debian-mirror-gitlab/spec/lib/gitlab/kas/client_spec.rb
2023-07-09 08:55:56 +05:30

162 lines
6.5 KiB
Ruby

# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Gitlab::Kas::Client do
let_it_be(:project) { create(:project) }
let_it_be(:agent) { create(:cluster_agent, project: project) }
describe '#initialize' do
context 'kas is not enabled' do
before do
allow(Gitlab::Kas).to receive(:enabled?).and_return(false)
end
it 'raises a configuration error' do
expect { described_class.new }.to raise_error(described_class::ConfigurationError, 'GitLab KAS is not enabled')
end
end
context 'internal url is not set' do
before do
allow(Gitlab::Kas).to receive(:enabled?).and_return(true)
allow(Gitlab::Kas).to receive(:internal_url).and_return(nil)
end
it 'raises a configuration error' do
expect { described_class.new }.to raise_error(described_class::ConfigurationError, 'KAS internal URL is not configured')
end
end
end
describe 'gRPC calls' do
let(:token) { instance_double(JSONWebToken::HMACToken, encoded: 'test-token') }
let(:kas_url) { 'grpc://example.kas.internal' }
before do
allow(Gitlab::Kas).to receive(:enabled?).and_return(true)
allow(Gitlab::Kas).to receive(:internal_url).and_return(kas_url)
expect(JSONWebToken::HMACToken).to receive(:new)
.with(Gitlab::Kas.secret)
.and_return(token)
expect(token).to receive(:issuer=).with(Settings.gitlab.host)
expect(token).to receive(:audience=).with(described_class::JWT_AUDIENCE)
end
describe '#get_connected_agents' do
let(:stub) { instance_double(Gitlab::Agent::AgentTracker::Rpc::AgentTracker::Stub) }
let(:request) { instance_double(Gitlab::Agent::AgentTracker::Rpc::GetConnectedAgentsRequest) }
let(:response) { double(Gitlab::Agent::AgentTracker::Rpc::GetConnectedAgentsResponse, agents: connected_agents) }
let(:connected_agents) { [double] }
subject { described_class.new.get_connected_agents(project: project) }
before do
expect(Gitlab::Agent::AgentTracker::Rpc::AgentTracker::Stub).to receive(:new)
.with('example.kas.internal', :this_channel_is_insecure, timeout: described_class::TIMEOUT)
.and_return(stub)
expect(Gitlab::Agent::AgentTracker::Rpc::GetConnectedAgentsRequest).to receive(:new)
.with(project_id: project.id)
.and_return(request)
expect(stub).to receive(:get_connected_agents)
.with(request, metadata: { 'authorization' => 'bearer test-token' })
.and_return(response)
end
it { expect(subject).to eq(connected_agents) }
end
describe '#list_agent_config_files' do
let(:stub) { instance_double(Gitlab::Agent::ConfigurationProject::Rpc::ConfigurationProject::Stub) }
let(:request) { instance_double(Gitlab::Agent::ConfigurationProject::Rpc::ListAgentConfigFilesRequest) }
let(:response) { double(Gitlab::Agent::ConfigurationProject::Rpc::ListAgentConfigFilesResponse, config_files: agent_configurations) }
let(:repository) { instance_double(Gitlab::Agent::Modserver::Repository) }
let(:gitaly_address) { instance_double(Gitlab::Agent::Modserver::GitalyAddress) }
let(:agent_configurations) { [double] }
subject { described_class.new.list_agent_config_files(project: project) }
before do
expect(Gitlab::Agent::ConfigurationProject::Rpc::ConfigurationProject::Stub).to receive(:new)
.with('example.kas.internal', :this_channel_is_insecure, timeout: described_class::TIMEOUT)
.and_return(stub)
expect(Gitlab::Agent::Modserver::Repository).to receive(:new)
.with(project.repository.gitaly_repository.to_h)
.and_return(repository)
expect(Gitlab::Agent::Modserver::GitalyAddress).to receive(:new)
.with(Gitlab::GitalyClient.connection_data(project.repository_storage))
.and_return(gitaly_address)
expect(Gitlab::Agent::ConfigurationProject::Rpc::ListAgentConfigFilesRequest).to receive(:new)
.with(repository: repository, gitaly_address: gitaly_address)
.and_return(request)
expect(stub).to receive(:list_agent_config_files)
.with(request, metadata: { 'authorization' => 'bearer test-token' })
.and_return(response)
end
it { expect(subject).to eq(agent_configurations) }
end
describe '#send_git_push_event' do
let(:stub) { instance_double(Gitlab::Agent::Notifications::Rpc::Notifications::Stub) }
let(:request) { instance_double(Gitlab::Agent::Notifications::Rpc::GitPushEventRequest) }
let(:project_param) { instance_double(Gitlab::Agent::Notifications::Rpc::Project) }
let(:response) { double(Gitlab::Agent::Notifications::Rpc::GitPushEventResponse) }
subject { described_class.new.send_git_push_event(project: project) }
before do
expect(Gitlab::Agent::Notifications::Rpc::Notifications::Stub).to receive(:new)
.with('example.kas.internal', :this_channel_is_insecure, timeout: described_class::TIMEOUT)
.and_return(stub)
expect(Gitlab::Agent::Notifications::Rpc::Project).to receive(:new)
.with(id: project.id, full_path: project.full_path)
.and_return(project_param)
expect(Gitlab::Agent::Notifications::Rpc::GitPushEventRequest).to receive(:new)
.with(project: project_param)
.and_return(request)
expect(stub).to receive(:git_push_event)
.with(request, metadata: { 'authorization' => 'bearer test-token' })
.and_return(response)
end
it { expect(subject).to eq(response) }
end
describe 'with grpcs' do
let(:stub) { instance_double(Gitlab::Agent::ConfigurationProject::Rpc::ConfigurationProject::Stub) }
let(:credentials) { instance_double(GRPC::Core::ChannelCredentials) }
let(:kas_url) { 'grpcs://example.kas.internal' }
it 'uses a ChannelCredentials object with the correct certificates' do
expect(GRPC::Core::ChannelCredentials).to receive(:new)
.with(Gitlab::X509::Certificate.ca_certs_bundle)
.and_return(credentials)
expect(Gitlab::Agent::ConfigurationProject::Rpc::ConfigurationProject::Stub).to receive(:new)
.with('example.kas.internal', credentials, timeout: described_class::TIMEOUT)
.and_return(stub)
allow(stub).to receive(:list_agent_config_files)
.and_return(double(config_files: []))
described_class.new.list_agent_config_files(project: project)
end
end
end
end