Refactor NuGet package manager tests
What does this MR do?
Refactors the tests for the NuGet package manager endpoint.
- I moved
deploy token for package (GET requests|uploads)
andrejects nuget access with (unknown|invalid) project id
into a shared example that I included in every endpoint describe block. - I moved all but one of the
where { ... }; with_them { ... }
blocks into two shared examples (one for GET, one for PUT).- Handling of invalid credentials is not consistent (#246569), so one of the GET tables does not match the others.
- I removed
context 'without the need for a license'
.
Remaining Concerns
- The new shared example names,
nuget endpoint
andnuget authentication tests (GET/PUT)
, aren't great. -
context 'with valid project'
doesn't convey useful information, but thelet
andsubject
declarations may need to be isolated from other tests, so I didn't remove that. - For the most part, all of the endpoint describe blocks include
it_behaves_like 'nuget authentication tests'
andit_behaves_like 'nuget endpoint'
. The only variation here is thelet
andsubject
declarations used for auth tests. It may be beneficial to move the auth tests intoshared_examples 'nuget endpoint'
, but I'm not sure how to handle thelet
andsubject
declarations.
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Edited by Ethan Reesor