-      expect(subject[:'cert.pem']).to be_present
-      expect(subject[:'key.pem']).to be_present
-
-      cert = OpenSSL::X509::Certificate.new(subject[:'cert.pem'])
-      expect(cert.not_after).to be < 60.minutes.from_now
-    end
-
-    context 'when the helm application does not have a ca_cert' do
-      before do
-        application.cluster.application_helm.ca_cert = nil
-      end
+  describe '#values' do
+    let(:gitlab_runner) { create(:clusters_applications_runner, runner: ci_runner) }
 
-      it 'should not include cert files' do
-        expect(subject[:'ca.pem']).not_to be_present
-        expect(subject[:'cert.pem']).not_to be_present
-        expect(subject[:'key.pem']).not_to be_present
-      end
-    end
+    subject { gitlab_runner.values }
 
     it 'should include runner valid values' do
-      expect(values).to include('concurrent')
-      expect(values).to include('checkInterval')
-      expect(values).to include('rbac')
-      expect(values).to include('runners')
-      expect(values).to include('privileged: true')
-      expect(values).to include('image: ubuntu:16.04')
-      expect(values).to include('resources')
-      expect(values).to match(/runnerToken: '?#{ci_runner.token}/)
-      expect(values).to match(/gitlabUrl: '?#{Gitlab::Routing.url_helpers.root_url}/)
+      is_expected.to include('concurrent')
+      is_expected.to include('checkInterval')
+      is_expected.to include('rbac')
+      is_expected.to include('runners')
+      is_expected.to include('privileged: true')
+      is_expected.to include('image: ubuntu:16.04')
+      is_expected.to include('resources')
+      is_expected.to include("runnerToken: #{ci_runner.token}")
+      is_expected.to include("gitlabUrl: #{Gitlab::Routing.url_helpers.root_url}")
     end
 
     context 'without a runner' do
       let(:project) { create(:project) }
-      let(:cluster) { create(:cluster, :with_installed_helm, projects: [project]) }
-      let(:application) { create(:clusters_applications_runner, cluster: cluster) }
+      let(:cluster) { create(:cluster, projects: [project]) }
+      let(:gitlab_runner) { create(:clusters_applications_runner, cluster: cluster) }
 
       it 'creates a runner' do
         expect do
@@ -90,18 +66,18 @@ describe Clusters::Applications::Runner do
       end
 
       it 'uses the new runner token' do
-        expect(values).to match(/runnerToken: '?#{application.reload.runner.token}/)
+        expect(subject).to include("runnerToken: #{gitlab_runner.reload.runner.token}")
       end
 
       it 'assigns the new runner to runner' do
         subject
 
-        expect(application.reload.runner).to be_project_type
+        expect(gitlab_runner.reload.runner).to be_project_type
       end
     end
 
     context 'with duplicated values on vendor/runner/values.yaml' do
-      let(:stub_values) do
+      let(:values) do
         {
           "concurrent" => 4,
           "checkInterval" => 3,
@@ -120,11 +96,11 @@ describe Clusters::Applications::Runner do
       end
 
       before do
-        allow(application).to receive(:chart_values).and_return(stub_values)
+        allow(gitlab_runner).to receive(:chart_values).and_return(values)
       end
 
       it 'should overwrite values.yaml' do
-        expect(values).to match(/privileged: '?#{application.privileged}/)
+        is_expected.to include("privileged: #{gitlab_runner.privileged}")
       end
     end
   end
author	Mayra Cabrera <mcabrera@gitlab.com>	2018-07-31 16:15:18 +0300
committer	Mayra Cabrera <mcabrera@gitlab.com>	2018-07-31 16:15:18 +0300
commit	b21730116ea14fc1ac153478ed058e505bceed17 (patch)
tree	b3c6c481f1a3368ad13cb2b1471b94a4b1034965 /spec/models
parent	5a3948a5733d7d4dc09bfa2daeaad5cc15ba2a00 (diff)