Merge branch 'clarify-agent-auth-projects' into 'master'

Return the correct project in job/allowed_agents API response See merge request gitlab-org/gitlab!71876

Merge branch 'clarify-agent-auth-projects' into 'master'
Return the correct project in job/allowed_agents API response See merge request gitlab-org/gitlab!71876
629543bd · David Kim · ff23f450 · 95364c46 · 629543bd · 629543bd
Commit 629543bd authored Oct 08, 2021 by David Kim
8 changed files
--- a/app/models/clusters/agents/group_authorization.rb
+++ b/app/models/clusters/agents/group_authorization.rb
@@ -10,7 +10,9 @@ module Clusters

      validates :config, json_schema: { filename: 'cluster_agent_authorization_configuration' }

-      delegate :project, to: :agent
+      def config_project
+        agent.project
+      end
    end
  end
 end
--- a/app/models/clusters/agents/implicit_authorization.rb
+++ b/app/models/clusters/agents/implicit_authorization.rb
@@ -6,12 +6,15 @@ module Clusters
      attr_reader :agent

      delegate :id, to: :agent, prefix: true
-      delegate :project, to: :agent

      def initialize(agent:)
        @agent = agent
      end

+      def config_project
+        agent.project
+      end
+
      def config
        nil
      end

--- a/app/models/clusters/agents/project_authorization.rb
+++ b/app/models/clusters/agents/project_authorization.rb
@@ -9,6 +9,10 @@ module Clusters
      belongs_to :project, class_name: '::Project', optional: false

      validates :config, json_schema: { filename: 'cluster_agent_authorization_configuration' }
+
+      def config_project
+        agent.project
+      end
    end
  end
 end
--- a/lib/api/entities/clusters/agent_authorization.rb
+++ b/lib/api/entities/clusters/agent_authorization.rb
@@ -5,7 +5,7 @@ module API
    module Clusters
      class AgentAuthorization < Grape::Entity
        expose :agent_id, as: :id
-        expose :project, with: Entities::ProjectIdentity, as: :config_project
+        expose :config_project, with: Entities::ProjectIdentity
        expose :config, as: :configuration
      end
    end

--- a/spec/lib/api/entities/clusters/agent_authorization_spec.rb
+++ b/spec/lib/api/entities/clusters/agent_authorization_spec.rb
@@ -3,15 +3,34 @@
 require 'spec_helper'

 RSpec.describe API::Entities::Clusters::AgentAuthorization do
-  let_it_be(:authorization) { create(:agent_group_authorization) }
-
  subject { described_class.new(authorization).as_json }

-  it 'includes basic fields' do
-    expect(subject).to include(
-      id: authorization.agent_id,
-      config_project: a_hash_including(id: authorization.agent.project_id),
-      configuration: authorization.config
-    )
+  shared_examples 'generic authorization' do
+    it 'includes shared fields' do
+      expect(subject).to include(
+        id: authorization.agent_id,
+        config_project: a_hash_including(id: authorization.agent.project_id),
+        configuration: authorization.config
+      )
+    end
+  end
+
+  context 'project authorization' do
+    let(:authorization) { create(:agent_project_authorization) }
+
+    include_examples 'generic authorization'
+  end
+
+  context 'group authorization' do
+    let(:authorization) { create(:agent_group_authorization) }
+
+    include_examples 'generic authorization'
+  end
+
+  context 'implicit authorization' do
+    let(:agent) { create(:cluster_agent) }
+    let(:authorization) { Clusters::Agents::ImplicitAuthorization.new(agent: agent) }
+
+    include_examples 'generic authorization'
  end
 end
--- a/spec/models/clusters/agents/group_authorization_spec.rb
+++ b/spec/models/clusters/agents/group_authorization_spec.rb
@@ -7,4 +7,10 @@ RSpec.describe Clusters::Agents::GroupAuthorization do
  it { is_expected.to belong_to(:group).class_name('::Group').required }

  it { expect(described_class).to validate_jsonb_schema(['config']) }
+
+  describe '#config_project' do
+    let(:record) { create(:agent_group_authorization) }
+
+    it { expect(record.config_project).to eq(record.agent.project) }
+  end
 end
--- a/spec/models/clusters/agents/implicit_authorization_spec.rb
+++ b/spec/models/clusters/agents/implicit_authorization_spec.rb
@@ -9,6 +9,6 @@ RSpec.describe Clusters::Agents::ImplicitAuthorization do

  it { expect(subject.agent).to eq(agent) }
  it { expect(subject.agent_id).to eq(agent.id) }
-  it { expect(subject.project).to eq(agent.project) }
+  it { expect(subject.config_project).to eq(agent.project) }
  it { expect(subject.config).to be_nil }
 end
--- a/spec/models/clusters/agents/project_authorization_spec.rb
+++ b/spec/models/clusters/agents/project_authorization_spec.rb
@@ -7,4 +7,10 @@ RSpec.describe Clusters::Agents::ProjectAuthorization do
  it { is_expected.to belong_to(:project).class_name('Project').required }

  it { expect(described_class).to validate_jsonb_schema(['config']) }
+
+  describe '#config_project' do
+    let(:record) { create(:agent_project_authorization) }
+
+    it { expect(record.config_project).to eq(record.agent.project) }
+  end
 end