# frozen_string_literal: true require 'spec_helper' RSpec.describe Ci::RetryBuildService do let_it_be(:reporter) { create(:user) } let_it_be(:developer) { create(:user) } let_it_be(:project) { create(:project, :repository) } let_it_be(:pipeline) do create(:ci_pipeline, project: project, sha: 'b83d6e391c22777fca1ed3012fce84f633d7fed0') end let_it_be(:stage) do create(:ci_stage_entity, project: project, pipeline: pipeline, name: 'test') end let_it_be_with_refind(:build) { create(:ci_build, pipeline: pipeline, stage_id: stage.id) } let(:user) { developer } let(:service) do described_class.new(project, user) end before_all do project.add_developer(developer) project.add_reporter(reporter) end clone_accessors = described_class.clone_accessors.without(described_class.extra_accessors) reject_accessors = %i[id status user token token_encrypted coverage trace runner artifacts_expire_at created_at updated_at started_at finished_at queued_at erased_by erased_at auto_canceled_by job_artifacts job_artifacts_archive job_artifacts_metadata job_artifacts_trace job_artifacts_junit job_artifacts_sast job_artifacts_secret_detection job_artifacts_dependency_scanning job_artifacts_container_scanning job_artifacts_cluster_image_scanning job_artifacts_dast job_artifacts_license_scanning job_artifacts_performance job_artifacts_browser_performance job_artifacts_load_performance job_artifacts_lsif job_artifacts_terraform job_artifacts_cluster_applications job_artifacts_codequality job_artifacts_metrics scheduled_at job_variables waiting_for_resource_at job_artifacts_metrics_referee job_artifacts_network_referee job_artifacts_dotenv job_artifacts_cobertura needs job_artifacts_accessibility job_artifacts_requirements job_artifacts_coverage_fuzzing job_artifacts_api_fuzzing terraform_state_versions].freeze ignore_accessors = %i[type lock_version target_url base_tags trace_sections commit_id deployment erased_by_id project_id runner_id tag_taggings taggings tags trigger_request_id user_id auto_canceled_by_id retried failure_reason sourced_pipelines artifacts_file_store artifacts_metadata_store metadata runner_session trace_chunks upstream_pipeline_id artifacts_file artifacts_metadata artifacts_size commands resource resource_group_id processed security_scans author pipeline_id report_results pending_state pages_deployments queuing_entry runtime_metadata trace_metadata].freeze shared_examples 'build duplication' do let_it_be(:another_pipeline) { create(:ci_empty_pipeline, project: project) } let_it_be(:build) do create(:ci_build, :failed, :picked, :expired, :erased, :queued, :coverage, :tags, :allowed_to_fail, :on_tag, :triggered, :teardown_environment, :resource_group, description: 'my-job', stage: 'test', stage_id: stage.id, pipeline: pipeline, auto_canceled_by: another_pipeline, scheduled_at: 10.seconds.since) end let_it_be(:internal_job_variable) { create(:ci_job_variable, job: build) } before_all do # Make sure that build has both `stage_id` and `stage` because FactoryBot # can reset one of the fields when assigning another. We plan to deprecate # and remove legacy `stage` column in the future. build.update!(stage: 'test', stage_id: stage.id) # Make sure we have one instance for every possible job_artifact_X # associations to check they are correctly rejected on build duplication. Ci::JobArtifact::TYPE_AND_FORMAT_PAIRS.each do |file_type, file_format| create(:ci_job_artifact, file_format, file_type: file_type, job: build, expire_at: build.artifacts_expire_at) end create(:ci_job_variable, :dotenv_source, job: build) create(:ci_build_need, build: build) create(:terraform_state_version, build: build) end describe 'clone accessors' do let(:forbidden_associations) do Ci::Build.reflect_on_all_associations.each_with_object(Set.new) do |assoc, memo| memo << assoc.name unless assoc.macro == :belongs_to end end clone_accessors.each do |attribute| it "clones #{attribute} build attribute", :aggregate_failures do expect(attribute).not_to be_in(forbidden_associations), "association #{attribute} must be `belongs_to`" expect(build.send(attribute)).not_to be_nil expect(new_build.send(attribute)).not_to be_nil expect(new_build.send(attribute)).to eq build.send(attribute) end end context 'when job has nullified protected' do before do build.update_attribute(:protected, nil) end it "clones protected build attribute" do expect(new_build.protected).to be_nil expect(new_build.protected).to eq build.protected end end it 'clones only the needs attributes' do expect(new_build.needs.exists?).to be_truthy expect(build.needs.exists?).to be_truthy expect(new_build.needs_attributes).to match(build.needs_attributes) expect(new_build.needs).not_to match(build.needs) end it 'clones only internal job variables' do expect(new_build.job_variables.count).to eq(1) expect(new_build.job_variables).to contain_exactly(having_attributes(key: internal_job_variable.key, value: internal_job_variable.value)) end end describe 'reject accessors' do reject_accessors.each do |attribute| it "does not clone #{attribute} build attribute" do expect(new_build.send(attribute)).not_to eq build.send(attribute) end end end it 'has correct number of known attributes', :aggregate_failures do processed_accessors = clone_accessors + reject_accessors known_accessors = processed_accessors + ignore_accessors # :tag_list is a special case, this accessor does not exist # in reflected associations, comes from `act_as_taggable` and # we use it to copy tags, instead of reusing tags. # current_accessors = Ci::Build.attribute_names.map(&:to_sym) + Ci::Build.attribute_aliases.keys.map(&:to_sym) + Ci::Build.reflect_on_all_associations.map(&:name) + [:tag_list, :needs_attributes, :job_variables_attributes] - # ee-specific accessors should be tested in ee/spec/services/ci/retry_build_service_spec.rb instead described_class.extra_accessors - [:dast_site_profiles_build, :dast_scanner_profiles_build] # join tables current_accessors.uniq! expect(current_accessors).to include(*processed_accessors) expect(known_accessors).to include(*current_accessors) end end describe '#execute' do let(:new_build) do travel_to(1.second.from_now) do service.execute(build) end end context 'when user has ability to execute build' do before do stub_not_protect_default_branch end it_behaves_like 'build duplication' it 'creates a new build that represents the old one' do expect(new_build.name).to eq build.name end it 'enqueues the new build' do expect(new_build).to be_pending end context 'when there are subsequent processables that are skipped' do let!(:subsequent_build) do create(:ci_build, :skipped, stage_idx: 2, pipeline: pipeline, stage: 'deploy') end let!(:subsequent_bridge) do create(:ci_bridge, :skipped, stage_idx: 2, pipeline: pipeline, stage: 'deploy') end it 'resumes pipeline processing in the subsequent stage' do service.execute(build) expect(subsequent_build.reload).to be_created expect(subsequent_bridge.reload).to be_created end it 'updates ownership for subsequent builds' do expect { service.execute(build) }.to change { subsequent_build.reload.user }.to(user) end it 'updates ownership for subsequent bridges' do expect { service.execute(build) }.to change { subsequent_bridge.reload.user }.to(user) end it 'does not cause n+1 when updaing build ownership' do control_count = ActiveRecord::QueryRecorder.new(skip_cached: false) { service.execute(build) }.count create_list(:ci_build, 2, :skipped, stage_idx: build.stage_idx + 1, pipeline: pipeline, stage: 'deploy') expect { service.execute(build) }.not_to exceed_all_query_limit(control_count) end end context 'when pipeline has other builds' do let!(:stage2) { create(:ci_stage_entity, project: project, pipeline: pipeline, name: 'deploy') } let!(:build2) { create(:ci_build, pipeline: pipeline, stage_id: stage.id ) } let!(:deploy) { create(:ci_build, pipeline: pipeline, stage_id: stage2.id) } let!(:deploy_needs_build2) { create(:ci_build_need, build: deploy, name: build2.name) } context 'when build has nil scheduling_type' do before do build.pipeline.processables.update_all(scheduling_type: nil) build.reload end it 'populates scheduling_type of processables' do expect(new_build.scheduling_type).to eq('stage') expect(build.reload.scheduling_type).to eq('stage') expect(build2.reload.scheduling_type).to eq('stage') expect(deploy.reload.scheduling_type).to eq('dag') end end context 'when build has scheduling_type' do it 'does not call populate_scheduling_type!' do expect_any_instance_of(Ci::Pipeline).not_to receive(:ensure_scheduling_type!) expect(new_build.scheduling_type).to eq('stage') end end end context 'when the pipeline is a child pipeline and the bridge is depended' do let!(:parent_pipeline) { create(:ci_pipeline, project: project) } let!(:bridge) { create(:ci_bridge, :strategy_depend, pipeline: parent_pipeline, status: 'success') } let!(:source_pipeline) { create(:ci_sources_pipeline, pipeline: pipeline, source_job: bridge) } it 'marks source bridge as pending' do service.execute(build) expect(bridge.reload).to be_pending end end context 'when there is a failed job todo for the MR' do let!(:merge_request) { create(:merge_request, source_project: project, author: user, head_pipeline: pipeline) } let!(:todo) { create(:todo, :build_failed, user: user, project: project, author: user, target: merge_request) } it 'resolves the todo for the old failed build' do expect do service.execute(build) end.to change { todo.reload.state }.from('pending').to('done') end end end context 'when user does not have ability to execute build' do let(:user) { reporter } it 'raises an error' do expect { service.execute(build) } .to raise_error Gitlab::Access::AccessDeniedError end end end describe '#clone!' do let(:new_build) do travel_to(1.second.from_now) do service.clone!(build) end end it 'raises an error when an unexpected class is passed' do expect { service.clone!(create(:ci_build).present) }.to raise_error(TypeError) end context 'when user has ability to execute build' do before do stub_not_protect_default_branch end it_behaves_like 'build duplication' it 'creates a new build that represents the old one' do expect(new_build.name).to eq build.name end it 'does not enqueue the new build' do expect(new_build).to be_created expect(new_build).not_to be_processed end it 'does mark old build as retried' do expect(new_build).to be_latest expect(build).to be_retried expect(build).to be_processed end shared_examples_for 'when build with deployment is retried' do let!(:build) do create(:ci_build, :with_deployment, :deploy_to_production, pipeline: pipeline, stage_id: stage.id, project: project) end it 'creates a new deployment' do expect { new_build }.to change { Deployment.count }.by(1) end it 'persists expanded environment name' do expect(new_build.metadata.expanded_environment_name).to eq('production') end it 'does not create a new environment' do expect { new_build }.not_to change { Environment.count } end end shared_examples_for 'when build with dynamic environment is retried' do let_it_be(:other_developer) { create(:user).tap { |u| project.add_developer(other_developer) } } let(:environment_name) { 'review/$CI_COMMIT_REF_SLUG-$GITLAB_USER_ID' } let!(:build) do create(:ci_build, :with_deployment, environment: environment_name, options: { environment: { name: environment_name } }, pipeline: pipeline, stage_id: stage.id, project: project, user: other_developer) end it 're-uses the previous persisted environment' do expect(build.persisted_environment.name).to eq("review/#{build.ref}-#{other_developer.id}") expect(new_build.persisted_environment.name).to eq("review/#{build.ref}-#{other_developer.id}") end it 'creates a new deployment' do expect { new_build }.to change { Deployment.count }.by(1) end it 'does not create a new environment' do expect { new_build }.not_to change { Environment.count } end end it_behaves_like 'when build with deployment is retried' it_behaves_like 'when build with dynamic environment is retried' context 'when create_deployment_in_separate_transaction feature flag is disabled' do let(:new_build) do travel_to(1.second.from_now) do ::Gitlab::Database::QueryAnalyzers::PreventCrossDatabaseModification.allow_cross_database_modification_within_transaction(url: 'https://gitlab.com/gitlab-org/gitlab/-/issues/345668') do service.clone!(build) end end end before do stub_feature_flags(create_deployment_in_separate_transaction: false) end it_behaves_like 'when build with deployment is retried' it_behaves_like 'when build with dynamic environment is retried' end context 'when build has needs' do before do create(:ci_build_need, build: build, name: 'build1') create(:ci_build_need, build: build, name: 'build2') end it 'bulk inserts all needs' do expect(Ci::BuildNeed).to receive(:bulk_insert!).and_call_original new_build end end end context 'when user does not have ability to execute build' do let(:user) { reporter } it 'raises an error' do expect { service.clone!(build) } .to raise_error Gitlab::Access::AccessDeniedError end end end end