diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-06-08 03:11:42 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-06-08 03:11:42 +0300 |
commit | 356e3c444dc8fab920d3547461b6ae721c5eb50f (patch) | |
tree | 1de57bb445a71aeb8684f5a1f15d2b04fd60a99b /spec | |
parent | e0d38e233de6113b51f784452d0f1f805356adaa (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec')
-rw-r--r-- | spec/lib/gitlab/verify/ci_secure_files_spec.rb | 64 | ||||
-rw-r--r-- | spec/models/ci/secure_file_spec.rb | 27 | ||||
-rw-r--r-- | spec/tasks/gitlab/ci_secure_files/check_rake_spec.rb | 33 |
3 files changed, 117 insertions, 7 deletions
diff --git a/spec/lib/gitlab/verify/ci_secure_files_spec.rb b/spec/lib/gitlab/verify/ci_secure_files_spec.rb new file mode 100644 index 00000000000..4fd2db85ec2 --- /dev/null +++ b/spec/lib/gitlab/verify/ci_secure_files_spec.rb @@ -0,0 +1,64 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Gitlab::Verify::CiSecureFiles, factory_default: :keep, feature_category: :mobile_devops do + include GitlabVerifyHelpers + + it_behaves_like 'Gitlab::Verify::BatchVerifier subclass' do + let_it_be(:objects) { create_list(:ci_secure_file, 3) } + end + + describe '#run_batches' do + let_it_be(:project) { create(:project) } + let(:failures) { collect_failures } + let(:failure) { failures[secure_file] } + + let!(:secure_file) { create(:ci_secure_file, project: project) } + + it 'passes secure_files with the correct file' do + expect(failures).to eq({}) + end + + it 'fails secure_files with a missing file' do + FileUtils.rm_f(secure_file.file.path) + + expect(failures.keys).to contain_exactly(secure_file) + expect(failure).to include('No such file or directory') + expect(failure).to include(secure_file.file.path) + end + + it 'fails secure_files with a mismatched checksum' do + secure_file.update!(checksum: 'something incorrect') + + expect(failures.keys).to contain_exactly(secure_file) + expect(failure).to include('Checksum mismatch') + end + + context 'with remote files' do + let(:file) { CarrierWaveStringFile.new } + + before do + stub_ci_secure_file_object_storage + secure_file.update!(file_store: ObjectStorage::Store::REMOTE) + end + + describe 'returned hash object' do + it 'passes secure_files in object storage that exist' do + expect(CarrierWave::Storage::Fog::File).to receive(:new).and_return(file) + expect(file).to receive(:exists?).and_return(true) + + expect(failures).to eq({}) + end + + it 'fails secure_files in object storage that do not exist' do + expect(CarrierWave::Storage::Fog::File).to receive(:new).and_return(file) + expect(file).to receive(:exists?).and_return(false) + + expect(failures.keys).to contain_exactly(secure_file) + expect(failure).to include('Remote object does not exist') + end + end + end + end +end diff --git a/spec/models/ci/secure_file_spec.rb b/spec/models/ci/secure_file_spec.rb index 1043da33022..367f68c4773 100644 --- a/spec/models/ci/secure_file_spec.rb +++ b/spec/models/ci/secure_file_spec.rb @@ -2,13 +2,14 @@ require 'spec_helper' -RSpec.describe Ci::SecureFile do +RSpec.describe Ci::SecureFile, factory_default: :keep, feature_category: :mobile_devops do + let_it_be(:project) { create_default(:project).freeze } + let(:sample_file) { fixture_file('ci_secure_files/upload-keystore.jks') } + before do stub_ci_secure_file_object_storage end - let(:sample_file) { fixture_file('ci_secure_files/upload-keystore.jks') } - subject { create(:ci_secure_file, file: CarrierWaveStringFile.new(sample_file)) } it { is_expected.to be_a FileStoreMounter } @@ -60,10 +61,9 @@ RSpec.describe Ci::SecureFile do describe 'ordered scope' do it 'returns the newest item first' do - project = create(:project) - file1 = create(:ci_secure_file, created_at: 1.week.ago, project: project) - file2 = create(:ci_secure_file, created_at: 2.days.ago, project: project) - file3 = create(:ci_secure_file, created_at: 1.day.ago, project: project) + file1 = create(:ci_secure_file, created_at: 1.week.ago) + file2 = create(:ci_secure_file, created_at: 2.days.ago) + file3 = create(:ci_secure_file, created_at: 1.day.ago) files = project.secure_files.order_by_created_at @@ -199,4 +199,17 @@ RSpec.describe Ci::SecureFile do corrupt_file.update_metadata! end end + + describe '#local?' do + it 'returns true when using local storage' do + secure_file = create(:ci_secure_file) + secure_file.update!(file_store: ObjectStorage::Store::LOCAL) + expect(secure_file.local?).to be true + end + + it 'returns false when using object storage' do + secure_file = create(:ci_secure_file, file_store: ObjectStorage::Store::REMOTE) + expect(secure_file.local?).to be false + end + end end diff --git a/spec/tasks/gitlab/ci_secure_files/check_rake_spec.rb b/spec/tasks/gitlab/ci_secure_files/check_rake_spec.rb new file mode 100644 index 00000000000..b3bd6be8fde --- /dev/null +++ b/spec/tasks/gitlab/ci_secure_files/check_rake_spec.rb @@ -0,0 +1,33 @@ +# frozen_string_literal: true + +require 'rake_helper' + +RSpec.describe 'gitlab:ci_secure_files', factory_default: :keep, feature_category: :mobile_devops do + describe 'check' do + let_it_be(:project) { create_default(:project).freeze } + let!(:secure_file) { create(:ci_secure_file) } + + before do + Rake.application.rake_require('tasks/gitlab/ci_secure_files/check') + stub_env('VERBOSE' => 'true') + end + + it 'outputs the integrity check for each batch' do + expect { run_rake_task('gitlab:ci_secure_files:check') }.to output(/Failures: 0/).to_stdout + end + + it 'errors out about missing files on the file system' do + FileUtils.rm_f(secure_file.file.path) + + expect do + run_rake_task('gitlab:ci_secure_files:check') + end.to output(/No such file.*#{Regexp.quote(secure_file.file.path)}/).to_stdout + end + + it 'errors out about invalid checksum' do + secure_file.update_column(:checksum, 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855') + + expect { run_rake_task('gitlab:ci_secure_files:check') }.to output(/Checksum mismatch/).to_stdout + end + end +end |