1 files changed, 13 insertions, 1 deletions

diff --git a/spec/controllers/concerns/kas_cookie_spec.rb b/spec/controllers/concerns/kas_cookie_spec.rb
index c9490508690..355d1e04b86 100644
--- a/spec/controllers/concerns/kas_cookie_spec.rb
+++ b/spec/controllers/concerns/kas_cookie_spec.rb
@@ -89,12 +89,16 @@ RSpec.describe KasCookie, feature_category: :deployment_management do
     end
 
     context 'when KAS is on subdomain' do
-      let_it_be(:kas_tunnel_url) { 'ws://kas.gitlab.example.com/k8s-proxy/' }
+      let_it_be(:kas_tunnel_url) { 'http://kas.gitlab.example.com/k8s-proxy/' }
 
       it 'adds KAS url to CSP connect-src directive' do
         expect(kas_csp_connect_src).to include(::Gitlab::Kas.tunnel_url)
       end
 
+      it 'adds websocket connections' do
+        expect(kas_csp_connect_src).to include('ws://kas.gitlab.example.com/k8s-proxy/')
+      end
+
       context 'when content_security_policy is disabled' do
         let(:content_security_policy_enabled) { false }
 
@@ -104,6 +108,14 @@ RSpec.describe KasCookie, feature_category: :deployment_management do
       end
     end
 
+    context 'when KAS tunnel has ssl' do
+      let_it_be(:kas_tunnel_url) { 'https://kas.gitlab.example.com/k8s-proxy/' }
+
+      it 'adds websocket connections' do
+        expect(kas_csp_connect_src).to include('wss://kas.gitlab.example.com/k8s-proxy/')
+      end
+    end
+
     context 'when KAS tunnel url is configured without trailing slash' do
       let_it_be(:kas_tunnel_url) { 'ws://kas.gitlab.example.com/k8s-proxy' }