Add latest changes from gitlab-org/gitlab@14-2-stable-eev14.2.0-rc42

1 files changed, 42 insertions, 0 deletions

diff --git a/spec/migrations/generate_customers_dot_jwt_signing_key_spec.rb b/spec/migrations/generate_customers_dot_jwt_signing_key_spec.rb
new file mode 100644
index 00000000000..b7a91abf5d7
--- /dev/null
+++ b/spec/migrations/generate_customers_dot_jwt_signing_key_spec.rb
@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+require_migration!
+
+RSpec.describe GenerateCustomersDotJwtSigningKey do
+  let(:application_settings) do
+    Class.new(ActiveRecord::Base) do
+      self.table_name = 'application_settings'
+
+      attr_encrypted :customers_dot_jwt_signing_key, {
+        mode: :per_attribute_iv,
+        key: Gitlab::Utils.ensure_utf8_size(Rails.application.secrets.db_key_base, bytes: 32.bytes),
+        algorithm: 'aes-256-gcm',
+        encode: true
+      }
+    end
+  end
+
+  it 'generates JWT signing key' do
+    application_settings.create!
+
+    reversible_migration do |migration|
+      migration.before -> {
+        settings = application_settings.first
+
+        expect(settings.customers_dot_jwt_signing_key).to be_nil
+        expect(settings.encrypted_customers_dot_jwt_signing_key).to be_nil
+        expect(settings.encrypted_customers_dot_jwt_signing_key_iv).to be_nil
+      }
+
+      migration.after -> {
+        settings = application_settings.first
+
+        expect(settings.encrypted_customers_dot_jwt_signing_key).to be_present
+        expect(settings.encrypted_customers_dot_jwt_signing_key_iv).to be_present
+        expect { OpenSSL::PKey::RSA.new(settings.customers_dot_jwt_signing_key) }.not_to raise_error
+      }
+    end
+  end
+end