Add warning when LE certificate can't be obtained64630-add-warning-to-pages-domains-that-obtaining-deploying-ssl-certificates-through-let-s-encrypt-can-take-some-time

* Refactor some tests as well

6 files changed, 101 insertions, 10 deletions

diff --git a/app/views/projects/pages_domains/_certificate.html.haml b/app/views/projects/pages_domains/_certificate.html.haml
new file mode 100644
index 00000000000..42631fca5e8
--- /dev/null
+++ b/app/views/projects/pages_domains/_certificate.html.haml
@@ -0,0 +1,18 @@
+- if @domain.auto_ssl_enabled?
+  - if @domain.enabled?
+    - if @domain.certificate_text
+      %pre
+        = @domain.certificate_text
+    - else
+      .bs-callout.bs-callout-info
+        = _("GitLab is obtaining a Let's Encrypt SSL certificate for this domain. This process can take some time. Please try again later.")
+  - else
+    .bs-callout.bs-callout-warning
+      = _("A Let's Encrypt SSL certificate can not be obtained until your domain is verified.")
+- else
+  - if @domain.certificate_text
+    %pre
+      = @domain.certificate_text
+  - else
+    .light
+      = _("missing")
diff --git a/app/views/projects/pages_domains/show.html.haml b/app/views/projects/pages_domains/show.html.haml
index e9019175219..d0b54946f7e 100644
--- a/app/views/projects/pages_domains/show.html.haml
+++ b/app/views/projects/pages_domains/show.html.haml
@@ -60,9 +60,4 @@
       %td
         = _("Certificate")
       %td
-        - if @domain.certificate_text
-          %pre
-            = @domain.certificate_text
-        - else
-          .light
-            = _("missing")
+        = render 'certificate'
diff --git a/changelogs/unreleased/64630-add-warning-to-pages-domains-that-obtaining-deploying-ssl-certifica.yml b/changelogs/unreleased/64630-add-warning-to-pages-domains-that-obtaining-deploying-ssl-certifica.yml
new file mode 100644
index 00000000000..bd2c9a3e2dc
--- /dev/null
+++ b/changelogs/unreleased/64630-add-warning-to-pages-domains-that-obtaining-deploying-ssl-certifica.yml
@@ -0,0 +1,6 @@
+---
+title: Add warning to pages domains that obtaining/deploying SSL certificates through
+  Let's Encrypt can take some time
+merge_request: 31765
+author:
+type: other
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 14cd8769e7e..d84203ee911 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -469,6 +469,9 @@ msgstr ""
 msgid "A Jekyll site that uses Netlify for CI/CD instead of GitLab, but still with all the other great GitLab features."
 msgstr ""
 
+msgid "A Let's Encrypt SSL certificate can not be obtained until your domain is verified."
+msgstr ""
+
 msgid "A Let's Encrypt account will be configured for this GitLab installation using your email address. You will receive emails to warn of expiring certificates."
 msgstr ""
 
@@ -5247,6 +5250,9 @@ msgstr ""
 msgid "GitLab User"
 msgstr ""
 
+msgid "GitLab is obtaining a Let's Encrypt SSL certificate for this domain. This process can take some time. Please try again later."
+msgstr ""
+
 msgid "GitLab member or Email address"
 msgstr ""
 
diff --git a/spec/features/projects/pages_lets_encrypt_spec.rb b/spec/features/projects/pages_lets_encrypt_spec.rb
index a5f8702302c..8b5964b2eee 100644
--- a/spec/features/projects/pages_lets_encrypt_spec.rb
+++ b/spec/features/projects/pages_lets_encrypt_spec.rb
@@ -75,12 +75,10 @@ describe "Pages with Let's Encrypt", :https_pages_enabled do
   end
 
   shared_examples 'user sees private keys only for user provided certificate' do
-    before do
-      visit edit_project_pages_domain_path(project, domain)
-    end
-
     shared_examples 'user do not see private key' do
       it 'user do not see private key' do
+        visit edit_project_pages_domain_path(project, domain)
+
         expect(find_field('Key (PEM)', visible: :all, disabled: :all).value).to be_blank
       end
     end
@@ -101,6 +99,8 @@ describe "Pages with Let's Encrypt", :https_pages_enabled do
       let(:domain) { create(:pages_domain, project: project) }
 
       it 'user sees private key' do
+        visit edit_project_pages_domain_path(project, domain)
+
         expect(find_field('Key (PEM)').value).not_to be_blank
       end
     end
diff --git a/spec/views/projects/pages_domains/show.html.haml_spec.rb b/spec/views/projects/pages_domains/show.html.haml_spec.rb
new file mode 100644
index 00000000000..da27a04bfe9
--- /dev/null
+++ b/spec/views/projects/pages_domains/show.html.haml_spec.rb
@@ -0,0 +1,66 @@
+require 'spec_helper'
+
+describe 'projects/pages_domains/show' do
+  let(:project) { create(:project, :repository) }
+
+  before do
+    assign(:project, project)
+    assign(:domain, domain)
+  end
+
+  context 'when auto_ssl is enabled' do
+    context 'when domain is disabled' do
+      let(:domain) { create(:pages_domain, :disabled, project: project, auto_ssl_enabled: true) }
+
+      it 'shows verification warning' do
+        render
+
+        expect(rendered).to have_content("A Let's Encrypt SSL certificate can not be obtained until your domain is verified.")
+      end
+    end
+
+    context 'when certificate is absent' do
+      let(:domain) { create(:pages_domain, :without_key, :without_certificate, project: project, auto_ssl_enabled: true) }
+
+      it 'shows alert about time of obtaining certificate' do
+        render
+
+        expect(rendered).to have_content("GitLab is obtaining a Let's Encrypt SSL certificate for this domain. This process can take some time. Please try again later.")
+      end
+    end
+
+    context 'when certificate is present' do
+      let(:domain) { create(:pages_domain, :letsencrypt, project: project) }
+
+      it 'shows certificate info' do
+        render
+
+        # test just a random part of cert represenations(X509v3 Subject Key Identifier:)
+        expect(rendered).to have_content("C6:5F:56:4B:10:69:AC:1D:33:D2:26:C9:B3:7A:D7:12:4D:3E:F7:90")
+      end
+    end
+  end
+
+  context 'when auto_ssl is disabled' do
+    context 'when certificate is present' do
+      let(:domain) { create(:pages_domain, project: project) }
+
+      it 'shows certificate info' do
+        render
+
+        # test just a random part of cert represenations(X509v3 Subject Key Identifier:)
+        expect(rendered).to have_content("C6:5F:56:4B:10:69:AC:1D:33:D2:26:C9:B3:7A:D7:12:4D:3E:F7:90")
+      end
+    end
+
+    context 'when certificate is absent' do
+      let(:domain) { create(:pages_domain, :without_certificate, :without_key, project: project) }
+
+      it 'shows missing certificate' do
+        render
+
+        expect(rendered).to have_content("missing")
+      end
+    end
+  end
+end