kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

Browse source
This commit is contained in:
GitLab Bot 2022-07-07 21:09:22 +00:00
parent 17b492274d
commit 2f8483621e
42 changed files with 204 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitlab/ci/build-images.gitlab-ci.yml
View file

@ -37,6 +37,7 @@ build-qa-image:
--destination=${QA_IMAGE_BRANCH} \
--build-arg=CHROME_VERSION=${CHROME_VERSION} \
--build-arg=DOCKER_VERSION=${DOCKER_VERSION} \
--build-arg=QA_BUILD_TARGET=${QA_BUILD_TARGET:-qa} \
--cache=true
# This image is used by:

26
app/assets/javascripts/content_editor/components/bubble_menus/formatting.vue
View file

@ -90,19 +90,6 @@ export default {
:label="__('Code')"
@execute="trackToolbarControlExecution"
/>
<toolbar-button
data-testid="link"
content-type="link"
icon-name="link"
editor-command="toggleLink"
:editor-command-params="/* eslint-disable @gitlab/vue-no-new-non-primitive-in-template */ {
href: '',
} /* eslint-enable @gitlab/vue-no-new-non-primitive-in-template */"
category="tertiary"
size="medium"
:label="__('Insert link')"
@execute="trackToolbarControlExecution"
/>
<toolbar-button
data-testid="superscript"
content-type="superscript"
@ -123,6 +110,19 @@ export default {
:label="__('Subscript')"
@execute="trackToolbarControlExecution"
/>
<toolbar-button
data-testid="link"
content-type="link"
icon-name="link"
editor-command="toggleLink"
:editor-command-params="/* eslint-disable @gitlab/vue-no-new-non-primitive-in-template */ {
href: '',
} /* eslint-enable @gitlab/vue-no-new-non-primitive-in-template */"
category="tertiary"
size="medium"
:label="__('Insert link')"
@execute="trackToolbarControlExecution"
/>
</gl-button-group>
</bubble-menu>
</template>

24
app/controllers/concerns/google_analytics_csp.rb Normal file
View file

@ -0,0 +1,24 @@
# frozen_string_literal: true
module GoogleAnalyticsCSP
extend ActiveSupport::Concern
included do
content_security_policy do |policy|
next unless helpers.google_tag_manager_enabled? || policy.directives.present?
default_script_src = policy.directives['script-src'] || policy.directives['default-src']
script_src_values = Array.wrap(default_script_src) | ['*.googletagmanager.com']
policy.script_src(*script_src_values)
default_img_src = policy.directives['img-src'] || policy.directives['default-src']
img_src_values = Array.wrap(default_img_src) | ['*.google-analytics.com', '*.googletagmanager.com']
policy.img_src(*img_src_values)
default_connect_src = policy.directives['connect-src'] || policy.directives['default-src']
connect_src_values =
Array.wrap(default_connect_src) | ['*.google-analytics.com', '*.analytics.google.com', '*.googletagmanager.com']
policy.connect_src(*connect_src_values)
end
end
end

1
app/controllers/confirmations_controller.rb
View file

@ -4,6 +4,7 @@ class ConfirmationsController < Devise::ConfirmationsController
include AcceptsPendingInvitations
include GitlabRecaptcha
include OneTrustCSP
include GoogleAnalyticsCSP
prepend_before_action :check_recaptcha, only: :create
before_action :load_recaptcha, only: :new

1
app/controllers/registrations/welcome_controller.rb
View file

@ -3,6 +3,7 @@
module Registrations
class WelcomeController < ApplicationController
include OneTrustCSP
include GoogleAnalyticsCSP
layout 'minimal'
skip_before_action :authenticate_user!, :required_signup_info, :check_two_factor_requirement, only: [:show, :update]

1
app/controllers/registrations_controller.rb
View file

@ -7,6 +7,7 @@ class RegistrationsController < Devise::RegistrationsController
include InvisibleCaptchaOnSignup
include OneTrustCSP
include BizibleCSP
include GoogleAnalyticsCSP
layout 'devise'

1
app/controllers/sessions_controller.rb
View file

@ -12,6 +12,7 @@ class SessionsController < Devise::SessionsController
include OneTrustCSP
include BizibleCSP
include VerifiesWithEmail
include GoogleAnalyticsCSP
skip_before_action :check_two_factor_requirement, only: [:destroy]
skip_before_action :check_password_expiration, only: [:destroy]

1
app/controllers/users/terms_controller.rb
View file

@ -4,6 +4,7 @@ module Users
class TermsController < ApplicationController
include InternalRedirect
include OneTrustCSP
include GoogleAnalyticsCSP
skip_before_action :authenticate_user!, only: [:index]
skip_before_action :enforce_terms!

11
app/models/concerns/packages/fips.rb Normal file
View file

@ -0,0 +1,11 @@
# rubocop:disable Naming/FileName
# frozen_string_literal: true
module Packages
module FIPS
extend ActiveSupport::Concern
DisabledError = Class.new(StandardError)
end
end
# rubocop:enable Naming/FileName

3
app/models/packages/debian/file_entry.rb
View file

@ -4,6 +4,7 @@ module Packages
module Debian
class FileEntry
include ActiveModel::Model
include ::Packages::FIPS
DIGESTS = %i[md5 sha1 sha256].freeze
FILENAME_REGEX = %r{\A[a-zA-Z0-9][a-zA-Z0-9_.~+-]*\z}.freeze
@ -31,6 +32,8 @@ module Packages
private
def valid_package_file_digests
raise DisabledError, 'Debian registry is not FIPS compliant' if Gitlab::FIPS.enabled?
DIGESTS.each do |digest|
package_file_digest = package_file["file_#{digest}"]
sum = public_send("#{digest}sum") # rubocop:disable GitlabSecurity/PublicSend

3
app/services/packages/debian/create_package_file_service.rb
View file

@ -3,12 +3,15 @@
module Packages
module Debian
class CreatePackageFileService
include ::Packages::FIPS
def initialize(package, params)
@package = package
@params = params
end
def execute
raise DisabledError, 'Debian registry is not FIPS compliant' if Gitlab::FIPS.enabled?
raise ArgumentError, "Invalid package" unless package.present?
# Debian package file are first uploaded to incoming with empty metadata,

3
app/services/packages/debian/extract_changes_metadata_service.rb
View file

@ -4,6 +4,7 @@ module Packages
module Debian
class ExtractChangesMetadataService
include Gitlab::Utils::StrongMemoize
include ::Packages::FIPS
ExtractionError = Class.new(StandardError)
@ -13,6 +14,8 @@ module Packages
end
def execute
raise DisabledError, 'Debian registry is not FIPS compliant' if Gitlab::FIPS.enabled?
{
file_type: file_type,
architecture: metadata[:architecture],

3
app/services/packages/debian/generate_distribution_service.rb
View file

@ -4,6 +4,7 @@ module Packages
module Debian
class GenerateDistributionService
include Gitlab::Utils::StrongMemoize
include ::Packages::FIPS
include ExclusiveLeaseGuard
ONE_HOUR = 1.hour.freeze
@ -70,6 +71,8 @@ module Packages
end
def execute
raise DisabledError, 'Debian registry is not FIPS compliant' if Gitlab::FIPS.enabled?
try_obtain_lease do
@distribution.transaction do
# We consider `apt-get update` can take at most one hour

3
app/workers/packages/debian/generate_distribution_worker.rb
View file

@ -4,6 +4,7 @@ module Packages
module Debian
class GenerateDistributionWorker
include ApplicationWorker
include ::Packages::FIPS
data_consistency :always
include Gitlab::Utils::StrongMemoize
@ -20,6 +21,8 @@ module Packages
loggable_arguments 0
def perform(container_type, distribution_id)
raise DisabledError, 'Debian registry is not FIPS compliant' if Gitlab::FIPS.enabled?
@container_type = container_type
@distribution_id = distribution_id

5
app/workers/packages/debian/process_changes_worker.rb
View file

@ -4,6 +4,7 @@ module Packages
module Debian
class ProcessChangesWorker
include ApplicationWorker
include ::Packages::FIPS
data_consistency :always
include Gitlab::Utils::StrongMemoize
@ -15,6 +16,8 @@ module Packages
feature_category :package_registry
def perform(package_file_id, user_id)
raise DisabledError, 'Debian registry is not FIPS compliant' if Gitlab::FIPS.enabled?
@package_file_id = package_file_id
@user_id = user_id
@ -22,6 +25,8 @@ module Packages
::Packages::Debian::ProcessChangesService.new(package_file, user).execute
rescue StandardError => e
raise if e.instance_of?(DisabledError)
Gitlab::ErrorTracking.log_exception(e, package_file_id: @package_file_id, user_id: @user_id)
package_file.destroy!
end

4
doc/administration/monitoring/prometheus/gitlab_metrics.md
View file

@ -138,8 +138,8 @@ The following metrics are available:
| `pipeline_graph_links_per_job_ratio` | Histogram | 13.9 | Ratio of links to job per graph | |
| `gitlab_ci_pipeline_security_orchestration_policy_processing_duration_seconds` | Histogram | 13.12 | Time in seconds it takes to process Security Policies in CI/CD pipeline | |
| `gitlab_spamcheck_request_duration_seconds` | Histogram | 13.12 | The duration for requests between Rails and the anti-spam engine | |
| `service_desk_thank_you_email` | Counter | 14.0 | Total number of email responses to new service desk emails | |
| `service_desk_new_note_email` | Counter | 14.0 | Total number of email notifications on new service desk comment | |
| `service_desk_thank_you_email` | Counter | 14.0 | Total number of email responses to new Service Desk emails | |
| `service_desk_new_note_email` | Counter | 14.0 | Total number of email notifications on new Service Desk comment | |
| `email_receiver_error` | Counter | 14.1 | Total number of errors when processing incoming emails | |
| `gitlab_snowplow_events_total` | Counter | 14.1 | Total number of GitLab Snowplow product intelligence events emitted | |
| `gitlab_snowplow_failed_events_total` | Counter | 14.1 | Total number of GitLab Snowplow product intelligence events emission failures | |

4
doc/administration/packages/container_registry.md
View file

@ -927,9 +927,9 @@ these controls should migrate to the GitLab interface.
Users who have the [Maintainer role](../../user/permissions.md) for the project can
[delete Container Registry tags in bulk](../../api/container_registry.md#delete-registry-repository-tags-in-bulk)
periodically based on their own criteria, however, this alone does not recycle data,
periodically based on their own criteria. However, deleting the tags alone does not recycle data,
it only unlinks tags from manifests and image blobs. To recycle the Container
Registry data in the whole GitLab instance, you can use the built-in command
Registry data in the whole GitLab instance, you can use the built-in garbage collection command
provided by `gitlab-ctl`.
Prerequisites:

4
doc/api/packages/debian.md
View file

@ -21,6 +21,10 @@ for production use due to limited functionality.
For instructions on how to upload and install Debian packages from the GitLab
package registry, see the [Debian registry documentation](../../user/packages/debian_repository/index.md).
NOTE:
The Debian registry is not FIPS compliant and is disabled when [FIPS mode](../../development/fips_compliance.md) is enabled.
These endpoints will all return `404 Not Found`.
NOTE:
These endpoints do not adhere to the standard API authentication methods.
See the [Debian registry documentation](../../user/packages/debian_repository/index.md)

4
doc/api/packages/debian_group_distributions.md
View file

@ -18,6 +18,10 @@ This API is under development and is not meant for production use.
For more information about working with Debian packages, see the
[Debian package registry documentation](../../user/packages/debian_repository/index.md).
NOTE:
The Debian registry is not FIPS compliant and is disabled when [FIPS mode](../../development/fips_compliance.md) is enabled.
These endpoints will all return `404 Not Found`.
## Enable the Debian group API
Debian group repository support is still a work in progress. It's gated behind a feature flag that's

4
doc/api/packages/debian_project_distributions.md
View file

@ -18,6 +18,10 @@ This API is under development and is not meant for production use.
For more information about working with Debian packages, see the
[Debian package registry documentation](../../user/packages/debian_repository/index.md).
NOTE:
The Debian registry is not FIPS compliant and is disabled when [FIPS mode](../../development/fips_compliance.md) is enabled.
These endpoints will all return `404 Not Found`.
## Enable the Debian API
The Debian API is behind a feature flag that is disabled by default.

6
doc/install/requirements.md
View file

@ -125,6 +125,12 @@ GitLab database. [Read more about this requirement, and troubleshooting](postgre
| `btree_gist` | 13.1 |
| `plpgsql` | 11.7 |
The following managed PostgreSQL services are known to be incompatible and should not be used:
| GitLab version | Managed service |
|----------------|-------------------------------------------------------|
| 14.4+ | Amazon Aurora (see [14.4.0](../update/index.md#1440)) |
NOTE:
Support for [PostgreSQL 9.6 and 10 was removed in GitLab 13.0](https://about.gitlab.com/releases/2020/05/22/gitlab-13-0-released/#postgresql-11-is-now-the-minimum-required-version-to-install-gitlab) so that GitLab can benefit from PostgreSQL 11 improvements, such as partitioning.

2
doc/subscriptions/gitlab_dedicated/index.md
View file

@ -42,7 +42,7 @@ Features that are not available but we plan to support in the future:
- GitLab-managed runners
- FortiAuthenticator/FortiToken 2FA
- Reply-by email
- Service desk
- Service Desk
Features that we do not plan to offer at all:

4
doc/update/index.md
View file

@ -703,6 +703,10 @@ or [init scripts](upgrading_from_source.md#configure-sysv-init-script) by [follo
as Sidekiq would continue using a bad connection. Geo and other features that rely on
cron jobs running regularly do not work until Sidekiq is restarted. We recommend
upgrading to GitLab 14.4.3 and later if this issue affects you.
- After enabling database load balancing by default in 14.4.0, we found an issue where
[Database load balancing does not work with an AWS Aurora cluster](https://gitlab.com/gitlab-org/gitlab/-/issues/220617).
We recommend moving your databases from Aurora to RDS for PostgreSQL before
upgrading. Refer to [Moving GitLab databases to a different PostgreSQL instance](../administration/postgresql/moving.md).
- GitLab 14.4.0 includes a
[background migration `PopulateTopicsTotalProjectsCountCache`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71033)
that may remain stuck permanently in a **pending** state when the instance lacks records that match the migration's target.

3
doc/user/packages/debian_repository/index.md
View file

@ -15,6 +15,9 @@ The Debian package registry for GitLab is under development and isn't ready for
limited functionality. This [epic](https://gitlab.com/groups/gitlab-org/-/epics/6057) details the remaining
work and timelines to make it production ready.
NOTE:
The Debian registry is not FIPS compliant and is disabled when [FIPS mode](../../../development/fips_compliance.md) is enabled.
Publish Debian packages in your project's Package Registry. Then install the
packages whenever you need to use them as a dependency.

3
doc/user/packages/npm_registry/index.md
View file

@ -145,6 +145,9 @@ If you encounter an error with [Yarn](https://classic.yarnpkg.com/en/), view
#### Instance-level npm endpoint
NOTE:
Note: Using `CI_JOB_TOKEN` to install npm packages with dependencies in another project will give you 404 errors. You can use a [personal access token](../../profile/personal_access_tokens.md) as a workaround. [GitLab-#352962](https://gitlab.com/gitlab-org/gitlab/-/issues/352962) proposes a fix to this bug.
To use the [instance-level](#use-the-gitlab-endpoint-for-npm-packages) npm endpoint, set your npm configuration:
```shell

4
lib/api/debian_group_packages.rb
View file

@ -6,6 +6,10 @@ module API
project_id: %r{[0-9]+}.freeze
).freeze
before do
not_found! if Gitlab::FIPS.enabled?
end
resource :groups, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
helpers do
def user_project

4
lib/api/debian_project_packages.rb
View file

@ -14,6 +14,10 @@ module API
file_name: API::NO_SLASH_URL_PART_REGEX
}.freeze
before do
not_found! if Gitlab::FIPS.enabled?
end
resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
helpers do
def project_or_group

4
lib/api/group_debian_distributions.rb
View file

@ -6,6 +6,10 @@ module API
requires :id, type: String, desc: 'The ID of a group'
end
before do
not_found! if Gitlab::FIPS.enabled?
end
resource :groups, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
after_validation do
require_packages_enabled!

4
lib/api/project_debian_distributions.rb
View file

@ -6,6 +6,10 @@ module API
requires :id, type: String, desc: 'The ID of a project'
end
before do
not_found! if Gitlab::FIPS.enabled?
end
resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
after_validation do
require_packages_enabled!

11
qa/Dockerfile
View file

@ -1,7 +1,8 @@
ARG DOCKER_VERSION=20.10.14
ARG CHROME_VERSION=101
ARG QA_BUILD_TARGET=qa
FROM registry.gitlab.com/gitlab-org/gitlab-build-images/debian-bullseye-ruby-2.7:bundler-2.3-git-2.33-lfs-2.9-chrome-${CHROME_VERSION}-docker-${DOCKER_VERSION}-gcloud-383-kubectl-1.23
FROM registry.gitlab.com/gitlab-org/gitlab-build-images/debian-bullseye-ruby-2.7:bundler-2.3-git-2.33-lfs-2.9-chrome-${CHROME_VERSION}-docker-${DOCKER_VERSION}-gcloud-383-kubectl-1.23 AS qa
LABEL maintainer="GitLab Quality Department <quality@gitlab.com>"
ENV DEBIAN_FRONTEND="noninteractive"
@ -50,3 +51,11 @@ COPY ./INSTALLATION_TYPE ./VERSION /home/gitlab/
COPY ./qa /home/gitlab/qa
ENTRYPOINT ["bin/test"]
# Add JH files when pass the parameter: `--build-arg QA_BUILD_TARGET=jhqa`
FROM qa AS jhqa
ONBUILD COPY ./jh/qa /home/gitlab/jh/qa
ONBUILD COPY ./jh/lib /home/gitlab/jh/lib
ONBUILD COPY ./jh/config/feature_flags /home/gitlab/jh/config/feature_flags
FROM $QA_BUILD_TARGET

15
spec/features/users/google_analytics_csp_spec.rb Normal file
View file

@ -0,0 +1,15 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe 'Google Analytics 4 content security policy' do
it 'includes the GA4 content security policy headers' do
visit root_path
expect(response_headers['Content-Security-Policy']).to include(
'*.googletagmanager.com',
'*.google-analytics.com',
'*.analytics.google.com'
)
end
end

2
spec/frontend/content_editor/components/bubble_menus/formatting_spec.js
View file

@ -51,9 +51,9 @@ describe('content_editor/components/bubble_menus/formatting', () => {
${'italic'} | ${{ contentType: 'italic', iconName: 'italic', label: 'Italic text', editorCommand: 'toggleItalic' }}
${'strike'} | ${{ contentType: 'strike', iconName: 'strikethrough', label: 'Strikethrough', editorCommand: 'toggleStrike' }}
${'code'} | ${{ contentType: 'code', iconName: 'code', label: 'Code', editorCommand: 'toggleCode' }}
${'link'} | ${{ contentType: 'link', iconName: 'link', label: 'Insert link', editorCommand: 'toggleLink', editorCommandParams: { href: '' } }}
${'superscript'} | ${{ contentType: 'superscript', iconName: 'superscript', label: 'Superscript', editorCommand: 'toggleSuperscript' }}
${'subscript'} | ${{ contentType: 'subscript', iconName: 'subscript', label: 'Subscript', editorCommand: 'toggleSubscript' }}
${'link'} | ${{ contentType: 'link', iconName: 'link', label: 'Insert link', editorCommand: 'toggleLink', editorCommandParams: { href: '' } }}
`('given a $testId toolbar control', ({ testId, controlProps }) => {
beforeEach(() => {
buildWrapper();

7
spec/models/packages/debian/file_entry_spec.rb
View file

@ -31,6 +31,13 @@ RSpec.describe Packages::Debian::FileEntry, type: :model do
describe 'validations' do
it { is_expected.to be_valid }
context 'with FIPS mode', :fips_mode do
it 'raises an error' do
expect { subject.validate! }
.to raise_error(::Packages::FIPS::DisabledError, 'Debian registry is not FIPS compliant')
end
end
describe '#filename' do
it { is_expected.to validate_presence_of(:filename) }
it { is_expected.not_to allow_value('Hé').for(:filename) }

8
spec/services/packages/debian/create_package_file_service_spec.rb
View file

@ -102,5 +102,13 @@ RSpec.describe Packages::Debian::CreatePackageFileService do
expect { subject.execute }.to raise_error(ActiveRecord::RecordInvalid)
end
end
context 'FIPS mode enabled', :fips_mode do
let(:file) { nil }
it 'raises an error' do
expect { subject.execute }.to raise_error(::Packages::FIPS::DisabledError)
end
end
end
end

6
spec/services/packages/debian/extract_changes_metadata_service_spec.rb
View file

@ -13,6 +13,12 @@ RSpec.describe Packages::Debian::ExtractChangesMetadataService do
subject { service.execute }
context 'with FIPS mode enabled', :fips_mode do
it 'raises an error' do
expect { subject }.to raise_error(::Packages::FIPS::DisabledError)
end
end
context 'with valid package file' do
it 'extract metadata', :aggregate_failures do
expected_fields = { 'Architecture' => 'source amd64', 'Binary' => 'libsample0 sample-dev sample-udeb' }

6
spec/services/packages/debian/generate_distribution_service_spec.rb
View file

@ -15,6 +15,12 @@ RSpec.describe Packages::Debian::GenerateDistributionService do
context "for #{container_type}" do
include_context 'with Debian distribution', container_type
context 'with FIPS mode enabled', :fips_mode do
it 'raises an error' do
expect { subject }.to raise_error(::Packages::FIPS::DisabledError)
end
end
it_behaves_like 'Generate Debian Distribution and component files'
end
end

6
spec/support/shared_examples/requests/api/debian_common_shared_examples.rb
View file

@ -15,3 +15,9 @@ RSpec.shared_examples 'rejects Debian access with unknown container id' do |anon
end
end
end
RSpec.shared_examples 'Debian API FIPS mode' do
context 'when FIPS mode is enabled', :fips_mode do
it_behaves_like 'returning response status', :not_found
end
end

6
spec/support/shared_examples/requests/api/debian_distributions_shared_examples.rb
View file

@ -3,6 +3,8 @@
RSpec.shared_examples 'Debian distributions GET request' do |status, body = nil|
and_body = body.nil? ? '' : ' and expected body'
it_behaves_like 'Debian API FIPS mode'
it "returns #{status}#{and_body}" do
subject
@ -17,6 +19,8 @@ end
RSpec.shared_examples 'Debian distributions PUT request' do |status, body|
and_body = body.nil? ? '' : ' and expected body'
it_behaves_like 'Debian API FIPS mode'
if status == :success
it 'updates distribution', :aggregate_failures do
expect(::Packages::Debian::UpdateDistributionService).to receive(:new).with(distribution, api_params.except(:codename)).and_call_original
@ -49,6 +53,8 @@ end
RSpec.shared_examples 'Debian distributions DELETE request' do |status, body|
and_body = body.nil? ? '' : ' and expected body'
it_behaves_like 'Debian API FIPS mode'
if status == :success
it 'updates distribution', :aggregate_failures do
expect { subject }

4
spec/support/shared_examples/requests/api/debian_packages_shared_examples.rb
View file

@ -3,6 +3,8 @@
RSpec.shared_examples 'Debian packages GET request' do |status, body = nil|
and_body = body.nil? ? '' : ' and expected body'
it_behaves_like 'Debian API FIPS mode'
it "returns #{status}#{and_body}" do
subject
@ -17,6 +19,8 @@ end
RSpec.shared_examples 'Debian packages upload request' do |status, body = nil|
and_body = body.nil? ? '' : ' and expected body'
it_behaves_like 'Debian API FIPS mode'
if status == :created
it 'creates package files', :aggregate_failures do
expect(::Packages::Debian::FindOrCreateIncomingService).to receive(:new).with(container, user).and_call_original

6
spec/workers/packages/debian/generate_distribution_worker_spec.rb
View file

@ -18,6 +18,12 @@ RSpec.describe Packages::Debian::GenerateDistributionWorker, type: :worker do
context "for #{container_type}" do
include_context 'with Debian distribution', container_type
context 'with FIPS mode enabled', :fips_mode do
it 'raises an error' do
expect { subject }.to raise_error(::Packages::FIPS::DisabledError)
end
end
context 'with mocked service' do
it 'calls GenerateDistributionService' do
expect(Gitlab::ErrorTracking).not_to receive(:log_exception)

6
spec/workers/packages/debian/process_changes_worker_spec.rb
View file

@ -16,6 +16,12 @@ RSpec.describe Packages::Debian::ProcessChangesWorker, type: :worker do
subject { worker.perform(package_file_id, user_id) }
context 'with FIPS mode enabled', :fips_mode do
it 'raises an error' do
expect { subject }.to raise_error(::Packages::FIPS::DisabledError)
end
end
context 'with mocked service' do
it 'calls ProcessChangesService' do
expect(Gitlab::ErrorTracking).not_to receive(:log_exception)

BIN
vendor/project_templates/gatsby.tar.gz vendored
View file

Binary file not shown.