debian-mirror-gitlab/spec/models/concerns/ci/has_variable_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

116 lines
3.4 KiB
Ruby
Raw Normal View History

2019-07-07 11:18:12 +05:30
# frozen_string_literal: true
2017-09-10 17:25:29 +05:30
require 'spec_helper'
2020-07-28 23:09:34 +05:30
RSpec.describe Ci::HasVariable do
2017-09-10 17:25:29 +05:30
subject { build(:ci_variable) }
it { is_expected.to validate_presence_of(:key) }
it { is_expected.to validate_length_of(:key).is_at_most(255) }
it { is_expected.to allow_value('foo').for(:key) }
it { is_expected.not_to allow_value('foo bar').for(:key) }
it { is_expected.not_to allow_value('foo/bar').for(:key) }
2021-04-17 20:07:23 +05:30
describe 'scopes' do
describe '.by_key' do
let!(:matching_variable) { create(:ci_variable, key: 'example') }
let!(:non_matching_variable) { create(:ci_variable, key: 'other') }
subject { Ci::Variable.by_key('example') }
it { is_expected.to contain_exactly(matching_variable) }
end
end
2018-03-17 18:26:18 +05:30
describe '#key=' do
context 'when the new key is nil' do
it 'strips leading and trailing whitespaces' do
subject.key = nil
expect(subject.key).to eq('')
end
end
context 'when the new key has leadind and trailing whitespaces' do
it 'strips leading and trailing whitespaces' do
subject.key = ' my key '
expect(subject.key).to eq('my key')
end
end
end
2017-09-10 17:25:29 +05:30
describe '#value' do
before do
subject.value = 'secret'
end
it 'stores the encrypted value' do
expect(subject.encrypted_value).not_to be_nil
end
it 'stores an iv for value' do
expect(subject.encrypted_value_iv).not_to be_nil
end
it 'stores a salt for value' do
expect(subject.encrypted_value_salt).not_to be_nil
end
it 'fails to decrypt if iv is incorrect' do
2018-11-08 19:23:39 +05:30
# attr_encrypted expects the IV to be 16 bytes and base64-encoded
subject.encrypted_value_iv = [SecureRandom.hex(8)].pack('m')
2017-09-10 17:25:29 +05:30
subject.instance_variable_set(:@value, nil)
2018-11-08 19:23:39 +05:30
2017-09-10 17:25:29 +05:30
expect { subject.value }
.to raise_error(OpenSSL::Cipher::CipherError, 'bad decrypt')
end
end
describe '#to_runner_variable' do
2022-04-04 11:22:00 +05:30
let_it_be(:ci_variable) { create(:ci_variable) }
subject { ci_variable }
2017-09-10 17:25:29 +05:30
it 'returns a hash for the runner' do
expect(subject.to_runner_variable)
2019-07-07 11:18:12 +05:30
.to include(key: subject.key, value: subject.value, public: false)
2017-09-10 17:25:29 +05:30
end
2022-04-04 11:22:00 +05:30
context 'with RequestStore enabled', :request_store do
let(:expected) do
{
file: false,
key: subject.key,
value: subject.value,
public: false,
masked: false
}
end
it 'decrypts once' do
expect(OpenSSL::PKCS5).to receive(:pbkdf2_hmac).once.and_call_original
2.times { expect(subject.reload.to_runner_variable).to eq(expected) }
end
it 'does not cache similar keys', :aggregate_failures do
group_var = create(:ci_group_variable, key: subject.key, value: 'group')
project_var = create(:ci_variable, key: subject.key, value: 'project')
expect(subject.to_runner_variable).to include(key: subject.key, value: subject.value)
expect(group_var.to_runner_variable).to include(key: subject.key, value: 'group')
expect(project_var.to_runner_variable).to include(key: subject.key, value: 'project')
end
it 'does not cache unpersisted values' do
new_variable = Ci::Variable.new(key: SecureRandom.hex, value: "12345")
old_value = new_variable.to_runner_variable
new_variable.value = '98765'
expect(new_variable.to_runner_variable).not_to eq(old_value)
end
end
2017-09-10 17:25:29 +05:30
end
end