debian-mirror-gitlab/spec/lib/gitlab/mail_room/mail_room_spec.rb
2023-04-23 21:23:45 +05:30

450 lines
15 KiB
Ruby

# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Gitlab::MailRoom, feature_category: :build do
let(:default_port) { 143 }
let(:log_path) { Rails.root.join('log', 'mail_room_json.log').to_s }
let(:fake_redis_queues) do
double(
url: "localhost",
db: 99,
sentinels: [{ host: 'localhost', port: 1234 }],
sentinels?: true
)
end
let(:yml_config) do
{
enabled: true,
host: 'mail.example.com',
address: 'address@example.com',
user: 'user@example.com',
password: 'password',
port: default_port,
ssl: false,
start_tls: false,
mailbox: 'inbox',
idle_timeout: 60,
log_path: log_path,
expunge_deleted: false
}
end
let(:custom_config) { {} }
let(:incoming_email_config) { yml_config.merge(custom_config) }
let(:service_desk_email_config) { yml_config.merge(custom_config) }
let(:configs) do
{
incoming_email: incoming_email_config,
service_desk_email: service_desk_email_config
}
end
before do
allow(Gitlab::Redis::Queues).to receive(:new).and_return(fake_redis_queues)
allow(described_class).to receive(:load_yaml).and_return(configs)
described_class.instance_variable_set(:@enabled_configs, nil)
end
after do
described_class.instance_variable_set(:@enabled_configs, nil)
end
describe '#enabled_configs' do
let(:first_value) { described_class.enabled_configs.each_value.first }
context 'when both email and address is set' do
it 'returns email configs' do
expect(described_class.enabled_configs.size).to eq(2)
end
end
context 'when the yml file cannot be found' do
before do
allow(described_class).to receive(:config_file).and_return('not_existing_file')
end
it 'returns an empty list' do
expect(described_class.enabled_configs).to be_empty
end
end
context 'when email is disabled' do
let(:custom_config) { { enabled: false } }
it 'returns an empty list' do
expect(described_class.enabled_configs).to be_empty
end
end
context 'when email is enabled but address is not set' do
let(:custom_config) { { enabled: true, address: '' } }
it 'returns an empty list' do
expect(described_class.enabled_configs).to be_empty
end
end
context 'when a config value is missing from the yml file' do
let(:yml_config) { {} }
let(:custom_config) { { enabled: true, address: 'address@example.com' } }
it 'overwrites missing values with the default' do
expect(first_value[:port]).to eq(Gitlab::MailRoom::DEFAULT_CONFIG[:port])
end
end
context 'when only incoming_email config is present' do
let(:configs) { { incoming_email: incoming_email_config } }
it 'returns only encoming_email' do
expect(described_class.enabled_configs.size).to eq(1)
expect(first_value[:worker]).to eq('EmailReceiverWorker')
end
end
describe 'setting up redis settings' do
it 'sets delivery method to Sidekiq by default' do
config = first_value
expect(config).to include(
delivery_method: 'sidekiq'
)
end
it 'sets redis config' do
config = first_value
expect(config).to include(
redis_url: 'localhost',
redis_db: 99,
sentinels: [{ host: 'localhost', port: 1234 }]
)
end
end
describe 'setting up the log path' do
context 'if the log path is a relative path' do
let(:custom_config) { { log_path: 'tiny_log.log' } }
it 'expands the log path to an absolute value' do
new_path = Pathname.new(first_value[:log_path])
expect(new_path.absolute?).to be_truthy
end
end
context 'if the log path is absolute path' do
let(:custom_config) { { log_path: '/dev/null' } }
it 'leaves the path as-is' do
expect(first_value[:log_path]).to eq '/dev/null'
end
end
end
end
describe '#enabled_mailbox_types' do
context 'when all mailbox types are enabled' do
it 'returns the mailbox types' do
expect(described_class.enabled_mailbox_types).to match(%w[incoming_email service_desk_email])
end
end
context 'when an mailbox_types is disabled' do
let(:incoming_email_config) { yml_config.merge(enabled: false) }
it 'returns the mailbox types' do
expect(described_class.enabled_mailbox_types).to match(%w[service_desk_email])
end
end
context 'when email is disabled' do
let(:custom_config) { { enabled: false } }
it 'returns an empty array' do
expect(described_class.enabled_mailbox_types).to match_array([])
end
end
end
describe '#worker_for' do
context 'matched mailbox types' do
it 'returns the constantized worker class' do
expect(described_class.worker_for('incoming_email')).to eql(EmailReceiverWorker)
expect(described_class.worker_for('service_desk_email')).to eql(ServiceDeskEmailReceiverWorker)
end
end
context 'non-existing mailbox_type' do
it 'returns nil' do
expect(described_class.worker_for('another_mailbox_type')).to be(nil)
end
end
end
describe 'config/mail_room.yml' do
let(:mail_room_template) { ERB.new(File.read(Rails.root.join("./config/mail_room.yml"))).result }
let(:mail_room_yml) { YAML.safe_load(mail_room_template, permitted_classes: [Symbol]) }
shared_examples 'renders mail-specific config file correctly' do
it 'renders mail room config file correctly' do
expect(mail_room_yml[:mailboxes]).to be_an(Array)
expect(mail_room_yml[:mailboxes].length).to eq(2)
expect(mail_room_yml[:mailboxes]).to all(
match(
a_hash_including(
host: 'mail.example.com',
port: default_port,
ssl: false,
start_tls: false,
email: 'user@example.com',
password: 'password',
idle_timeout: 60,
logger: {
log_path: log_path
},
name: 'inbox',
delete_after_delivery: true,
expunge_deleted: false
)
)
)
end
end
shared_examples 'renders arbitration options correctly' do
it 'renders arbitration options correctly' do
expect(mail_room_yml[:mailboxes]).to be_an(Array)
expect(mail_room_yml[:mailboxes].length).to eq(2)
expect(mail_room_yml[:mailboxes]).to all(
match(
a_hash_including(
arbitration_method: "redis",
arbitration_options: {
redis_url: "localhost",
namespace: "mail_room:gitlab",
sentinels: [{ host: "localhost", port: 1234 }]
}
)
)
)
end
end
shared_examples 'renders the sidekiq delivery method and options correctly' do
it 'renders the sidekiq delivery method and options correctly' do
expect(mail_room_yml[:mailboxes]).to be_an(Array)
expect(mail_room_yml[:mailboxes].length).to eq(2)
expect(mail_room_yml[:mailboxes][0]).to match(
a_hash_including(
delivery_method: 'sidekiq',
delivery_options: {
redis_url: "localhost",
redis_db: 99,
namespace: "resque:gitlab",
queue: "default",
worker: "EmailReceiverWorker",
sentinels: [{ host: "localhost", port: 1234 }]
}
)
)
expect(mail_room_yml[:mailboxes][1]).to match(
a_hash_including(
delivery_method: 'sidekiq',
delivery_options: {
redis_url: "localhost",
redis_db: 99,
namespace: "resque:gitlab",
queue: "default",
worker: "ServiceDeskEmailReceiverWorker",
sentinels: [{ host: "localhost", port: 1234 }]
}
)
)
end
end
context 'when delivery_method is implicit' do
it_behaves_like 'renders mail-specific config file correctly'
it_behaves_like 'renders arbitration options correctly'
it_behaves_like 'renders the sidekiq delivery method and options correctly'
end
context 'when delivery_method is explicitly sidekiq' do
let(:custom_config) { { delivery_method: 'sidekiq' } }
it_behaves_like 'renders mail-specific config file correctly'
it_behaves_like 'renders arbitration options correctly'
it_behaves_like 'renders the sidekiq delivery method and options correctly'
end
context 'when delivery_method is webhook (internally postback in mail_room)' do
let(:custom_config) do
{
delivery_method: 'webhook',
gitlab_url: 'http://gitlab.example',
secret_file: '/path/to/secret/file'
}
end
it_behaves_like 'renders mail-specific config file correctly'
it_behaves_like 'renders arbitration options correctly'
it 'renders the webhook (postback) delivery method and options correctly' do
expect(mail_room_yml[:mailboxes]).to be_an(Array)
expect(mail_room_yml[:mailboxes].length).to eq(2)
expect(mail_room_yml[:mailboxes][0]).to match(
a_hash_including(
delivery_method: 'postback',
delivery_options: {
delivery_url: "http://gitlab.example/api/v4/internal/mail_room/incoming_email",
content_type: "text/plain",
jwt_auth_header: Gitlab::MailRoom::INTERNAL_API_REQUEST_HEADER,
jwt_issuer: Gitlab::MailRoom::INTERNAL_API_REQUEST_JWT_ISSUER,
jwt_algorithm: 'HS256',
jwt_secret_path: '/path/to/secret/file'
}
)
)
expect(mail_room_yml[:mailboxes][1]).to match(
a_hash_including(
delivery_method: 'postback',
delivery_options: {
delivery_url: "http://gitlab.example/api/v4/internal/mail_room/service_desk_email",
content_type: "text/plain",
jwt_auth_header: Gitlab::MailRoom::INTERNAL_API_REQUEST_HEADER,
jwt_issuer: Gitlab::MailRoom::INTERNAL_API_REQUEST_JWT_ISSUER,
jwt_algorithm: 'HS256',
jwt_secret_path: '/path/to/secret/file'
}
)
)
end
end
end
describe 'mailroom encrypted configuration' do
context "when parsing secrets.yml" do
let(:application_secrets_file) { Rails.root.join('spec/fixtures/mail_room/secrets.yml.erb').to_s }
let(:encrypted_settings_key_base) { '0123456789abcdef' * 8 }
before do
allow(described_class).to receive(:application_secrets_file).and_return(application_secrets_file)
stub_env('KEY', 'an environment variable value')
described_class.instance_variable_set(:@application_secrets, nil)
end
after do
described_class.instance_variable_set(:@application_secrets, nil)
end
it 'reads in the secrets.yml file as erb and merges shared and test environments' do
application_secrets = described_class.send(:application_secrets)
expect(application_secrets).to match(a_hash_including(
a_shared_key: 'this key is shared',
an_overriden_shared_key: 'the merge overwrote this key',
an_environment_specific_key: 'test environment value',
erb_env_key: 'an environment variable value',
encrypted_settings_key_base: encrypted_settings_key_base
))
expect(application_secrets[:an_unread_key]).to be_nil
end
end
context "when parsing gitlab.yml" do
let(:plain_configs) { configs }
let(:shared_path_config) do
{ shared: { path: '/this/is/my/shared_path' } }.merge(configs)
end
let(:encrypted_settings_config) do
{
shared: { path: '/this/is/my/shared_path' },
encrypted_settings: { path: '/this/is/my_custom_encrypted_path' }
}.merge(configs)
end
let(:encrypted_file_config) do
configs.deep_merge({
incoming_email: { encrypted_secret_file: '/custom_incoming_secret.yaml.enc' },
service_desk_email: { encrypted_secret_file: '/custom_service_desk_secret.yaml.enc' }
})
end
it 'returns default encrypted_secret_file path' do
allow(described_class).to receive(:load_yaml).and_return(plain_configs)
expect(described_class.send(:encrypted_secret_file, :incoming_email))
.to end_with('shared/encrypted_settings/incoming_email.yaml.enc')
expect(described_class.send(:encrypted_secret_file, :service_desk_email))
.to end_with('shared/encrypted_settings/service_desk_email.yaml.enc')
end
it 'returns encrypted_secret_file relative to custom shared path' do
allow(described_class).to receive(:load_yaml).and_return(shared_path_config)
expect(described_class.send(:encrypted_secret_file, :incoming_email))
.to eq('/this/is/my/shared_path/encrypted_settings/incoming_email.yaml.enc')
expect(described_class.send(:encrypted_secret_file, :service_desk_email))
.to eq('/this/is/my/shared_path/encrypted_settings/service_desk_email.yaml.enc')
end
it 'returns custom encrypted_secret_file' do
allow(described_class).to receive(:load_yaml).and_return(encrypted_file_config)
expect(described_class.send(:encrypted_secret_file, :incoming_email))
.to eq('/custom_incoming_secret.yaml.enc')
expect(described_class.send(:encrypted_secret_file, :service_desk_email))
.to eq('/custom_service_desk_secret.yaml.enc')
end
end
context 'when using encrypted secrets' do
let(:mail_room_template) { ERB.new(File.read(Rails.root.join("./config/mail_room.yml"))).result }
let(:mail_room_yml) { YAML.safe_load(mail_room_template, permitted_classes: [Symbol]) }
let(:application_secrets) { { encrypted_settings_key_base: '0123456789abcdef' * 8 } } # gitleaks:allow
let(:configs) do
{
encrypted_settings: { path: 'spec/fixtures/mail_room/encrypted_secrets' }
}.merge({
incoming_email: incoming_email_config,
service_desk_email: service_desk_email_config
})
end
before do
allow(described_class).to receive(:application_secrets).and_return(application_secrets)
end
it 'renders the encrypted secrets into the configuration correctly' do
expect(mail_room_yml[:mailboxes]).to be_an(Array)
expect(mail_room_yml[:mailboxes].length).to eq(2)
expect(mail_room_yml[:mailboxes][0]).to match(
a_hash_including(
password: 'abc123',
email: 'incoming-test-account@gitlab.com'
)
)
expect(mail_room_yml[:mailboxes][1]).to match(
a_hash_including(
password: '123abc',
email: 'service-desk-test-account@gitlab.example.com'
)
)
end
end
end
end