1 files changed, 17 insertions, 3 deletions

diff --git a/spec/services/auth/container_registry_authentication_service_spec.rb b/spec/services/auth/container_registry_authentication_service_spec.rb
index 8273269c2fb..70eb35f0826 100644
--- a/spec/services/auth/container_registry_authentication_service_spec.rb
+++ b/spec/services/auth/container_registry_authentication_service_spec.rb
@@ -35,11 +35,11 @@ describe Auth::ContainerRegistryAuthenticationService do
     it { expect(payload).to include('access') }
 
     context 'a expirable' do
-      let(:expires_at) { Time.at(payload['exp']) }
+      let(:expires_at) { Time.zone.at(payload['exp']) }
       let(:expire_delay) { 10 }
 
       context 'for default configuration' do
-        it { expect(expires_at).not_to be_within(2.seconds).of(Time.now + expire_delay.minutes) }
+        it { expect(expires_at).not_to be_within(2.seconds).of(Time.current + expire_delay.minutes) }
       end
 
       context 'for changed configuration' do
@@ -47,7 +47,7 @@ describe Auth::ContainerRegistryAuthenticationService do
           stub_application_setting(container_registry_token_expire_delay: expire_delay)
         end
 
-        it { expect(expires_at).to be_within(2.seconds).of(Time.now + expire_delay.minutes) }
+        it { expect(expires_at).to be_within(2.seconds).of(Time.current + expire_delay.minutes) }
       end
     end
   end
@@ -205,6 +205,20 @@ describe Auth::ContainerRegistryAuthenticationService do
 
         it_behaves_like 'an inaccessible'
         it_behaves_like 'not a container repository factory'
+
+        it 'logs an auth warning' do
+          expect(Gitlab::AuthLogger).to receive(:warn).with(
+            message: 'Denied container registry permissions',
+            scope_type: 'repository',
+            requested_project_path: project.full_path,
+            requested_actions: ['*'],
+            authorized_actions: [],
+            user_id: current_user.id,
+            username: current_user.username
+          )
+
+          subject
+        end
       end
 
       context 'disallow developer to delete images since registry 2.7' do