Move assignment to protected to separate step

This moves setting the protected attribute of a pipeline to a separate pipeline chain step in order to perform the assignment after validation.

Move assignment to protected to separate step
This moves setting the protected attribute of a pipeline to a separate pipeline chain step in order to perform the assignment after validation.
673b8097 · Matija Čupić · c739efa9 · 673b8097 · 673b8097 · 673b8097
Commit 673b8097 authored Jan 18, 2019 by Matija Čupić
6 changed files
--- a/app/services/ci/create_pipeline_service.rb
+++ b/app/services/ci/create_pipeline_service.rb
@@ -10,6 +10,7 @@ module Ci
                Gitlab::Ci::Pipeline::Chain::Validate::Abilities,
                Gitlab::Ci::Pipeline::Chain::Validate::Repository,
                Gitlab::Ci::Pipeline::Chain::Validate::Config,
+                Gitlab::Ci::Pipeline::Chain::Protect,
                Gitlab::Ci::Pipeline::Chain::Skip,
                Gitlab::Ci::Pipeline::Chain::Populate,
                Gitlab::Ci::Pipeline::Chain::Create].freeze

--- a/lib/gitlab/ci/pipeline/chain/build.rb
+++ b/lib/gitlab/ci/pipeline/chain/build.rb
@@ -17,7 +17,6 @@ module Gitlab
              user: @command.current_user,
              pipeline_schedule: @command.schedule,
              merge_request: @command.merge_request,
-              protected: @command.protected_ref?,
              variables_attributes: Array(@command.variables_attributes)
            )


--- a/lib/gitlab/ci/pipeline/chain/command.rb
+++ b/lib/gitlab/ci/pipeline/chain/command.rb
@@ -53,8 +53,6 @@ module Gitlab
          end

          def protected_ref?
-            return if ambiguous_ref?
-
            strong_memoize(:protected_ref) do
              project.protected_for?(origin_ref)
            end

--- a/lib/gitlab/ci/pipeline/chain/protect.rb
+++ b/lib/gitlab/ci/pipeline/chain/protect.rb
+# frozen_string_literal: true
+
+module Gitlab
+  module Ci
+    module Pipeline
+      module Chain
+        class Protect < Chain::Base
+          def perform!
+            @pipeline.protected = @command.protected_ref?
+          end
+
+          def break?
+            @pipeline.protected? != @command.protected_ref?
+          end
+        end
+      end
+    end
+  end
+end
--- a/spec/lib/gitlab/ci/pipeline/chain/command_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/chain/command_spec.rb
@@ -181,17 +181,6 @@ describe Gitlab::Ci::Pipeline::Chain::Command do

      it { is_expected.to eq(false) }
    end
-
-    context 'when ref is ambiguous' do
-      before do
-        project.repository.add_tag(project.creator, 'ref', 'master')
-        project.repository.add_branch(project.creator, 'ref', 'master')
-      end
-
-      it 'does not raise an error' do
-        expect { subject }.not_to raise_error
-      end
-    end
  end

  describe '#ambiguous_ref' do

--- a/spec/lib/gitlab/ci/pipeline/chain/protect_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/chain/protect_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::Ci::Pipeline::Chain::Protect do
+  set(:project) { create(:project) }
+  set(:user) { create(:user) }
+
+  let(:pipeline) do
+    build(:ci_empty_pipeline, project: project, ref: 'master')
+  end
+
+  let(:command) do
+    Gitlab::Ci::Pipeline::Chain::Command.new(
+      project: project, current_user: user, origin_ref: 'master')
+  end
+
+  let(:step) { described_class.new(pipeline, command) }
+
+  context 'when the ref is protected' do
+    before do
+      allow(project).to receive(:protected_for?).with('master').and_return(true)
+
+      step.perform!
+    end
+
+    it 'protects the pipeline' do
+      expect(pipeline.protected).to eq(true)
+    end
+  end
+
+  context 'when the ref is not protected' do
+    before do
+      allow(project).to receive(:protected_for?).with('master').and_return(false)
+
+      step.perform!
+    end
+
+    it 'does not protect the pipeline' do
+      expect(pipeline.protected).to eq(false)
+    end
+  end
+end