diff options
Diffstat (limited to 'spec/requests/api/internal/kubernetes_spec.rb')
-rw-r--r-- | spec/requests/api/internal/kubernetes_spec.rb | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/spec/requests/api/internal/kubernetes_spec.rb b/spec/requests/api/internal/kubernetes_spec.rb index 2e13016a0a6..47d0c872eb6 100644 --- a/spec/requests/api/internal/kubernetes_spec.rb +++ b/spec/requests/api/internal/kubernetes_spec.rb @@ -38,16 +38,22 @@ RSpec.describe API::Internal::Kubernetes do end shared_examples 'agent authentication' do - it 'returns 403 if Authorization header not sent' do + it 'returns 401 if Authorization header not sent' do send_request - expect(response).to have_gitlab_http_status(:forbidden) + expect(response).to have_gitlab_http_status(:unauthorized) end - it 'returns 403 if Authorization is for non-existent agent' do + it 'returns 401 if Authorization is for non-existent agent' do send_request(headers: { 'Authorization' => 'Bearer NONEXISTENT' }) - expect(response).to have_gitlab_http_status(:forbidden) + expect(response).to have_gitlab_http_status(:unauthorized) + end + end + + shared_examples 'agent token tracking' do + it 'tracks token usage' do + expect { response }.to change { agent_token.reload.read_attribute(:last_used_at) } end end @@ -101,6 +107,8 @@ RSpec.describe API::Internal::Kubernetes do let(:agent) { agent_token.agent } let(:project) { agent.project } + shared_examples 'agent token tracking' + it 'returns expected data', :aggregate_failures do send_request(headers: { 'Authorization' => "Bearer #{agent_token.token}" }) @@ -169,6 +177,8 @@ RSpec.describe API::Internal::Kubernetes do context 'an agent is found' do let_it_be(:agent_token) { create(:cluster_agent_token) } + shared_examples 'agent token tracking' + context 'project is public' do let(:project) { create(:project, :public) } |