Commit 69e1d6fe authored by Mayra Cabrera's avatar Mayra Cabrera

Merge branch 'fix_usage_metrics_to_not_auth_agent' into 'master'

Usage metrics is GitLab-KAS only, and does not involve agent

See merge request gitlab-org/gitlab!41634
parents 10013895 d64a1292
...@@ -5,6 +5,7 @@ module API ...@@ -5,6 +5,7 @@ module API
module Internal module Internal
class Kubernetes < Grape::API::Instance class Kubernetes < Grape::API::Instance
before do before do
check_feature_enabled
authenticate_gitlab_kas_request! authenticate_gitlab_kas_request!
end end
...@@ -55,7 +56,6 @@ module API ...@@ -55,7 +56,6 @@ module API
namespace 'internal' do namespace 'internal' do
namespace 'kubernetes' do namespace 'kubernetes' do
before do before do
check_feature_enabled
check_agent_token check_agent_token
end end
...@@ -96,15 +96,16 @@ module API ...@@ -96,15 +96,16 @@ module API
gitaly_repository: gitaly_repository(project) gitaly_repository: gitaly_repository(project)
} }
end end
end
namespace 'kubernetes/usage_metrics' do
desc 'POST usage metrics' do desc 'POST usage metrics' do
detail 'Updates usage metrics for agent' detail 'Updates usage metrics for agent'
end end
route_setting :authentication, cluster_agent_token_allowed: true
params do params do
requires :gitops_sync_count, type: Integer, desc: 'The count to increment the gitops_sync metric by' requires :gitops_sync_count, type: Integer, desc: 'The count to increment the gitops_sync metric by'
end end
post '/usage_metrics' do post '/' do
gitops_sync_count = params[:gitops_sync_count] gitops_sync_count = params[:gitops_sync_count]
if gitops_sync_count < 0 if gitops_sync_count < 0
......
...@@ -24,20 +24,6 @@ RSpec.describe API::Internal::Kubernetes do ...@@ -24,20 +24,6 @@ RSpec.describe API::Internal::Kubernetes do
end end
end end
context 'authenticated' do
it 'returns 403 if Authorization header not sent' do
send_request
expect(response).to have_gitlab_http_status(:forbidden)
end
it 'returns 404 if Authorization is for non-existent agent' do
send_request(headers: { 'Authorization' => 'Bearer NONEXISTENT' })
expect(response).to have_gitlab_http_status(:forbidden)
end
end
context 'kubernetes_agent_internal_api feature flag disabled' do context 'kubernetes_agent_internal_api feature flag disabled' do
before do before do
stub_feature_flags(kubernetes_agent_internal_api: false) stub_feature_flags(kubernetes_agent_internal_api: false)
...@@ -51,6 +37,20 @@ RSpec.describe API::Internal::Kubernetes do ...@@ -51,6 +37,20 @@ RSpec.describe API::Internal::Kubernetes do
end end
end end
shared_examples 'agent authentication' do
it 'returns 403 if Authorization header not sent' do
send_request
expect(response).to have_gitlab_http_status(:forbidden)
end
it 'returns 403 if Authorization is for non-existent agent' do
send_request(headers: { 'Authorization' => 'Bearer NONEXISTENT' })
expect(response).to have_gitlab_http_status(:forbidden)
end
end
describe 'POST /internal/kubernetes/usage_metrics' do describe 'POST /internal/kubernetes/usage_metrics' do
def send_request(headers: {}, params: {}) def send_request(headers: {}, params: {})
post api('/internal/kubernetes/usage_metrics'), params: params, headers: headers.reverse_merge(jwt_auth_headers) post api('/internal/kubernetes/usage_metrics'), params: params, headers: headers.reverse_merge(jwt_auth_headers)
...@@ -93,6 +93,7 @@ RSpec.describe API::Internal::Kubernetes do ...@@ -93,6 +93,7 @@ RSpec.describe API::Internal::Kubernetes do
end end
include_examples 'authorization' include_examples 'authorization'
include_examples 'agent authentication'
context 'an agent is found' do context 'an agent is found' do
let!(:agent_token) { create(:cluster_agent_token) } let!(:agent_token) { create(:cluster_agent_token) }
...@@ -133,6 +134,7 @@ RSpec.describe API::Internal::Kubernetes do ...@@ -133,6 +134,7 @@ RSpec.describe API::Internal::Kubernetes do
end end
include_examples 'authorization' include_examples 'authorization'
include_examples 'agent authentication'
context 'an agent is found' do context 'an agent is found' do
let!(:agent_token) { create(:cluster_agent_token) } let!(:agent_token) { create(:cluster_agent_token) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment