diff options
Diffstat (limited to 'spec/requests/api/admin/instance_clusters_spec.rb')
-rw-r--r-- | spec/requests/api/admin/instance_clusters_spec.rb | 139 |
1 files changed, 51 insertions, 88 deletions
diff --git a/spec/requests/api/admin/instance_clusters_spec.rb b/spec/requests/api/admin/instance_clusters_spec.rb index 7b510f74fd4..f2e62533b78 100644 --- a/spec/requests/api/admin/instance_clusters_spec.rb +++ b/spec/requests/api/admin/instance_clusters_spec.rb @@ -2,10 +2,9 @@ require 'spec_helper' -RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_management do +RSpec.describe ::API::Admin::InstanceClusters, feature_category: :deployment_management do include KubernetesHelpers - let_it_be(:regular_user) { create(:user) } let_it_be(:admin_user) { create(:admin) } let_it_be(:project) { create(:project) } let_it_be(:project_cluster) do @@ -17,35 +16,27 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man let(:project_cluster_id) { project_cluster.id } describe "GET /admin/clusters" do + let_it_be(:path) { "/admin/clusters" } let_it_be(:clusters) do create_list(:cluster, 3, :provided_by_gcp, :instance, :production_environment) end - include_examples ':certificate_based_clusters feature flag API responses' do - let(:subject) { get api("/admin/clusters", admin_user) } - end + it_behaves_like 'GET request permissions for admin mode' - context "when authenticated as a non-admin user" do - it 'returns 403' do - get api('/admin/clusters', regular_user) - expect(response).to have_gitlab_http_status(:forbidden) - end + include_examples ':certificate_based_clusters feature flag API responses' do + let(:subject) { get api(path, admin_user, admin_mode: true) } end context "when authenticated as admin" do before do - get api("/admin/clusters", admin_user) - end - - it 'returns 200' do - expect(response).to have_gitlab_http_status(:ok) + get api(path, admin_user, admin_mode: true) end it 'includes pagination headers' do expect(response).to include_pagination_headers end - it 'only returns the instance clusters' do + it 'only returns the instance clusters', :aggregate_failures do cluster_ids = json_response.map { |cluster| cluster['id'] } expect(cluster_ids).to match_array(clusters.pluck(:id)) expect(cluster_ids).not_to include(project_cluster_id) @@ -60,19 +51,23 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man let_it_be(:cluster) do create(:cluster, :instance, :provided_by_gcp, :with_domain, - platform_kubernetes: platform_kubernetes, - user: admin_user) + { platform_kubernetes: platform_kubernetes, + user: admin_user }) end let(:cluster_id) { cluster.id } + let(:path) { "/admin/clusters/#{cluster_id}" } + + it_behaves_like 'GET request permissions for admin mode' + include_examples ':certificate_based_clusters feature flag API responses' do - let(:subject) { get api("/admin/clusters/#{cluster_id}", admin_user) } + let(:subject) { get api(path, admin_user, admin_mode: true) } end context "when authenticated as admin" do before do - get api("/admin/clusters/#{cluster_id}", admin_user) + get api(path, admin_user, admin_mode: true) end context "when no cluster associated to the ID" do @@ -84,15 +79,11 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man end context "when cluster with cluster_id exists" do - it 'returns 200' do - expect(response).to have_gitlab_http_status(:ok) - end - it 'returns the cluster with cluster_id' do expect(json_response['id']).to eq(cluster.id) end - it 'returns the cluster information' do + it 'returns the cluster information', :aggregate_failures do expect(json_response['provider_type']).to eq('gcp') expect(json_response['platform_type']).to eq('kubernetes') expect(json_response['environment_scope']).to eq('*') @@ -102,21 +93,21 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man expect(json_response['managed']).to be_truthy end - it 'returns kubernetes platform information' do + it 'returns kubernetes platform information', :aggregate_failures do platform = json_response['platform_kubernetes'] expect(platform['api_url']).to eq('https://kubernetes.example.com') expect(platform['ca_cert']).to be_present end - it 'returns user information' do + it 'returns user information', :aggregate_failures do user = json_response['user'] expect(user['id']).to eq(admin_user.id) expect(user['username']).to eq(admin_user.username) end - it 'returns GCP provider information' do + it 'returns GCP provider information', :aggregate_failures do gcp_provider = json_response['provider_gcp'] expect(gcp_provider['cluster_id']).to eq(cluster.id) @@ -140,18 +131,11 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man context 'when trying to get a project cluster via the instance cluster endpoint' do it 'returns 404' do - get api("/admin/clusters/#{project_cluster_id}", admin_user) + get api("/admin/clusters/#{project_cluster_id}", admin_user, admin_mode: true) expect(response).to have_gitlab_http_status(:not_found) end end end - - context "when authenticated as a non-admin user" do - it 'returns 403' do - get api("/admin/clusters/#{cluster_id}", regular_user) - expect(response).to have_gitlab_http_status(:forbidden) - end - end end end @@ -159,6 +143,7 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man let(:api_url) { 'https://example.com' } let(:authorization_type) { 'rbac' } let(:clusterable) { Clusters::Instance.new } + let_it_be(:path) { '/admin/clusters/add' } let(:platform_kubernetes_attributes) do { @@ -196,20 +181,20 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man } end + it_behaves_like 'POST request permissions for admin mode' do + let(:params) { cluster_params } + end + include_examples ':certificate_based_clusters feature flag API responses' do - let(:subject) { post api('/admin/clusters/add', admin_user), params: cluster_params } + let(:subject) { post api(path, admin_user, admin_mode: true), params: cluster_params } end context 'authorized user' do before do - post api('/admin/clusters/add', admin_user), params: cluster_params + post api(path, admin_user, admin_mode: true), params: cluster_params end context 'with valid params' do - it 'responds with 201' do - expect(response).to have_gitlab_http_status(:created) - end - it 'creates a new Clusters::Cluster', :aggregate_failures do cluster_result = Clusters::Cluster.find(json_response["id"]) platform_kubernetes = cluster_result.platform @@ -271,7 +256,7 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man context 'when an instance cluster already exists' do it 'allows user to add multiple clusters' do - post api('/admin/clusters/add', admin_user), params: multiple_cluster_params + post api(path, admin_user, admin_mode: true), params: multiple_cluster_params expect(Clusters::Instance.new.clusters.count).to eq(2) end @@ -280,8 +265,8 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man context 'with invalid params' do context 'when missing a required parameter' do - it 'responds with 400' do - post api('/admin/clusters/add', admin_user), params: invalid_cluster_params + it 'responds with 400', :aggregate_failures do + post api(path, admin_user, admin_mode: true), params: invalid_cluster_params expect(response).to have_gitlab_http_status(:bad_request) expect(json_response['error']).to eql('name is missing') end @@ -300,14 +285,6 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man end end end - - context 'non-authorized user' do - it 'responds with 403' do - post api('/admin/clusters/add', regular_user), params: cluster_params - - expect(response).to have_gitlab_http_status(:forbidden) - end - end end describe 'PUT /admin/clusters/:cluster_id' do @@ -329,23 +306,25 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man create(:cluster, :instance, :provided_by_gcp, domain: 'old-domain.com') end + let(:path) { "/admin/clusters/#{cluster.id}" } + + it_behaves_like 'PUT request permissions for admin mode' do + let(:params) { update_params } + end + include_examples ':certificate_based_clusters feature flag API responses' do - let(:subject) { put api("/admin/clusters/#{cluster.id}", admin_user), params: update_params } + let(:subject) { put api(path, admin_user, admin_mode: true), params: update_params } end context 'authorized user' do before do - put api("/admin/clusters/#{cluster.id}", admin_user), params: update_params + put api(path, admin_user, admin_mode: true), params: update_params cluster.reload end context 'with valid params' do - it 'responds with 200' do - expect(response).to have_gitlab_http_status(:ok) - end - - it 'updates cluster attributes' do + it 'updates cluster attributes', :aggregate_failures do expect(cluster.domain).to eq('new-domain.com') expect(cluster.managed).to be_falsy expect(cluster.enabled).to be_falsy @@ -359,7 +338,7 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man expect(response).to have_gitlab_http_status(:bad_request) end - it 'does not update cluster attributes' do + it 'does not update cluster attributes', :aggregate_failures do expect(cluster.domain).to eq('old-domain.com') expect(cluster.managed).to be_truthy expect(cluster.enabled).to be_truthy @@ -422,7 +401,7 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man expect(response).to have_gitlab_http_status(:ok) end - it 'updates platform kubernetes attributes' do + it 'updates platform kubernetes attributes', :aggregate_failures do platform_kubernetes = cluster.platform_kubernetes expect(cluster.name).to eq('new-name') @@ -435,26 +414,18 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man let(:cluster_id) { 1337 } it 'returns 404' do - put api("/admin/clusters/#{cluster_id}", admin_user), params: update_params + put api("/admin/clusters/#{cluster_id}", admin_user, admin_mode: true), params: update_params expect(response).to have_gitlab_http_status(:not_found) end end context 'when trying to update a project cluster via the instance cluster endpoint' do it 'returns 404' do - put api("/admin/clusters/#{project_cluster_id}", admin_user), params: update_params + put api("/admin/clusters/#{project_cluster_id}", admin_user, admin_mode: true), params: update_params expect(response).to have_gitlab_http_status(:not_found) end end end - - context 'non-authorized user' do - it 'responds with 403' do - put api("/admin/clusters/#{cluster.id}", regular_user), params: update_params - - expect(response).to have_gitlab_http_status(:forbidden) - end - end end describe 'DELETE /admin/clusters/:cluster_id' do @@ -464,17 +435,17 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man create(:cluster, :instance, :provided_by_gcp) end + let_it_be(:path) { "/admin/clusters/#{cluster.id}" } + + it_behaves_like 'DELETE request permissions for admin mode' + include_examples ':certificate_based_clusters feature flag API responses' do - let(:subject) { delete api("/admin/clusters/#{cluster.id}", admin_user), params: cluster_params } + let(:subject) { delete api(path, admin_user, admin_mode: true), params: cluster_params } end context 'authorized user' do before do - delete api("/admin/clusters/#{cluster.id}", admin_user), params: cluster_params - end - - it 'responds with 204' do - expect(response).to have_gitlab_http_status(:no_content) + delete api(path, admin_user, admin_mode: true), params: cluster_params end it 'deletes the cluster' do @@ -485,25 +456,17 @@ RSpec.describe ::API::Admin::InstanceClusters, feature_category: :kubernetes_man let(:cluster_id) { 1337 } it 'returns 404' do - delete api("/admin/clusters/#{cluster_id}", admin_user) + delete api(path, admin_user, admin_mode: true) expect(response).to have_gitlab_http_status(:not_found) end end context 'when trying to update a project cluster via the instance cluster endpoint' do it 'returns 404' do - delete api("/admin/clusters/#{project_cluster_id}", admin_user) + delete api("/admin/clusters/#{project_cluster_id}", admin_user, admin_mode: true) expect(response).to have_gitlab_http_status(:not_found) end end end - - context 'non-authorized user' do - it 'responds with 403' do - delete api("/admin/clusters/#{cluster.id}", regular_user), params: cluster_params - - expect(response).to have_gitlab_http_status(:forbidden) - end - end end end |