debian-mirror-gitlab/spec/lib/gitlab/fips_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

52 lines
1.1 KiB
Ruby
Raw Permalink Normal View History

2022-05-07 20:08:51 +05:30
# frozen_string_literal: true
require "spec_helper"
RSpec.describe Gitlab::FIPS do
describe ".enabled?" do
subject { described_class.enabled? }
let(:openssl_fips_mode) { false }
let(:fips_mode_env_var) { nil }
before do
2023-01-13 00:05:48 +05:30
allow(OpenSSL).to receive(:fips_mode).and_return(openssl_fips_mode)
2022-05-07 20:08:51 +05:30
stub_env("FIPS_MODE", fips_mode_env_var)
end
describe "OpenSSL auto-detection" do
context "OpenSSL is in FIPS mode" do
let(:openssl_fips_mode) { true }
it { is_expected.to be_truthy }
end
context "OpenSSL is not in FIPS mode" do
let(:openssl_fips_mode) { false }
it { is_expected.to be_falsey }
end
end
describe "manual configuration via env var" do
context "env var is not set" do
let(:fips_mode_env_var) { nil }
it { is_expected.to be_falsey }
end
context "env var is set to true" do
let(:fips_mode_env_var) { "true" }
it { is_expected.to be_truthy }
end
context "env var is set to false" do
let(:fips_mode_env_var) { "false" }
it { is_expected.to be_falsey }
end
end
end
end