gitlab-qa 12.5.1 → 13.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 412c4beda678caf22263be9c9de6f3cb424752c746a7260f19edba10fc2c3021
-  data.tar.gz: 9d468400c0e8bf01b67cb14319b418d61c21fe620a51e71b7ead3c1bbb8dd206
+  metadata.gz: 16a2d1d19d2421861d4698ef692926f2fa15cc9f4081e39d1ca7e4da46a8ba7c
+  data.tar.gz: 0c65e2931b680e7737df751f702943e40851ac207afcb3be7a01765ec2b47291
 SHA512:
-  metadata.gz: 1395abf5e30f1b80db3ab6ebe6783b36321c561075abcad045bded9992f652b796e99262456c16610695114381d2e41048a884aaaf42e0d9b3d34fbe988f6f6d
-  data.tar.gz: 9144b591121316d0c575622a5c1a42066870979ce8f30a92745d1aea5a0253b5e99484a0c401e6a59ec58875c64a58f66315dfad83c588bcc25e21bfb0c90cc3
+  metadata.gz: 81c553e7373d1fc790429dd8e4e9c1538e7c2a6afc382b7b79170c0edb6b8b83c4f533a60746defc313c846ab92fb4505f84899f3eede1f21bcdcdc586e7b90c
+  data.tar.gz: 492ad5e00e24b345ab1ac724dcf059c9520d992df141a03b413b674262720138a724ed44d633b9d9a926f40471aa44744994b8dcf38eee8753d03728ad3c715e

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    gitlab-qa (12.5.1)
+    gitlab-qa (13.1.0)
       activesupport (>= 6.1, < 7.1)
       gitlab (~> 4.19)
       http (~> 5.0)

data/docs/what_tests_can_be_run.md

@@ -58,7 +58,8 @@ All environment variables used by GitLab QA should be defined in [`lib/gitlab/qa
 | `GITLAB_QA_ACCESS_TOKEN`|-  | A valid personal access token with the `api` scope. This allows tests to use the API without having to create a new personal access token first. It is also used to check what version [deployed environments](https://gitlab.com/gitlab-org/quality/pipeline-common/-/blob/master/ci/dot-com/README.md#projects) are currently running. Existing tokens for each environment can be found in the shared 1Password vault. |No|
 | `GITLAB_QA_ADMIN_ACCESS_TOKEN` |-  | A valid personal access token with the `api` scope from a user with admin access. Used for API access as an admin during tests. | No|
 | `GITLAB_QA_CONTAINER_REGISTRY_ACCESS_TOKEN` | - | A valid personal access token with the `read_registry` scope. Used to [access the container registry on `registry.gitlab.com` when tests run in a CI job that _is not_ triggered via another pipeline](https://gitlab.com/gitlab-org/gitlab-qa/-/blob/364addb83e7b136ff0f9d8719ca9553d290aa9ab/lib/gitlab/qa/release.rb#L152). For example, if you manually run a [new Staging pipeline](https://ops.gitlab.net/gitlab-org/quality/staging/-/pipelines/new), this token will be used. | No |
-| `EE_LICENSE` |-  | Enterprise Edition license. | No|
+| `EE_LICENSE` |-  | Enterprise Edition license. For Staging license to be applied successfully requires `CUSTOMER_PORTAL_URL` set. | No|
+| `GITLAB_LICENSE_MODE` |- | If set to `test` gitlab-qa will then set customers portal address to Staging address. | No|
 | `QA_EE_ACTIVATION_CODE` |-  | Cloud activation code to enable Enterprise Edition features. | No|
 | `QA_ARTIFACTS_DIR` |`/tmp/gitlab-qa`| Path to a directory where artifacts (logs and screenshots) for failing tests will be saved. | No|
 | `DOCKER_HOST` |`http://localhost`| Docker host to run tests against. | No|
@@ -120,6 +121,8 @@ All environment variables used by GitLab QA should be defined in [`lib/gitlab/qa
 | `WORKSPACES_DOMAIN_KEY` | - | The privkey.pem SSL Certificates for the `WORKSPACES_PROXY_DOMAIN`. See https://gitlab.com/gitlab-org/remote-development/gitlab-workspaces-proxy for instructions. | No |
 | `WORKSPACES_WILDCARD_CERT` | - | The fullchain.pem SSL Certificates for the Wildcard `WORKSPACES_PROXY_DOMAIN`. See https://gitlab.com/gitlab-org/remote-development/gitlab-workspaces-proxy for instructions.| No |
 | `WORKSPACES_WILDCARD_KEY` | - | The privkey.pem SSL Certificates for the Wildcard `WORKSPACES_PROXY_DOMAIN`. See https://gitlab.com/gitlab-org/remote-development/gitlab-workspaces-proxy for instructions. | No |
+| `QA_GITLAB_HOSTNAME` | `"gitlab-#{edition}-#{SecureRandom.hex(4)}"` | A host name for the GitLab instance setup with Test::Instance::Image. | No |
+| `QA_GITLAB_USE_TLS` | false | Specify if GitLab instance setup with Test::Instance::Image should use TLS | No |
 
 ## [Supported Remote Grid environment variables](./running_against_remote_grid.md)
 
@@ -571,7 +574,7 @@ $ export EE_LICENSE=$(cat /path/to/Geo.gitlab_license)
 $ gitlab-qa Test::Integration::InstanceSAML EE
 ```
 
-### `Test::Integration::OAuth CE|EE|<full image address>`
+### `Test::Instance::Image CE|EE|<full image address> --omnibus-config oauth`
 
 This tests that users can sign in to a GitLab instance using external OAuth services.
 
@@ -579,7 +582,7 @@ The tests currently integrate with the following OAuth service providers:
 * GitHub
 
 To run tests against the GitLab containers, a GitLab QA (`gitlab/gitlab-qa`)
-container is spun up and tests are run from it by running the `Test::Integration::OAuth` scenario
+container is spun up and tests are run from it by running the `Test::Instance::All` scenario
 
 **Required environment variables:**
 
@@ -592,6 +595,8 @@ container is spun up and tests are run from it by running the `Test::Integration
 - `QA_1P_PASSWORD`: Password for authenticating into 1Password for GitLab-QA vault. This can be found in the shared 1Password vault.
 - `QA_1P_SECRET`: Secret for authenticating into 1Password. This can be found in the GitLab-QA 1Password vault.
 - `QA_1P_GITHUB_UUID`: UUID for GitHub item in GitLab-QA 1Password vault. This can be found in the GitLab-QA 1Password vault.
+- `QA_GITLAB_HOSTNAME`: Hostname set for GitLab instance. This must be set to `gitlab` as the external OAuth applications have been setup to use this.
+- `QA_GITLAB_USE_TLS`: Use TLS for setting up GitLab instance. This must be set to `true` as since some external OAuth applications require the client to use TLS.
 
 Example:
 
@@ -1169,6 +1174,28 @@ need to be updated, it can be useful to proxy all requests to real `GitHub` inst
 
 Testing import [by direct transfer](https://docs.gitlab.com/ee/user/group/import/#migrate-groups-by-direct-transfer-recommended) is done by spinning up 2 omnibus installations - `import-target` and `import-source`. In order for tests to work, application setting `allow_local_requests_from_web_hooks_and_services` must be enabled in target instance. This is automatically done by test process if environment variable `QA_ALLOW_LOCAL_REQUESTS` is set to `true`.
 
+### `Test::Integration::AiGateway EE|<full image address>`
+
+This scenario spins up a GitLab Omnibus instance integrated with a test AI Gateway using [fake models](https://gitlab.com/gitlab-org/modelops/applied-ml/code-suggestions/ai-assist#faking-out-ai-models). It will run specs tagged with the `:ai_gateway` tag in order to help verify that cloud licensing and authentication for AI features work as expected for self-managed instances.
+
+**Required environment variables:**
+
+- `QA_EE_ACTIVATION_CODE`: An activation code for a Staging-generated Premium or Ultimate cloud license with a purchased AI add-on. This can be found in the GitLab QA 1Password vault.
+- `GITLAB_LICENSE_MODE`: Set to `test` in order to configure GitLab Omnibus with the correct license mode and `CUSTOMER_PORTAL_URL`.
+
+**Optional environment variables:**
+
+- `QA_USE_SYNC_SERVICE_TOKEN_WORKER`: When true, will enable the `use_sync_service_token_worker` feature flag during code suggestions setup to use the `SyncServiceTokenWorker` to fetch a code suggestions JWT during activation instead of the `SyncSeatLinkWorker`. See rollout issue https://gitlab.com/gitlab-org/gitlab/-/issues/431608 for details.
+
+Example:
+
+```shell
+$ export QA_EE_ACTIVATION_CODE="<value from 1Password>"
+$ export GITLAB_LICENSE_MODE="test"
+
+$ gitlab-qa Test::Integration::AiGateway EE
+```
+
 ----
 
 [Back to README.md](../README.md)

data/lib/gitlab/qa/component/ai_gateway.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module QA
+    module Component
+      class AiGateway < Base
+        DOCKER_IMAGE = 'registry.gitlab.com/gitlab-org/modelops/applied-ml/code-suggestions/ai-assist/model-gateway'
+        DOCKER_IMAGE_TAG = 'latest'
+
+        def name
+          @name ||= 'ai-gateway'
+        end
+
+        def configure_environment(gitlab_hostname:)
+          @environment = {
+            'GITLAB_URL' => "http://#{gitlab_hostname}",
+            'GITLAB_API_URL' => "http://#{gitlab_hostname}/api/v4",
+            'CUSTOMER_PORTAL_BASE_URL' => Runtime::Env.customer_portal_url,
+            'USE_FAKE_MODELS' => true,
+            'USE_LOCAL_CACHE' => true
+          }
+        end
+      end
+    end
+  end
+end

data/lib/gitlab/qa/component/gitlab.rb

@@ -83,6 +83,13 @@ module Gitlab
           @environment['ELASTIC_URL'] = url
         end
 
+        def set_ee_activation_code
+          raise 'QA_EE_ACTIVATION_CODE is required!' if Runtime::Env.ee_activation_code.to_s.strip.empty?
+
+          @omnibus_gitlab_rails_env['QA_EE_ACTIVATION_CODE'] = Runtime::Env.ee_activation_code
+          secrets << Runtime::Env.ee_activation_code
+        end
+
         def release=(release)
           @release = QA::Release.new(release)
         end

data/lib/gitlab/qa/runner.rb

@@ -156,7 +156,7 @@ module Gitlab
             Runtime::Scenario.omnibus_exec_commands << configurator.exec_commands
 
             # Load the configuration
-            configurator.configuration.split("\n").each { |c| Runtime::Scenario.omnibus_configuration << c }
+            Runtime::Scenario.omnibus_configuration << configurator.configuration
           end
         rescue NameError
           raise <<~ERROR

data/lib/gitlab/qa/runtime/env.rb

@@ -81,6 +81,8 @@ module Gitlab
           'QA_GITHUB_PASSWORD' => :qa_github_password,
           'QA_FACEBOOK_USERNAME' => :qa_facebook_username,
           'QA_FACEBOOK_PASSWORD' => :qa_facebook_password,
+          'QA_GITLAB_HOSTNAME' => :qa_gitlab_hostname,
+          'QA_GITLAB_USE_TLS' => :qa_gitlab_use_tls,
           'KNAPSACK_GENERATE_REPORT' => :knapsack_generate_report,
           'KNAPSACK_REPORT_PATH' => :knapsack_report_path,
           'KNAPSACK_TEST_FILE_PATTERN' => :knapsack_test_file_pattern,
@@ -345,6 +347,10 @@ module Gitlab
           enabled?(env_var_value_if_defined('QA_SKIP_PULL'), default: false)
         end
 
+        def qa_gitlab_use_tls?
+          enabled?(env_var_value_if_defined('QA_GITLAB_USE_TLS'), default: false)
+        end
+
         def geo_failover?
           enabled?(env_var_value_if_defined('GEO_FAILOVER'), default: false)
         end
@@ -422,6 +428,14 @@ module Gitlab
           env_var_value_if_defined('CUSTOMER_PORTAL_URL') || 'https://customers.staging.gitlab.com'
         end
 
+        def ee_activation_code
+          env_var_value_if_defined('QA_EE_ACTIVATION_CODE')
+        end
+
+        def use_sync_service_token_worker?
+          enabled?(env_var_value_if_defined('QA_USE_SYNC_SERVICE_TOKEN_WORKER'), default: false)
+        end
+
         def geo_staging_url
           env_var_value_if_defined('GEO_STAGING_URL') || 'https://geo.staging.gitlab.com'
         end

data/lib/gitlab/qa/runtime/omnibus_configurations/facebook_oauth.rb

@@ -6,11 +6,11 @@ module Gitlab
       module OmnibusConfigurations
         class FacebookOauth < Default
           def configuration
-            Runtime::Env.require_github_oauth_environment!
+            Runtime::Env.require_facebook_environment!
 
             <<~OMNIBUS
               gitlab_rails['omniauth_enabled'] = true
-              gitlab_rails['omniauth_allow_single_sign_on'] = [facebook']
+              gitlab_rails['omniauth_allow_single_sign_on'] = ['facebook']
               gitlab_rails['omniauth_block_auto_created_users'] = false
               gitlab_rails['omniauth_providers'] = [
                 {

data/lib/gitlab/qa/scenario/test/instance/image.rb

@@ -18,7 +18,9 @@ module Gitlab
                 gitlab.release = release
                 gitlab.volumes = @volumes
                 gitlab.network = 'test'
+                gitlab.name = Runtime::Env.qa_gitlab_hostname
                 gitlab.seed_admin_token = @seed_admin_token
+                gitlab.tls = Runtime::Env.qa_gitlab_use_tls?
 
                 gitlab.instance do
                   Component::Specs.perform do |specs|

data/lib/gitlab/qa/scenario/test/integration/ai_gateway.rb

@@ -0,0 +1,90 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module QA
+    module Scenario
+      module Test
+        module Integration
+          class AiGateway < Scenario::Template
+            SETUP_SRC_PATH = File.expand_path('../../../../../../support/setup', __dir__)
+            SETUP_DEST_PATH = '/tmp/setup-scripts'
+
+            def initialize
+              @network = 'test'
+              @ai_gateway_name = 'ai-gateway'
+              @ai_gateway_hostname = "#{@ai_gateway_name}.#{@network}"
+              @ai_gateway_port = 5000
+            end
+
+            def perform(release, *rspec_args)
+              Component::Gitlab.perform do |gitlab|
+                setup_gitlab(gitlab, release)
+
+                Component::AiGateway.perform do |ai_gateway|
+                  setup_ai_gateway(ai_gateway, gitlab_hostname: gitlab.hostname)
+
+                  ai_gateway.instance do
+                    gitlab.instance do
+                      setup_code_suggestions(gitlab)
+                      run_specs(gitlab, *rspec_args)
+                    end
+                  end
+                end
+              end
+            end
+
+            private
+
+            def setup_gitlab(gitlab, release)
+              gitlab.release = QA::Release.new(release)
+              gitlab.name = 'gitlab'
+              gitlab.network = @network
+
+              gitlab.omnibus_gitlab_rails_env['CODE_SUGGESTIONS_BASE_URL'] = "http://#{@ai_gateway_hostname}:#{@ai_gateway_port}"
+
+              # Determines whether to use the SyncServiceTokenWorker or SyncSeatLinkWorker
+              # for generating a code suggestions access token during license activation
+              gitlab.omnibus_gitlab_rails_env['QA_USE_SYNC_SERVICE_TOKEN_WORKER'] = Runtime::Env.use_sync_service_token_worker?
+
+              gitlab.set_ee_activation_code
+            end
+
+            def setup_ai_gateway(ai_gateway, gitlab_hostname:)
+              ai_gateway.name = @ai_gateway_name
+              ai_gateway.network = @network
+              ai_gateway.ports = [@ai_gateway_port]
+
+              ai_gateway.configure_environment(gitlab_hostname: gitlab_hostname)
+            end
+
+            def setup_code_suggestions(gitlab)
+              Runtime::Logger.info('Setting up Code Suggestions on GitLab instance')
+
+              gitlab.docker.copy(gitlab.name, SETUP_SRC_PATH, SETUP_DEST_PATH)
+
+              gitlab.docker.exec(
+                gitlab.name,
+                "gitlab-rails runner #{SETUP_DEST_PATH}/code_suggestions_setup.rb",
+                mask_secrets: gitlab.secrets
+              )
+            end
+
+            def run_specs(gitlab, *rspec_args)
+              Runtime::Logger.info('Running AI Gateway specs!')
+
+              rspec_args << "--" unless rspec_args.include?('--')
+              rspec_args << %w[--tag ai_gateway]
+
+              Component::Specs.perform do |specs|
+                specs.suite = 'Test::Instance::All'
+                specs.release = gitlab.release
+                specs.network = gitlab.network
+                specs.args = [gitlab.address, *rspec_args]
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/gitlab/qa/support/gitlab_version_info.rb

@@ -180,8 +180,7 @@ module Gitlab
           logger.info("Fetching Docker tags page #{page} from 'gitlab/gitlab-#{edition}' registry")
           response = HttpRequest.make_http_request(
             url: "https://registry.hub.docker.com/v2/namespaces/gitlab/repositories/gitlab-#{edition}/tags?page=#{page}&page_size=#{per_page}",
-            fail_on_error: false,
-            params: nil # DockerHub fails with 413 if default {} being passed
+            fail_on_error: false
           )
 
           unless response.code == 200

data/lib/gitlab/qa/support/http_request.rb

@@ -8,7 +8,7 @@ module Gitlab
     module Support
       class HttpRequest
         # rubocop:disable Metrics/AbcSize
-        def self.make_http_request(method: 'get', url: nil, params: {}, headers: {}, show_response: false, fail_on_error: true)
+        def self.make_http_request(method: 'get', url: nil, params: nil, headers: {}, show_response: false, fail_on_error: true)
           raise "URL not defined for making request. Exiting..." unless url
 
           res = HTTP.follow.method(method).call(url, json: params, headers: headers)

data/lib/gitlab/qa/version.rb

@@ -2,6 +2,6 @@
 
 module Gitlab
   module QA
-    VERSION = '12.5.1'
+    VERSION = '13.1.0'
   end
 end

data/support/setup/code_suggestions_setup.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+class CodeSuggestionsSetup
+  class << self
+    def configure!
+      if ENV.fetch('QA_USE_SYNC_SERVICE_TOKEN_WORKER', false)
+        puts 'Enabling use_sync_service_token_worker feature flag...'
+        Feature.enable(:use_sync_service_token_worker)
+      end
+
+      puts 'Enabling code_suggestions_tokens_api feature flag...'
+      Feature.enable(:code_suggestions_tokens_api)
+
+      activate_cloud_license
+
+      # Due to the various async Sidekiq processes involved, we wait to verify
+      # that the code suggestions access token has been generated before proceeding
+      verify_code_suggestions_access_token
+
+      puts 'Enabling application setting instance_level_code_suggestions_enabled...'
+      ApplicationSetting.last.update(instance_level_code_suggestions_enabled: true)
+    end
+
+    private
+
+    def activate_cloud_license
+      puts 'Activating cloud license...'
+      activation_result = ::GitlabSubscriptions::ActivateService.new.execute(ENV.fetch('QA_EE_ACTIVATION_CODE', nil))
+
+      if activation_result[:success]
+        puts 'Cloud license activation successful'
+      else
+        puts 'Cloud license activation failed!'
+        puts Array(result[:errors]).join(' ')
+        exit 1
+      end
+    end
+
+    def verify_code_suggestions_access_token
+      puts 'Waiting for code suggestions access token to be available...'
+
+      max_attempts = 3
+      attempts = 0
+
+      until (tokens = ::Ai::ServiceAccessToken.active.count)&.positive? || attempts == max_attempts
+        puts 'Attempting to verify access token exists...'
+        attempts += 1
+        sleep 30
+      end
+
+      return if tokens&.positive?
+
+      puts "Failed to create code suggestions access token after #{max_attempts} attempts"
+      exit 1
+    end
+  end
+end
+
+CodeSuggestionsSetup.configure!

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-qa
 version: !ruby/object:Gem::Version
-  version: 12.5.1
+  version: 13.1.0
 platform: ruby
 authors:
 - GitLab Quality
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2023-12-04 00:00:00.000000000 Z
+date: 2023-12-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: climate_control
@@ -383,6 +383,7 @@ files:
 - gitlab-qa.gemspec
 - lefthook.yml
 - lib/gitlab/qa.rb
+- lib/gitlab/qa/component/ai_gateway.rb
 - lib/gitlab/qa/component/alpine.rb
 - lib/gitlab/qa/component/base.rb
 - lib/gitlab/qa/component/chaos.rb
@@ -444,6 +445,7 @@ files:
 - lib/gitlab/qa/scenario/test/instance/staging_geo.rb
 - lib/gitlab/qa/scenario/test/instance/staging_ref.rb
 - lib/gitlab/qa/scenario/test/instance/staging_ref_geo.rb
+- lib/gitlab/qa/scenario/test/integration/ai_gateway.rb
 - lib/gitlab/qa/scenario/test/integration/chaos.rb
 - lib/gitlab/qa/scenario/test/integration/client_ssl.rb
 - lib/gitlab/qa/scenario/test/integration/elasticsearch.rb
@@ -462,7 +464,6 @@ files:
 - lib/gitlab/qa/scenario/test/integration/mattermost.rb
 - lib/gitlab/qa/scenario/test/integration/metrics.rb
 - lib/gitlab/qa/scenario/test/integration/mtls.rb
-- lib/gitlab/qa/scenario/test/integration/oauth.rb
 - lib/gitlab/qa/scenario/test/integration/opensearch.rb
 - lib/gitlab/qa/scenario/test/integration/praefect.rb
 - lib/gitlab/qa/scenario/test/integration/registry.rb
@@ -497,6 +498,7 @@ files:
 - support/manifests/suggested_reviewer/pubsub.yaml
 - support/manifests/suggested_reviewer/recommender-bot.yaml
 - support/manifests/suggested_reviewer/recommender.yaml
+- support/setup/code_suggestions_setup.rb
 - tls_certificates/authority/ca.crt
 - tls_certificates/authority/ca.key
 - tls_certificates/authority/ca.pem

data/lib/gitlab/qa/scenario/test/integration/oauth.rb

@@ -1,77 +0,0 @@
-# frozen_string_literal: true
-
-require 'yaml'
-
-module Gitlab
-  module QA
-    module Scenario
-      module Test
-        module Integration
-          class OAuth < Scenario::Template
-            attr_reader :gitlab_name
-
-            def initialize
-              @gitlab_name = 'gitlab'
-            end
-
-            def perform(release, *rspec_args)
-              Runtime::Env.require_oauth_environment!
-
-              release = Release.new(release)
-
-              Component::Gitlab.perform do |gitlab|
-                gitlab.release = release
-                gitlab.network = 'test'
-                gitlab.name = gitlab_name
-                gitlab.tls = true
-
-                gitlab.omnibus_configuration << gitlab_omnibus_configuration(gitlab.address)
-
-                gitlab.instance do
-                  Runtime::Logger.info('Running OAuth specs!')
-
-                  Component::Specs.perform do |specs|
-                    rspec_args << '--' unless rspec_args.include?('--')
-                    rspec_args << %w[--tag oauth]
-                    specs.suite = 'Test::Instance::All'
-                    specs.release = release
-                    specs.network = gitlab.network
-                    specs.args = [gitlab.address, *rspec_args]
-                  end
-                end
-              end
-            end
-
-            private
-
-            def gitlab_omnibus_configuration(gitlab_address)
-              <<~OMNIBUS
-                gitlab_rails['omniauth_enabled'] = true;
-                gitlab_rails['omniauth_allow_single_sign_on'] = ['github', 'facebook'];
-                gitlab_rails['omniauth_block_auto_created_users'] = false;
-                gitlab_rails['omniauth_providers'] = [
-                  {
-                    name: 'github',
-                    app_id: '$QA_GITHUB_OAUTH_APP_ID',
-                    app_secret: '$QA_GITHUB_OAUTH_APP_SECRET',
-                    url: 'https://github.com/',
-                    verify_ssl: false,
-                    args: { scope: 'user:email' }
-                  },
-                  {
-                    name: 'facebook',
-                    app_id: '$QA_FACEBOOK_OAUTH_APP_ID',
-                    app_secret: '$QA_FACEBOOK_OAUTH_APP_SECRET',
-                    verify_ssl: false
-                  }
-                ];
-                letsencrypt['enable'] = false;
-                external_url '#{gitlab_address}';
-              OMNIBUS
-            end
-          end
-        end
-      end
-    end
-  end
-end