2020-04-22 19:07:51 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
require 'rake_helper'
|
|
|
|
|
2021-09-04 01:27:46 +05:30
|
|
|
RSpec.describe 'gitlab:x509 namespace rake task', :silence_stdout do
|
2020-04-22 19:07:51 +05:30
|
|
|
before :all do
|
|
|
|
Rake.application.rake_require 'tasks/gitlab/x509/update'
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'update_signatures' do
|
2021-06-02 17:11:27 +05:30
|
|
|
let(:user) { create(:user, email: X509Helpers::User1.certificate_email) }
|
|
|
|
let(:project) { create(:project, :repository, path: X509Helpers::User1.path, creator: user) }
|
2020-04-22 19:07:51 +05:30
|
|
|
let(:x509_signed_commit) { project.commit_by(oid: '189a6c924013fc3fe40d6f1ec1dc20214183bc97') }
|
|
|
|
let(:x509_commit) { Gitlab::X509::Commit.new(x509_signed_commit).signature }
|
|
|
|
|
2021-06-02 17:11:27 +05:30
|
|
|
subject { run_rake_task('gitlab:x509:update_signatures') }
|
|
|
|
|
2020-04-22 19:07:51 +05:30
|
|
|
it 'changes from unverified to verified if the certificate store contains the root certificate' do
|
|
|
|
x509_commit
|
|
|
|
|
|
|
|
store = OpenSSL::X509::Store.new
|
|
|
|
certificate = OpenSSL::X509::Certificate.new X509Helpers::User1.trust_cert
|
|
|
|
store.add_cert(certificate)
|
|
|
|
allow(OpenSSL::X509::Store).to receive(:new).and_return(store)
|
|
|
|
|
|
|
|
expect_any_instance_of(Gitlab::X509::Commit).to receive(:update_signature!).and_call_original
|
2021-06-02 17:11:27 +05:30
|
|
|
expect { subject }.to change { x509_commit.reload.verification_status }.from('unverified').to('verified')
|
2020-04-22 19:07:51 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns if no signature is available' do
|
2021-06-02 17:11:27 +05:30
|
|
|
expect_any_instance_of(Gitlab::X509::Commit).not_to receive(:update_signature!)
|
2020-04-22 19:07:51 +05:30
|
|
|
|
2021-06-02 17:11:27 +05:30
|
|
|
subject
|
2020-04-22 19:07:51 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|