diff options
Diffstat (limited to 'spec/requests/api/ci/runner/runners_reset_spec.rb')
| -rw-r--r-- | spec/requests/api/ci/runner/runners_reset_spec.rb | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/spec/requests/api/ci/runner/runners_reset_spec.rb b/spec/requests/api/ci/runner/runners_reset_spec.rb new file mode 100644 index 00000000000..8a61012ead1 --- /dev/null +++ b/spec/requests/api/ci/runner/runners_reset_spec.rb @@ -0,0 +1,65 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe API::Ci::Runner, :clean_gitlab_redis_shared_state do + include StubGitlabCalls + include RedisHelpers + include WorkhorseHelpers + + before do + stub_feature_flags(ci_enable_live_trace: true) + stub_feature_flags(runner_registration_control: false) + stub_gitlab_calls + stub_application_setting(valid_runner_registrars: ApplicationSetting::VALID_RUNNER_REGISTRAR_TYPES) + end + + let_it_be(:group_settings) { create(:namespace_settings, runner_token_expiration_interval: 5.days.to_i) } + let_it_be(:group) { create(:group, namespace_settings: group_settings) } + let_it_be(:instance_runner, reload: true) { create(:ci_runner, :instance) } + let_it_be(:group_runner) { create(:ci_runner, :group, groups: [group], token_expires_at: 1.day.from_now) } + + describe 'POST /runners/reset_authentication_token', :freeze_time do + context 'current token provided' do + it "resets authentication token when token doesn't have an expiration" do + expect do + post api("/runners/reset_authentication_token"), params: { token: instance_runner.reload.token } + + expect(response).to have_gitlab_http_status(:success) + expect(json_response).to eq({ 'token' => instance_runner.reload.token, 'token_expires_at' => nil }) + expect(instance_runner.reload.token_expires_at).to be_nil + end.to change { instance_runner.reload.token } + end + + it 'resets authentication token when token is not expired' do + expect do + post api("/runners/reset_authentication_token"), params: { token: group_runner.reload.token } + + expect(response).to have_gitlab_http_status(:success) + expect(json_response).to eq({ 'token' => group_runner.reload.token, 'token_expires_at' => group_runner.reload.token_expires_at.iso8601(3) }) + expect(group_runner.reload.token_expires_at).to eq(5.days.from_now) + end.to change { group_runner.reload.token } + end + + it 'does not reset authentication token when token is expired' do + expect do + instance_runner.update!(token_expires_at: 1.day.ago) + post api("/runners/reset_authentication_token"), params: { token: instance_runner.reload.token } + + expect(response).to have_gitlab_http_status(:forbidden) + instance_runner.update!(token_expires_at: nil) + end.not_to change { instance_runner.reload.token } + end + end + + context 'wrong current token provided' do + it 'does not reset authentication token' do + expect do + post api("/runners/reset_authentication_token"), params: { token: 'garbage' } + + expect(response).to have_gitlab_http_status(:forbidden) + end.not_to change { instance_runner.reload.token } + end + end + end +end |