Changing API to be behind a feature flag

71730c28 · Darby Frey · 1ead057d · 71730c28 · 71730c28 · 71730c28
Commit 71730c28 authored Jan 20, 2022 by Darby Frey
3 changed files
--- a/config/feature_flags/development/ci_secure_files.yml
+++ b/config/feature_flags/development/ci_secure_files.yml
+---
+name: ci_secure_files
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/78227
+rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/350748
+milestone: '14.8'
+type: development
+group: group::incubation
+default_enabled: false
--- a/lib/api/ci/secure_files.rb
+++ b/lib/api/ci/secure_files.rb
@@ -8,6 +8,7 @@ module API
      before do
        authenticate!
        authorize! :admin_build, user_project
+        feature_flag_enabled?
      end

      feature_category :pipeline_authoring
@@ -60,7 +61,6 @@ module API

        route_setting :authentication, basic_auth_personal_access_token: true, job_token_allowed: true
        post ':id/secure_files' do
-  
          secure_file = user_project.secure_files.new(
            name: params[:name],
            permissions: params[:permissions] || :read_only
@@ -87,6 +87,12 @@ module API
          no_content!
        end
      end
+
+      helpers do
+        def feature_flag_enabled?
+          service_unavailable! unless Feature.enabled?(:ci_secure_files, user_project, default_enabled: :yaml)
+        end
+      end
    end
  end
 end
--- a/spec/requests/api/ci/secure_files_spec.rb
+++ b/spec/requests/api/ci/secure_files_spec.rb
@@ -5,6 +5,7 @@ require 'spec_helper'
 RSpec.describe API::Ci::SecureFiles do
  before do
    stub_ci_secure_file_object_storage
+    stub_feature_flags(ci_secure_files: true)
  end

  let_it_be(:user) { create(:user) }
@@ -15,6 +16,23 @@ RSpec.describe API::Ci::SecureFiles do
  let_it_be(:secure_file) { create(:ci_secure_file, project: project) }

  describe 'GET /projects/:id/secure_files' do
+    context 'feature flag' do
+      it 'returns a 503 when the feature flag is disabled' do
+        stub_feature_flags(ci_secure_files: false)
+
+        get api("/projects/#{project.id}/secure_files", user)
+
+        expect(response).to have_gitlab_http_status(:service_unavailable)
+      end
+
+      it 'returns a 200 when the feature flag is enabled' do
+        get api("/projects/#{project.id}/secure_files", user)
+
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(json_response).to be_a(Array)
+      end
+    end
+
    context 'authorized user with proper permissions' do
      it 'returns project secure files' do
        get api("/projects/#{project.id}/secure_files", user)