BigW Consortium Gitlab

shell_spec.rb 11.5 KB
Newer Older
1
require 'spec_helper'
2
require 'stringio'
3

4
describe Gitlab::Shell do
Dmitriy Zaporozhets committed
5
  let(:project) { double('Project', id: 7, path: 'diaspora') }
6
  let(:gitlab_shell) { described_class.new }
7
  let(:popen_vars) { { 'GIT_TERMINAL_PROMPT' => ENV['GIT_TERMINAL_PROMPT'] } }
8 9

  before do
10
    allow(Project).to receive(:find).and_return(project)
11 12
  end

13 14 15 16 17
  it { is_expected.to respond_to :add_key }
  it { is_expected.to respond_to :remove_key }
  it { is_expected.to respond_to :add_repository }
  it { is_expected.to respond_to :remove_repository }
  it { is_expected.to respond_to :fork_repository }
18 19 20 21
  it { is_expected.to respond_to :add_namespace }
  it { is_expected.to respond_to :rm_namespace }
  it { is_expected.to respond_to :mv_namespace }
  it { is_expected.to respond_to :exists? }
22

23
  it { expect(gitlab_shell.url_to_repo('diaspora')).to eq(Gitlab.config.gitlab_shell.ssh_path_prefix + "diaspora.git") }
24

25
  describe 'memoized secret_token' do
26 27 28 29 30
    let(:secret_file) { 'tmp/tests/.secret_shell_test' }
    let(:link_file) { 'tmp/tests/shell-secret-test/.gitlab_shell_secret' }

    before do
      allow(Gitlab.config.gitlab_shell).to receive(:secret_file).and_return(secret_file)
31
      allow(Gitlab.config.gitlab_shell).to receive(:path).and_return('tmp/tests/shell-secret-test')
32
      FileUtils.mkdir('tmp/tests/shell-secret-test')
33
      described_class.ensure_secret_token!
34 35 36 37 38 39 40 41
    end

    after do
      FileUtils.rm_rf('tmp/tests/shell-secret-test')
      FileUtils.rm_rf(secret_file)
    end

    it 'creates and links the secret token file' do
42
      secret_token = described_class.secret_token
43

44
      expect(File.exist?(secret_file)).to be(true)
45
      expect(File.read(secret_file).chomp).to eq(secret_token)
46 47 48 49 50
      expect(File.symlink?(link_file)).to be(true)
      expect(File.readlink(link_file)).to eq(secret_file)
    end
  end

51 52 53
  describe '#add_key' do
    it 'removes trailing garbage' do
      allow(gitlab_shell).to receive(:gitlab_shell_keys_path).and_return(:gitlab_shell_keys_path)
54
      expect(gitlab_shell).to receive(:gitlab_shell_fast_execute).with(
55 56 57 58 59 60 61
        [:gitlab_shell_keys_path, 'add-key', 'key-123', 'ssh-rsa foobar']
      )

      gitlab_shell.add_key('key-123', 'ssh-rsa foobar trailing garbage')
    end
  end

62
  describe Gitlab::Shell::KeyAdder do
63
    describe '#add_key' do
64 65
      it 'removes trailing garbage' do
        io = spy(:io)
66 67
        adder = described_class.new(io)

68 69 70 71 72
        adder.add_key('key-42', "ssh-rsa foo bar\tbaz")

        expect(io).to have_received(:puts).with("key-42\tssh-rsa foo")
      end

73 74 75 76 77 78 79 80 81
      it 'handles multiple spaces in the key' do
        io = spy(:io)
        adder = described_class.new(io)

        adder.add_key('key-42', "ssh-rsa  foo")

        expect(io).to have_received(:puts).with("key-42\tssh-rsa foo")
      end

82 83 84 85 86
      it 'raises an exception if the key contains a tab' do
        expect do
          described_class.new(StringIO.new).add_key('key-42', "ssh-rsa\tfoobar")
        end.to raise_error(Gitlab::Shell::Error)
      end
87

88 89 90 91
      it 'raises an exception if the key contains a newline' do
        expect do
          described_class.new(StringIO.new).add_key('key-42', "ssh-rsa foobar\nssh-rsa pawned")
        end.to raise_error(Gitlab::Shell::Error)
92 93 94
      end
    end
  end
95 96

  describe 'projects commands' do
97 98 99
    let(:gitlab_shell_path) { File.expand_path('tmp/tests/gitlab-shell') }
    let(:projects_path) { File.join(gitlab_shell_path, 'bin/gitlab-projects') }
    let(:gitlab_shell_hooks_path) { File.join(gitlab_shell_path, 'hooks') }
100 101

    before do
102 103
      allow(Gitlab.config.gitlab_shell).to receive(:path).and_return(gitlab_shell_path)
      allow(Gitlab.config.gitlab_shell).to receive(:hooks_path).and_return(gitlab_shell_hooks_path)
104 105 106
      allow(Gitlab.config.gitlab_shell).to receive(:git_timeout).and_return(800)
    end

107
    describe '#add_repository' do
108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125
      it 'creates a repository' do
        created_path = File.join(TestEnv.repos_path, 'project', 'path.git')
        hooks_path = File.join(created_path, 'hooks')

        begin
          result = gitlab_shell.add_repository(TestEnv.repos_path, 'project/path')

          repo_stat = File.stat(created_path) rescue nil
          hooks_stat = File.lstat(hooks_path) rescue nil
          hooks_dir = File.realpath(hooks_path)
        ensure
          FileUtils.rm_rf(created_path)
        end

        expect(result).to be_truthy
        expect(repo_stat.mode & 0o777).to eq(0o770)
        expect(hooks_stat.symlink?).to be_truthy
        expect(hooks_dir).to eq(gitlab_shell_hooks_path)
126 127 128
      end

      it 'returns false when the command fails' do
129
        expect(FileUtils).to receive(:mkdir_p).and_raise(Errno::EEXIST)
130

131
        expect(gitlab_shell.add_repository('current/storage', 'project/path')).to be_falsy
132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188
      end
    end

    describe '#remove_repository' do
      it 'returns true when the command succeeds' do
        expect(Gitlab::Popen).to receive(:popen)
          .with([projects_path, 'rm-project', 'current/storage', 'project/path.git'],
                nil, popen_vars).and_return([nil, 0])

        expect(gitlab_shell.remove_repository('current/storage', 'project/path')).to be true
      end

      it 'returns false when the command fails' do
        expect(Gitlab::Popen).to receive(:popen)
          .with([projects_path, 'rm-project', 'current/storage', 'project/path.git'],
                nil, popen_vars).and_return(["error", 1])

        expect(gitlab_shell.remove_repository('current/storage', 'project/path')).to be false
      end
    end

    describe '#mv_repository' do
      it 'returns true when the command succeeds' do
        expect(Gitlab::Popen).to receive(:popen)
          .with([projects_path, 'mv-project', 'current/storage', 'project/path.git', 'project/newpath.git'],
                nil, popen_vars).and_return([nil, 0])

        expect(gitlab_shell.mv_repository('current/storage', 'project/path', 'project/newpath')).to be true
      end

      it 'returns false when the command fails' do
        expect(Gitlab::Popen).to receive(:popen)
          .with([projects_path, 'mv-project', 'current/storage', 'project/path.git', 'project/newpath.git'],
                nil, popen_vars).and_return(["error", 1])

        expect(gitlab_shell.mv_repository('current/storage', 'project/path', 'project/newpath')).to be false
      end
    end

    describe '#fork_repository' do
      it 'returns true when the command succeeds' do
        expect(Gitlab::Popen).to receive(:popen)
          .with([projects_path, 'fork-project', 'current/storage', 'project/path.git', 'new/storage', 'new-namespace'],
                nil, popen_vars).and_return([nil, 0])

        expect(gitlab_shell.fork_repository('current/storage', 'project/path', 'new/storage', 'new-namespace')).to be true
      end

      it 'return false when the command fails' do
        expect(Gitlab::Popen).to receive(:popen)
          .with([projects_path, 'fork-project', 'current/storage', 'project/path.git', 'new/storage', 'new-namespace'],
                nil, popen_vars).and_return(["error", 1])

        expect(gitlab_shell.fork_repository('current/storage', 'project/path', 'new/storage', 'new-namespace')).to be false
      end
    end

189 190 191 192
    shared_examples 'fetch_remote' do |gitaly_on|
      let(:project2) { create(:project, :repository) }
      let(:repository) { project2.repository }

193
      def fetch_remote(ssh_auth = nil)
194
        gitlab_shell.fetch_remote(repository.raw_repository, 'new/storage', ssh_auth: ssh_auth)
195 196
      end

197
      def expect_popen(fail = false, vars = {})
198 199 200
        popen_args = [
          projects_path,
          'fetch-remote',
201 202
          TestEnv.repos_path,
          repository.relative_path,
203 204 205 206
          'new/storage',
          Gitlab.config.gitlab_shell.git_timeout.to_s
        ]

207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230
        return_value = fail ? ["error", 1] : [nil, 0]

        expect(Gitlab::Popen).to receive(:popen).with(popen_args, nil, popen_vars.merge(vars)).and_return(return_value)
      end

      def expect_gitaly_call(fail, vars = {})
        receive_fetch_remote =
          if fail
            receive(:fetch_remote).and_raise(GRPC::NotFound)
          else
            receive(:fetch_remote).and_return(true)
          end

        expect_any_instance_of(Gitlab::GitalyClient::RepositoryService).to receive_fetch_remote
      end

      if gitaly_on
        def expect_call(fail, vars = {})
          expect_gitaly_call(fail, vars)
        end
      else
        def expect_call(fail, vars = {})
          expect_popen(fail, vars)
        end
231 232 233 234 235 236 237 238 239 240 241 242 243
      end

      def build_ssh_auth(opts = {})
        defaults = {
          ssh_import?: true,
          ssh_key_auth?: false,
          ssh_known_hosts: nil,
          ssh_private_key: nil
        }

        double(:ssh_auth, defaults.merge(opts))
      end

244
      it 'returns true when the command succeeds' do
245
        expect_call(false)
246

247
        expect(fetch_remote).to be_truthy
248 249 250
      end

      it 'raises an exception when the command fails' do
251
        expect_call(true)
252

253
        expect { fetch_remote }.to raise_error(Gitlab::Shell::Error)
254 255 256 257
      end

      context 'SSH auth' do
        it 'passes the SSH key if specified' do
258
          expect_call(false, 'GITLAB_SHELL_SSH_KEY' => 'foo')
259 260 261 262 263 264 265

          ssh_auth = build_ssh_auth(ssh_key_auth?: true, ssh_private_key: 'foo')

          expect(fetch_remote(ssh_auth)).to be_truthy
        end

        it 'does not pass an empty SSH key' do
266
          expect_call(false)
267 268 269 270 271 272 273

          ssh_auth = build_ssh_auth(ssh_key_auth: true, ssh_private_key: '')

          expect(fetch_remote(ssh_auth)).to be_truthy
        end

        it 'does not pass the key unless SSH key auth is to be used' do
274
          expect_call(false)
275 276 277 278 279 280 281

          ssh_auth = build_ssh_auth(ssh_key_auth: false, ssh_private_key: 'foo')

          expect(fetch_remote(ssh_auth)).to be_truthy
        end

        it 'passes the known_hosts data if specified' do
282
          expect_call(false, 'GITLAB_SHELL_KNOWN_HOSTS' => 'foo')
283 284 285 286 287 288 289

          ssh_auth = build_ssh_auth(ssh_known_hosts: 'foo')

          expect(fetch_remote(ssh_auth)).to be_truthy
        end

        it 'does not pass empty known_hosts data' do
290
          expect_call(false)
291 292 293 294 295 296 297

          ssh_auth = build_ssh_auth(ssh_known_hosts: '')

          expect(fetch_remote(ssh_auth)).to be_truthy
        end

        it 'does not pass known_hosts data unless SSH is to be used' do
298
          expect_call(false, popen_vars)
299 300

          ssh_auth = build_ssh_auth(ssh_import?: false, ssh_known_hosts: 'foo')
301

302 303
          expect(fetch_remote(ssh_auth)).to be_truthy
        end
304 305 306
      end
    end

307 308 309 310 311 312 313 314
    describe '#fetch_remote local', skip_gitaly_mock: true do
      it_should_behave_like 'fetch_remote', false
    end

    describe '#fetch_remote gitaly' do
      it_should_behave_like 'fetch_remote', true
    end

315 316 317
    describe '#import_repository' do
      it 'returns true when the command succeeds' do
        expect(Gitlab::Popen).to receive(:popen)
318 319
          .with([projects_path, 'import-project', 'current/storage', 'project/path.git', 'https://gitlab.com/gitlab-org/gitlab-ce.git', "800"],
                nil, popen_vars).and_return([nil, 0])
320 321 322 323 324 325

        expect(gitlab_shell.import_repository('current/storage', 'project/path', 'https://gitlab.com/gitlab-org/gitlab-ce.git')).to be true
      end

      it 'raises an exception when the command fails' do
        expect(Gitlab::Popen).to receive(:popen)
326 327
        .with([projects_path, 'import-project', 'current/storage', 'project/path.git', 'https://gitlab.com/gitlab-org/gitlab-ce.git', "800"],
              nil, popen_vars).and_return(["error", 1])
328 329 330 331 332

        expect { gitlab_shell.import_repository('current/storage', 'project/path', 'https://gitlab.com/gitlab-org/gitlab-ce.git') }.to raise_error(Gitlab::Shell::Error, "error")
      end
    end
  end
333
end