BigW Consortium Gitlab
Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gitlab-ce
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Forest Godfrey
gitlab-ce
Commits
2951a099
Commit
2951a099
authored
Jul 06, 2017
by
Pawel Chojnacki
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add tests for token auth.
parent
beb81e14
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
63 additions
and
20 deletions
+63
-20
requires_whitelisted_monitoring_client.rb
...ollers/concerns/requires_whitelisted_monitoring_client.rb
+4
-4
health_check_controller_spec.rb
spec/controllers/health_check_controller_spec.rb
+0
-2
health_controller_spec.rb
spec/controllers/health_controller_spec.rb
+59
-14
No files found.
app/controllers/concerns/requires_whitelisted_monitoring_client.rb
View file @
2951a099
module
RequiresWhitelistedMonitoringClient
module
RequiresWhitelistedMonitoringClient
extend
ActiveSupport
::
Concern
extend
ActiveSupport
::
Concern
included
do
included
do
before_action
:validate_ip_whitelisted_or_
token_is_valid
!
before_action
:validate_ip_whitelisted_or_
valid_token
!
end
end
private
private
def
validate_ip_whitelisted_or_
token_is_valid
!
def
validate_ip_whitelisted_or_
valid_token
!
render_404
unless
client_ip_whitelisted?
||
token_valid
?
render_404
unless
client_ip_whitelisted?
||
valid_token
?
end
end
def
client_ip_whitelisted?
def
client_ip_whitelisted?
...
@@ -18,7 +18,7 @@ module RequiresWhitelistedMonitoringClient
...
@@ -18,7 +18,7 @@ module RequiresWhitelistedMonitoringClient
@ip_whitelist
||=
Settings
.
monitoring
.
ip_whitelist
.
map
(
&
IPAddr
.
method
(
:new
))
@ip_whitelist
||=
Settings
.
monitoring
.
ip_whitelist
.
map
(
&
IPAddr
.
method
(
:new
))
end
end
def
token_valid
?
def
valid_token
?
token
=
params
[
:token
].
presence
||
request
.
headers
[
'TOKEN'
]
token
=
params
[
:token
].
presence
||
request
.
headers
[
'TOKEN'
]
token
.
present?
&&
token
.
present?
&&
ActiveSupport
::
SecurityUtils
.
variable_size_secure_compare
(
ActiveSupport
::
SecurityUtils
.
variable_size_secure_compare
(
...
...
spec/controllers/health_check_controller_spec.rb
View file @
2951a099
...
@@ -46,8 +46,6 @@ describe HealthCheckController do
...
@@ -46,8 +46,6 @@ describe HealthCheckController do
end
end
context
'when services are up and accessed from whitelisted ips'
do
context
'when services are up and accessed from whitelisted ips'
do
let
(
:ip
)
{
'127.0.0.1'
}
before
do
before
do
allow
(
Gitlab
::
RequestContext
).
to
receive
(
:client_ip
).
and_return
(
whitelisted_ip
)
allow
(
Gitlab
::
RequestContext
).
to
receive
(
:client_ip
).
and_return
(
whitelisted_ip
)
end
end
...
...
spec/controllers/health_controller_spec.rb
View file @
2951a099
...
@@ -4,6 +4,7 @@ describe HealthController do
...
@@ -4,6 +4,7 @@ describe HealthController do
include
StubENV
include
StubENV
let
(
:json_response
)
{
JSON
.
parse
(
response
.
body
)
}
let
(
:json_response
)
{
JSON
.
parse
(
response
.
body
)
}
let
(
:token
)
{
current_application_settings
.
health_check_access_token
}
let
(
:whitelisted_ip
)
{
'127.0.0.1'
}
let
(
:whitelisted_ip
)
{
'127.0.0.1'
}
let
(
:not_whitelisted_ip
)
{
'127.0.0.2'
}
let
(
:not_whitelisted_ip
)
{
'127.0.0.2'
}
...
@@ -13,13 +14,11 @@ describe HealthController do
...
@@ -13,13 +14,11 @@ describe HealthController do
end
end
describe
'#readiness'
do
describe
'#readiness'
do
context
'accessed from whitelisted ip'
do
shared_context
'endpoint responding with readiness data'
do
before
do
subject
{
get
:readiness
}
allow
(
Gitlab
::
RequestContext
).
to
receive
(
:client_ip
).
and_return
(
whitelisted_ip
)
end
it
're
turns proper response
'
do
it
're
sponds with readiness checks data
'
do
get
:readiness
subject
expect
(
json_response
[
'db_check'
][
'status'
]).
to
eq
(
'ok'
)
expect
(
json_response
[
'db_check'
][
'status'
]).
to
eq
(
'ok'
)
expect
(
json_response
[
'redis_check'
][
'status'
]).
to
eq
(
'ok'
)
expect
(
json_response
[
'redis_check'
][
'status'
]).
to
eq
(
'ok'
)
...
@@ -28,27 +27,49 @@ describe HealthController do
...
@@ -28,27 +27,49 @@ describe HealthController do
end
end
end
end
context
'accessed from whitelisted ip'
do
before
do
allow
(
Gitlab
::
RequestContext
).
to
receive
(
:client_ip
).
and_return
(
whitelisted_ip
)
end
it_behaves_like
'endpoint responding with readiness data'
end
context
'accessed from not whitelisted ip'
do
context
'accessed from not whitelisted ip'
do
before
do
before
do
allow
(
Gitlab
::
RequestContext
).
to
receive
(
:client_ip
).
and_return
(
not_whitelisted_ip
)
allow
(
Gitlab
::
RequestContext
).
to
receive
(
:client_ip
).
and_return
(
not_whitelisted_ip
)
end
end
it
're
turns proper response
'
do
it
're
sponds with resource not found
'
do
get
:readiness
get
:readiness
expect
(
response
.
status
).
to
eq
(
404
)
expect
(
response
.
status
).
to
eq
(
404
)
end
end
context
'accessed with valid token'
do
context
'token passed in request header'
do
before
do
request
.
headers
[
'TOKEN'
]
=
token
end
it_behaves_like
'endpoint responding with readiness data'
end
end
end
end
describe
'#liveness'
do
context
'token passed as URL param'
do
context
'accessed from whitelisted ip'
do
it_behaves_like
'endpoint responding with readiness data'
do
before
do
subject
{
get
:readiness
,
token:
token
}
allow
(
Gitlab
::
RequestContext
).
to
receive
(
:client_ip
).
and_return
(
whitelisted_ip
)
end
end
end
end
end
it
'returns proper response'
do
describe
'#liveness'
do
get
:liveness
shared_context
'endpoint responding with liveness data'
do
subject
{
get
:liveness
}
it
'responds with liveness checks data'
do
subject
expect
(
json_response
[
'db_check'
][
'status'
]).
to
eq
(
'ok'
)
expect
(
json_response
[
'db_check'
][
'status'
]).
to
eq
(
'ok'
)
expect
(
json_response
[
'redis_check'
][
'status'
]).
to
eq
(
'ok'
)
expect
(
json_response
[
'redis_check'
][
'status'
]).
to
eq
(
'ok'
)
...
@@ -56,16 +77,40 @@ describe HealthController do
...
@@ -56,16 +77,40 @@ describe HealthController do
end
end
end
end
context
'accessed from whitelisted ip'
do
before
do
allow
(
Gitlab
::
RequestContext
).
to
receive
(
:client_ip
).
and_return
(
whitelisted_ip
)
end
it_behaves_like
'endpoint responding with liveness data'
end
context
'accessed from not whitelisted ip'
do
context
'accessed from not whitelisted ip'
do
before
do
before
do
allow
(
Gitlab
::
RequestContext
).
to
receive
(
:client_ip
).
and_return
(
not_whitelisted_ip
)
allow
(
Gitlab
::
RequestContext
).
to
receive
(
:client_ip
).
and_return
(
not_whitelisted_ip
)
end
end
it
're
turns proper response
'
do
it
're
sponds with resource not found
'
do
get
:liveness
get
:liveness
expect
(
response
.
status
).
to
eq
(
404
)
expect
(
response
.
status
).
to
eq
(
404
)
end
end
context
'accessed with valid token'
do
context
'token passed in request header'
do
before
do
request
.
headers
[
'TOKEN'
]
=
token
end
it_behaves_like
'endpoint responding with liveness data'
end
context
'token passed as URL param'
do
it_behaves_like
'endpoint responding with liveness data'
do
subject
{
get
:liveness
,
token:
token
}
end
end
end
end
end
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment