Commit 5749faf3 authored by Dmitry Gruzd's avatar Dmitry Gruzd

Merge branch 'philipcunningham-add-traits-for-dast-secrets-326423' into 'master'

Add traits for dast_site_profile_secret_variable

See merge request gitlab-org/gitlab!69815
parents 9e9a41ff 85608fe3
...@@ -6,5 +6,13 @@ FactoryBot.define do ...@@ -6,5 +6,13 @@ FactoryBot.define do
sequence(:key) { |n| "VARIABLE_#{n}" } sequence(:key) { |n| "VARIABLE_#{n}" }
raw_value { 'VARIABLE_VALUE' } raw_value { 'VARIABLE_VALUE' }
trait :password do
key { Dast::SiteProfileSecretVariable::PASSWORD }
end
trait :request_headers do
key { Dast::SiteProfileSecretVariable::REQUEST_HEADERS }
end
end end
end end
...@@ -106,8 +106,8 @@ RSpec.describe Mutations::DastSiteProfiles::Update do ...@@ -106,8 +106,8 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
end end
context 'when secret variables already exist' do context 'when secret variables already exist' do
let_it_be(:request_headers_variable) { create(:dast_site_profile_secret_variable, key: Dast::SiteProfileSecretVariable::REQUEST_HEADERS, dast_site_profile: dast_site_profile) } let_it_be(:request_headers_variable) { create(:dast_site_profile_secret_variable, :request_headers, dast_site_profile: dast_site_profile) }
let_it_be(:password_variable) { create(:dast_site_profile_secret_variable, key: Dast::SiteProfileSecretVariable::PASSWORD, dast_site_profile: dast_site_profile) } let_it_be(:password_variable) { create(:dast_site_profile_secret_variable, :password, dast_site_profile: dast_site_profile) }
context 'when the arguments are omitted' do context 'when the arguments are omitted' do
subject do subject do
......
...@@ -58,7 +58,7 @@ RSpec.describe GitlabSchema.types['DastSiteProfileAuth'] do ...@@ -58,7 +58,7 @@ RSpec.describe GitlabSchema.types['DastSiteProfileAuth'] do
context 'when there an associated secret variable' do context 'when there an associated secret variable' do
it 'is redacted' do it 'is redacted' do
create(:dast_site_profile_secret_variable, dast_site_profile: object, key: Dast::SiteProfileSecretVariable::PASSWORD) create(:dast_site_profile_secret_variable, :password, dast_site_profile: object)
expect(resolve_field(:password, object, current_user: user)).to eq('••••••••') expect(resolve_field(:password, object, current_user: user)).to eq('••••••••')
end end
......
...@@ -75,7 +75,7 @@ RSpec.describe GitlabSchema.types['DastSiteProfile'] do ...@@ -75,7 +75,7 @@ RSpec.describe GitlabSchema.types['DastSiteProfile'] do
context 'when there an associated secret variable' do context 'when there an associated secret variable' do
it 'is redacted' do it 'is redacted' do
create(:dast_site_profile_secret_variable, dast_site_profile: object, key: Dast::SiteProfileSecretVariable::REQUEST_HEADERS) create(:dast_site_profile_secret_variable, :request_headers, dast_site_profile: object)
expect(resolve_field(:request_headers, object, current_user: user)).to eq('••••••••') expect(resolve_field(:request_headers, object, current_user: user)).to eq('••••••••')
end end
......
...@@ -122,7 +122,7 @@ RSpec.describe Ci::Build do ...@@ -122,7 +122,7 @@ RSpec.describe Ci::Build do
let_it_be(:user) { create(:user, developer_projects: [project]) } let_it_be(:user) { create(:user, developer_projects: [project]) }
let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) } let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) }
let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project) } let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project) }
let_it_be(:dast_site_profile_secret_variable) { create(:dast_site_profile_secret_variable, key: 'DAST_PASSWORD_BASE64', dast_site_profile: dast_site_profile) } let_it_be(:dast_site_profile_secret_variable) { create(:dast_site_profile_secret_variable, :password, dast_site_profile: dast_site_profile) }
let_it_be(:options) { { dast_configuration: { site_profile: dast_site_profile.name, scanner_profile: dast_scanner_profile.name } } } let_it_be(:options) { { dast_configuration: { site_profile: dast_site_profile.name, scanner_profile: dast_scanner_profile.name } } }
before do before do
......
...@@ -97,8 +97,8 @@ RSpec.describe Projects::Security::DastSiteProfilesController, type: :request do ...@@ -97,8 +97,8 @@ RSpec.describe Projects::Security::DastSiteProfilesController, type: :request do
context 'record exists' do context 'record exists' do
before do before do
create(:dast_site_profile_secret_variable, dast_site_profile: dast_site_profile, key: Dast::SiteProfileSecretVariable::PASSWORD) create(:dast_site_profile_secret_variable, :password, dast_site_profile: dast_site_profile)
create(:dast_site_profile_secret_variable, dast_site_profile: dast_site_profile, key: Dast::SiteProfileSecretVariable::REQUEST_HEADERS) create(:dast_site_profile_secret_variable, :request_headers, dast_site_profile: dast_site_profile)
end end
it 'includes a serialized dast_profile in the response body' do it 'includes a serialized dast_profile in the response body' do
......
...@@ -8,8 +8,8 @@ RSpec.describe AppSec::Dast::SiteProfiles::UpdateService do ...@@ -8,8 +8,8 @@ RSpec.describe AppSec::Dast::SiteProfiles::UpdateService do
let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) } let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) }
let_it_be(:dast_site_profile_id) { dast_site_profile.id } let_it_be(:dast_site_profile_id) { dast_site_profile.id }
let_it_be(:request_headers_variable) { create(:dast_site_profile_secret_variable, key: Dast::SiteProfileSecretVariable::REQUEST_HEADERS, dast_site_profile: dast_site_profile) } let_it_be(:request_headers_variable) { create(:dast_site_profile_secret_variable, :request_headers, dast_site_profile: dast_site_profile) }
let_it_be(:password_variable) { create(:dast_site_profile_secret_variable, key: Dast::SiteProfileSecretVariable::PASSWORD, dast_site_profile: dast_site_profile) } let_it_be(:password_variable) { create(:dast_site_profile_secret_variable, :password, dast_site_profile: dast_site_profile) }
let_it_be(:new_profile_name) { SecureRandom.hex } let_it_be(:new_profile_name) { SecureRandom.hex }
let_it_be(:new_target_url) { generate(:url) } let_it_be(:new_target_url) { generate(:url) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment