Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/controllers/projects/clusters_controller_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/controllers/projects/clusters_controller_spec.rb')
-rw-r--r--spec/controllers/projects/clusters_controller_spec.rb198
1 files changed, 0 insertions, 198 deletions
diff --git a/spec/controllers/projects/clusters_controller_spec.rb b/spec/controllers/projects/clusters_controller_spec.rb
index 44bdc958805..01420e30d24 100644
--- a/spec/controllers/projects/clusters_controller_spec.rb
+++ b/spec/controllers/projects/clusters_controller_spec.rb
@@ -113,103 +113,6 @@ RSpec.describe Projects::ClustersController do
end
end
- describe 'GET new' do
- def go(provider: 'gcp')
- get :new, params: {
- namespace_id: project.namespace,
- project_id: project,
- provider: provider
- }
- end
-
- include_examples ':certificate_based_clusters feature flag controller responses' do
- let(:subject) { go }
- end
-
- describe 'functionality for new cluster' do
- context 'when omniauth has been configured' do
- let(:key) { 'secret-key' }
- let(:session_key_for_redirect_uri) do
- GoogleApi::CloudPlatform::Client.session_key_for_redirect_uri(key)
- end
-
- before do
- allow(SecureRandom).to receive(:hex).and_return(key)
- end
-
- it 'redirects to gcp authorize_url' do
- go
-
- expect(assigns(:authorize_url)).to include(key)
- expect(session[session_key_for_redirect_uri]).to eq(new_project_cluster_path(project, provider: :gcp))
- expect(response).to redirect_to(assigns(:authorize_url))
- end
- end
-
- context 'when omniauth has not configured' do
- before do
- stub_omniauth_setting(providers: [])
- end
-
- it 'does not have authorize_url' do
- go
-
- expect(assigns(:authorize_url)).to be_nil
- end
- end
-
- context 'when access token is valid' do
- before do
- stub_google_api_validate_token
- end
-
- it 'has new object' do
- go
-
- expect(assigns(:gcp_cluster)).to be_an_instance_of(Clusters::ClusterPresenter)
- end
- end
-
- context 'when access token is expired' do
- before do
- stub_google_api_expired_token
- end
-
- it { expect(@valid_gcp_token).to be_falsey }
- end
-
- context 'when access token is not stored in session' do
- it { expect(@valid_gcp_token).to be_falsey }
- end
- end
-
- describe 'functionality for existing cluster' do
- it 'has new object' do
- go
-
- expect(assigns(:user_cluster)).to be_an_instance_of(Clusters::ClusterPresenter)
- end
- end
-
- include_examples 'GET new cluster shared examples'
-
- describe 'security' do
- it 'is allowed for admin when admin mode enabled', :enable_admin_mode do
- expect { go }.to be_allowed_for(:admin)
- end
- it 'is disabled for admin when admin mode disabled' do
- expect { go }.to be_denied_for(:admin)
- end
- it { expect { go }.to be_allowed_for(:owner).of(project) }
- it { expect { go }.to be_allowed_for(:maintainer).of(project) }
- it { expect { go }.to be_denied_for(:developer).of(project) }
- it { expect { go }.to be_denied_for(:reporter).of(project) }
- it { expect { go }.to be_denied_for(:guest).of(project) }
- it { expect { go }.to be_denied_for(:user) }
- it { expect { go }.to be_denied_for(:external) }
- end
- end
-
describe 'GET #prometheus_proxy' do
let(:proxyable) do
create(:cluster, :provided_by_gcp, projects: [project])
@@ -252,107 +155,6 @@ RSpec.describe Projects::ClustersController do
end
end
- describe 'POST create for new cluster' do
- let(:legacy_abac_param) { 'true' }
- let(:params) do
- {
- cluster: {
- name: 'new-cluster',
- managed: '1',
- namespace_per_environment: '0',
- provider_gcp_attributes: {
- gcp_project_id: 'gcp-project-12345',
- legacy_abac: legacy_abac_param
- }
- }
- }
- end
-
- def go
- post :create_gcp, params: params.merge(namespace_id: project.namespace, project_id: project)
- end
-
- include_examples ':certificate_based_clusters feature flag controller responses' do
- let(:subject) { go }
- end
-
- describe 'functionality' do
- context 'when access token is valid' do
- before do
- stub_google_api_validate_token
- end
-
- it 'creates a new cluster' do
- expect(ClusterProvisionWorker).to receive(:perform_async)
- expect { go }.to change { Clusters::Cluster.count }
- .and change { Clusters::Providers::Gcp.count }
- expect(response).to redirect_to(project_cluster_path(project, project.clusters.first))
- expect(project.clusters.first).to be_gcp
- expect(project.clusters.first).to be_kubernetes
- expect(project.clusters.first.provider_gcp).to be_legacy_abac
- expect(project.clusters.first.managed?).to be_truthy
- expect(project.clusters.first.namespace_per_environment?).to be_falsy
- end
-
- context 'when legacy_abac param is false' do
- let(:legacy_abac_param) { 'false' }
-
- it 'creates a new cluster with legacy_abac_disabled' do
- expect(ClusterProvisionWorker).to receive(:perform_async)
- expect { go }.to change { Clusters::Cluster.count }
- .and change { Clusters::Providers::Gcp.count }
- expect(project.clusters.first.provider_gcp).not_to be_legacy_abac
- end
- end
- end
-
- context 'when access token is expired' do
- before do
- stub_google_api_expired_token
- end
-
- it { expect(@valid_gcp_token).to be_falsey }
- end
-
- context 'when access token is not stored in session' do
- it { expect(@valid_gcp_token).to be_falsey }
- end
- end
-
- describe 'security' do
- before do
- allow_any_instance_of(described_class)
- .to receive(:token_in_session).and_return('token')
- allow_any_instance_of(described_class)
- .to receive(:expires_at_in_session).and_return(1.hour.since.to_i.to_s)
- allow_any_instance_of(GoogleApi::CloudPlatform::Client)
- .to receive(:projects_zones_clusters_create) do
- double(
- 'secure',
- self_link: 'projects/gcp-project-12345/zones/us-central1-a/operations/ope-123',
- status: 'RUNNING'
- )
- end
-
- allow(WaitForClusterCreationWorker).to receive(:perform_in).and_return(nil)
- end
-
- it 'is allowed for admin when admin mode enabled', :enable_admin_mode do
- expect { go }.to be_allowed_for(:admin)
- end
- it 'is disabled for admin when admin mode disabled' do
- expect { go }.to be_denied_for(:admin)
- end
- it { expect { go }.to be_allowed_for(:owner).of(project) }
- it { expect { go }.to be_allowed_for(:maintainer).of(project) }
- it { expect { go }.to be_denied_for(:developer).of(project) }
- it { expect { go }.to be_denied_for(:reporter).of(project) }
- it { expect { go }.to be_denied_for(:guest).of(project) }
- it { expect { go }.to be_denied_for(:user) }
- it { expect { go }.to be_denied_for(:external) }
- end
- end
-
describe 'POST create for existing cluster' do
let(:params) do
{
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-19 06:48:51 +0300