Add latest changes from gitlab-org/security/gitlab@13-0-stable-ee

2 files changed, 74 insertions, 0 deletions

diff --git a/spec/controllers/admin/application_settings_controller_spec.rb b/spec/controllers/admin/application_settings_controller_spec.rb
index 33764818f79..fe28e791ade 100644
--- a/spec/controllers/admin/application_settings_controller_spec.rb
+++ b/spec/controllers/admin/application_settings_controller_spec.rb
@@ -155,6 +155,46 @@ describe Admin::ApplicationSettingsController do
     end
   end
 
+  describe 'PATCH #integrations' do
+    before do
+      stub_feature_flags(instance_level_integrations: false)
+      sign_in(admin)
+    end
+
+    describe 'EKS integration' do
+      let(:application_setting) { ApplicationSetting.current }
+      let(:settings_params) do
+        {
+          eks_integration_enabled: '1',
+          eks_account_id: '123456789012',
+          eks_access_key_id: 'dummy access key',
+          eks_secret_access_key: 'dummy secret key'
+        }
+      end
+
+      it 'updates EKS settings' do
+        patch :integrations, params: { application_setting: settings_params }
+
+        expect(application_setting.eks_integration_enabled).to be_truthy
+        expect(application_setting.eks_account_id).to eq '123456789012'
+        expect(application_setting.eks_access_key_id).to eq 'dummy access key'
+        expect(application_setting.eks_secret_access_key).to eq 'dummy secret key'
+      end
+
+      context 'secret access key is blank' do
+        let(:settings_params) { { eks_secret_access_key: '' } }
+
+        it 'does not update the secret key' do
+          application_setting.update!(eks_secret_access_key: 'dummy secret key')
+
+          patch :integrations, params: { application_setting: settings_params }
+
+          expect(application_setting.reload.eks_secret_access_key).to eq 'dummy secret key'
+        end
+      end
+    end
+  end
+
   describe 'PUT #reset_registration_token' do
     before do
       sign_in(admin)
diff --git a/spec/views/admin/application_settings/_eks.html.haml_spec.rb b/spec/views/admin/application_settings/_eks.html.haml_spec.rb
new file mode 100644
index 00000000000..52434557d3a
--- /dev/null
+++ b/spec/views/admin/application_settings/_eks.html.haml_spec.rb
@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'admin/application_settings/_eks' do
+  let_it_be(:admin) { create(:admin) }
+  let(:page) { Capybara::Node::Simple.new(rendered) }
+
+  before do
+    assign(:application_setting, application_setting)
+    allow(view).to receive(:current_user) { admin }
+    allow(view).to receive(:expanded) { true }
+  end
+
+  shared_examples 'EKS secret access key input' do
+    it 'renders an empty password field' do
+      render
+      expect(rendered).to have_field('Secret access key', type: 'password')
+      expect(page.find_field('Secret access key').value).to be_blank
+    end
+  end
+
+  context 'when eks_secret_access_key is not set' do
+    let(:application_setting) { build(:application_setting) }
+
+    include_examples 'EKS secret access key input'
+  end
+
+  context 'when eks_secret_access_key is set' do
+    let(:application_setting) { build(:application_setting, eks_secret_access_key: 'eks_secret_access_key') }
+
+    include_examples 'EKS secret access key input'
+  end
+end