# frozen_string_literal: true require 'spec_helper' RSpec.describe InstanceConfiguration do context 'without cache' do describe '#settings' do describe '#ssh_algorithms_hashes' do let(:md5) { '5a:65:6c:4d:d4:4c:6d:e6:59:25:b8:cf:ba:34:e7:64' } let(:sha256) { 'SHA256:2KJDT7xf2i68mBgJ3TVsjISntg4droLbXYLfQj0VvSY' } it 'does not return anything if file does not exist' do stub_pub_file(pub_file(exist: false)) expect(subject.settings[:ssh_algorithms_hashes]).to be_empty end it 'does not return anything if file is empty' do stub_pub_file(pub_file) stub_file_read(pub_file, content: '') expect(subject.settings[:ssh_algorithms_hashes]).to be_empty end it 'returns the md5 and sha256 if file valid and exists' do stub_pub_file(pub_file) result = subject.settings[:ssh_algorithms_hashes].select { |o| o[:md5] == md5 && o[:sha256] == sha256 } expect(result.size).to eq(InstanceConfiguration::SSH_ALGORITHMS.size) end it 'includes all algorithms' do stub_pub_file(pub_file) result = subject.settings[:ssh_algorithms_hashes] expect(result.map { |a| a[:name] }).to match_array(%w(DSA ECDSA ED25519 RSA)) end it 'does not include disabled algorithm' do Gitlab::CurrentSettings.current_application_settings.update!(dsa_key_restriction: ApplicationSetting::FORBIDDEN_KEY_VALUE) stub_pub_file(pub_file) result = subject.settings[:ssh_algorithms_hashes] expect(result.map { |a| a[:name] }).to match_array(%w(ECDSA ED25519 RSA)) end def pub_file(exist: true) path = exist ? 'spec/fixtures/ssh_host_example_key.pub' : 'spec/fixtures/ssh_host_example_key.pub.random' Rails.root.join(path) end def stub_pub_file(path) allow(subject).to receive(:ssh_algorithm_file).and_return(path) end end describe '#host' do it 'returns current instance host' do allow(Settings.gitlab).to receive(:host).and_return('exampledomain') expect(subject.settings[:host]).to eq(Settings.gitlab.host) end end describe '#gitlab_pages' do let(:gitlab_pages) { subject.settings[:gitlab_pages] } it 'returns Settings.pages' do gitlab_pages.delete(:ip_address) expect(gitlab_pages).to eq(Settings.pages.symbolize_keys) end it 'returns the GitLab\'s pages host ip address' do expect(gitlab_pages.keys).to include(:ip_address) end it 'returns the ip address as nil if the domain is invalid' do allow(Settings.pages).to receive(:host).and_return('exampledomain') expect(gitlab_pages[:ip_address]).to eq nil end it 'returns the ip address of the domain' do allow(Settings.pages).to receive(:host).and_return('localhost') expect(gitlab_pages[:ip_address]).to eq('127.0.0.1').or eq('::1') end end describe '#size_limits' do before do Gitlab::CurrentSettings.current_application_settings.update!( max_attachment_size: 10, receive_max_input_size: 20, max_import_size: 30, max_export_size: 40, diff_max_patch_bytes: 409600, max_artifacts_size: 50, max_pages_size: 60, snippet_size_limit: 70 ) end it 'returns size limits from application settings' do size_limits = subject.settings[:size_limits] expect(size_limits[:max_attachment_size]).to eq(10.megabytes) expect(size_limits[:receive_max_input_size]).to eq(20.megabytes) expect(size_limits[:max_import_size]).to eq(30.megabytes) expect(size_limits[:max_export_size]).to eq(40.megabytes) expect(size_limits[:diff_max_patch_bytes]).to eq(400.kilobytes) expect(size_limits[:max_artifacts_size]).to eq(50.megabytes) expect(size_limits[:max_pages_size]).to eq(60.megabytes) expect(size_limits[:snippet_size_limit]).to eq(70.bytes) end it 'returns nil if receive_max_input_size not set' do Gitlab::CurrentSettings.current_application_settings.update!(receive_max_input_size: nil) size_limits = subject.settings[:size_limits] expect(size_limits[:receive_max_input_size]).to be_nil end it 'returns nil if set to 0 (unlimited)' do Gitlab::CurrentSettings.current_application_settings.update!( max_import_size: 0, max_export_size: 0, max_pages_size: 0 ) size_limits = subject.settings[:size_limits] expect(size_limits[:max_import_size]).to be_nil expect(size_limits[:max_export_size]).to be_nil expect(size_limits[:max_pages_size]).to be_nil end end describe '#package_file_size_limits' do let_it_be(:plan1) { create(:plan, name: 'plan1', title: 'Plan 1') } let_it_be(:plan2) { create(:plan, name: 'plan2', title: 'Plan 2') } before do create(:plan_limits, plan: plan1, conan_max_file_size: 1001, helm_max_file_size: 1008, maven_max_file_size: 1002, npm_max_file_size: 1003, nuget_max_file_size: 1004, pypi_max_file_size: 1005, terraform_module_max_file_size: 1006, generic_packages_max_file_size: 1007 ) create(:plan_limits, plan: plan2, conan_max_file_size: 1101, helm_max_file_size: 1108, maven_max_file_size: 1102, npm_max_file_size: 1103, nuget_max_file_size: 1104, pypi_max_file_size: 1105, terraform_module_max_file_size: 1106, generic_packages_max_file_size: 1107 ) end it 'returns package file size limits' do file_size_limits = subject.settings[:package_file_size_limits] expect(file_size_limits[:Plan1]).to eq({ conan: 1001, helm: 1008, maven: 1002, npm: 1003, nuget: 1004, pypi: 1005, terraform_module: 1006, generic: 1007 }) expect(file_size_limits[:Plan2]).to eq({ conan: 1101, helm: 1108, maven: 1102, npm: 1103, nuget: 1104, pypi: 1105, terraform_module: 1106, generic: 1107 }) end end describe '#ci_cd_limits' do let_it_be(:plan1) { create(:plan, name: 'plan1', title: 'Plan 1') } let_it_be(:plan2) { create(:plan, name: 'plan2', title: 'Plan 2') } before do create(:plan_limits, plan: plan1, ci_pipeline_size: 1001, ci_active_jobs: 1002, ci_active_pipelines: 1003, ci_project_subscriptions: 1004, ci_pipeline_schedules: 1005, ci_needs_size_limit: 1006, ci_registered_group_runners: 1007, ci_registered_project_runners: 1008 ) create(:plan_limits, plan: plan2, ci_pipeline_size: 1101, ci_active_jobs: 1102, ci_active_pipelines: 1103, ci_project_subscriptions: 1104, ci_pipeline_schedules: 1105, ci_needs_size_limit: 1106, ci_registered_group_runners: 1107, ci_registered_project_runners: 1108 ) end it 'returns CI/CD limits' do ci_cd_size_limits = subject.settings[:ci_cd_limits] expect(ci_cd_size_limits[:Plan1]).to eq({ ci_active_jobs: 1002, ci_active_pipelines: 1003, ci_needs_size_limit: 1006, ci_pipeline_schedules: 1005, ci_pipeline_size: 1001, ci_project_subscriptions: 1004, ci_registered_group_runners: 1007, ci_registered_project_runners: 1008 }) expect(ci_cd_size_limits[:Plan2]).to eq({ ci_active_jobs: 1102, ci_active_pipelines: 1103, ci_needs_size_limit: 1106, ci_pipeline_schedules: 1105, ci_pipeline_size: 1101, ci_project_subscriptions: 1104, ci_registered_group_runners: 1107, ci_registered_project_runners: 1108 }) end end describe '#rate_limits' do before do Gitlab::CurrentSettings.current_application_settings.update!( throttle_unauthenticated_enabled: false, throttle_unauthenticated_requests_per_period: 1001, throttle_unauthenticated_period_in_seconds: 1002, throttle_authenticated_api_enabled: true, throttle_authenticated_api_requests_per_period: 1003, throttle_authenticated_api_period_in_seconds: 1004, throttle_authenticated_web_enabled: true, throttle_authenticated_web_requests_per_period: 1005, throttle_authenticated_web_period_in_seconds: 1006, throttle_protected_paths_enabled: true, throttle_protected_paths_requests_per_period: 1007, throttle_protected_paths_period_in_seconds: 1008, throttle_unauthenticated_packages_api_enabled: false, throttle_unauthenticated_packages_api_requests_per_period: 1009, throttle_unauthenticated_packages_api_period_in_seconds: 1010, throttle_authenticated_packages_api_enabled: true, throttle_authenticated_packages_api_requests_per_period: 1011, throttle_authenticated_packages_api_period_in_seconds: 1012, throttle_authenticated_git_lfs_enabled: true, throttle_authenticated_git_lfs_requests_per_period: 1022, throttle_authenticated_git_lfs_period_in_seconds: 1023, issues_create_limit: 1013, notes_create_limit: 1014, project_export_limit: 1015, project_download_export_limit: 1016, project_import_limit: 1017, group_export_limit: 1018, group_download_export_limit: 1019, group_import_limit: 1020, raw_blob_request_limit: 1021, search_rate_limit: 1022, search_rate_limit_unauthenticated: 1000, users_get_by_id_limit: 1023 ) end it 'returns rate limits from application settings' do rate_limits = subject.settings[:rate_limits] expect(rate_limits[:unauthenticated]).to eq({ enabled: false, requests_per_period: 1001, period_in_seconds: 1002 }) expect(rate_limits[:authenticated_api]).to eq({ enabled: true, requests_per_period: 1003, period_in_seconds: 1004 }) expect(rate_limits[:authenticated_web]).to eq({ enabled: true, requests_per_period: 1005, period_in_seconds: 1006 }) expect(rate_limits[:protected_paths]).to eq({ enabled: true, requests_per_period: 1007, period_in_seconds: 1008 }) expect(rate_limits[:unauthenticated_packages_api]).to eq({ enabled: false, requests_per_period: 1009, period_in_seconds: 1010 }) expect(rate_limits[:authenticated_packages_api]).to eq({ enabled: true, requests_per_period: 1011, period_in_seconds: 1012 }) expect(rate_limits[:authenticated_git_lfs_api]).to eq({ enabled: true, requests_per_period: 1022, period_in_seconds: 1023 }) expect(rate_limits[:issue_creation]).to eq({ enabled: true, requests_per_period: 1013, period_in_seconds: 60 }) expect(rate_limits[:note_creation]).to eq({ enabled: true, requests_per_period: 1014, period_in_seconds: 60 }) expect(rate_limits[:project_export]).to eq({ enabled: true, requests_per_period: 1015, period_in_seconds: 60 }) expect(rate_limits[:project_export_download]).to eq({ enabled: true, requests_per_period: 1016, period_in_seconds: 60 }) expect(rate_limits[:project_import]).to eq({ enabled: true, requests_per_period: 1017, period_in_seconds: 60 }) expect(rate_limits[:group_export]).to eq({ enabled: true, requests_per_period: 1018, period_in_seconds: 60 }) expect(rate_limits[:group_export_download]).to eq({ enabled: true, requests_per_period: 1019, period_in_seconds: 60 }) expect(rate_limits[:group_import]).to eq({ enabled: true, requests_per_period: 1020, period_in_seconds: 60 }) expect(rate_limits[:raw_blob]).to eq({ enabled: true, requests_per_period: 1021, period_in_seconds: 60 }) expect(rate_limits[:search_rate_limit]).to eq({ enabled: true, requests_per_period: 1022, period_in_seconds: 60 }) expect(rate_limits[:search_rate_limit_unauthenticated]).to eq({ enabled: true, requests_per_period: 1000, period_in_seconds: 60 }) expect(rate_limits[:users_get_by_id]).to eq({ enabled: true, requests_per_period: 1023, period_in_seconds: 600 }) end end end end context 'with cache', :use_clean_rails_memory_store_caching do it 'caches settings content' do expect(Rails.cache.read(described_class::CACHE_KEY)).to be_nil settings = subject.settings expect(Rails.cache.read(described_class::CACHE_KEY)).to eq(settings) end describe 'cached settings' do before do subject.settings end it 'expires after EXPIRATION_TIME' do allow(Time).to receive(:now).and_return(Time.current + described_class::EXPIRATION_TIME) Rails.cache.cleanup expect(Rails.cache.read(described_class::CACHE_KEY)).to eq(nil) end end end end