Skip to content

Refactor NuGet package manager tests

Ethan Reesor requested to merge ethan.reesor/contrib/gitlab:refactor-nuget-tests into master

What does this MR do?

Refactors the tests for the NuGet package manager endpoint.

  • I moved deploy token for package (GET requests|uploads) and rejects nuget access with (unknown|invalid) project id into a shared example that I included in every endpoint describe block.
  • I moved all but one of the where { ... }; with_them { ... } blocks into two shared examples (one for GET, one for PUT).
    • Handling of invalid credentials is not consistent (#246569), so one of the GET tables does not match the others.
  • I removed context 'without the need for a license'.

Remaining Concerns

  • The new shared example names, nuget endpoint and nuget authentication tests (GET/PUT), aren't great.
  • context 'with valid project' doesn't convey useful information, but the let and subject declarations may need to be isolated from other tests, so I didn't remove that.
  • For the most part, all of the endpoint describe blocks include it_behaves_like 'nuget authentication tests' and it_behaves_like 'nuget endpoint'. The only variation here is the let and subject declarations used for auth tests. It may be beneficial to move the auth tests into shared_examples 'nuget endpoint', but I'm not sure how to handle the let and subject declarations.

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by Ethan Reesor

Merge request reports