diff options
Diffstat (limited to 'spec/migrations/generate_customers_dot_jwt_signing_key_spec.rb')
-rw-r--r-- | spec/migrations/generate_customers_dot_jwt_signing_key_spec.rb | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/spec/migrations/generate_customers_dot_jwt_signing_key_spec.rb b/spec/migrations/generate_customers_dot_jwt_signing_key_spec.rb new file mode 100644 index 00000000000..b7a91abf5d7 --- /dev/null +++ b/spec/migrations/generate_customers_dot_jwt_signing_key_spec.rb @@ -0,0 +1,42 @@ +# frozen_string_literal: true + +require 'spec_helper' + +require_migration! + +RSpec.describe GenerateCustomersDotJwtSigningKey do + let(:application_settings) do + Class.new(ActiveRecord::Base) do + self.table_name = 'application_settings' + + attr_encrypted :customers_dot_jwt_signing_key, { + mode: :per_attribute_iv, + key: Gitlab::Utils.ensure_utf8_size(Rails.application.secrets.db_key_base, bytes: 32.bytes), + algorithm: 'aes-256-gcm', + encode: true + } + end + end + + it 'generates JWT signing key' do + application_settings.create! + + reversible_migration do |migration| + migration.before -> { + settings = application_settings.first + + expect(settings.customers_dot_jwt_signing_key).to be_nil + expect(settings.encrypted_customers_dot_jwt_signing_key).to be_nil + expect(settings.encrypted_customers_dot_jwt_signing_key_iv).to be_nil + } + + migration.after -> { + settings = application_settings.first + + expect(settings.encrypted_customers_dot_jwt_signing_key).to be_present + expect(settings.encrypted_customers_dot_jwt_signing_key_iv).to be_present + expect { OpenSSL::PKey::RSA.new(settings.customers_dot_jwt_signing_key) }.not_to raise_error + } + end + end +end |