Commit eb374635 authored by Nikola Milojevic's avatar Nikola Milojevic

Merge branch 'job-token-docs' into 'master'

Add specs for job token and add doc examples

See merge request gitlab-org/gitlab!72324
parents 2543b6b5 b8ad7dee
...@@ -400,11 +400,12 @@ Retrieve the job that generated a job token. ...@@ -400,11 +400,12 @@ Retrieve the job that generated a job token.
GET /job GET /job
``` ```
Examples Examples (must run as part of the [`script`](../ci/yaml/index.md#script) section of a [CI/CD job](../ci/jobs/index.md)):
```shell ```shell
curl --header "JOB-TOKEN: <your_job_token>" "https://gitlab.example.com/api/v4/job" curl --header "Authorization: Bearer $CI_JOB_TOKEN" "${CI_API_V4_URL}/job"
curl "https://gitlab.example.com/api/v4/job?job_token=<your_job_token>" curl --header "JOB-TOKEN: $CI_JOB_TOKEN" "${CI_API_V4_URL}/job"
curl "${CI_API_V4_URL}/job?job_token=$CI_JOB_TOKEN"
``` ```
Example of response Example of response
......
...@@ -873,45 +873,65 @@ RSpec.describe Gitlab::Auth::AuthFinders do ...@@ -873,45 +873,65 @@ RSpec.describe Gitlab::Auth::AuthFinders do
end end
describe '#find_user_from_job_token' do describe '#find_user_from_job_token' do
let(:token) { job.token }
subject { find_user_from_job_token } subject { find_user_from_job_token }
context 'when the token is in the headers' do shared_examples 'finds user when job token allowed' do
before do context 'when the token is in the headers' do
set_header(described_class::JOB_TOKEN_HEADER, token) before do
set_header(described_class::JOB_TOKEN_HEADER, token)
end
it_behaves_like 'find user from job token'
end end
it_behaves_like 'find user from job token' context 'when the token is in the job_token param' do
end before do
set_param(described_class::JOB_TOKEN_PARAM, token)
end
context 'when the token is in the job_token param' do it_behaves_like 'find user from job token'
before do
set_param(described_class::JOB_TOKEN_PARAM, token)
end end
it_behaves_like 'find user from job token' context 'when the token is in the token param' do
end before do
set_param(described_class::RUNNER_JOB_TOKEN_PARAM, token)
end
context 'when the token is in the token param' do it_behaves_like 'find user from job token'
before do
set_param(described_class::RUNNER_JOB_TOKEN_PARAM, token)
end end
end
it_behaves_like 'find user from job token' context 'when route setting allows job_token' do
let(:route_authentication_setting) { { job_token_allowed: true } }
include_examples 'finds user when job token allowed'
end end
context 'when the job token is provided via basic auth' do context 'when route setting is basic auth' do
let(:route_authentication_setting) { { job_token_allowed: :basic_auth } } let(:route_authentication_setting) { { job_token_allowed: :basic_auth } }
let(:username) { ::Gitlab::Auth::CI_JOB_USER }
let(:token) { job.token }
before do context 'when the token is provided via basic auth' do
set_basic_auth_header(username, token) let(:username) { ::Gitlab::Auth::CI_JOB_USER }
before do
set_basic_auth_header(username, token)
end
it { is_expected.to eq(user) }
end end
it { is_expected.to eq(user) } include_examples 'finds user when job token allowed'
end
context 'credentials are provided but route setting is incorrect' do context 'when route setting job_token_allowed is invalid' do
let(:route_authentication_setting) { { job_token_allowed: :unknown } } let(:route_authentication_setting) { { job_token_allowed: false } }
context 'when the token is provided' do
before do
set_header(described_class::JOB_TOKEN_HEADER, token)
end
it { is_expected.to be_nil } it { is_expected.to be_nil }
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment