Commit 9706ba3a authored by Tan Le's avatar Tan Le

Guard Compliance CI evaluation against blank path

This change ensures the Compliance CI template is not evaluated if the
compliance pipeline configuration location is blank (i.e. nil and empty
string).

Changelog: fixed
EE: true
parent b9771818
...@@ -10,7 +10,7 @@ module Gitlab ...@@ -10,7 +10,7 @@ module Gitlab
def content def content
strong_memoize(:content) do strong_memoize(:content) do
next unless available? next unless available?
next unless pipeline_configuration_full_path next unless pipeline_configuration_full_path.present?
path_file, path_project = pipeline_configuration_full_path.split('@', 2) path_file, path_project = pipeline_configuration_full_path.split('@', 2)
YAML.dump('include' => [{ 'project' => path_project, 'file' => path_file }]) YAML.dump('include' => [{ 'project' => path_project, 'file' => path_file }])
......
...@@ -8,9 +8,6 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do ...@@ -8,9 +8,6 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do
let(:content) { nil } let(:content) { nil }
let(:source) { :push } let(:source) { :push }
let(:command) { Gitlab::Ci::Pipeline::Chain::Command.new(project: project, content: content, source: source) } let(:command) { Gitlab::Ci::Pipeline::Chain::Command.new(project: project, content: content, source: source) }
subject { described_class.new(pipeline, command) }
let(:content_result) do let(:content_result) do
<<~EOY <<~EOY
--- ---
...@@ -20,6 +17,8 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do ...@@ -20,6 +17,8 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do
EOY EOY
end end
subject { described_class.new(pipeline, command) }
shared_examples 'does not include compliance pipeline configuration content' do shared_examples 'does not include compliance pipeline configuration content' do
it do it do
subject.perform! subject.perform!
...@@ -30,20 +29,28 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do ...@@ -30,20 +29,28 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do
end end
end end
context 'when project has compliance pipeline configuration defined' do context 'when project has compliance label defined' do
let(:project) { create(:project, ci_config_path: ci_config_path) } let(:project) { create(:project, ci_config_path: ci_config_path) }
let(:compliance_group) { create(:group, :private, name: "compliance") } let(:compliance_group) { create(:group, :private, name: "compliance") }
let(:compliance_project) { create(:project, namespace: compliance_group, name: "hippa") } let(:compliance_project) { create(:project, namespace: compliance_group, name: "hippa") }
let(:framework) { create(:compliance_framework, namespace_id: compliance_group.id, pipeline_configuration_full_path: ".compliance-gitlab-ci.yml@compliance/hippa") }
let!(:framework_project_setting) { create(:compliance_framework_project_setting, project: project, framework_id: framework.id) }
context 'when feature is available' do context 'when feature is available' do
before do before do
stub_feature_flags(ff_evaluate_group_level_compliance_pipeline: true) stub_feature_flags(ff_evaluate_group_level_compliance_pipeline: true)
stub_licensed_features(evaluate_group_level_compliance_pipeline: true) stub_licensed_features(evaluate_group_level_compliance_pipeline: true)
end end
context 'when compliance pipeline configuration is defined' do
let(:framework) do
create(:compliance_framework,
namespace: compliance_group,
pipeline_configuration_full_path: ".compliance-gitlab-ci.yml@compliance/hippa")
end
let!(:framework_project_setting) do
create(:compliance_framework_project_setting, project: project, compliance_management_framework: framework)
end
it 'includes compliance pipeline configuration content' do it 'includes compliance pipeline configuration content' do
subject.perform! subject.perform!
...@@ -53,6 +60,28 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do ...@@ -53,6 +60,28 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do
end end
end end
context 'when compliance pipeline configuration is not defined' do
let(:framework) { create(:compliance_framework, namespace: compliance_group) }
let!(:framework_project_setting) do
create(:compliance_framework_project_setting, project: project, compliance_management_framework: framework)
end
it_behaves_like 'does not include compliance pipeline configuration content'
end
context 'when compliance pipeline configuration is empty' do
let(:framework) do
create(:compliance_framework, namespace: compliance_group, pipeline_configuration_full_path: '')
end
let!(:framework_project_setting) do
create(:compliance_framework_project_setting, project: project, compliance_management_framework: framework)
end
it_behaves_like 'does not include compliance pipeline configuration content'
end
end
context 'when feature is not available' do context 'when feature is not available' do
using RSpec::Parameterized::TableSyntax using RSpec::Parameterized::TableSyntax
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment