210 lines
5.9 KiB
Ruby
210 lines
5.9 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'spec_helper'
|
|
|
|
RSpec.describe Gitlab::Ci::Variables::Builder::Group do
|
|
let_it_be(:group) { create(:group) }
|
|
|
|
let(:builder) { described_class.new(group) }
|
|
|
|
describe '#secret_variables' do
|
|
let(:environment) { '*' }
|
|
let(:protected_ref) { false }
|
|
|
|
let_it_be(:variable) do
|
|
create(:ci_group_variable,
|
|
value: 'secret',
|
|
group: group)
|
|
end
|
|
|
|
let_it_be(:protected_variable) do
|
|
create(:ci_group_variable, :protected,
|
|
value: 'protected',
|
|
group: group)
|
|
end
|
|
|
|
let(:variable_item) { item(variable) }
|
|
let(:protected_variable_item) { item(protected_variable) }
|
|
|
|
subject do
|
|
builder.secret_variables(
|
|
environment: environment,
|
|
protected_ref: protected_ref)
|
|
end
|
|
|
|
context 'when the ref is not protected' do
|
|
let(:protected_ref) { false }
|
|
|
|
it 'contains only the CI variables' do
|
|
is_expected.to contain_exactly(variable_item)
|
|
end
|
|
end
|
|
|
|
context 'when the ref is protected' do
|
|
let(:protected_ref) { true }
|
|
|
|
it 'contains all the variables' do
|
|
is_expected.to contain_exactly(variable_item, protected_variable_item)
|
|
end
|
|
end
|
|
|
|
context 'when environment name is specified' do
|
|
let(:environment) { 'review/name' }
|
|
|
|
before do
|
|
Ci::GroupVariable.update_all(environment_scope: environment_scope)
|
|
end
|
|
|
|
context 'when environment scope is exactly matched' do
|
|
let(:environment_scope) { 'review/name' }
|
|
|
|
it { is_expected.to contain_exactly(variable_item) }
|
|
end
|
|
|
|
context 'when environment scope is matched by wildcard' do
|
|
let(:environment_scope) { 'review/*' }
|
|
|
|
it { is_expected.to contain_exactly(variable_item) }
|
|
end
|
|
|
|
context 'when environment scope does not match' do
|
|
let(:environment_scope) { 'review/*/special' }
|
|
|
|
it { is_expected.not_to contain_exactly(variable_item) }
|
|
end
|
|
|
|
context 'when environment scope has _' do
|
|
let(:environment_scope) { '*_*' }
|
|
|
|
it 'does not treat it as wildcard' do
|
|
is_expected.not_to contain_exactly(variable_item)
|
|
end
|
|
end
|
|
|
|
context 'when environment name contains underscore' do
|
|
let(:environment) { 'foo_bar/test' }
|
|
let(:environment_scope) { 'foo_bar/*' }
|
|
|
|
it 'matches literally for _' do
|
|
is_expected.to contain_exactly(variable_item)
|
|
end
|
|
end
|
|
|
|
# The environment name and scope cannot have % at the moment,
|
|
# but we're considering relaxing it and we should also make sure
|
|
# it doesn't break in case some data sneaked in somehow as we're
|
|
# not checking this integrity in database level.
|
|
context 'when environment scope has %' do
|
|
let(:environment_scope) { '*%*' }
|
|
|
|
it 'does not treat it as wildcard' do
|
|
is_expected.not_to contain_exactly(variable_item)
|
|
end
|
|
end
|
|
|
|
context 'when environment name contains a percent' do
|
|
let(:environment) { 'foo%bar/test' }
|
|
let(:environment_scope) { 'foo%bar/*' }
|
|
|
|
it 'matches literally for _' do
|
|
is_expected.to contain_exactly(variable_item)
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when variables with the same name have different environment scopes' do
|
|
let(:environment) { 'review/name' }
|
|
|
|
let_it_be(:partially_matched_variable) do
|
|
create(:ci_group_variable,
|
|
key: variable.key,
|
|
value: 'partial',
|
|
environment_scope: 'review/*',
|
|
group: group)
|
|
end
|
|
|
|
let_it_be(:perfectly_matched_variable) do
|
|
create(:ci_group_variable,
|
|
key: variable.key,
|
|
value: 'prefect',
|
|
environment_scope: 'review/name',
|
|
group: group)
|
|
end
|
|
|
|
it 'orders the variables from least to most matched' do
|
|
variables_collection = Gitlab::Ci::Variables::Collection.new([
|
|
variable,
|
|
partially_matched_variable,
|
|
perfectly_matched_variable
|
|
]).to_runner_variables
|
|
|
|
expect(subject.to_runner_variables).to eq(variables_collection)
|
|
end
|
|
end
|
|
|
|
context 'when group has children' do
|
|
let(:protected_ref) { true }
|
|
|
|
let_it_be(:group_child_1) { create(:group, parent: group) }
|
|
let_it_be(:group_child_2) { create(:group, parent: group_child_1) }
|
|
|
|
let_it_be_with_reload(:group_child_3) do
|
|
create(:group, parent: group_child_2)
|
|
end
|
|
|
|
let_it_be(:variable_child_1) do
|
|
create(:ci_group_variable, group: group_child_1)
|
|
end
|
|
|
|
let_it_be(:variable_child_2) do
|
|
create(:ci_group_variable, group: group_child_2)
|
|
end
|
|
|
|
let_it_be(:variable_child_3) do
|
|
create(:ci_group_variable, group: group_child_3)
|
|
end
|
|
|
|
context 'traversal queries' do
|
|
shared_examples 'correct ancestor order' do
|
|
let(:builder) { described_class.new(group_child_3) }
|
|
|
|
it 'returns all variables belonging to the group and parent groups' do
|
|
expected_array1 = Gitlab::Ci::Variables::Collection.new(
|
|
[protected_variable_item, variable_item])
|
|
.to_runner_variables
|
|
|
|
expected_array2 = Gitlab::Ci::Variables::Collection.new(
|
|
[variable_child_1, variable_child_2, variable_child_3]
|
|
).to_runner_variables
|
|
|
|
got_array = subject.to_runner_variables
|
|
|
|
expect(got_array.shift(2)).to contain_exactly(*expected_array1)
|
|
expect(got_array).to eq(expected_array2)
|
|
end
|
|
end
|
|
|
|
context 'recursive' do
|
|
before do
|
|
stub_feature_flags(use_traversal_ids: false)
|
|
end
|
|
|
|
include_examples 'correct ancestor order'
|
|
end
|
|
|
|
context 'linear' do
|
|
before do
|
|
stub_feature_flags(use_traversal_ids: true)
|
|
end
|
|
|
|
include_examples 'correct ancestor order'
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
def item(variable)
|
|
Gitlab::Ci::Variables::Collection::Item.fabricate(variable)
|
|
end
|
|
end
|