1 files changed, 205 insertions, 5 deletions

diff --git a/spec/requests/api/lint_spec.rb b/spec/requests/api/lint_spec.rb
index 9890cdc20c0..aecbcfb5b5a 100644
--- a/spec/requests/api/lint_spec.rb
+++ b/spec/requests/api/lint_spec.rb
@@ -9,12 +9,13 @@ RSpec.describe API::Lint do
         File.read(Rails.root.join('spec/support/gitlab_stubs/gitlab_ci.yml'))
       end
 
-      it 'passes validation' do
+      it 'passes validation without warnings or errors' do
         post api('/ci/lint'), params: { content: yaml_content }
 
         expect(response).to have_gitlab_http_status(:ok)
         expect(json_response).to be_an Hash
         expect(json_response['status']).to eq('valid')
+        expect(json_response['warnings']).to eq([])
         expect(json_response['errors']).to eq([])
       end
 
@@ -26,6 +27,20 @@ RSpec.describe API::Lint do
       end
     end
 
+    context 'with valid .gitlab-ci.yaml with warnings' do
+      let(:yaml_content) { { job: { script: 'ls', rules: [{ when: 'always' }] } }.to_yaml }
+
+      it 'passes validation but returns warnings' do
+        post api('/ci/lint'), params: { content: yaml_content }
+
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(json_response['status']).to eq('valid')
+        expect(json_response['warnings']).not_to be_empty
+        expect(json_response['status']).to eq('valid')
+        expect(json_response['errors']).to eq([])
+      end
+    end
+
     context 'with an invalid .gitlab_ci.yml' do
       context 'with invalid syntax' do
         let(:yaml_content) { 'invalid content' }
@@ -35,6 +50,7 @@ RSpec.describe API::Lint do
 
           expect(response).to have_gitlab_http_status(:ok)
           expect(json_response['status']).to eq('invalid')
+          expect(json_response['warnings']).to eq([])
           expect(json_response['errors']).to eq(['Invalid configuration format'])
         end
 
@@ -54,6 +70,7 @@ RSpec.describe API::Lint do
 
           expect(response).to have_gitlab_http_status(:ok)
           expect(json_response['status']).to eq('invalid')
+          expect(json_response['warnings']).to eq([])
           expect(json_response['errors']).to eq(['jobs config should contain at least one visible job'])
         end
 
@@ -82,7 +99,18 @@ RSpec.describe API::Lint do
     let(:project) { create(:project, :repository) }
     let(:dry_run) { nil }
 
-    RSpec.shared_examples 'valid config' do
+    RSpec.shared_examples 'valid config with warnings' do
+      it 'passes validation with warnings' do
+        ci_lint
+
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(json_response['valid']).to eq(true)
+        expect(json_response['errors']).to eq([])
+        expect(json_response['warnings']).not_to be_empty
+      end
+    end
+
+    RSpec.shared_examples 'valid config without warnings' do
       it 'passes validation' do
         ci_lint
 
@@ -94,6 +122,7 @@ RSpec.describe API::Lint do
         expect(json_response).to be_an Hash
         expect(json_response['merged_yaml']).to eq(expected_yaml)
         expect(json_response['valid']).to eq(true)
+        expect(json_response['warnings']).to eq([])
         expect(json_response['errors']).to eq([])
       end
     end
@@ -105,6 +134,7 @@ RSpec.describe API::Lint do
         expect(response).to have_gitlab_http_status(:ok)
         expect(json_response['merged_yaml']).to eq(yaml_content)
         expect(json_response['valid']).to eq(false)
+        expect(json_response['warnings']).to eq([])
         expect(json_response['errors']).to eq(['jobs config should contain at least one visible job'])
       end
     end
@@ -157,6 +187,7 @@ RSpec.describe API::Lint do
             expect(response).to have_gitlab_http_status(:ok)
             expect(json_response['merged_yaml']).to eq(nil)
             expect(json_response['valid']).to eq(false)
+            expect(json_response['warnings']).to eq([])
             expect(json_response['errors']).to eq(['Insufficient permissions to create a new pipeline'])
           end
         end
@@ -186,7 +217,7 @@ RSpec.describe API::Lint do
             )
           end
 
-          it_behaves_like 'valid config'
+          it_behaves_like 'valid config without warnings'
         end
       end
     end
@@ -242,13 +273,19 @@ RSpec.describe API::Lint do
         context 'when running as dry run' do
           let(:dry_run) { true }
 
-          it_behaves_like 'valid config'
+          it_behaves_like 'valid config without warnings'
         end
 
         context 'when running static validation' do
           let(:dry_run) { false }
 
-          it_behaves_like 'valid config'
+          it_behaves_like 'valid config without warnings'
+        end
+
+        context 'With warnings' do
+          let(:yaml_content) { { job: { script: 'ls', rules: [{ when: 'always' }] } }.to_yaml }
+
+          it_behaves_like 'valid config with warnings'
         end
       end
 
@@ -275,4 +312,167 @@ RSpec.describe API::Lint do
       end
     end
   end
+
+  describe 'POST /projects/:id/ci/lint' do
+    subject(:ci_lint) { post api("/projects/#{project.id}/ci/lint", api_user), params: { dry_run: dry_run, content: yaml_content } }
+
+    let(:project) { create(:project, :repository) }
+    let(:dry_run) { nil }
+
+    let_it_be(:api_user) { create(:user) }
+
+    let_it_be(:yaml_content) do
+      { include: { local: 'another-gitlab-ci.yml' }, test: { stage: 'test', script: 'echo 1' } }.to_yaml
+    end
+
+    let_it_be(:included_content) do
+      { another_test: { stage: 'test', script: 'echo 1' } }.to_yaml
+    end
+
+    RSpec.shared_examples 'valid project config' do
+      it 'passes validation' do
+        ci_lint
+
+        included_config = YAML.safe_load(included_content, [Symbol])
+        root_config = YAML.safe_load(yaml_content, [Symbol])
+        expected_yaml = included_config.merge(root_config).except(:include).to_yaml
+
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(json_response).to be_an Hash
+        expect(json_response['merged_yaml']).to eq(expected_yaml)
+        expect(json_response['valid']).to eq(true)
+        expect(json_response['errors']).to eq([])
+      end
+    end
+
+    RSpec.shared_examples 'invalid project config' do
+      it 'responds with errors about invalid configuration' do
+        ci_lint
+
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(json_response['merged_yaml']).to eq(yaml_content)
+        expect(json_response['valid']).to eq(false)
+        expect(json_response['errors']).to eq(['jobs config should contain at least one visible job'])
+      end
+    end
+
+    context 'when unauthenticated' do
+      let_it_be(:api_user) { nil }
+
+      it 'returns authentication error' do
+        ci_lint
+
+        expect(response).to have_gitlab_http_status(:not_found)
+      end
+    end
+
+    context 'when authenticated as non-member' do
+      context 'when project is private' do
+        before do
+          project.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
+        end
+
+        it 'returns authentication error' do
+          ci_lint
+
+          expect(response).to have_gitlab_http_status(:not_found)
+        end
+      end
+
+      context 'when project is public' do
+        before do
+          project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
+        end
+
+        context 'when running as dry run' do
+          let(:dry_run) { true }
+
+          it 'returns pipeline creation error' do
+            ci_lint
+
+            expect(response).to have_gitlab_http_status(:ok)
+            expect(json_response['merged_yaml']).to eq(nil)
+            expect(json_response['valid']).to eq(false)
+            expect(json_response['errors']).to eq(['Insufficient permissions to create a new pipeline'])
+          end
+        end
+
+        context 'when running static validation' do
+          let(:dry_run) { false }
+
+          before do
+            project.repository.create_file(
+              project.creator,
+              'another-gitlab-ci.yml',
+              included_content,
+              message: 'Automatically created another-gitlab-ci.yml',
+              branch_name: 'master'
+            )
+          end
+
+          it_behaves_like 'valid project config'
+        end
+      end
+    end
+
+    context 'when authenticated as project guest' do
+      before do
+        project.add_guest(api_user)
+      end
+
+      it 'returns authentication error' do
+        ci_lint
+
+        expect(response).to have_gitlab_http_status(:forbidden)
+      end
+    end
+
+    context 'when authenticated as project developer' do
+      before do
+        project.add_developer(api_user)
+      end
+
+      context 'with valid .gitlab-ci.yml content' do
+        before do
+          project.repository.create_file(
+            project.creator,
+            'another-gitlab-ci.yml',
+            included_content,
+            message: 'Automatically created another-gitlab-ci.yml',
+            branch_name: 'master'
+          )
+        end
+
+        context 'when running as dry run' do
+          let(:dry_run) { true }
+
+          it_behaves_like 'valid project config'
+        end
+
+        context 'when running static validation' do
+          let(:dry_run) { false }
+
+          it_behaves_like 'valid project config'
+        end
+      end
+
+      context 'with invalid .gitlab-ci.yml content' do
+        let(:yaml_content) do
+          { image: 'ruby:2.7', services: ['postgres'] }.to_yaml
+        end
+
+        context 'when running as dry run' do
+          let(:dry_run) { true }
+
+          it_behaves_like 'invalid project config'
+        end
+
+        context 'when running static validation' do
+          let(:dry_run) { false }
+
+          it_behaves_like 'invalid project config'
+        end
+      end
+    end
+  end
 end