shipit-engine 0.34.0 → 0.36.0

data/lib/shipit/stack_commands.rb

@@ -16,7 +16,7 @@ module Shipit
     def fetch
       create_directories
       if valid_git_repository?(@stack.git_path)
-        git('fetch', 'origin', '--tags', @stack.branch, env: env, chdir: @stack.git_path)
+        git('fetch', 'origin', '--quiet', '--tags', @stack.branch, env: env, chdir: @stack.git_path)
       else
         @stack.clear_git_cache!
         git_clone(@stack.repo_git_url, @stack.git_path, branch: @stack.branch, env: env, chdir: @stack.deploys_path)
@@ -72,7 +72,7 @@ module Shipit
         ).run!
 
         git_dir = File.join(dir, @stack.repo_name)
-        git('checkout', commit.sha, chdir: git_dir).run! if commit
+        git('-c', 'advice.detachedHead=false', 'checkout', commit.sha, chdir: git_dir).run! if commit
         yield Pathname.new(git_dir)
       end
     end
@@ -90,7 +90,7 @@ module Shipit
     end
 
     def git_clone(url, path, branch: 'master', **kwargs)
-      git('clone', *modern_git_args, '--recursive', '--branch', branch, url, path, **kwargs)
+      git('clone', '--quiet', *modern_git_args, '--recursive', '--branch', branch, url, path, **kwargs)
     end
 
     def modern_git_args

data/lib/shipit/task_commands.rb

@@ -47,7 +47,7 @@ module Shipit
     end
 
     def checkout(commit)
-      git('checkout', commit.sha, chdir: @task.working_directory)
+      git('-c', 'advice.detachedHead=false', 'checkout', commit.sha, chdir: @task.working_directory)
     end
 
     def clone

data/lib/shipit/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module Shipit
-  VERSION = '0.34.0'
+  VERSION = '0.36.0'
 end

data/lib/shipit.rb

@@ -5,7 +5,6 @@ require 'state_machines-activerecord'
 require 'validate_url'
 require 'responders'
 require 'explicit-parameters'
-require 'attr_encrypted'
 
 require 'sass-rails'
 require 'coffee-rails'
@@ -153,7 +152,11 @@ module Shipit
   end
 
   def user_access_tokens_key
-    (secrets.user_access_tokens_key.presence || secrets.secret_key_base).byteslice(0, 32)
+    if secrets.user_access_tokens_key.present?
+      secrets.user_access_tokens_key
+    elsif secrets.secret_key_base
+      Digest::SHA256.digest("user_access_tokens_key" + secrets.secret_key_base)
+    end
   end
 
   def host

data/test/controllers/api/hooks_controller_test.rb

@@ -61,7 +61,7 @@ module Shipit
         post :create, params: {
           delivery_url: 'https://example.com/hook',
           events: %w(deploy rollback),
-          created_at: 2.months.ago.to_s(:db),
+          created_at: 2.months.ago.to_formatted_s(:db),
         }
         Hook.last.created_at > 2.seconds.ago
       end

data/test/controllers/api/rollback_controller_test.rb

@@ -107,6 +107,7 @@ module Shipit
         assert_response :accepted
         refute_predicate last_deploy, :active?
         assert_json 'rollback_once_aborted_to.revision.sha', @commit.sha
+        assert last_deploy.rollback_once_aborted?
       end
     end
   end

data/test/controllers/api/stacks_controller_test.rb

@@ -96,6 +96,24 @@ module Shipit
         assert_equal 'test', @stack.branch
       end
 
+      test "#update updates the stack when nil deploy_url" do
+        @stack.update(deploy_url: nil)
+        @stack.update(continuous_deployment: true)
+        assert_nil @stack.deploy_url
+        assert @stack.continuous_deployment
+
+        patch :update, params: {
+          id: @stack.to_param,
+          continuous_deployment: false,
+        }
+
+        assert_response :ok
+        @stack.reload
+
+        assert_nil @stack.deploy_url
+        refute @stack.continuous_deployment
+      end
+
       test "#index returns a list of stacks" do
         stack = Stack.last
         get :index
@@ -189,6 +207,13 @@ module Shipit
         assert_response :forbidden
         assert_json 'message', 'This operation requires the `write:stack` permission'
       end
+
+      test "#refresh queues a GithubSyncJob" do
+        assert_enqueued_with(job: GithubSyncJob, args: [id: @stack.id]) do
+          post :refresh, params: { id: @stack.to_param }
+        end
+        assert_response :accepted
+      end
     end
   end
 end

data/test/controllers/api/tasks_controller_test.rb

@@ -6,6 +6,7 @@ module Shipit
     class TasksControllerTest < ActionController::TestCase
       setup do
         @stack = shipit_stacks(:shipit)
+        @user = shipit_users(:walrus)
         authenticate!
       end
 
@@ -90,6 +91,61 @@ module Shipit
         assert_response :conflict
         assert_json 'message', 'A task is already running.'
       end
+
+      test "#trigger fails when user does not have deploy permission" do
+        @client.permissions.delete('deploy:stack')
+        @client.save!
+
+        assert_no_difference 'Task.count' do
+          post :trigger, params: { stack_id: @stack.to_param, task_name: 'restart' }
+        end
+
+        assert_response :forbidden
+        assert_json 'message', 'This operation requires the `deploy:stack` permission'
+      end
+
+      test "#abort aborts the task" do
+        task = shipit_deploys(:shipit_running)
+        task.ping
+
+        put :abort, params: { stack_id: @stack.to_param, id: task.id }
+
+        assert_response :accepted
+        assert_equal 'aborting', task.reload.status
+      end
+
+      test "#abort sets `aborted_by` to the current user" do
+        task = shipit_deploys(:shipit_running)
+        task.ping
+        request.headers['X-Shipit-User'] = @user.login
+
+        put :abort, params: { stack_id: @stack.to_param, id: task.id }
+
+        assert_equal task.reload.aborted_by, @user
+      end
+
+      test "#abort responds with method_not_allowed if the task is not currently running" do
+        task = shipit_deploys(:shipit_aborted)
+        task.ping
+        put :abort, params: { stack_id: @stack.to_param, id: task.id }
+
+        assert_response :method_not_allowed
+        assert_json 'message', 'This task is not currently running.'
+      end
+
+      test "#abort fails when user does not have deploy permission" do
+        @client.permissions.delete('deploy:stack')
+        @client.save!
+        task = shipit_deploys(:shipit_running)
+        task.ping
+
+        assert_no_difference 'Task.count' do
+          put :abort, params: { stack_id: @stack.to_param, id: task.id }
+        end
+
+        assert_response :forbidden
+        assert_json 'message', 'This operation requires the `deploy:stack` permission'
+      end
     end
   end
 end

data/test/controllers/stacks_controller_test.rb

@@ -36,6 +36,17 @@ module Shipit
       assert_redirected_to '/github/auth/github?origin=http%3A%2F%2Ftest.host%2F'
     end
 
+    test "users which require a fresh login are redirected" do
+      user = shipit_users(:walrus)
+      user.update!(github_access_token: 'some_legacy_value')
+      assert_predicate user, :requires_fresh_login?
+
+      get :index
+
+      assert_redirected_to '/github/auth/github?origin=http%3A%2F%2Ftest.host%2F'
+      assert_nil session[:user_id]
+    end
+
     test "current_user must be a member of at least a Shipit.github_teams" do
       session[:user_id] = shipit_users(:bob).id
       Shipit.stubs(:github_teams).returns([shipit_teams(:cyclimse_cooks), shipit_teams(:shopify_developers)])

data/test/dummy/config/application.rb

@@ -17,7 +17,6 @@ end
 
 module Shipit
   class Application < Rails::Application
-    config.load_defaults 6.1
+    config.load_defaults 7.0
   end
 end
-

data/test/dummy/db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2021_05_04_200438) do
+ActiveRecord::Schema.define(version: 2021_11_03_154121) do
 
   create_table "api_clients", force: :cascade do |t|
     t.text "permissions", limit: 65535
@@ -315,7 +315,7 @@ ActiveRecord::Schema.define(version: 2021_05_04_200438) do
   create_table "teams", force: :cascade do |t|
     t.integer "github_id", limit: 4
     t.string "api_url", limit: 255
-    t.string "slug", limit: 50
+    t.string "slug", limit: 255
     t.string "name", limit: 255
     t.string "organization", limit: 39
     t.datetime "created_at", null: false

data/test/fixtures/shipit/check_runs.yml

@@ -7,7 +7,7 @@ second_pending_travis:
   conclusion: success
   html_url: "http://www.example.com/run/424242"
   details_url: "http://www.example.com/build/424242"
-  created_at: <%= 10.days.ago.to_s(:db) %>
+  created_at: <%= 10.days.ago.to_formatted_s(:db) %>
 
 check_runs_first_pending_coveralls:
   stack: check_runs
@@ -15,7 +15,7 @@ check_runs_first_pending_coveralls:
   github_id: 43
   title: lets go
   name: Coverage metrics
-  created_at: <%= 10.days.ago.to_s(:db) %>
+  created_at: <%= 10.days.ago.to_formatted_s(:db) %>
   conclusion: pending
   html_url: "http://www.example.com/run/434343"
   details_url: "http://www.example.com/build/434343"
@@ -26,7 +26,7 @@ check_runs_first_success_coveralls:
   github_id: 434343
   title: lets go
   name: Coverage metrics
-  created_at: <%= 9.days.ago.to_s(:db) %>
+  created_at: <%= 9.days.ago.to_formatted_s(:db) %>
   conclusion: success
   html_url: "http://www.example.com/run/434343"
   details_url: "http://www.example.com/build/434343"