2019-10-29 00:06:10 +00:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2015-12-29 22:12:36 +00:00
|
|
|
require 'spec_helper'
|
|
|
|
|
|
2020-06-24 06:09:01 +00:00
|
|
|
RSpec.describe API::Jobs do
|
2020-12-10 15:10:12 +00:00
|
|
|
using RSpec::Parameterized::TableSyntax
|
2018-02-06 14:18:32 +00:00
|
|
|
include HttpIOHelpers
|
|
|
|
|
|
2020-02-17 15:09:01 +00:00
|
|
|
let_it_be(:project, reload: true) do
|
2017-05-02 08:29:09 +00:00
|
|
|
create(:project, :repository, public_builds: false)
|
|
|
|
|
end
|
|
|
|
|
|
2020-02-17 15:09:01 +00:00
|
|
|
let_it_be(:pipeline, reload: true) do
|
2020-07-14 12:09:14 +00:00
|
|
|
create(:ci_pipeline, project: project,
|
|
|
|
|
sha: project.commit.id,
|
|
|
|
|
ref: project.default_branch)
|
2017-05-02 08:29:09 +00:00
|
|
|
end
|
|
|
|
|
|
2018-05-10 07:58:19 +00:00
|
|
|
let!(:job) do
|
|
|
|
|
create(:ci_build, :success, pipeline: pipeline,
|
|
|
|
|
artifacts_expire_at: 1.day.since)
|
|
|
|
|
end
|
2015-12-29 22:12:36 +00:00
|
|
|
|
|
|
|
|
let(:user) { create(:user) }
|
2016-02-19 17:06:53 +00:00
|
|
|
let(:api_user) { user }
|
2017-05-02 08:29:09 +00:00
|
|
|
let(:reporter) { create(:project_member, :reporter, project: project).user }
|
|
|
|
|
let(:guest) { create(:project_member, :guest, project: project).user }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
project.add_developer(user)
|
|
|
|
|
end
|
2015-12-29 22:12:36 +00:00
|
|
|
|
2017-02-22 10:13:59 +00:00
|
|
|
describe 'GET /projects/:id/jobs' do
|
2020-09-02 15:10:54 +00:00
|
|
|
let(:query) { {} }
|
2016-02-19 17:06:53 +00:00
|
|
|
|
2018-01-14 22:11:38 +00:00
|
|
|
before do |example|
|
|
|
|
|
unless example.metadata[:skip_before_request]
|
2018-12-17 22:52:17 +00:00
|
|
|
get api("/projects/#{project.id}/jobs", api_user), params: query
|
2018-01-14 22:11:38 +00:00
|
|
|
end
|
2016-07-14 16:53:27 +00:00
|
|
|
end
|
2016-02-19 17:06:53 +00:00
|
|
|
|
2015-12-29 22:12:36 +00:00
|
|
|
context 'authorized user' do
|
2017-02-22 10:13:59 +00:00
|
|
|
it 'returns project jobs' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2017-01-24 20:49:10 +00:00
|
|
|
expect(response).to include_pagination_headers
|
2016-01-08 13:01:31 +00:00
|
|
|
expect(json_response).to be_an Array
|
|
|
|
|
end
|
|
|
|
|
|
2016-06-21 12:26:57 +00:00
|
|
|
it 'returns correct values' do
|
|
|
|
|
expect(json_response).not_to be_empty
|
|
|
|
|
expect(json_response.first['commit']['id']).to eq project.commit.id
|
2018-05-10 07:58:19 +00:00
|
|
|
expect(Time.parse(json_response.first['artifacts_expire_at'])).to be_like_time(job.artifacts_expire_at)
|
2016-06-21 12:26:57 +00:00
|
|
|
end
|
|
|
|
|
|
2018-07-18 21:46:56 +00:00
|
|
|
context 'without artifacts and trace' do
|
|
|
|
|
it 'returns no artifacts nor trace data' do
|
|
|
|
|
json_job = json_response.first
|
|
|
|
|
|
|
|
|
|
expect(json_job['artifacts_file']).to be_nil
|
|
|
|
|
expect(json_job['artifacts']).to be_an Array
|
|
|
|
|
expect(json_job['artifacts']).to be_empty
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_behaves_like 'a job with artifacts and trace' do
|
|
|
|
|
let(:api_endpoint) { "/projects/#{project.id}/jobs" }
|
|
|
|
|
end
|
|
|
|
|
|
2016-09-23 23:43:57 +00:00
|
|
|
it 'returns pipeline data' do
|
2017-06-06 14:21:39 +00:00
|
|
|
json_job = json_response.first
|
2017-02-22 10:13:59 +00:00
|
|
|
|
2017-06-06 14:21:39 +00:00
|
|
|
expect(json_job['pipeline']).not_to be_empty
|
|
|
|
|
expect(json_job['pipeline']['id']).to eq job.pipeline.id
|
|
|
|
|
expect(json_job['pipeline']['ref']).to eq job.pipeline.ref
|
|
|
|
|
expect(json_job['pipeline']['sha']).to eq job.pipeline.sha
|
|
|
|
|
expect(json_job['pipeline']['status']).to eq job.pipeline.status
|
2016-09-23 23:43:57 +00:00
|
|
|
end
|
|
|
|
|
|
2018-01-18 17:45:05 +00:00
|
|
|
it 'avoids N+1 queries', :skip_before_request do
|
2018-07-18 21:46:56 +00:00
|
|
|
first_build = create(:ci_build, :trace_artifact, :artifacts, :test_reports, pipeline: pipeline)
|
2018-01-15 16:58:56 +00:00
|
|
|
first_build.runner = create(:ci_runner)
|
|
|
|
|
first_build.user = create(:user)
|
|
|
|
|
first_build.save
|
|
|
|
|
|
2018-01-14 22:11:38 +00:00
|
|
|
control_count = ActiveRecord::QueryRecorder.new { go }.count
|
2018-01-15 16:58:56 +00:00
|
|
|
|
|
|
|
|
second_pipeline = create(:ci_empty_pipeline, project: project, sha: project.commit.id, ref: project.default_branch)
|
2018-07-18 21:46:56 +00:00
|
|
|
second_build = create(:ci_build, :trace_artifact, :artifacts, :test_reports, pipeline: second_pipeline)
|
2018-01-15 16:58:56 +00:00
|
|
|
second_build.runner = create(:ci_runner)
|
|
|
|
|
second_build.user = create(:user)
|
|
|
|
|
second_build.save
|
|
|
|
|
|
2018-01-14 22:11:38 +00:00
|
|
|
expect { go }.not_to exceed_query_limit(control_count)
|
|
|
|
|
end
|
|
|
|
|
|
2016-02-19 17:06:53 +00:00
|
|
|
context 'filter project with one scope element' do
|
2017-02-22 10:13:59 +00:00
|
|
|
let(:query) { { 'scope' => 'pending' } }
|
2016-01-08 13:01:31 +00:00
|
|
|
|
2016-02-19 17:06:53 +00:00
|
|
|
it do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2016-02-19 17:06:53 +00:00
|
|
|
expect(json_response).to be_an Array
|
|
|
|
|
end
|
2016-01-08 13:01:31 +00:00
|
|
|
end
|
|
|
|
|
|
2016-02-19 17:06:53 +00:00
|
|
|
context 'filter project with array of scope elements' do
|
2017-03-07 19:54:39 +00:00
|
|
|
let(:query) { { scope: %w(pending running) } }
|
2016-01-08 13:01:31 +00:00
|
|
|
|
2016-02-19 17:06:53 +00:00
|
|
|
it do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2016-02-19 17:06:53 +00:00
|
|
|
expect(json_response).to be_an Array
|
|
|
|
|
end
|
2015-12-29 22:12:36 +00:00
|
|
|
end
|
2016-01-13 14:17:59 +00:00
|
|
|
|
2016-02-19 17:06:53 +00:00
|
|
|
context 'respond 400 when scope contains invalid state' do
|
2017-03-07 19:54:39 +00:00
|
|
|
let(:query) { { scope: %w(unknown running) } }
|
2016-01-13 14:17:59 +00:00
|
|
|
|
2020-02-25 12:08:48 +00:00
|
|
|
it { expect(response).to have_gitlab_http_status(:bad_request) }
|
2016-01-13 14:17:59 +00:00
|
|
|
end
|
2015-12-29 22:12:36 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'unauthorized user' do
|
2018-12-14 15:36:33 +00:00
|
|
|
context 'when user is not logged in' do
|
|
|
|
|
let(:api_user) { nil }
|
2015-12-29 22:12:36 +00:00
|
|
|
|
2018-12-14 15:36:33 +00:00
|
|
|
it 'does not return project jobs' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
2018-12-14 15:36:33 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when user is guest' do
|
|
|
|
|
let(:api_user) { guest }
|
|
|
|
|
|
|
|
|
|
it 'does not return project jobs' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:forbidden)
|
2018-12-14 15:36:33 +00:00
|
|
|
end
|
2015-12-29 22:12:36 +00:00
|
|
|
end
|
|
|
|
|
end
|
2018-01-15 17:06:26 +00:00
|
|
|
|
2018-01-14 22:11:38 +00:00
|
|
|
def go
|
2018-12-17 22:52:17 +00:00
|
|
|
get api("/projects/#{project.id}/jobs", api_user), params: query
|
2018-01-14 22:11:38 +00:00
|
|
|
end
|
2015-12-29 22:12:36 +00:00
|
|
|
end
|
|
|
|
|
|
2017-02-22 10:13:59 +00:00
|
|
|
describe 'GET /projects/:id/jobs/:job_id' do
|
2018-07-18 21:46:56 +00:00
|
|
|
before do |example|
|
|
|
|
|
unless example.metadata[:skip_before_request]
|
|
|
|
|
get api("/projects/#{project.id}/jobs/#{job.id}", api_user)
|
|
|
|
|
end
|
2016-07-14 16:53:27 +00:00
|
|
|
end
|
2016-02-19 17:06:53 +00:00
|
|
|
|
2015-12-30 14:12:07 +00:00
|
|
|
context 'authorized user' do
|
2017-01-26 11:52:58 +00:00
|
|
|
it 'returns specific job data' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2017-08-13 21:11:48 +00:00
|
|
|
expect(json_response['id']).to eq(job.id)
|
|
|
|
|
expect(json_response['status']).to eq(job.status)
|
|
|
|
|
expect(json_response['stage']).to eq(job.stage)
|
|
|
|
|
expect(json_response['name']).to eq(job.name)
|
|
|
|
|
expect(json_response['ref']).to eq(job.ref)
|
|
|
|
|
expect(json_response['tag']).to eq(job.tag)
|
|
|
|
|
expect(json_response['coverage']).to eq(job.coverage)
|
2019-05-21 09:21:53 +00:00
|
|
|
expect(json_response['allow_failure']).to eq(job.allow_failure)
|
2017-08-13 21:11:48 +00:00
|
|
|
expect(Time.parse(json_response['created_at'])).to be_like_time(job.created_at)
|
|
|
|
|
expect(Time.parse(json_response['started_at'])).to be_like_time(job.started_at)
|
|
|
|
|
expect(Time.parse(json_response['finished_at'])).to be_like_time(job.finished_at)
|
2018-05-10 07:58:19 +00:00
|
|
|
expect(Time.parse(json_response['artifacts_expire_at'])).to be_like_time(job.artifacts_expire_at)
|
2018-07-18 21:46:56 +00:00
|
|
|
expect(json_response['artifacts_file']).to be_nil
|
|
|
|
|
expect(json_response['artifacts']).to be_an Array
|
|
|
|
|
expect(json_response['artifacts']).to be_empty
|
2017-08-13 21:11:48 +00:00
|
|
|
expect(json_response['duration']).to eq(job.duration)
|
2018-07-18 21:57:08 +00:00
|
|
|
expect(json_response['web_url']).to be_present
|
2015-12-30 14:12:07 +00:00
|
|
|
end
|
2016-09-23 23:43:57 +00:00
|
|
|
|
2018-07-18 21:46:56 +00:00
|
|
|
it_behaves_like 'a job with artifacts and trace', result_is_array: false do
|
|
|
|
|
let(:api_endpoint) { "/projects/#{project.id}/jobs/#{second_job.id}" }
|
|
|
|
|
end
|
|
|
|
|
|
2016-09-23 23:43:57 +00:00
|
|
|
it 'returns pipeline data' do
|
2017-06-06 14:21:39 +00:00
|
|
|
json_job = json_response
|
|
|
|
|
|
|
|
|
|
expect(json_job['pipeline']).not_to be_empty
|
|
|
|
|
expect(json_job['pipeline']['id']).to eq job.pipeline.id
|
|
|
|
|
expect(json_job['pipeline']['ref']).to eq job.pipeline.ref
|
|
|
|
|
expect(json_job['pipeline']['sha']).to eq job.pipeline.sha
|
|
|
|
|
expect(json_job['pipeline']['status']).to eq job.pipeline.status
|
2016-09-23 23:43:57 +00:00
|
|
|
end
|
2016-01-13 17:30:49 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'unauthorized user' do
|
2016-02-19 17:06:53 +00:00
|
|
|
let(:api_user) { nil }
|
2015-12-30 14:12:07 +00:00
|
|
|
|
2017-01-26 11:52:58 +00:00
|
|
|
it 'does not return specific job data' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
2016-01-13 17:30:49 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2019-03-06 11:06:21 +00:00
|
|
|
describe 'DELETE /projects/:id/jobs/:job_id/artifacts' do
|
|
|
|
|
let!(:job) { create(:ci_build, :artifacts, pipeline: pipeline, user: api_user) }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
delete api("/projects/#{project.id}/jobs/#{job.id}/artifacts", api_user)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when user is anonymous' do
|
|
|
|
|
let(:api_user) { nil }
|
|
|
|
|
|
|
|
|
|
it 'does not delete artifacts' do
|
|
|
|
|
expect(job.job_artifacts.size).to eq 2
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'returns status 401 (unauthorized)' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
2019-03-06 11:06:21 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with developer' do
|
|
|
|
|
it 'does not delete artifacts' do
|
|
|
|
|
expect(job.job_artifacts.size).to eq 2
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'returns status 403 (forbidden)' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:forbidden)
|
2019-03-06 11:06:21 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with authorized user' do
|
|
|
|
|
let(:maintainer) { create(:project_member, :maintainer, project: project).user }
|
|
|
|
|
let!(:api_user) { maintainer }
|
|
|
|
|
|
|
|
|
|
it 'deletes artifacts' do
|
|
|
|
|
expect(job.job_artifacts.size).to eq 0
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'returns status 204 (no content)' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:no_content)
|
2019-03-06 11:06:21 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2017-09-04 12:09:03 +00:00
|
|
|
describe 'GET /projects/:id/jobs/:job_id/artifacts/:artifact_path' do
|
|
|
|
|
context 'when job has artifacts' do
|
|
|
|
|
let(:job) { create(:ci_build, :artifacts, pipeline: pipeline) }
|
|
|
|
|
|
|
|
|
|
let(:artifact) do
|
|
|
|
|
'other_artifacts_0.1.2/another-subdirectory/banana_sample.gif'
|
|
|
|
|
end
|
|
|
|
|
|
2017-09-05 11:22:15 +00:00
|
|
|
context 'when user is anonymous' do
|
2017-09-04 12:09:03 +00:00
|
|
|
let(:api_user) { nil }
|
|
|
|
|
|
2017-09-05 11:22:15 +00:00
|
|
|
context 'when project is public' do
|
|
|
|
|
it 'allows to access artifacts' do
|
|
|
|
|
project.update_column(:visibility_level,
|
|
|
|
|
Gitlab::VisibilityLevel::PUBLIC)
|
|
|
|
|
project.update_column(:public_builds, true)
|
|
|
|
|
|
|
|
|
|
get_artifact_file(artifact)
|
|
|
|
|
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2017-09-05 11:22:15 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-21 00:10:18 +00:00
|
|
|
context 'when project is public with artifacts that are non public' do
|
|
|
|
|
let(:job) { create(:ci_build, :artifacts, :non_public_artifacts, pipeline: pipeline) }
|
|
|
|
|
|
|
|
|
|
it 'rejects access to artifacts' do
|
|
|
|
|
project.update_column(:visibility_level,
|
|
|
|
|
Gitlab::VisibilityLevel::PUBLIC)
|
|
|
|
|
project.update_column(:public_builds, true)
|
|
|
|
|
|
|
|
|
|
get_artifact_file(artifact)
|
|
|
|
|
|
|
|
|
|
expect(response).to have_gitlab_http_status(:forbidden)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with the non_public_artifacts feature flag disabled' do
|
|
|
|
|
before do
|
|
|
|
|
stub_feature_flags(non_public_artifacts: false)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'allows access to artifacts' do
|
|
|
|
|
project.update_column(:visibility_level,
|
|
|
|
|
Gitlab::VisibilityLevel::PUBLIC)
|
|
|
|
|
project.update_column(:public_builds, true)
|
|
|
|
|
|
|
|
|
|
get_artifact_file(artifact)
|
|
|
|
|
|
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2017-09-05 11:22:15 +00:00
|
|
|
context 'when project is public with builds access disabled' do
|
|
|
|
|
it 'rejects access to artifacts' do
|
|
|
|
|
project.update_column(:visibility_level,
|
|
|
|
|
Gitlab::VisibilityLevel::PUBLIC)
|
|
|
|
|
project.update_column(:public_builds, false)
|
|
|
|
|
|
|
|
|
|
get_artifact_file(artifact)
|
|
|
|
|
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:forbidden)
|
2017-09-05 11:22:15 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when project is private' do
|
|
|
|
|
it 'rejects access and hides existence of artifacts' do
|
|
|
|
|
project.update_column(:visibility_level,
|
|
|
|
|
Gitlab::VisibilityLevel::PRIVATE)
|
|
|
|
|
project.update_column(:public_builds, true)
|
|
|
|
|
|
|
|
|
|
get_artifact_file(artifact)
|
2017-09-04 12:09:03 +00:00
|
|
|
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
2017-09-05 11:22:15 +00:00
|
|
|
end
|
2017-09-04 12:09:03 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when user is authorized' do
|
|
|
|
|
it 'returns a specific artifact file for a valid path' do
|
|
|
|
|
expect(Gitlab::Workhorse)
|
|
|
|
|
.to receive(:send_artifacts_entry)
|
|
|
|
|
.and_call_original
|
|
|
|
|
|
|
|
|
|
get_artifact_file(artifact)
|
|
|
|
|
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2018-04-29 11:50:39 +00:00
|
|
|
expect(response.headers.to_h)
|
2017-09-05 09:16:49 +00:00
|
|
|
.to include('Content-Type' => 'application/json',
|
|
|
|
|
'Gitlab-Workhorse-Send-Data' => /artifacts-entry/)
|
2017-09-04 12:09:03 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when job does not have artifacts' do
|
|
|
|
|
it 'does not return job artifact file' do
|
|
|
|
|
get_artifact_file('some/artifact')
|
|
|
|
|
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
2017-09-04 12:09:03 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def get_artifact_file(artifact_path)
|
|
|
|
|
get api("/projects/#{project.id}/jobs/#{job.id}/" \
|
|
|
|
|
"artifacts/#{artifact_path}", api_user)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2017-02-22 10:13:59 +00:00
|
|
|
describe 'GET /projects/:id/jobs/:job_id/artifacts' do
|
2018-03-06 21:19:24 +00:00
|
|
|
shared_examples 'downloads artifact' do
|
|
|
|
|
let(:download_headers) do
|
|
|
|
|
{ 'Content-Transfer-Encoding' => 'binary',
|
2019-02-05 01:27:22 +00:00
|
|
|
'Content-Disposition' => %q(attachment; filename="ci_build_artifacts.zip"; filename*=UTF-8''ci_build_artifacts.zip) }
|
2018-03-06 21:19:24 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'returns specific job artifacts' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2018-04-29 11:50:39 +00:00
|
|
|
expect(response.headers.to_h).to include(download_headers)
|
2018-03-06 21:19:24 +00:00
|
|
|
expect(response.body).to match_file(job.artifacts_file.file.file)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2017-12-05 14:31:33 +00:00
|
|
|
context 'normal authentication' do
|
|
|
|
|
context 'job with artifacts' do
|
|
|
|
|
context 'when artifacts are stored locally' do
|
|
|
|
|
let(:job) { create(:ci_build, :artifacts, pipeline: pipeline) }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
get api("/projects/#{project.id}/jobs/#{job.id}/artifacts", api_user)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'authorized user' do
|
|
|
|
|
it_behaves_like 'downloads artifact'
|
2017-06-08 05:29:35 +00:00
|
|
|
end
|
|
|
|
|
|
2018-03-07 18:27:49 +00:00
|
|
|
context 'unauthorized user' do
|
|
|
|
|
let(:api_user) { nil }
|
|
|
|
|
|
|
|
|
|
it 'does not return specific job artifacts' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
2018-03-07 18:27:49 +00:00
|
|
|
end
|
2017-06-08 05:29:35 +00:00
|
|
|
end
|
2016-02-19 17:06:53 +00:00
|
|
|
end
|
2016-02-08 21:32:36 +00:00
|
|
|
|
2017-12-05 14:31:33 +00:00
|
|
|
context 'when artifacts are stored remotely' do
|
2018-03-09 15:09:00 +00:00
|
|
|
let(:proxy_download) { false }
|
|
|
|
|
|
2018-03-07 18:27:49 +00:00
|
|
|
before do
|
2018-03-09 15:09:00 +00:00
|
|
|
stub_artifacts_object_storage(proxy_download: proxy_download)
|
2018-03-07 18:27:49 +00:00
|
|
|
end
|
|
|
|
|
|
2017-12-05 14:31:33 +00:00
|
|
|
let(:job) { create(:ci_build, pipeline: pipeline) }
|
|
|
|
|
let!(:artifact) { create(:ci_job_artifact, :archive, :remote_store, job: job) }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
job.reload
|
|
|
|
|
|
|
|
|
|
get api("/projects/#{project.id}/jobs/#{job.id}/artifacts", api_user)
|
|
|
|
|
end
|
2017-06-08 05:29:35 +00:00
|
|
|
|
2018-03-09 15:09:00 +00:00
|
|
|
context 'when proxy download is enabled' do
|
|
|
|
|
let(:proxy_download) { true }
|
|
|
|
|
|
|
|
|
|
it 'responds with the workhorse send-url' do
|
|
|
|
|
expect(response.headers[Gitlab::Workhorse::SEND_DATA_HEADER]).to start_with("send-url:")
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when proxy download is disabled' do
|
|
|
|
|
it 'returns location redirect' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:found)
|
2018-03-09 15:09:00 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2018-03-07 18:27:49 +00:00
|
|
|
context 'authorized user' do
|
|
|
|
|
it 'returns the file remote URL' do
|
|
|
|
|
expect(response).to redirect_to(artifact.file.url)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'unauthorized user' do
|
|
|
|
|
let(:api_user) { nil }
|
|
|
|
|
|
|
|
|
|
it 'does not return specific job artifacts' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
2018-03-07 18:27:49 +00:00
|
|
|
end
|
2017-06-08 05:29:35 +00:00
|
|
|
end
|
2016-02-19 17:06:53 +00:00
|
|
|
end
|
2017-12-05 14:31:33 +00:00
|
|
|
|
2020-12-21 00:10:18 +00:00
|
|
|
context 'when public project guest and artifacts are non public' do
|
|
|
|
|
let(:api_user) { guest }
|
|
|
|
|
let(:job) { create(:ci_build, :artifacts, :non_public_artifacts, pipeline: pipeline) }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
project.update_column(:visibility_level,
|
|
|
|
|
Gitlab::VisibilityLevel::PUBLIC)
|
|
|
|
|
project.update_column(:public_builds, true)
|
|
|
|
|
get api("/projects/#{project.id}/jobs/#{job.id}/artifacts", api_user)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'rejects access and hides existence of artifacts' do
|
|
|
|
|
expect(response).to have_gitlab_http_status(:forbidden)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with the non_public_artifacts feature flag disabled' do
|
|
|
|
|
before do
|
|
|
|
|
stub_feature_flags(non_public_artifacts: false)
|
|
|
|
|
get api("/projects/#{project.id}/jobs/#{job.id}/artifacts", api_user)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'allows access to artifacts' do
|
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2017-12-05 14:31:33 +00:00
|
|
|
it 'does not return job artifacts if not uploaded' do
|
|
|
|
|
get api("/projects/#{project.id}/jobs/#{job.id}/artifacts", api_user)
|
|
|
|
|
|
2018-03-07 18:27:49 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
2017-12-05 14:31:33 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2016-02-08 21:32:36 +00:00
|
|
|
end
|
|
|
|
|
|
2016-07-14 18:01:10 +00:00
|
|
|
describe 'GET /projects/:id/artifacts/:ref_name/download?job=name' do
|
2017-05-02 08:29:09 +00:00
|
|
|
let(:api_user) { reporter }
|
2018-01-30 17:00:09 +00:00
|
|
|
let(:job) { create(:ci_build, :artifacts, pipeline: pipeline, user: api_user) }
|
2016-08-11 20:54:25 +00:00
|
|
|
|
|
|
|
|
before do
|
2018-03-07 18:27:49 +00:00
|
|
|
stub_artifacts_object_storage
|
2017-06-06 14:21:39 +00:00
|
|
|
job.success
|
2016-08-11 20:54:25 +00:00
|
|
|
end
|
2016-07-14 17:07:41 +00:00
|
|
|
|
2017-06-06 14:21:39 +00:00
|
|
|
def get_for_ref(ref = pipeline.ref, job_name = job.name)
|
2018-12-17 22:52:17 +00:00
|
|
|
get api("/projects/#{project.id}/jobs/artifacts/#{ref}/download", api_user), params: { job: job_name }
|
2016-07-14 17:07:41 +00:00
|
|
|
end
|
|
|
|
|
|
2016-07-20 15:19:35 +00:00
|
|
|
context 'when not logged in' do
|
2016-07-19 17:24:59 +00:00
|
|
|
let(:api_user) { nil }
|
2016-07-14 17:07:41 +00:00
|
|
|
|
|
|
|
|
before do
|
2017-02-22 10:13:59 +00:00
|
|
|
get_for_ref
|
2016-07-14 17:07:41 +00:00
|
|
|
end
|
|
|
|
|
|
2017-09-06 09:20:12 +00:00
|
|
|
it 'does not find a resource in a private project' do
|
|
|
|
|
expect(project).to be_private
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
2016-07-14 17:07:41 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2016-07-20 15:17:49 +00:00
|
|
|
context 'when logging as guest' do
|
2017-05-02 08:29:09 +00:00
|
|
|
let(:api_user) { guest }
|
2016-07-20 14:40:49 +00:00
|
|
|
|
|
|
|
|
before do
|
2017-02-22 10:13:59 +00:00
|
|
|
get_for_ref
|
2016-07-20 14:40:49 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'gives 403' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:forbidden)
|
2016-07-20 14:40:49 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2017-01-26 11:52:58 +00:00
|
|
|
context 'non-existing job' do
|
2016-07-20 09:38:49 +00:00
|
|
|
shared_examples 'not found' do
|
2017-10-19 18:28:19 +00:00
|
|
|
it { expect(response).to have_gitlab_http_status(:not_found) }
|
2016-07-14 17:07:41 +00:00
|
|
|
end
|
|
|
|
|
|
2016-07-19 12:59:38 +00:00
|
|
|
context 'has no such ref' do
|
|
|
|
|
before do
|
2017-02-22 10:13:59 +00:00
|
|
|
get_for_ref('TAIL')
|
2016-07-19 12:59:38 +00:00
|
|
|
end
|
|
|
|
|
|
2016-07-20 09:38:49 +00:00
|
|
|
it_behaves_like 'not found'
|
2016-07-19 12:59:38 +00:00
|
|
|
end
|
|
|
|
|
|
2017-01-26 11:52:58 +00:00
|
|
|
context 'has no such job' do
|
2016-07-19 12:59:38 +00:00
|
|
|
before do
|
2017-02-22 10:13:59 +00:00
|
|
|
get_for_ref(pipeline.ref, 'NOBUILD')
|
2016-07-19 12:59:38 +00:00
|
|
|
end
|
|
|
|
|
|
2016-07-20 09:38:49 +00:00
|
|
|
it_behaves_like 'not found'
|
2016-07-19 12:59:38 +00:00
|
|
|
end
|
2016-07-14 17:07:41 +00:00
|
|
|
end
|
|
|
|
|
|
2017-01-26 11:52:58 +00:00
|
|
|
context 'find proper job' do
|
2020-10-13 15:08:53 +00:00
|
|
|
let(:job_with_artifacts) { job }
|
|
|
|
|
|
2016-07-20 09:30:34 +00:00
|
|
|
shared_examples 'a valid file' do
|
2019-10-23 09:06:03 +00:00
|
|
|
context 'when artifacts are stored locally', :sidekiq_might_not_need_inline do
|
2017-06-08 05:29:35 +00:00
|
|
|
let(:download_headers) do
|
|
|
|
|
{ 'Content-Transfer-Encoding' => 'binary',
|
|
|
|
|
'Content-Disposition' =>
|
2020-10-13 15:08:53 +00:00
|
|
|
%Q(attachment; filename="#{job_with_artifacts.artifacts_file.filename}"; filename*=UTF-8''#{job.artifacts_file.filename}) }
|
2017-06-08 05:29:35 +00:00
|
|
|
end
|
|
|
|
|
|
2020-02-25 12:08:48 +00:00
|
|
|
it { expect(response).to have_gitlab_http_status(:ok) }
|
2018-04-29 11:50:39 +00:00
|
|
|
it { expect(response.headers.to_h).to include(download_headers) }
|
2016-07-20 12:09:29 +00:00
|
|
|
end
|
2016-07-14 17:07:41 +00:00
|
|
|
|
2017-06-08 05:29:35 +00:00
|
|
|
context 'when artifacts are stored remotely' do
|
2017-12-05 14:31:33 +00:00
|
|
|
let(:job) { create(:ci_build, pipeline: pipeline, user: api_user) }
|
|
|
|
|
let!(:artifact) { create(:ci_job_artifact, :archive, :remote_store, job: job) }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
job.reload
|
|
|
|
|
|
|
|
|
|
get api("/projects/#{project.id}/jobs/#{job.id}/artifacts", api_user)
|
|
|
|
|
end
|
2017-06-08 05:29:35 +00:00
|
|
|
|
|
|
|
|
it 'returns location redirect' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:found)
|
2017-06-08 05:29:35 +00:00
|
|
|
end
|
|
|
|
|
end
|
2016-07-19 12:59:38 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with regular branch' do
|
|
|
|
|
before do
|
2016-10-26 09:34:40 +00:00
|
|
|
pipeline.reload
|
2016-07-19 12:59:38 +00:00
|
|
|
pipeline.update(ref: 'master',
|
|
|
|
|
sha: project.commit('master').sha)
|
|
|
|
|
|
2017-02-22 10:13:59 +00:00
|
|
|
get_for_ref('master')
|
2016-07-19 12:59:38 +00:00
|
|
|
end
|
|
|
|
|
|
2016-07-20 09:30:34 +00:00
|
|
|
it_behaves_like 'a valid file'
|
2016-07-14 17:07:41 +00:00
|
|
|
end
|
|
|
|
|
|
2016-07-19 12:59:38 +00:00
|
|
|
context 'with branch name containing slash' do
|
|
|
|
|
before do
|
2016-10-26 09:34:40 +00:00
|
|
|
pipeline.reload
|
2016-07-19 12:59:38 +00:00
|
|
|
pipeline.update(ref: 'improve/awesome',
|
|
|
|
|
sha: project.commit('improve/awesome').sha)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
before do
|
2017-02-22 10:13:59 +00:00
|
|
|
get_for_ref('improve/awesome')
|
2016-07-19 12:59:38 +00:00
|
|
|
end
|
|
|
|
|
|
2020-10-13 15:08:53 +00:00
|
|
|
it_behaves_like 'a valid file'
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with job name in a child pipeline' do
|
|
|
|
|
let(:child_pipeline) { create(:ci_pipeline, child_of: pipeline) }
|
|
|
|
|
let!(:child_job) { create(:ci_build, :artifacts, :success, name: 'rspec', pipeline: child_pipeline) }
|
|
|
|
|
let(:job_with_artifacts) { child_job }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
get_for_ref('master', child_job.name)
|
|
|
|
|
end
|
|
|
|
|
|
2016-07-20 09:30:34 +00:00
|
|
|
it_behaves_like 'a valid file'
|
2016-07-19 12:59:38 +00:00
|
|
|
end
|
2016-07-14 17:07:41 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2018-12-04 10:50:01 +00:00
|
|
|
describe 'GET id/jobs/artifacts/:ref_name/raw/*artifact_path?job=name' do
|
|
|
|
|
context 'when job has artifacts' do
|
|
|
|
|
let(:job) { create(:ci_build, :artifacts, pipeline: pipeline, user: api_user) }
|
|
|
|
|
let(:artifact) { 'other_artifacts_0.1.2/another-subdirectory/banana_sample.gif' }
|
|
|
|
|
let(:visibility_level) { Gitlab::VisibilityLevel::PUBLIC }
|
|
|
|
|
let(:public_builds) { true }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
stub_artifacts_object_storage
|
|
|
|
|
job.success
|
|
|
|
|
|
|
|
|
|
project.update(visibility_level: visibility_level,
|
|
|
|
|
public_builds: public_builds)
|
|
|
|
|
|
|
|
|
|
get_artifact_file(artifact)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when user is anonymous' do
|
|
|
|
|
let(:api_user) { nil }
|
|
|
|
|
|
|
|
|
|
context 'when project is public' do
|
|
|
|
|
let(:visibility_level) { Gitlab::VisibilityLevel::PUBLIC }
|
|
|
|
|
let(:public_builds) { true }
|
|
|
|
|
|
2019-10-23 09:06:03 +00:00
|
|
|
it 'allows to access artifacts', :sidekiq_might_not_need_inline do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2018-12-04 10:50:01 +00:00
|
|
|
expect(response.headers.to_h)
|
|
|
|
|
.to include('Content-Type' => 'application/json',
|
|
|
|
|
'Gitlab-Workhorse-Send-Data' => /artifacts-entry/)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when project is public with builds access disabled' do
|
|
|
|
|
let(:visibility_level) { Gitlab::VisibilityLevel::PUBLIC }
|
|
|
|
|
let(:public_builds) { false }
|
|
|
|
|
|
|
|
|
|
it 'rejects access to artifacts' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:forbidden)
|
2018-12-04 10:50:01 +00:00
|
|
|
expect(json_response).to have_key('message')
|
|
|
|
|
expect(response.headers.to_h)
|
|
|
|
|
.not_to include('Gitlab-Workhorse-Send-Data' => /artifacts-entry/)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-21 00:10:18 +00:00
|
|
|
context 'when project is public with non public artifacts' do
|
|
|
|
|
let(:job) { create(:ci_build, :artifacts, :non_public_artifacts, pipeline: pipeline, user: api_user) }
|
|
|
|
|
let(:visibility_level) { Gitlab::VisibilityLevel::PUBLIC }
|
|
|
|
|
let(:public_builds) { true }
|
|
|
|
|
|
|
|
|
|
it 'rejects access and hides existence of artifacts', :sidekiq_might_not_need_inline do
|
|
|
|
|
get_artifact_file(artifact)
|
|
|
|
|
|
|
|
|
|
expect(response).to have_gitlab_http_status(:forbidden)
|
|
|
|
|
expect(json_response).to have_key('message')
|
|
|
|
|
expect(response.headers.to_h)
|
|
|
|
|
.not_to include('Gitlab-Workhorse-Send-Data' => /artifacts-entry/)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with the non_public_artifacts feature flag disabled' do
|
|
|
|
|
before do
|
|
|
|
|
stub_feature_flags(non_public_artifacts: false)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'allows access to artifacts', :sidekiq_might_not_need_inline do
|
|
|
|
|
get_artifact_file(artifact)
|
|
|
|
|
|
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2018-12-04 10:50:01 +00:00
|
|
|
context 'when project is private' do
|
|
|
|
|
let(:visibility_level) { Gitlab::VisibilityLevel::PRIVATE }
|
|
|
|
|
let(:public_builds) { true }
|
|
|
|
|
|
|
|
|
|
it 'rejects access and hides existence of artifacts' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
2018-12-04 10:50:01 +00:00
|
|
|
expect(json_response).to have_key('message')
|
|
|
|
|
expect(response.headers.to_h)
|
|
|
|
|
.not_to include('Gitlab-Workhorse-Send-Data' => /artifacts-entry/)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when user is authorized' do
|
|
|
|
|
let(:visibility_level) { Gitlab::VisibilityLevel::PRIVATE }
|
|
|
|
|
let(:public_builds) { true }
|
|
|
|
|
|
2019-10-23 09:06:03 +00:00
|
|
|
it 'returns a specific artifact file for a valid path', :sidekiq_might_not_need_inline do
|
2018-12-04 10:50:01 +00:00
|
|
|
expect(Gitlab::Workhorse)
|
|
|
|
|
.to receive(:send_artifacts_entry)
|
|
|
|
|
.and_call_original
|
|
|
|
|
|
|
|
|
|
get_artifact_file(artifact)
|
|
|
|
|
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2018-12-04 10:50:01 +00:00
|
|
|
expect(response.headers.to_h)
|
|
|
|
|
.to include('Content-Type' => 'application/json',
|
|
|
|
|
'Gitlab-Workhorse-Send-Data' => /artifacts-entry/)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with branch name containing slash' do
|
|
|
|
|
before do
|
|
|
|
|
pipeline.reload
|
|
|
|
|
pipeline.update(ref: 'improve/awesome',
|
|
|
|
|
sha: project.commit('improve/awesome').sha)
|
|
|
|
|
end
|
|
|
|
|
|
2019-10-23 09:06:03 +00:00
|
|
|
it 'returns a specific artifact file for a valid path', :sidekiq_might_not_need_inline do
|
2018-12-04 10:50:01 +00:00
|
|
|
get_artifact_file(artifact, 'improve/awesome')
|
|
|
|
|
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2018-12-04 10:50:01 +00:00
|
|
|
expect(response.headers.to_h)
|
|
|
|
|
.to include('Content-Type' => 'application/json',
|
|
|
|
|
'Gitlab-Workhorse-Send-Data' => /artifacts-entry/)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'non-existing job' do
|
|
|
|
|
shared_examples 'not found' do
|
|
|
|
|
it { expect(response).to have_gitlab_http_status(:not_found) }
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'has no such ref' do
|
|
|
|
|
before do
|
|
|
|
|
get_artifact_file('some/artifact', 'wrong-ref')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_behaves_like 'not found'
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'has no such job' do
|
|
|
|
|
before do
|
|
|
|
|
get_artifact_file('some/artifact', pipeline.ref, 'wrong-job-name')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_behaves_like 'not found'
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when job does not have artifacts' do
|
|
|
|
|
let(:job) { create(:ci_build, pipeline: pipeline, user: api_user) }
|
|
|
|
|
|
|
|
|
|
it 'does not return job artifact file' do
|
|
|
|
|
get_artifact_file('some/artifact')
|
|
|
|
|
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
2018-12-04 10:50:01 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def get_artifact_file(artifact_path, ref = pipeline.ref, job_name = job.name)
|
2018-12-17 22:52:17 +00:00
|
|
|
get api("/projects/#{project.id}/jobs/artifacts/#{ref}/raw/#{artifact_path}", api_user), params: { job: job_name }
|
2018-12-04 10:50:01 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2017-02-22 10:13:59 +00:00
|
|
|
describe 'GET /projects/:id/jobs/:job_id/trace' do
|
2016-07-14 16:53:27 +00:00
|
|
|
before do
|
2017-06-06 14:21:39 +00:00
|
|
|
get api("/projects/#{project.id}/jobs/#{job.id}/trace", api_user)
|
2016-07-14 16:53:27 +00:00
|
|
|
end
|
2016-02-19 17:06:53 +00:00
|
|
|
|
2016-01-13 17:30:49 +00:00
|
|
|
context 'authorized user' do
|
2018-02-06 14:18:32 +00:00
|
|
|
context 'when trace is in ObjectStorage' do
|
|
|
|
|
let!(:job) { create(:ci_build, :trace_artifact, pipeline: pipeline) }
|
2018-07-09 12:18:31 +00:00
|
|
|
let(:url) { 'http://object-storage/trace' }
|
2018-07-09 16:13:34 +00:00
|
|
|
let(:file_path) { expand_fixture_path('trace/sample_trace') }
|
2018-02-06 14:18:32 +00:00
|
|
|
|
|
|
|
|
before do
|
2018-07-09 12:18:31 +00:00
|
|
|
stub_remote_url_206(url, file_path)
|
2019-12-16 12:07:43 +00:00
|
|
|
allow_next_instance_of(JobArtifactUploader) do |instance|
|
|
|
|
|
allow(instance).to receive(:file_storage?) { false }
|
|
|
|
|
allow(instance).to receive(:url) { url }
|
|
|
|
|
allow(instance).to receive(:size) { File.size(file_path) }
|
|
|
|
|
end
|
2018-02-06 14:18:32 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'returns specific job trace' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2018-02-06 14:18:32 +00:00
|
|
|
expect(response.body).to eq(job.trace.raw)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when trace is artifact' do
|
|
|
|
|
let(:job) { create(:ci_build, :trace_artifact, pipeline: pipeline) }
|
|
|
|
|
|
|
|
|
|
it 'returns specific job trace' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2018-02-06 14:18:32 +00:00
|
|
|
expect(response.body).to eq(job.trace.raw)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when trace is file' do
|
|
|
|
|
let(:job) { create(:ci_build, :trace_live, pipeline: pipeline) }
|
|
|
|
|
|
|
|
|
|
it 'returns specific job trace' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2018-02-06 14:18:32 +00:00
|
|
|
expect(response.body).to eq(job.trace.raw)
|
|
|
|
|
end
|
2015-12-30 14:12:07 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'unauthorized user' do
|
2016-02-19 17:06:53 +00:00
|
|
|
let(:api_user) { nil }
|
2015-12-30 14:12:07 +00:00
|
|
|
|
2017-01-26 11:52:58 +00:00
|
|
|
it 'does not return specific job trace' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
2015-12-30 14:12:07 +00:00
|
|
|
end
|
|
|
|
|
end
|
2020-12-10 15:10:12 +00:00
|
|
|
|
|
|
|
|
context 'when ci_debug_trace is set to true' do
|
|
|
|
|
before_all do
|
|
|
|
|
create(:ci_instance_variable, key: 'CI_DEBUG_TRACE', value: true)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
where(:public_builds, :user_project_role, :expected_status) do
|
|
|
|
|
true | 'developer' | :ok
|
|
|
|
|
true | 'guest' | :forbidden
|
|
|
|
|
false | 'developer' | :ok
|
|
|
|
|
false | 'guest' | :forbidden
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
with_them do
|
|
|
|
|
before do
|
|
|
|
|
project.update!(public_builds: public_builds)
|
|
|
|
|
project.add_role(user, user_project_role)
|
|
|
|
|
|
|
|
|
|
get api("/projects/#{project.id}/jobs/#{job.id}/trace", api_user)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'renders trace to authorized users' do
|
|
|
|
|
expect(response).to have_gitlab_http_status(expected_status)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with restrict_access_to_build_debug_mode feature disabled' do
|
|
|
|
|
before do
|
|
|
|
|
stub_feature_flags(restrict_access_to_build_debug_mode: false)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
where(:public_builds, :user_project_role, :expected_status) do
|
|
|
|
|
true | 'developer' | :ok
|
|
|
|
|
true | 'guest' | :ok
|
|
|
|
|
false | 'developer' | :ok
|
|
|
|
|
false | 'guest' | :forbidden
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
with_them do
|
|
|
|
|
before do
|
|
|
|
|
project.update!(public_builds: public_builds)
|
|
|
|
|
project.add_role(user, user_project_role)
|
|
|
|
|
|
|
|
|
|
get api("/projects/#{project.id}/jobs/#{job.id}/trace", api_user)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'renders trace to authorized users' do
|
|
|
|
|
expect(response).to have_gitlab_http_status(expected_status)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2015-12-30 14:12:07 +00:00
|
|
|
end
|
2015-12-30 15:37:47 +00:00
|
|
|
|
2017-02-22 10:13:59 +00:00
|
|
|
describe 'POST /projects/:id/jobs/:job_id/cancel' do
|
2016-07-14 16:53:27 +00:00
|
|
|
before do
|
2017-06-06 14:21:39 +00:00
|
|
|
post api("/projects/#{project.id}/jobs/#{job.id}/cancel", api_user)
|
2016-07-14 16:53:27 +00:00
|
|
|
end
|
2016-02-19 17:06:53 +00:00
|
|
|
|
2015-12-30 15:37:47 +00:00
|
|
|
context 'authorized user' do
|
2016-02-01 22:58:04 +00:00
|
|
|
context 'user with :update_build persmission' do
|
2017-01-26 11:52:58 +00:00
|
|
|
it 'cancels running or pending job' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:created)
|
2017-12-21 17:21:27 +00:00
|
|
|
expect(project.builds.first.status).to eq('success')
|
2015-12-30 15:37:47 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2016-02-01 22:58:04 +00:00
|
|
|
context 'user without :update_build permission' do
|
2017-05-02 08:29:09 +00:00
|
|
|
let(:api_user) { reporter }
|
2015-12-30 15:37:47 +00:00
|
|
|
|
2017-01-26 11:52:58 +00:00
|
|
|
it 'does not cancel job' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:forbidden)
|
2015-12-30 15:37:47 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'unauthorized user' do
|
2016-02-19 17:06:53 +00:00
|
|
|
let(:api_user) { nil }
|
2015-12-30 15:37:47 +00:00
|
|
|
|
2017-01-26 11:52:58 +00:00
|
|
|
it 'does not cancel job' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
2015-12-30 15:37:47 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2017-02-22 10:13:59 +00:00
|
|
|
describe 'POST /projects/:id/jobs/:job_id/retry' do
|
2019-06-05 11:09:51 +00:00
|
|
|
let(:job) { create(:ci_build, :canceled, pipeline: pipeline) }
|
2016-02-19 17:06:53 +00:00
|
|
|
|
2016-07-14 16:53:27 +00:00
|
|
|
before do
|
2017-06-06 14:21:39 +00:00
|
|
|
post api("/projects/#{project.id}/jobs/#{job.id}/retry", api_user)
|
2016-07-14 16:53:27 +00:00
|
|
|
end
|
2016-02-19 17:06:53 +00:00
|
|
|
|
2015-12-30 15:37:47 +00:00
|
|
|
context 'authorized user' do
|
2016-02-19 17:06:53 +00:00
|
|
|
context 'user with :update_build permission' do
|
2017-01-26 11:52:58 +00:00
|
|
|
it 'retries non-running job' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:created)
|
2019-06-05 11:09:51 +00:00
|
|
|
expect(project.builds.first.status).to eq('canceled')
|
2015-12-30 15:37:47 +00:00
|
|
|
expect(json_response['status']).to eq('pending')
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2016-02-01 22:58:04 +00:00
|
|
|
context 'user without :update_build permission' do
|
2017-05-02 08:29:09 +00:00
|
|
|
let(:api_user) { reporter }
|
2015-12-30 15:37:47 +00:00
|
|
|
|
2017-01-26 11:52:58 +00:00
|
|
|
it 'does not retry job' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:forbidden)
|
2015-12-30 15:37:47 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'unauthorized user' do
|
2016-02-19 17:06:53 +00:00
|
|
|
let(:api_user) { nil }
|
2015-12-30 15:37:47 +00:00
|
|
|
|
2017-01-26 11:52:58 +00:00
|
|
|
it 'does not retry job' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
2015-12-30 15:37:47 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2016-02-03 13:12:33 +00:00
|
|
|
|
2017-02-22 10:13:59 +00:00
|
|
|
describe 'POST /projects/:id/jobs/:job_id/erase' do
|
2018-07-11 14:36:08 +00:00
|
|
|
let(:role) { :maintainer }
|
2017-11-07 13:45:55 +00:00
|
|
|
|
2016-02-03 13:12:33 +00:00
|
|
|
before do
|
2017-12-22 08:18:28 +00:00
|
|
|
project.add_role(user, role)
|
2016-02-03 13:12:33 +00:00
|
|
|
|
2017-06-06 14:21:39 +00:00
|
|
|
post api("/projects/#{project.id}/jobs/#{job.id}/erase", user)
|
2016-02-03 13:12:33 +00:00
|
|
|
end
|
|
|
|
|
|
2017-01-26 11:52:58 +00:00
|
|
|
context 'job is erasable' do
|
2018-07-27 05:04:35 +00:00
|
|
|
let(:job) { create(:ci_build, :trace_artifact, :artifacts, :test_reports, :success, project: project, pipeline: pipeline) }
|
2016-02-03 13:12:33 +00:00
|
|
|
|
2017-01-26 11:52:58 +00:00
|
|
|
it 'erases job content' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:created)
|
2018-07-27 05:04:35 +00:00
|
|
|
expect(job.job_artifacts.count).to eq(0)
|
2018-02-06 14:18:32 +00:00
|
|
|
expect(job.trace.exist?).to be_falsy
|
2019-03-22 12:38:45 +00:00
|
|
|
expect(job.artifacts_file.present?).to be_falsy
|
|
|
|
|
expect(job.artifacts_metadata.present?).to be_falsy
|
2018-09-27 21:15:08 +00:00
|
|
|
expect(job.has_job_artifacts?).to be_falsy
|
2016-02-03 13:12:33 +00:00
|
|
|
end
|
2016-02-16 12:06:52 +00:00
|
|
|
|
2017-01-26 11:52:58 +00:00
|
|
|
it 'updates job' do
|
2017-06-06 14:21:39 +00:00
|
|
|
job.reload
|
|
|
|
|
|
|
|
|
|
expect(job.erased_at).to be_truthy
|
|
|
|
|
expect(job.erased_by).to eq(user)
|
2016-02-16 12:06:52 +00:00
|
|
|
end
|
2016-02-03 13:12:33 +00:00
|
|
|
end
|
|
|
|
|
|
2017-01-26 11:52:58 +00:00
|
|
|
context 'job is not erasable' do
|
2018-02-06 14:18:32 +00:00
|
|
|
let(:job) { create(:ci_build, :trace_live, project: project, pipeline: pipeline) }
|
2016-02-03 13:12:33 +00:00
|
|
|
|
2016-08-01 15:00:44 +00:00
|
|
|
it 'responds with forbidden' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:forbidden)
|
2016-02-03 13:12:33 +00:00
|
|
|
end
|
|
|
|
|
end
|
2017-11-07 13:45:55 +00:00
|
|
|
|
2017-11-07 13:57:58 +00:00
|
|
|
context 'when a developer erases a build' do
|
|
|
|
|
let(:role) { :developer }
|
2018-02-06 14:18:32 +00:00
|
|
|
let(:job) { create(:ci_build, :trace_artifact, :artifacts, :success, project: project, pipeline: pipeline, user: owner) }
|
2017-11-07 13:45:55 +00:00
|
|
|
|
|
|
|
|
context 'when the build was created by the developer' do
|
|
|
|
|
let(:owner) { user }
|
|
|
|
|
|
2020-02-25 12:08:48 +00:00
|
|
|
it { expect(response).to have_gitlab_http_status(:created) }
|
2017-11-07 13:45:55 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when the build was created by the other' do
|
|
|
|
|
let(:owner) { create(:user) }
|
|
|
|
|
|
2020-02-25 12:08:48 +00:00
|
|
|
it { expect(response).to have_gitlab_http_status(:forbidden) }
|
2016-02-03 13:12:33 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2016-06-10 15:11:27 +00:00
|
|
|
|
2017-06-06 14:21:39 +00:00
|
|
|
describe 'POST /projects/:id/jobs/:job_id/artifacts/keep' do
|
2016-06-10 15:11:27 +00:00
|
|
|
before do
|
2017-06-06 14:21:39 +00:00
|
|
|
post api("/projects/#{project.id}/jobs/#{job.id}/artifacts/keep", user)
|
2016-06-10 15:11:27 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'artifacts did not expire' do
|
2017-06-06 14:21:39 +00:00
|
|
|
let(:job) do
|
2018-02-06 14:18:32 +00:00
|
|
|
create(:ci_build, :trace_artifact, :artifacts, :success,
|
2016-06-10 15:11:27 +00:00
|
|
|
project: project, pipeline: pipeline, artifacts_expire_at: Time.now + 7.days)
|
|
|
|
|
end
|
|
|
|
|
|
2016-06-10 19:45:06 +00:00
|
|
|
it 'keeps artifacts' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2017-06-06 14:21:39 +00:00
|
|
|
expect(job.reload.artifacts_expire_at).to be_nil
|
2016-06-10 15:11:27 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'no artifacts' do
|
2017-06-06 14:21:39 +00:00
|
|
|
let(:job) { create(:ci_build, project: project, pipeline: pipeline) }
|
2016-06-10 15:11:27 +00:00
|
|
|
|
2016-06-10 19:45:06 +00:00
|
|
|
it 'responds with not found' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
2016-06-10 15:11:27 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2016-08-15 13:58:22 +00:00
|
|
|
|
2017-02-22 10:13:59 +00:00
|
|
|
describe 'POST /projects/:id/jobs/:job_id/play' do
|
2016-08-15 13:58:22 +00:00
|
|
|
before do
|
2017-06-06 14:21:39 +00:00
|
|
|
post api("/projects/#{project.id}/jobs/#{job.id}/play", api_user)
|
2016-08-15 13:58:22 +00:00
|
|
|
end
|
|
|
|
|
|
2021-01-05 21:10:22 +00:00
|
|
|
context 'on a playable job' do
|
|
|
|
|
let_it_be(:job) { create(:ci_bridge, :playable, pipeline: pipeline, downstream: project) }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
project.add_developer(user)
|
|
|
|
|
end
|
2016-08-15 13:58:22 +00:00
|
|
|
|
2017-05-02 08:29:09 +00:00
|
|
|
context 'when user is authorized to trigger a manual action' do
|
2021-01-05 21:10:22 +00:00
|
|
|
context 'that is a bridge' do
|
|
|
|
|
it 'plays the job' do
|
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
|
|
|
expect(json_response['user']['id']).to eq(user.id)
|
|
|
|
|
expect(json_response['id']).to eq(job.id)
|
|
|
|
|
expect(job.reload).to be_pending
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'that is a build' do
|
|
|
|
|
let_it_be(:job) { create(:ci_build, :manual, project: project, pipeline: pipeline) }
|
|
|
|
|
|
|
|
|
|
it 'plays the job' do
|
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
|
|
|
expect(json_response['user']['id']).to eq(user.id)
|
|
|
|
|
expect(json_response['id']).to eq(job.id)
|
|
|
|
|
expect(job.reload).to be_pending
|
|
|
|
|
end
|
2017-05-02 08:29:09 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when user is not authorized to trigger a manual action' do
|
|
|
|
|
context 'when user does not have access to the project' do
|
|
|
|
|
let(:api_user) { create(:user) }
|
|
|
|
|
|
|
|
|
|
it 'does not trigger a manual action' do
|
2017-06-06 14:21:39 +00:00
|
|
|
expect(job.reload).to be_manual
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
2017-05-02 08:29:09 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when user is not allowed to trigger the manual action' do
|
|
|
|
|
let(:api_user) { reporter }
|
|
|
|
|
|
|
|
|
|
it 'does not trigger a manual action' do
|
2017-06-06 14:21:39 +00:00
|
|
|
expect(job.reload).to be_manual
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:forbidden)
|
2017-05-02 08:29:09 +00:00
|
|
|
end
|
|
|
|
|
end
|
2016-08-15 13:58:22 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2017-01-26 11:52:58 +00:00
|
|
|
context 'on a non-playable job' do
|
2016-08-15 13:58:22 +00:00
|
|
|
it 'returns a status code 400, Bad Request' do
|
2020-02-25 12:08:48 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:bad_request)
|
2017-01-26 11:52:58 +00:00
|
|
|
expect(response.body).to match("Unplayable Job")
|
2016-08-15 13:58:22 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2015-12-29 22:12:36 +00:00
|
|
|
end
|
