Merge branch '333306-exclude-empty-compliance-pipeline-path' into 'master'

Guard Compliance CI evaluation against blank path See merge request gitlab-org/gitlab!64994

Merge branch '333306-exclude-empty-compliance-pipeline-path' into 'master'
Guard Compliance CI evaluation against blank path See merge request gitlab-org/gitlab!64994
9e9a4312 · James Lopez · 044c876f · 9706ba3a · 9e9a4312 · 9e9a4312
Commit 9e9a4312 authored Jun 30, 2021 by James Lopez
2 changed files
--- a/ee/lib/gitlab/ci/pipeline/chain/config/content/compliance.rb
+++ b/ee/lib/gitlab/ci/pipeline/chain/config/content/compliance.rb
@@ -10,7 +10,7 @@ module Gitlab
              def content
                strong_memoize(:content) do
                  next unless available?
-                  next unless pipeline_configuration_full_path
+                  next unless pipeline_configuration_full_path.present?

                  path_file, path_project = pipeline_configuration_full_path.split('@', 2)
                  YAML.dump('include' => [{ 'project' => path_project, 'file' => path_file }])

--- a/ee/spec/lib/gitlab/ci/pipeline/chain/config/content_spec.rb
+++ b/ee/spec/lib/gitlab/ci/pipeline/chain/config/content_spec.rb
@@ -8,9 +8,6 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do
  let(:content) { nil }
  let(:source) { :push }
  let(:command) { Gitlab::Ci::Pipeline::Chain::Command.new(project: project, content: content, source: source) }
-
-  subject { described_class.new(pipeline, command) }
-
  let(:content_result) do
    <<~EOY
    ---
@@ -20,6 +17,8 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do
    EOY
  end

+  subject { described_class.new(pipeline, command) }
+
  shared_examples 'does not include compliance pipeline configuration content' do
    it do
      subject.perform!
@@ -30,26 +29,56 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do
    end
  end

-  context 'when project has compliance pipeline configuration defined' do
+  context 'when project has compliance label defined' do
    let(:project) { create(:project, ci_config_path: ci_config_path) }
    let(:compliance_group) { create(:group, :private, name: "compliance") }
    let(:compliance_project) { create(:project, namespace: compliance_group, name: "hippa") }

-    let(:framework) { create(:compliance_framework, namespace_id: compliance_group.id, pipeline_configuration_full_path: ".compliance-gitlab-ci.yml@compliance/hippa") }
-    let!(:framework_project_setting) { create(:compliance_framework_project_setting, project: project, framework_id: framework.id) }
-
    context 'when feature is available' do
      before do
        stub_feature_flags(ff_evaluate_group_level_compliance_pipeline: true)
        stub_licensed_features(evaluate_group_level_compliance_pipeline: true)
      end

-      it 'includes compliance pipeline configuration content' do
-        subject.perform!
+      context 'when compliance pipeline configuration is defined' do
+        let(:framework) do
+          create(:compliance_framework,
+                 namespace: compliance_group,
+                 pipeline_configuration_full_path: ".compliance-gitlab-ci.yml@compliance/hippa")
+        end
+
+        let!(:framework_project_setting) do
+          create(:compliance_framework_project_setting, project: project, compliance_management_framework: framework)
+        end

-        expect(pipeline.config_source).to eq 'compliance_source'
-        expect(pipeline.pipeline_config.content).to eq(content_result)
-        expect(command.config_content).to eq(content_result)
+        it 'includes compliance pipeline configuration content' do
+          subject.perform!
+
+          expect(pipeline.config_source).to eq 'compliance_source'
+          expect(pipeline.pipeline_config.content).to eq(content_result)
+          expect(command.config_content).to eq(content_result)
+        end
+      end
+
+      context 'when compliance pipeline configuration is not defined' do
+        let(:framework) { create(:compliance_framework, namespace: compliance_group) }
+        let!(:framework_project_setting) do
+          create(:compliance_framework_project_setting, project: project, compliance_management_framework: framework)
+        end
+
+        it_behaves_like 'does not include compliance pipeline configuration content'
+      end
+
+      context 'when compliance pipeline configuration is empty' do
+        let(:framework) do
+          create(:compliance_framework, namespace: compliance_group, pipeline_configuration_full_path: '')
+        end
+
+        let!(:framework_project_setting) do
+          create(:compliance_framework_project_setting, project: project, compliance_management_framework: framework)
+        end
+
+        it_behaves_like 'does not include compliance pipeline configuration content'
      end
    end