blob: 077b10227d7357960c8c1775a8ec65ea8de09b10 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
require 'spec_helper'
describe Ci::Variable, models: true do
subject { build(:ci_variable) }
let(:secret_value) { 'secret' }
it { is_expected.to validate_presence_of(:key) }
it { is_expected.to validate_uniqueness_of(:key).scoped_to(:project_id) }
it { is_expected.to validate_length_of(:key).is_at_most(255) }
it { is_expected.to allow_value('foo').for(:key) }
it { is_expected.not_to allow_value('foo bar').for(:key) }
it { is_expected.not_to allow_value('foo/bar').for(:key) }
describe '.unprotected' do
subject { described_class.unprotected }
context 'when variable is protected' do
before do
create(:ci_variable, :protected)
end
it 'returns nothing' do
is_expected.to be_empty
end
end
context 'when variable is not protected' do
let(:variable) { create(:ci_variable, protected: false) }
it 'returns the variable' do
is_expected.to contain_exactly(variable)
end
end
end
describe '#value' do
before do
subject.value = secret_value
end
it 'stores the encrypted value' do
expect(subject.encrypted_value).not_to be_nil
end
it 'stores an iv for value' do
expect(subject.encrypted_value_iv).not_to be_nil
end
it 'stores a salt for value' do
expect(subject.encrypted_value_salt).not_to be_nil
end
it 'fails to decrypt if iv is incorrect' do
subject.encrypted_value_iv = SecureRandom.hex
subject.instance_variable_set(:@value, nil)
expect { subject.value }.
to raise_error(OpenSSL::Cipher::CipherError, 'bad decrypt')
end
end
describe '#to_runner_variable' do
it 'returns a hash for the runner' do
expect(subject.to_runner_variable)
.to eq(key: subject.key, value: subject.value, public: false)
end
end
end
|
