diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-02-03 12:07:35 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-02-03 12:07:35 +0300 |
commit | a9c5941625be2416fbf3b514019886e8f9658416 (patch) | |
tree | 6c6bff089f4bf8ed2c1d5fe184a40975383f7022 /spec/tasks | |
parent | 18876223fd5dc347c26a65838b4e93fbd2702b9f (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/tasks')
-rw-r--r-- | spec/tasks/gitlab/incoming_email_rake_spec.rb | 122 | ||||
-rw-r--r-- | spec/tasks/gitlab/service_desk_email_rake_spec.rb | 127 |
2 files changed, 249 insertions, 0 deletions
diff --git a/spec/tasks/gitlab/incoming_email_rake_spec.rb b/spec/tasks/gitlab/incoming_email_rake_spec.rb new file mode 100644 index 00000000000..3e1cc663ddb --- /dev/null +++ b/spec/tasks/gitlab/incoming_email_rake_spec.rb @@ -0,0 +1,122 @@ +# frozen_string_literal: true + +require 'rake_helper' + +RSpec.describe 'gitlab:incoming_email:secret rake tasks', :silence_stdout, feature_category: :build do + let(:encrypted_secret_file_dir) { Pathname.new(Dir.mktmpdir) } + let(:encrypted_secret_file) { encrypted_secret_file_dir.join('incoming_email.yaml.enc') } + + before do + Rake.application.rake_require 'tasks/gitlab/incoming_email' + stub_env('EDITOR', 'cat') + stub_warn_user_is_not_gitlab + allow(Gitlab.config.incoming_email).to receive(:encrypted_secret_file).and_return(encrypted_secret_file) + allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(SecureRandom.hex(64)) + end + + after do + FileUtils.rm_rf(Rails.root.join('tmp/tests/incoming_email_enc')) + end + + describe ':show' do + it 'displays error when file does not exist' do + expect { run_rake_task('gitlab:incoming_email:secret:show') }.to \ + output(/File .* does not exist. Use `gitlab-rake gitlab:incoming_email:secret:edit` to change that./).to_stdout + end + + it 'displays error when key does not exist' do + Settings.encrypted(encrypted_secret_file).write('somevalue') + allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(nil) + expect { run_rake_task('gitlab:incoming_email:secret:show') }.to \ + output(/Missing encryption key encrypted_settings_key_base./).to_stderr + end + + it 'displays error when key is changed' do + Settings.encrypted(encrypted_secret_file).write('somevalue') + allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(SecureRandom.hex(64)) + expect { run_rake_task('gitlab:incoming_email:secret:show') }.to \ + output(/Couldn't decrypt .* Perhaps you passed the wrong key?/).to_stderr + end + + it 'outputs the unencrypted content when present' do + encrypted = Settings.encrypted(encrypted_secret_file) + encrypted.write('somevalue') + expect { run_rake_task('gitlab:incoming_email:secret:show') }.to output(/somevalue/).to_stdout + end + end + + describe 'edit' do + it 'creates encrypted file' do + expect { run_rake_task('gitlab:incoming_email:secret:edit') }.to output(/File encrypted and saved./).to_stdout + expect(File.exist?(encrypted_secret_file)).to be true + value = Settings.encrypted(encrypted_secret_file) + expect(value.read).to match(/password: '123'/) + end + + it 'displays error when key does not exist' do + allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(nil) + expect { run_rake_task('gitlab:incoming_email:secret:edit') }.to \ + output(/Missing encryption key encrypted_settings_key_base./).to_stderr + end + + it 'displays error when key is changed' do + Settings.encrypted(encrypted_secret_file).write('somevalue') + allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(SecureRandom.hex(64)) + expect { run_rake_task('gitlab:incoming_email:secret:edit') }.to \ + output(/Couldn't decrypt .* Perhaps you passed the wrong key?/).to_stderr + end + + it 'displays error when write directory does not exist' do + FileUtils.rm_rf(encrypted_secret_file_dir) + expect { run_rake_task('gitlab:incoming_email:secret:edit') }.to \ + output(/Directory .* does not exist./).to_stderr + end + + it 'shows a warning when content is invalid' do + Settings.encrypted(encrypted_secret_file).write('somevalue') + expect { run_rake_task('gitlab:incoming_email:secret:edit') }.to \ + output(/WARNING: Content was not a valid INCOMING_EMAIL secret yml file/).to_stdout + value = Settings.encrypted(encrypted_secret_file) + expect(value.read).to match(/somevalue/) + end + + it 'displays error when $EDITOR is not set' do + stub_env('EDITOR', nil) + expect { run_rake_task('gitlab:incoming_email:secret:edit') }.to \ + output(/No \$EDITOR specified to open file. Please provide one when running the command/).to_stderr + end + end + + describe 'write' do + before do + allow($stdin).to receive(:tty?).and_return(false) + allow($stdin).to receive(:read).and_return('username: foo') + end + + it 'creates encrypted file from stdin' do + expect { run_rake_task('gitlab:incoming_email:secret:write') }.to output(/File encrypted and saved./).to_stdout + expect(File.exist?(encrypted_secret_file)).to be true + value = Settings.encrypted(encrypted_secret_file) + expect(value.read).to match(/username: foo/) + end + + it 'displays error when key does not exist' do + allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(nil) + expect { run_rake_task('gitlab:incoming_email:secret:write') }.to \ + output(/Missing encryption key encrypted_settings_key_base./).to_stderr + end + + it 'displays error when write directory does not exist' do + FileUtils.rm_rf(encrypted_secret_file_dir) + expect { run_rake_task('gitlab:incoming_email:secret:write') }.to output(/Directory .* does not exist./).to_stderr + end + + it 'shows a warning when content is invalid' do + Settings.encrypted(encrypted_secret_file).write('somevalue') + expect { run_rake_task('gitlab:incoming_email:secret:edit') }.to \ + output(/WARNING: Content was not a valid INCOMING_EMAIL secret yml file/).to_stdout + value = Settings.encrypted(encrypted_secret_file) + expect(value.read).to match(/somevalue/) + end + end +end diff --git a/spec/tasks/gitlab/service_desk_email_rake_spec.rb b/spec/tasks/gitlab/service_desk_email_rake_spec.rb new file mode 100644 index 00000000000..6a1a7473f4a --- /dev/null +++ b/spec/tasks/gitlab/service_desk_email_rake_spec.rb @@ -0,0 +1,127 @@ +# frozen_string_literal: true + +require 'rake_helper' + +RSpec.describe 'gitlab:service_desk_email:secret rake tasks', :silence_stdout, feature_category: :build do + let(:encrypted_secret_file_dir) { Pathname.new(Dir.mktmpdir) } + let(:encrypted_secret_file) { encrypted_secret_file_dir.join('service_desk_email.yaml.enc') } + + before do + Rake.application.rake_require 'tasks/gitlab/service_desk_email' + stub_env('EDITOR', 'cat') + stub_warn_user_is_not_gitlab + FileUtils.mkdir_p('tmp/tests/service_desk_email_enc/') + allow(Gitlab.config.service_desk_email).to receive(:encrypted_secret_file).and_return(encrypted_secret_file) + allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(SecureRandom.hex(64)) + end + + after do + FileUtils.rm_rf(Rails.root.join('tmp/tests/service_desk_email_enc')) + end + + describe ':show' do + it 'displays error when file does not exist' do + expect { run_rake_task('gitlab:service_desk_email:secret:show') }.to \ + output(/File .* does not exist. Use `gitlab-rake gitlab:service_desk_email:secret:edit` to change that./) \ + .to_stdout + end + + it 'displays error when key does not exist' do + Settings.encrypted(encrypted_secret_file).write('somevalue') + allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(nil) + expect { run_rake_task('gitlab:service_desk_email:secret:show') }.to \ + output(/Missing encryption key encrypted_settings_key_base./).to_stderr + end + + it 'displays error when key is changed' do + Settings.encrypted(encrypted_secret_file).write('somevalue') + allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(SecureRandom.hex(64)) + expect { run_rake_task('gitlab:service_desk_email:secret:show') }.to \ + output(/Couldn't decrypt .* Perhaps you passed the wrong key?/).to_stderr + end + + it 'outputs the unencrypted content when present' do + encrypted = Settings.encrypted(encrypted_secret_file) + encrypted.write('somevalue') + expect { run_rake_task('gitlab:service_desk_email:secret:show') }.to output(/somevalue/).to_stdout + end + end + + describe 'edit' do + it 'creates encrypted file' do + expect { run_rake_task('gitlab:service_desk_email:secret:edit') }.to \ + output(/File encrypted and saved./).to_stdout + expect(File.exist?(encrypted_secret_file)).to be true + value = Settings.encrypted(encrypted_secret_file) + expect(value.read).to match(/password: '123'/) + end + + it 'displays error when key does not exist' do + allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(nil) + expect { run_rake_task('gitlab:service_desk_email:secret:edit') }.to \ + output(/Missing encryption key encrypted_settings_key_base./).to_stderr + end + + it 'displays error when key is changed' do + Settings.encrypted(encrypted_secret_file).write('somevalue') + allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(SecureRandom.hex(64)) + expect { run_rake_task('gitlab:service_desk_email:secret:edit') }.to \ + output(/Couldn't decrypt .* Perhaps you passed the wrong key?/).to_stderr + end + + it 'displays error when write directory does not exist' do + FileUtils.rm_rf(encrypted_secret_file_dir) + expect { run_rake_task('gitlab:service_desk_email:secret:edit') }.to \ + output(/Directory .* does not exist./).to_stderr + end + + it 'shows a warning when content is invalid' do + Settings.encrypted(encrypted_secret_file).write('somevalue') + expect { run_rake_task('gitlab:service_desk_email:secret:edit') }.to \ + output(/WARNING: Content was not a valid SERVICE_DESK_EMAIL secret yml file/).to_stdout + value = Settings.encrypted(encrypted_secret_file) + expect(value.read).to match(/somevalue/) + end + + it 'displays error when $EDITOR is not set' do + stub_env('EDITOR', nil) + expect { run_rake_task('gitlab:service_desk_email:secret:edit') }.to \ + output(/No \$EDITOR specified to open file. Please provide one when running the command/).to_stderr + end + end + + describe 'write' do + before do + allow($stdin).to receive(:tty?).and_return(false) + allow($stdin).to receive(:read).and_return('username: foo') + end + + it 'creates encrypted file from stdin' do + expect { run_rake_task('gitlab:service_desk_email:secret:write') }.to \ + output(/File encrypted and saved./).to_stdout + expect(File.exist?(encrypted_secret_file)).to be true + value = Settings.encrypted(encrypted_secret_file) + expect(value.read).to match(/username: foo/) + end + + it 'displays error when key does not exist' do + allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(nil) + expect { run_rake_task('gitlab:service_desk_email:secret:write') }.to \ + output(/Missing encryption key encrypted_settings_key_base./).to_stderr + end + + it 'displays error when write directory does not exist' do + FileUtils.rm_rf(encrypted_secret_file_dir) + expect { run_rake_task('gitlab:service_desk_email:secret:write') }.to \ + output(/Directory .* does not exist./).to_stderr + end + + it 'shows a warning when content is invalid' do + Settings.encrypted(encrypted_secret_file).write('somevalue') + expect { run_rake_task('gitlab:service_desk_email:secret:edit') }.to \ + output(/WARNING: Content was not a valid SERVICE_DESK_EMAIL secret yml file/).to_stdout + value = Settings.encrypted(encrypted_secret_file) + expect(value.read).to match(/somevalue/) + end + end +end |