diff options
Diffstat (limited to 'spec/controllers/groups/clusters_controller_spec.rb')
-rw-r--r-- | spec/controllers/groups/clusters_controller_spec.rb | 136 |
1 files changed, 0 insertions, 136 deletions
diff --git a/spec/controllers/groups/clusters_controller_spec.rb b/spec/controllers/groups/clusters_controller_spec.rb index 4b82c5ceb1c..eb3fe4bc330 100644 --- a/spec/controllers/groups/clusters_controller_spec.rb +++ b/spec/controllers/groups/clusters_controller_spec.rb @@ -262,142 +262,6 @@ RSpec.describe Groups::ClustersController do end end - describe 'POST #create_aws' do - let(:params) do - { - cluster: { - name: 'new-cluster', - provider_aws_attributes: { - key_name: 'key', - role_arn: 'arn:role', - region: 'region', - vpc_id: 'vpc', - instance_type: 'instance type', - num_nodes: 3, - security_group_id: 'security group', - subnet_ids: %w(subnet1 subnet2) - } - } - } - end - - def post_create_aws - post :create_aws, params: params.merge(group_id: group) - end - - include_examples ':certificate_based_clusters feature flag controller responses' do - let(:subject) { post_create_aws } - end - - it 'creates a new cluster' do - expect(ClusterProvisionWorker).to receive(:perform_async) - expect { post_create_aws }.to change { Clusters::Cluster.count } - .and change { Clusters::Providers::Aws.count } - - cluster = group.clusters.first - - expect(response).to have_gitlab_http_status(:created) - expect(response.location).to eq(group_cluster_path(group, cluster)) - expect(cluster).to be_aws - expect(cluster).to be_kubernetes - end - - context 'params are invalid' do - let(:params) do - { - cluster: { name: '' } - } - end - - it 'does not create a cluster' do - expect { post_create_aws }.not_to change { Clusters::Cluster.count } - - expect(response).to have_gitlab_http_status(:unprocessable_entity) - expect(response.media_type).to eq('application/json') - expect(response.body).to include('is invalid') - end - end - - describe 'security' do - before do - allow(WaitForClusterCreationWorker).to receive(:perform_in) - end - - it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { expect { post_create_aws }.to be_allowed_for(:admin) } - it('is denied for admin when admin mode is disabled') { expect { post_create_aws }.to be_denied_for(:admin) } - it { expect { post_create_aws }.to be_allowed_for(:owner).of(group) } - it { expect { post_create_aws }.to be_allowed_for(:maintainer).of(group) } - it { expect { post_create_aws }.to be_denied_for(:developer).of(group) } - it { expect { post_create_aws }.to be_denied_for(:reporter).of(group) } - it { expect { post_create_aws }.to be_denied_for(:guest).of(group) } - it { expect { post_create_aws }.to be_denied_for(:user) } - it { expect { post_create_aws }.to be_denied_for(:external) } - end - end - - describe 'POST authorize AWS role for EKS cluster' do - let!(:role) { create(:aws_role, user: user) } - - let(:role_arn) { 'arn:new-role' } - let(:params) do - { - cluster: { - role_arn: role_arn - } - } - end - - def go - post :authorize_aws_role, params: params.merge(group_id: group) - end - - include_examples ':certificate_based_clusters feature flag controller responses' do - let(:subject) { go } - end - - before do - allow(Clusters::Aws::FetchCredentialsService).to receive(:new) - .and_return(double(execute: double)) - end - - it 'updates the associated role with the supplied ARN' do - go - - expect(response).to have_gitlab_http_status(:ok) - expect(role.reload.role_arn).to eq(role_arn) - end - - context 'supplied role is invalid' do - let(:role_arn) { 'invalid-role' } - - it 'does not update the associated role' do - expect { go }.not_to change { role.role_arn } - - expect(response).to have_gitlab_http_status(:unprocessable_entity) - end - end - - describe 'security' do - before do - allow_next_instance_of(Clusters::Aws::AuthorizeRoleService) do |service| - response = double(status: :ok, body: double) - - allow(service).to receive(:execute).and_return(response) - end - end - - it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { expect { go }.to be_allowed_for(:admin) } - it('is denied for admin when admin mode is disabled') { expect { go }.to be_denied_for(:admin) } - it { expect { go }.to be_allowed_for(:owner).of(group) } - it { expect { go }.to be_allowed_for(:maintainer).of(group) } - it { expect { go }.to be_denied_for(:developer).of(group) } - it { expect { go }.to be_denied_for(:reporter).of(group) } - it { expect { go }.to be_denied_for(:guest).of(group) } - it { expect { go }.to be_denied_for(:user) } - it { expect { go }.to be_denied_for(:external) } - end - end - describe 'DELETE clear cluster cache' do let(:cluster) { create(:cluster, :group, groups: [group]) } let!(:kubernetes_namespace) do |