diff options
| author | Thong Kuah <tkuah@gitlab.com> | 2019-01-10 12:26:40 +1300 |
|---|---|---|
| committer | Thong Kuah <tkuah@gitlab.com> | 2019-01-25 16:48:37 +1300 |
| commit | f234aef9943ec7ccd3e30e55d6cd0acd114e6c29 (patch) | |
| tree | 5244711fc7893968465d2a703fd4b53503d78a9b /spec | |
| parent | e4dc22e330388df385b64815f12d7c51dd97635f (diff) | |
| download | gitlab-ce-f234aef9943ec7ccd3e30e55d6cd0acd114e6c29.tar.gz | |
Use http_max_redirects opt to replace monkeypatch
http_max_redirects was introduced in 4.2.2, so upgrade kubeclient.
The monkey-patch was global so we will have to check that all instances
of Kubeclient::Client are handled.
Spec all methods of KubeClient
This should provide better confidence that we are indeed disallowing
redirection in all cases
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/lib/gitlab/kubernetes/kube_client_spec.rb | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/spec/lib/gitlab/kubernetes/kube_client_spec.rb b/spec/lib/gitlab/kubernetes/kube_client_spec.rb index 8fc85301304..02364e92149 100644 --- a/spec/lib/gitlab/kubernetes/kube_client_spec.rb +++ b/spec/lib/gitlab/kubernetes/kube_client_spec.rb @@ -24,6 +24,32 @@ describe Gitlab::Kubernetes::KubeClient do end end + shared_examples 'redirection not allowed' do |method_name| + before do + redirect_url = 'https://not-under-our-control.example.com/api/v1/pods' + + stub_request(:get, %r{\A#{api_url}/}) + .to_return(status: 302, headers: { location: redirect_url }) + + stub_request(:get, redirect_url) + .to_return(status: 200, body: '{}') + end + + it 'does not follow redirects' do + method_call = -> do + case method_name + when /\A(get_|delete_)/ + client.public_send(method_name) + when /\A(create_|update_)/ + client.public_send(method_name, {}) + else + raise "Unknown method name #{method_name}" + end + end + expect { method_call.call }.to raise_error(Kubeclient::HttpError) + end + end + describe '#core_client' do subject { client.core_client } @@ -103,6 +129,8 @@ describe Gitlab::Kubernetes::KubeClient do :update_service_account ].each do |method| describe "##{method}" do + include_examples 'redirection not allowed', method + it 'delegates to the core client' do expect(client).to delegate_method(method).to(:core_client) end @@ -123,6 +151,8 @@ describe Gitlab::Kubernetes::KubeClient do :update_cluster_role_binding ].each do |method| describe "##{method}" do + include_examples 'redirection not allowed', method + it 'delegates to the rbac client' do expect(client).to delegate_method(method).to(:rbac_client) end @@ -139,6 +169,8 @@ describe Gitlab::Kubernetes::KubeClient do let(:extensions_client) { client.extensions_client } describe '#get_deployments' do + include_examples 'redirection not allowed', 'get_deployments' + it 'delegates to the extensions client' do expect(client).to delegate_method(:get_deployments).to(:extensions_client) end |