diff options
author | GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> | 2023-03-02 14:46:43 +0000 |
---|---|---|
committer | GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> | 2023-03-02 14:46:43 +0000 |
commit | 623e40c9bbb8b9c8cbca620ad3a663b33c15abcf (patch) | |
tree | 08272c8e5eca9e4f680868d8dcd3794f764d287a /spec/models/integrations | |
parent | 6b75388b67c35271bc18f2dbd41a72accd927808 (diff) | |
parent | d5a415f1e66f24f55e70a37f18c6e9e81d2b73ee (diff) | |
download | gitlab-ce-623e40c9bbb8b9c8cbca620ad3a663b33c15abcf.tar.gz |
Merge remote-tracking branch 'dev/15-9-stable' into 15-9-stable
Diffstat (limited to 'spec/models/integrations')
-rw-r--r-- | spec/models/integrations/datadog_spec.rb | 2 | ||||
-rw-r--r-- | spec/models/integrations/prometheus_spec.rb | 55 |
2 files changed, 55 insertions, 2 deletions
diff --git a/spec/models/integrations/datadog_spec.rb b/spec/models/integrations/datadog_spec.rb index 65ecd9bee83..2d1e23b103f 100644 --- a/spec/models/integrations/datadog_spec.rb +++ b/spec/models/integrations/datadog_spec.rb @@ -3,7 +3,7 @@ require 'securerandom' require 'spec_helper' -RSpec.describe Integrations::Datadog do +RSpec.describe Integrations::Datadog, feature_category: :integrations do let_it_be(:project) { create(:project) } let_it_be(:pipeline) { create(:ci_pipeline, project: project) } let_it_be(:build) { create(:ci_build, pipeline: pipeline) } diff --git a/spec/models/integrations/prometheus_spec.rb b/spec/models/integrations/prometheus_spec.rb index 3c3850854b3..aa248abd3bb 100644 --- a/spec/models/integrations/prometheus_spec.rb +++ b/spec/models/integrations/prometheus_spec.rb @@ -239,6 +239,7 @@ RSpec.describe Integrations::Prometheus, :use_clean_rails_memory_store_caching, context 'behind IAP' do let(:manual_configuration) { true } + let(:google_iap_service_account_json) { Gitlab::Json.generate(google_iap_service_account) } let(:google_iap_service_account) do { @@ -259,7 +260,7 @@ RSpec.describe Integrations::Prometheus, :use_clean_rails_memory_store_caching, end def stub_iap_request - integration.google_iap_service_account_json = Gitlab::Json.generate(google_iap_service_account) + integration.google_iap_service_account_json = google_iap_service_account_json integration.google_iap_audience_client_id = 'IAP_CLIENT_ID.apps.googleusercontent.com' stub_request(:post, 'https://oauth2.googleapis.com/token') @@ -278,6 +279,17 @@ RSpec.describe Integrations::Prometheus, :use_clean_rails_memory_store_caching, expect(integration.prometheus_client.send(:options)[:headers]).to eq(authorization: "Bearer FOO") end + context 'with invalid IAP JSON' do + let(:google_iap_service_account_json) { 'invalid json' } + + it 'does not include authorization header' do + stub_iap_request + + expect(integration.prometheus_client).not_to be_nil + expect(integration.prometheus_client.send(:options)).not_to have_key(:headers) + end + end + context 'when passed with token_credential_uri', issue: 'https://gitlab.com/gitlab-org/gitlab/-/issues/284819' do let(:malicious_host) { 'http://example.com' } @@ -477,4 +489,45 @@ RSpec.describe Integrations::Prometheus, :use_clean_rails_memory_store_caching, end end end + + describe '#google_iap_service_account_json' do + subject(:iap_details) { integration.google_iap_service_account_json } + + before do + integration.google_iap_service_account_json = value + end + + context 'with valid JSON' do + let(:masked_value) { described_class::MASKED_VALUE } + let(:json) { Gitlab::Json.parse(iap_details) } + + let(:value) do + Gitlab::Json.generate({ + type: 'service_account', + private_key: 'SECRET', + foo: 'secret', + nested: { + key: 'value' + } + }) + end + + it 'masks all JSON values', issue: 'https://gitlab.com/gitlab-org/gitlab/-/issues/384580' do + expect(json).to eq( + 'type' => masked_value, + 'private_key' => masked_value, + 'foo' => masked_value, + 'nested' => masked_value + ) + end + end + + context 'with invalid JSON' do + where(:value) { [nil, '', ' ', 'invalid json'] } + + with_them do + it { is_expected.to eq(value) } + end + end + end end |