spec/services/security/ci_configuration/sast_create_service_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe Security::CiConfiguration::SastCreateService, :snowplow, feature_category: :sast do
  subject(:result) { described_class.new(project, user, params).execute }

  let(:branch_name) { 'set-sast-config-1' }

  let(:non_empty_params) do
    { 'stage' => 'security',
      'SEARCH_MAX_DEPTH' => 1,
      'SECURE_ANALYZERS_PREFIX' => 'new_registry',
      'SAST_EXCLUDED_PATHS' => 'spec,docs' }
  end

  let(:snowplow_event) do
    {
      category: 'Security::CiConfiguration::SastCreateService',
      action: 'create',
      label: 'false'
    }
  end

  include_examples 'services security ci configuration create service'

  RSpec.shared_examples_for 'commits directly to the default branch' do
    it 'commits directly to the default branch' do
      expect(project).to receive(:default_branch).twice.and_return('master')

      expect(result.status).to eq(:success)
      expect(result.payload[:success_path]).to match(/#{Gitlab::Routing.url_helpers.project_new_merge_request_url(project, {})}(.*)description(.*)source_branch/)
      expect(result.payload[:branch]).to eq('master')
    end
  end

  context 'when the repository is empty' do
    let_it_be(:project) { create(:project_empty_repo) }

    context 'when initialize_with_sast is false' do
      before do
        project.add_developer(user)
      end

      let(:params) { { initialize_with_sast: false } }

      it 'raises an error' do
        expect { result }.to raise_error(Gitlab::Graphql::Errors::MutationError)
      end
    end

    context 'when initialize_with_sast is true' do
      let(:params) { { initialize_with_sast: true } }

      subject(:result) { described_class.new(project, user, params, commit_on_default: true).execute }

      before do
        project.add_maintainer(user)
      end

      it_behaves_like 'commits directly to the default branch'
    end
  end

  context 'when committing to the default branch', :aggregate_failures do
    subject(:result) { described_class.new(project, user, params, commit_on_default: true).execute }

    let(:params) { {} }

    before do
      project.add_developer(user)
    end

    it 'does not try to remove that branch on raised exceptions' do
      expect(Files::MultiService).to receive(:new).and_raise(StandardError, '_exception_')
      expect(project.repository).not_to receive(:rm_branch)

      expect { result }.to raise_error(StandardError, '_exception_')
    end

    it_behaves_like 'commits directly to the default branch'
  end
end