blob: be120aaf16adf287cdbd2092c1028513a947a5e8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Gitlab::X509::Tag do
subject(:signature) { described_class.new(project.repository, tag).signature }
describe '#signature' do
let(:repository) { Gitlab::Git::Repository.new('default', TEST_REPO_PATH, '', 'group/project') }
let(:project) { create(:project, :repository) }
shared_examples 'signed tag' do
let(:tag) { project.repository.find_tag('v1.1.1') }
let(:certificate_attributes) do
{
subject_key_identifier: X509Helpers::User1.tag_certificate_subject_key_identifier,
subject: X509Helpers::User1.certificate_subject,
email: X509Helpers::User1.certificate_email,
serial_number: X509Helpers::User1.tag_certificate_serial
}
end
let(:issuer_attributes) do
{
subject_key_identifier: X509Helpers::User1.tag_issuer_subject_key_identifier,
subject: X509Helpers::User1.tag_certificate_issuer,
crl_url: X509Helpers::User1.tag_certificate_crl
}
end
it { expect(signature).not_to be_nil }
it { expect(signature.verification_status).to eq(:unverified) }
it { expect(signature.x509_certificate).to have_attributes(certificate_attributes) }
it { expect(signature.x509_certificate.x509_issuer).to have_attributes(issuer_attributes) }
end
shared_examples 'unsigned tag' do
let(:tag) { project.repository.find_tag('v1.0.0') }
it { expect(signature).to be_nil }
end
context 'with :get_tag_signatures enabled' do
it_behaves_like 'signed tag'
it_behaves_like 'unsigned tag'
end
context 'with :get_tag_signatures disabled' do
before do
stub_feature_flags(get_tag_signatures: false)
end
it_behaves_like 'signed tag'
it_behaves_like 'unsigned tag'
end
end
end
|