diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-17 14:33:21 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-17 14:33:21 +0300 |
commit | 7021455bd1ed7b125c55eb1b33c5a01f2bc55ee0 (patch) | |
tree | 5bdc2229f5198d516781f8d24eace62fc7e589e9 /spec/uploaders | |
parent | 185b095e93520f96e9cfc31d9c3e69b498cdab7c (diff) |
Add latest changes from gitlab-org/gitlab@15-6-stable-eev15.6.0-rc42
Diffstat (limited to 'spec/uploaders')
-rw-r--r-- | spec/uploaders/job_artifact_uploader_spec.rb | 2 | ||||
-rw-r--r-- | spec/uploaders/object_storage/cdn/google_cdn_spec.rb | 46 | ||||
-rw-r--r-- | spec/uploaders/object_storage/cdn_spec.rb | 27 |
3 files changed, 42 insertions, 33 deletions
diff --git a/spec/uploaders/job_artifact_uploader_spec.rb b/spec/uploaders/job_artifact_uploader_spec.rb index a7fd040837f..d7c9ef7e0d5 100644 --- a/spec/uploaders/job_artifact_uploader_spec.rb +++ b/spec/uploaders/job_artifact_uploader_spec.rb @@ -26,7 +26,7 @@ RSpec.describe JobArtifactUploader do describe '#cdn_enabled_url' do it 'returns URL and false' do - result = uploader.cdn_enabled_url(nil, '127.0.0.1') + result = uploader.cdn_enabled_url('127.0.0.1') expect(result.used_cdn).to be false end diff --git a/spec/uploaders/object_storage/cdn/google_cdn_spec.rb b/spec/uploaders/object_storage/cdn/google_cdn_spec.rb index 8e209dabddc..96755b7292b 100644 --- a/spec/uploaders/object_storage/cdn/google_cdn_spec.rb +++ b/spec/uploaders/object_storage/cdn/google_cdn_spec.rb @@ -92,26 +92,52 @@ RSpec.describe ObjectStorage::CDN::GoogleCDN, end end - describe '#signed_url' do + describe '#signed_url', :freeze_time do let(:path) { '/path/to/file.txt' } + let(:expiration) { (Time.current + 10.minutes).utc.to_i } + let(:cdn_query_params) { "Expires=#{expiration}&KeyName=#{key_name}" } - it 'returns a valid signed URL' do - url = subject.signed_url(path) - + def verify_signature(url, unsigned_url) expect(url).to start_with("#{options[:url]}#{path}") uri = Addressable::URI.parse(url) - parsed_query = Rack::Utils.parse_nested_query(uri.query) - signature = parsed_query.delete('Signature') + query = uri.query_values + signature = query['Signature'] - signed_url = "#{options[:url]}#{path}?Expires=#{parsed_query['Expires']}&KeyName=#{key_name}" - computed_signature = OpenSSL::HMAC.digest('SHA1', key, signed_url) + computed_signature = OpenSSL::HMAC.digest('SHA1', key, unsigned_url) aggregate_failures do - expect(parsed_query['Expires'].to_i).to be > 0 - expect(parsed_query['KeyName']).to eq(key_name) + expect(query['Expires'].to_i).to be > 0 + expect(query['KeyName']).to eq(key_name) expect(signature).to eq(Base64.urlsafe_encode64(computed_signature)) end end + + context 'with default query parameters' do + let(:url) { subject.signed_url(path) } + let(:unsigned_url) { "#{options[:url]}#{path}?#{cdn_query_params}" } + + it 'returns a valid signed URL' do + verify_signature(url, unsigned_url) + end + end + + context 'with nil query parameters' do + let(:url) { subject.signed_url(path, params: nil) } + let(:unsigned_url) { "#{options[:url]}#{path}?#{cdn_query_params}" } + + it 'returns a valid signed URL' do + verify_signature(url, unsigned_url) + end + end + + context 'with extra query parameters' do + let(:url) { subject.signed_url(path, params: { 'response-content-type' => 'text/plain' }) } + let(:unsigned_url) { "#{options[:url]}#{path}?response-content-type=text%2Fplain&#{cdn_query_params}" } + + it 'returns a valid signed URL' do + verify_signature(url, unsigned_url) + end + end end end diff --git a/spec/uploaders/object_storage/cdn_spec.rb b/spec/uploaders/object_storage/cdn_spec.rb index f99450b274f..2a447921a19 100644 --- a/spec/uploaders/object_storage/cdn_spec.rb +++ b/spec/uploaders/object_storage/cdn_spec.rb @@ -44,30 +44,13 @@ RSpec.describe ObjectStorage::CDN do end describe '#cdn_enabled_url' do - context 'with ci_job_artifacts_cdn feature flag disabled' do - before do - stub_feature_flags(ci_job_artifacts_cdn: false) - end - - it 'calls #url' do - expect(subject).to receive(:url).and_call_original - expect(subject).not_to receive(:cdn_signed_url) - - result = subject.cdn_enabled_url(project, public_ip) - - expect(result.used_cdn).to be false - end - end + it 'calls #cdn_signed_url' do + expect(subject).not_to receive(:url) + expect(subject).to receive(:cdn_signed_url).and_call_original - context 'with ci_job_artifacts_cdn feature flag enabled' do - it 'calls #cdn_signed_url' do - expect(subject).not_to receive(:url) - expect(subject).to receive(:cdn_signed_url).and_call_original + result = subject.cdn_enabled_url(public_ip) - result = subject.cdn_enabled_url(project, public_ip) - - expect(result.used_cdn).to be true - end + expect(result.used_cdn).to be true end end |