gitlab-org--gitlab-foss/spec/controllers/projects/clusters_controller_spec.rb

525 lines
16 KiB
Ruby
Raw Normal View History

2017-10-05 11:05:29 -04:00
require 'spec_helper'
describe Projects::ClustersController do
include AccessMatchersForController
include GoogleApi::CloudPlatformHelpers
2017-10-05 11:05:29 -04:00
describe 'GET index' do
describe 'functionality' do
let(:user) { create(:user) }
2017-10-05 11:05:29 -04:00
before do
project.add_master(user)
sign_in(user)
end
2017-10-05 11:05:29 -04:00
context 'when project has a cluster' do
let(:cluster) { create(:cluster, :project, :provided_by_gcp) }
let(:project) { cluster.project }
2017-10-05 11:05:29 -04:00
it { expect(go).to redirect_to(project_cluster_path(project, project.cluster)) }
end
2017-10-05 11:05:29 -04:00
context 'when project does not have a cluster' do
let(:project) { create(:project) }
2017-10-05 11:05:29 -04:00
it { expect(go).to redirect_to(new_project_cluster_path(project)) }
2017-10-05 11:05:29 -04:00
end
end
describe 'security' do
let(:cluster) { create(:cluster, :project, :provided_by_gcp) }
let(:project) { cluster.project }
it { expect { go }.to be_allowed_for(:admin) }
it { expect { go }.to be_allowed_for(:owner).of(project) }
it { expect { go }.to be_allowed_for(:master).of(project) }
it { expect { go }.to be_denied_for(:developer).of(project) }
it { expect { go }.to be_denied_for(:reporter).of(project) }
it { expect { go }.to be_denied_for(:guest).of(project) }
it { expect { go }.to be_denied_for(:user) }
it { expect { go }.to be_denied_for(:external) }
end
2017-10-05 11:05:29 -04:00
def go
get :index, namespace_id: project.namespace.to_param, project_id: project
2017-10-05 11:05:29 -04:00
end
end
describe 'GET login' do
let(:project) { create(:project) }
2017-10-05 11:05:29 -04:00
describe 'functionality' do
let(:user) { create(:user) }
2017-10-05 11:05:29 -04:00
before do
project.add_master(user)
sign_in(user)
2017-10-05 11:05:29 -04:00
end
context 'when omniauth has been configured' do
let(:key) { 'secere-key' }
let(:session_key_for_redirect_uri) do
GoogleApi::CloudPlatform::Client.session_key_for_redirect_uri(key)
end
before do
allow(SecureRandom).to receive(:hex).and_return(key)
end
it 'has authorize_url' do
go
expect(assigns(:authorize_url)).to include(key)
expect(session[session_key_for_redirect_uri]).to eq(namespace_project_clusters_url(project.namespace, project))
end
2017-10-05 11:05:29 -04:00
end
context 'when omniauth has not configured' do
before do
stub_omniauth_setting(providers: [])
end
2017-10-05 11:05:29 -04:00
it 'does not have authorize_url' do
go
expect(assigns(:authorize_url)).to be_nil
end
2017-10-05 11:05:29 -04:00
end
end
describe 'security' do
it { expect { go }.to be_allowed_for(:admin) }
it { expect { go }.to be_allowed_for(:owner).of(project) }
it { expect { go }.to be_allowed_for(:master).of(project) }
it { expect { go }.to be_denied_for(:developer).of(project) }
it { expect { go }.to be_denied_for(:reporter).of(project) }
it { expect { go }.to be_denied_for(:guest).of(project) }
it { expect { go }.to be_denied_for(:user) }
it { expect { go }.to be_denied_for(:external) }
end
def go
get :login, namespace_id: project.namespace, project_id: project
end
2017-10-05 11:05:29 -04:00
end
shared_examples 'requires to login' do
it 'redirects to create a cluster' do
subject
expect(response).to redirect_to(login_project_clusters_path(project))
end
end
describe 'GET new' do
let(:project) { create(:project) }
2017-10-05 11:05:29 -04:00
describe 'functionality' do
let(:user) { create(:user) }
2017-10-05 11:05:29 -04:00
before do
project.add_master(user)
sign_in(user)
end
context 'when access token is valid' do
before do
stub_google_api_validate_token
end
it 'has new object' do
go
expect(assigns(:cluster)).to be_an_instance_of(Clusters::Cluster)
end
2017-10-05 11:05:29 -04:00
end
context 'when access token is expired' do
before do
stub_google_api_expired_token
end
it { expect(go).to redirect_to(login_project_clusters_path(project)) }
end
2017-10-05 11:05:29 -04:00
context 'when access token is not stored in session' do
it { expect(go).to redirect_to(login_project_clusters_path(project)) }
2017-10-05 11:05:29 -04:00
end
end
describe 'security' do
it { expect { go }.to be_allowed_for(:admin) }
it { expect { go }.to be_allowed_for(:owner).of(project) }
it { expect { go }.to be_allowed_for(:master).of(project) }
it { expect { go }.to be_denied_for(:developer).of(project) }
it { expect { go }.to be_denied_for(:reporter).of(project) }
it { expect { go }.to be_denied_for(:guest).of(project) }
it { expect { go }.to be_denied_for(:user) }
it { expect { go }.to be_denied_for(:external) }
end
def go
get :new, namespace_id: project.namespace, project_id: project
2017-10-05 11:05:29 -04:00
end
end
describe 'POST create' do
let(:project) { create(:project) }
let(:params) do
{
cluster: {
name: 'new-cluster',
platform_type: :kubernetes,
provider_type: :gcp,
provider_gcp_attributes: {
gcp_project_id: '111',
}
}
}
2017-10-05 11:05:29 -04:00
end
describe 'functionality' do
let(:user) { create(:user) }
2017-10-05 11:05:29 -04:00
before do
project.add_master(user)
sign_in(user)
2017-10-05 11:05:29 -04:00
end
context 'when access token is valid' do
before do
stub_google_api_validate_token
2017-10-05 11:05:29 -04:00
end
context 'when creates a cluster on gke' do
it 'creates a new cluster' do
expect(ClusterProvisionWorker).to receive(:perform_async)
expect { go }.to change { Clusters::Cluster.count }
expect(response).to redirect_to(project_cluster_path(project, project.cluster))
end
2017-10-05 11:05:29 -04:00
end
context 'when adds a cluster manually' do
let(:params) do
{
cluster: {
name: 'new-cluster',
platform_type: :kubernetes,
2017-10-31 14:59:40 -04:00
provider_type: :user,
platform_kubernetes_attributes: {
namespace: 'custom-namespace',
api_url: 'https://111.111.111.111',
token: 'token'
}
}
}
end
2017-10-05 11:05:29 -04:00
it 'creates a new cluster' do
expect(ClusterProvisionWorker).to receive(:perform_async)
expect { go }.to change { Clusters::Cluster.count }
expect(response).to redirect_to(project_cluster_path(project, project.cluster))
end
2017-10-05 11:05:29 -04:00
end
context 'when not all required parameters are set' do
let(:params) do
{
cluster: {
name: 'new-cluster'
}
2017-10-05 11:05:29 -04:00
}
end
it 'shows an error message' do
expect { go }.not_to change { Clusters::Cluster.count }
expect(assigns(:cluster).errors).not_to be_empty
expect(response).to render_template(:new)
end
end
end
context 'when access token is expired' do
before do
stub_google_api_expired_token
2017-10-05 11:05:29 -04:00
end
it 'redirects to login page' do
expect(go).to redirect_to(login_project_clusters_path(project))
end
end
2017-10-05 11:05:29 -04:00
context 'when access token is not stored in session' do
it 'redirects to login page' do
expect(go).to redirect_to(login_project_clusters_path(project))
2017-10-05 11:05:29 -04:00
end
end
end
describe 'security' do
it { expect { go }.to be_allowed_for(:admin) }
it { expect { go }.to be_allowed_for(:owner).of(project) }
it { expect { go }.to be_allowed_for(:master).of(project) }
it { expect { go }.to be_denied_for(:developer).of(project) }
it { expect { go }.to be_denied_for(:reporter).of(project) }
it { expect { go }.to be_denied_for(:guest).of(project) }
it { expect { go }.to be_denied_for(:user) }
it { expect { go }.to be_denied_for(:external) }
end
def go
post :create, params.merge(namespace_id: project.namespace, project_id: project)
end
2017-10-05 11:05:29 -04:00
end
describe 'GET status' do
let(:cluster) { create(:cluster, :project, :providing_by_gcp) }
let(:project) { cluster.project }
describe 'functionality' do
let(:user) { create(:user) }
2017-10-05 11:05:29 -04:00
before do
project.add_master(user)
sign_in(user)
end
it "responds with matching schema" do
go
expect(response).to have_http_status(:ok)
expect(response).to match_response_schema('cluster_status')
end
end
describe 'security' do
it { expect { go }.to be_allowed_for(:admin) }
it { expect { go }.to be_allowed_for(:owner).of(project) }
it { expect { go }.to be_allowed_for(:master).of(project) }
it { expect { go }.to be_denied_for(:developer).of(project) }
it { expect { go }.to be_denied_for(:reporter).of(project) }
it { expect { go }.to be_denied_for(:guest).of(project) }
it { expect { go }.to be_denied_for(:user) }
it { expect { go }.to be_denied_for(:external) }
end
def go
2017-10-05 11:05:29 -04:00
get :status, namespace_id: project.namespace,
project_id: project,
id: cluster,
format: :json
end
end
describe 'GET show' do
let(:cluster) { create(:cluster, :project, :provided_by_gcp) }
let(:project) { cluster.project }
2017-10-05 11:05:29 -04:00
describe 'functionality' do
let(:user) { create(:user) }
2017-10-05 11:05:29 -04:00
before do
project.add_master(user)
sign_in(user)
2017-10-05 11:05:29 -04:00
end
it "renders view" do
go
2017-10-05 11:05:29 -04:00
expect(response).to have_http_status(:ok)
expect(assigns(:cluster)).to eq(cluster)
2017-10-05 11:05:29 -04:00
end
end
describe 'security' do
it { expect { go }.to be_allowed_for(:admin) }
it { expect { go }.to be_allowed_for(:owner).of(project) }
it { expect { go }.to be_allowed_for(:master).of(project) }
it { expect { go }.to be_denied_for(:developer).of(project) }
it { expect { go }.to be_denied_for(:reporter).of(project) }
it { expect { go }.to be_denied_for(:guest).of(project) }
it { expect { go }.to be_denied_for(:user) }
it { expect { go }.to be_denied_for(:external) }
end
2017-10-05 11:05:29 -04:00
def go
get :show, namespace_id: project.namespace,
project_id: project,
id: cluster
2017-10-05 11:05:29 -04:00
end
end
describe 'PUT update' do
let(:cluster) { create(:cluster, :project, :provided_by_gcp) }
let(:project) { cluster.project }
2017-10-05 11:05:29 -04:00
describe 'functionality' do
let(:user) { create(:user) }
2017-10-05 11:05:29 -04:00
before do
project.add_master(user)
sign_in(user)
end
2017-10-05 11:05:29 -04:00
context 'when update enabled' do
2017-10-05 11:05:29 -04:00
let(:params) do
{
cluster: { enabled: false }
}
end
it "updates and redirects back to show page" do
go
2017-10-05 11:05:29 -04:00
cluster.reload
2017-10-05 11:05:29 -04:00
expect(response).to redirect_to(project_cluster_path(project, project.cluster))
expect(flash[:notice]).to eq('Cluster was successfully updated.')
expect(cluster.enabled).to be_falsey
end
context 'when cluster is being created' do
let(:cluster) { create(:cluster, :project, :providing_by_gcp) }
it "rejects changes" do
go
expect(response).to have_http_status(:ok)
expect(response).to render_template(:show)
expect(cluster.enabled).to be_truthy
end
2017-10-05 11:05:29 -04:00
end
end
context 'when update namespace' do
let(:namespace) { 'namespace-123' }
2017-10-05 11:05:29 -04:00
let(:params) do
{
cluster: {
platform_kubernetes_attributes: {
namespace: namespace
}
}
2017-10-05 11:05:29 -04:00
}
end
it "updates and redirects back to show page" do
go
cluster.reload
expect(response).to redirect_to(project_cluster_path(project, project.cluster))
expect(flash[:notice]).to eq('Cluster was successfully updated.')
expect(cluster.platform.namespace).to eq(namespace)
end
context 'when namespace is invalid' do
let(:namespace) { 'my Namespace 321321321 #' }
it "rejects changes" do
go
2017-10-05 11:05:29 -04:00
expect(response).to have_http_status(:ok)
expect(response).to render_template(:show)
expect(cluster.platform.namespace).not_to eq(namespace)
end
2017-10-05 11:05:29 -04:00
end
end
end
describe 'security' do
let(:params) do
{
cluster: { enabled: false }
}
end
2017-10-05 11:05:29 -04:00
it { expect { go }.to be_allowed_for(:admin) }
it { expect { go }.to be_allowed_for(:owner).of(project) }
it { expect { go }.to be_allowed_for(:master).of(project) }
it { expect { go }.to be_denied_for(:developer).of(project) }
it { expect { go }.to be_denied_for(:reporter).of(project) }
it { expect { go }.to be_denied_for(:guest).of(project) }
it { expect { go }.to be_denied_for(:user) }
it { expect { go }.to be_denied_for(:external) }
end
2017-10-05 11:05:29 -04:00
def go
put :update, params.merge(namespace_id: project.namespace,
project_id: project,
id: cluster)
2017-10-05 11:05:29 -04:00
end
end
describe 'delete update' do
let(:cluster) { create(:cluster, :project, :provided_by_gcp) }
let(:project) { cluster.project }
2017-10-05 11:05:29 -04:00
describe 'functionality' do
let(:user) { create(:user) }
2017-10-05 11:05:29 -04:00
before do
project.add_master(user)
sign_in(user)
end
it "destroys and redirects back to clusters list" do
expect { go }
.to change { Clusters::Cluster.count }.by(-1)
.and change { Clusters::Platforms::Kubernetes.count }.by(-1)
.and change { Clusters::Providers::Gcp.count }.by(-1)
2017-10-05 11:05:29 -04:00
expect(response).to redirect_to(project_clusters_path(project))
expect(flash[:notice]).to eq('Cluster integration was successfully removed.')
2017-10-05 11:05:29 -04:00
end
context 'when cluster is being created' do
let(:cluster) { create(:cluster, :project, :providing_by_gcp) }
it "destroys and redirects back to clusters list" do
expect { go }
.to change { Clusters::Cluster.count }.by(-1)
.and change { Clusters::Platforms::Kubernetes.count }.by(-1)
.and change { Clusters::Providers::Gcp.count }.by(-1)
expect(response).to redirect_to(project_clusters_path(project))
expect(flash[:notice]).to eq('Cluster integration was successfully removed.')
end
end
context 'when provider is user' do
let(:cluster) { create(:cluster, :project, :provided_by_user) }
2017-10-05 11:05:29 -04:00
it "destroys and redirects back to clusters list" do
expect { go }
.to change { Clusters::Cluster.count }.by(-1)
.and change { Clusters::Platforms::Kubernetes.count }.by(-1)
.and change { Clusters::Providers::Gcp.count }.by(0)
2017-10-05 11:05:29 -04:00
expect(response).to redirect_to(project_clusters_path(project))
expect(flash[:notice]).to eq('Cluster integration was successfully removed.')
end
2017-10-05 11:05:29 -04:00
end
end
describe 'security' do
it { expect { go }.to be_allowed_for(:admin) }
it { expect { go }.to be_allowed_for(:owner).of(project) }
it { expect { go }.to be_allowed_for(:master).of(project) }
it { expect { go }.to be_denied_for(:developer).of(project) }
it { expect { go }.to be_denied_for(:reporter).of(project) }
it { expect { go }.to be_denied_for(:guest).of(project) }
it { expect { go }.to be_denied_for(:user) }
it { expect { go }.to be_denied_for(:external) }
end
2017-10-05 11:05:29 -04:00
def go
delete :destroy, namespace_id: project.namespace,
project_id: project,
id: cluster
end
2017-10-05 11:05:29 -04:00
end
end