gitlab-qa 14.10.0 → 14.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a6f7bd80ea293183e6498166dfff6ed48a13ae11c6075fbb4a6b8da659486f0c
-  data.tar.gz: 1fb02c24469c15088ebaa23607df22dac8237c98afdf3e641bb21c9544d2a6f8
+  metadata.gz: bd465ad052ddf27bfec3d32c3223690dc815b71b805443619f01ee2f59a5e598
+  data.tar.gz: a8624cdb6d986a4db3cb951202e4050906023986e83a5876c30806db0ee4be30
 SHA512:
-  metadata.gz: f3f8343857638e8ed1c2b1b496bf9f09094fddd9d14f477d7277bd71c37d967e7ecce22eb369e6a105df956a48b7ce92831812aa82356f82578bfaa6b847f1ca
-  data.tar.gz: 5ca6e86b327ad376cbae3d58184c8f0ce348f8c6830078b4fd202a16c4ec523ced8ee5e68adf89aa2c79e6a71d40f57955f43271c5fef967661b45078b214e7b
+  metadata.gz: 5e4e1b15180da4d39924afaa31e26ddd7e95b89c69a05f5602ccdc762428091754d97181791824c9c184a3d862bbdb17e0fd7a6579703d5ef5421c96d190bfbc
+  data.tar.gz: 63ff9aa5f91a6be51968f96322ff607d3769b4b269e71ac7c37712e8526cd8f414b1e25035523d64512819f0ab1cfb8dc1421a14fafcc9373b27853e79ade60d

data/.gitlab-ci.yml

@@ -8,9 +8,10 @@
     - vendor/ruby
 
 include:
-  - component: gitlab.com/gitlab-org/components/danger-review/danger-review@~latest
+  - component: ${CI_SERVER_FQDN}/gitlab-org/components/danger-review/danger-review@1.4.0
     inputs:
-      job_image: "${CI_REGISTRY}/gitlab-org/gitlab-build-images/debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}:bundler-${BUNDLER_VERSION}"
+      job_image: "${CI_REGISTRY}/gitlab-org/gitlab-build-images/debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}"
+      job_stage: "check"
   - component: gitlab.com/gitlab-org/components/gem-release/gem-release@~latest
 
 stages:
@@ -20,7 +21,7 @@ stages:
   - deploy
 
 default:
-  image: ${CI_REGISTRY}/gitlab-org/gitlab-build-images/debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}:bundler-${BUNDLER_VERSION}
+  image: ${CI_REGISTRY}/gitlab-org/gitlab-build-images/debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}
   tags:
     - gitlab-org
   cache:
@@ -43,8 +44,7 @@ workflow:
 variables:
   DEBIAN_VERSION: bookworm
   DOCKER_VERSION: "24.0.5"
-  BUNDLER_VERSION: "2.5"
-  RUBY_VERSION: "3.1"
+  RUBY_VERSION: "3.1.5"
   BUNDLE_PATH: vendor
   BUNDLE_SILENCE_ROOT_WARNING: "true"
   BUNDLE_SUPPRESS_INSTALL_USING_MESSAGES: "true"
@@ -99,7 +99,6 @@ cache-gems:
         - Gemfile.lock
 
 danger-review:
-  stage: check
   needs:
     - job: cache-gems
       optional: true
@@ -145,7 +144,6 @@ package-and-test:
       - RUBY_VERSION
       - DEBIAN_VERSION
       - DOCKER_VERSION
-      - BUNDLER_VERSION
   trigger:
     strategy: depend
     forward:

data/.rubocop_todo.yml

@@ -55,7 +55,6 @@ Metrics/AbcSize:
     - 'lib/gitlab/qa/scenario/test/integration/registry_with_cdn.rb'
     - 'lib/gitlab/qa/scenario/test/integration/smtp.rb'
     - 'lib/gitlab/qa/scenario/test/integration/suggested_reviewer.rb'
-    - 'lib/gitlab/qa/scenario/test/sanity/version.rb'
 
 # Offense count: 2
 # Configuration parameters: CheckIdentifiers, CheckConstants, CheckVariables, CheckStrings, CheckSymbols, CheckComments, CheckFilepaths, FlaggedTerms.

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    gitlab-qa (14.10.0)
+    gitlab-qa (14.12.0)
       activesupport (>= 6.1, < 7.2)
       gitlab (~> 4.19)
       http (~> 5.0)

data/docs/what_tests_can_be_run.md

@@ -63,6 +63,7 @@ All environment variables used by GitLab QA should be defined in [`lib/gitlab/qa
 | `QA_EE_ACTIVATION_CODE` |-  | Cloud activation code to enable Enterprise Edition features. | No|
 | `QA_ARTIFACTS_DIR` |`/tmp/gitlab-qa`| Path to a directory where artifacts (logs and screenshots) for failing tests will be saved. | No|
 | `DOCKER_HOST` |`http://localhost`| Docker host to run tests against. | No|
+| `QA_DOCKER_NETWORK` | `test` | Name of the Docker network that is created to allow connectivity between GitLab and other containers. | No |
 | `WEBDRIVER_HEADLESS` |-  | When running locally, set to `false` to allow Chrome tests to be visible - watch your tests being run. | No|
 | `CHROME_DISABLE_DEV_SHM` | `false` | Set to `true` to disable `/dev/shm` usage in Chrome on Linux. | No|
 | `QA_ADDITIONAL_REPOSITORY_STORAGE` |-  | The name of additional, non-default storage to be used with tests tagged `repository_storage`, run via the `Test::Instance::RepositoryStorage` scenario.  Note: Admin access is required to change repository storage. | No|
@@ -85,7 +86,7 @@ All environment variables used by GitLab QA should be defined in [`lib/gitlab/qa
 | `QA_INFLUXDB_TOKEN` |- | InfluxDB token for test metrics reporting | No|
 | `QA_RUN_TYPE` |- | QA run type like `staging-full`, `canary`, `production` etc. Used in test metrics reporting | No|
 | `QA_VALIDATE_RESOURCE_REUSE` | `false` | Set to `true` to [validate resource reuse](https://docs.gitlab.com/ee/development/testing_guide/end_to_end/resources.html#reusable-resources) after a test suite | No |
-| `QA_USE_PUBLIC_IP_API` | `false` | When performing Instance tests against a remote/pre-existing instance, use an API to detect the public API for requests coming from gitlab-qa.  Used by tests that exercise IP-address restrictions and similar
+| `QA_USE_PUBLIC_IP_API` | `false` | When performing Instance tests against a remote/pre-existing instance, use an API to detect the public API for requests coming from gitlab-qa.  Used by tests that exercise IP-address restrictions and similar | No |
 | `QA_GITHUB_USERNAME` |-  | Username for authenticating with GitHub. | No|
 | `QA_GITHUB_PASSWORD` |-  | Password for authenticating with GitHub. | No|
 | `GITLAB_QA_LOOP_RUNNER_MINUTES` | `1` | Minutes to run and repeat a spec while using the '--loop' option; default value is 1 minute. | No|
@@ -333,7 +334,7 @@ Scenario verifies upgrade from previous (major|minor) version to current release
 - Deploys previous (major|minor) version and runs Smoke test suite
   to populate data in database before upgrade
 - Generates upgrade path following current GitLab recommendations
-  from ['gitlab-com/support/toolbox/upgrade-path'](https://gitlab.com/gitlab-com/support/toolbox/upgrade-path/-/raw/main/upgrade-path.yml) project
+  from ['gitlab.com/gitlab-org/gitlab'](https://gitlab.com/gitlab-org/gitlab/-/raw/master/config/upgrade_path.yml) project
 - Gradually upgrades GitLab instances to `<current_version>`
   associated with provided `<full image address>` and runs tests against it
 
@@ -883,9 +884,9 @@ $ export GITLAB_PASSWORD="$GITLAB_QA_PASSWORD"
 $ gitlab-qa Test::Instance::StagingRef
 ```
 
-### `Test::Instance::StagingGeo`
+### `Test::Instance::StagingRefGeo`
 
-This scenario tests that the Geo staging deployment (with [`staging.gitlab.com`](https://staging.gitlab.com) as the primary site and [`geo.staging.gitlab.com`](https://geo.staging.gitlab.com) as the secondary site) works as expected by running tests tagged `:geo` against it. This is done by spinning up a GitLab QA (`gitlab/gitlab-qa`) container and running the `QA::EE::Scenario::Test::Geo` scenario. Note that the Geo setup steps in the `QA::EE::Scenario::Test::Geo` scenario are skipped when testing a live Geo deployment.
+This scenario tests that the Geo staging deployment (with [`staging-ref.gitlab.com`](https://staging-ref.gitlab.com) as the primary site and [`geo.staging-ref.gitlab.com`](https://geo.staging-ref.gitlab.com) as the secondary site) works as expected by running tests tagged `:geo` against it. This is done by spinning up a GitLab QA (`gitlab/gitlab-qa`) container and running the `QA::EE::Scenario::Test::Geo` scenario. Note that the Geo setup steps in the `QA::EE::Scenario::Test::Geo` scenario are skipped when testing a live Geo deployment.
 
 **Required user properties:**
 
@@ -907,23 +908,6 @@ This scenario tests that the Geo staging deployment (with [`staging.gitlab.com`]
   If the variable isn't present, the QA image from Docker Hub will be used.
   This can be found in the shared 1Password vault.
 
-Example:
-
-```shell
-$ export GITLAB_QA_ACCESS_TOKEN=your_api_access_token
-$ export GITLAB_QA_DEV_ACCESS_TOKEN=your_dev_registry_access_token
-$ export GITLAB_USERNAME="gitlab-qa"
-$ export GITLAB_PASSWORD="$GITLAB_QA_PASSWORD"
-
-$ gitlab-qa Test::Instance::StagingGeo
-```
-
-### `Test::Instance::StagingRefGeo`
-
-This scenario tests that the Geo staging deployment (with [`staging-ref.gitlab.com`](https://staging-ref.gitlab.com) as the primary site and [`geo.staging-ref.gitlab.com`](https://geo.staging-ref.gitlab.com) as the secondary site) works as expected by running tests tagged `:geo` against it. This is done by spinning up a GitLab QA (`gitlab/gitlab-qa`) container and running the `QA::EE::Scenario::Test::Geo` scenario. Note that the Geo setup steps in the `QA::EE::Scenario::Test::Geo` scenario are skipped when testing a live Geo deployment.
-
-Scenario requirements are the same as [`Test::Instance::StagingGeo`](#testinstancestaginggeo) described above.
-
 ```shell
 $ export GITLAB_QA_ACCESS_TOKEN=your_api_access_token
 $ export GITLAB_QA_DEV_ACCESS_TOKEN=your_dev_registry_access_token
@@ -1034,7 +1018,7 @@ These tests verify features related to multiple repository storages.
 Example:
 
 ```shell
-$ export QA_ADDITIONAL_REPOSITORY_STORAGE=secondary 
+$ export QA_ADDITIONAL_REPOSITORY_STORAGE=secondary
 $ export QA_GITALY_NON_CLUSTER_STORAGE=gitaly
 $ export QA_PRAEFECT_REPOSITORY_STORAGE=praefect
 

data/lib/gitlab/qa/component/ai_gateway.rb

@@ -8,6 +8,74 @@ module Gitlab
         DOCKER_IMAGE_TAG = 'latest'
         LOG_DIR = '/var/log'
 
+        # Test signing key to enable direct connection code completions
+        # https://gitlab.com/gitlab-org/modelops/applied-ml/code-suggestions/ai-assist/-/blob/97f54f4b7e43258a39bba7f29f38fe44bd316ce5/example.env#L79
+        TEST_SIGNING_KEY =
+          <<~SIGNING_KEY
+            -----BEGIN PRIVATE KEY-----
+            MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQD35X6SQq7VuIV8
+            jRNta9yfQJzVLqfYOFwSqismmvR1/2y/pO7HWsXo1HhkQdzF7U1zJLh8b0PiSkDE
+            dpUzkt5b4mPIit7khx7/wMi+t+gi1dpP+gTXxqOB8A/UzvQxBEKhizoGw/hG7vzT
+            MYqJRO1xHCYsMNU2TfWuoGR/7RXIidXzXmEShZ6bFeEWqupV7D0X6n8WVMd+NrZZ
+            lCNP0O67kCZGpABHcQ/uDUcRhyHYFkGHoSwp7KS2416PXMiRs01VRUG7fnOkgo4C
+            zyPWfuzSMjkKPm9gr9P0qYGsNrOBmV0guyLg4JWcVhDvkuh32r/kHrwxwUDYSLyI
+            GfAKKmZDAgMBAAECggEAKLfCEdVw0PCywayNKQdIgRf51W0JFhOGfBewvXHs/ty/
+            nhLsmEN+sn8DxLlUwWX4YhYBVN8UcBJGOn7yhDrML0eA9asUcBu0VHSer0TslPGP
+            dFzazXPL3kdHh8BJN9aSozoyg8ijT/NoBRXkGCasNvdVWyOCQfM4NutoK+MOFZbL
+            krtGPWfjTPByaZnV1PDJq95wz6LQeSdNwZLABE4YIrBxg0V1zu1gb0paltHZjPaM
+            68rm6Hp78CqI/5v9/RqQaso8aYVdjBaEkEI40CgKZY8Jm04NE4EcQM4Z4IYFc8I/
+            Ewj0giQIkZrGuucOA9S8TNqDjerv+8NoLMRCRcTk8QKBgQD9nHZGdW+2+IjShTal
+            EzjHH37APQKXYi0R9IESdzRnkUrL/8Rnxe5f7VxmDXJys0+IGo+8JoqGRUWJD8WZ
+            oBNW8oqJ4OH/dH07v2W0a0L0Z0Fcq6lv6tFcq1inSLPlk6EW3h4vTlrknuQ6QaKq
+            74SksBB4dCGDLlOaL8jldg9YVwKBgQD6O0CciiL3xVdnx4cGHDEjs9UU10z0EeVs
+            0gNxdAdkQEdgj9wI1yzNywFXtI+UA26j7207vYcU0hQ029roJN5ogTOkcCuf9WPQ
+            RV/+BQhiEJGYmZF8KlWiCB1HTxvc3p04EmIsp1N6yuqoE0jUFIS3A4GYYHPDZwDa
+            G8Y+W68d9QKBgQC7aFxqcqusDPqmfrRDxfGGC7sRecQpc+4UP5cFuzrpcY9RMl7D
+            xJsDHhbSfwtcwS57SA2BHwXsdNIOl64QeR7xeGdxvdGjgURt22DfsweWLZs6TMv3
+            nRE7Jo9rhqkRdEds65RopsE6AkRq3EfFgxuEy2pQaJi/JIO5A6i0D8sFHwKBgQCI
+            rtDuMO5E1QCXaX+xsLiOve5IggpAz324YUcMM8rN0earMimIkrCggKDtHW3H9c/7
+            sA7EsRQWJWJwNR9v6qOqBdkFm1fY+htZamuyv2EC3/YHmurDHgTEixYjG20mylqq
+            hDAoIAYTbr+aq13+qm6L4VhquVTCiYMHoGA7M62F+QKBgQCfTv5XVu+bEEBKyTkf
+            oVWjaLbO99zrgRYmZ9zhiRtlYFKefQ4kKxr+SRcia2dxQiNVPh5qUkX6ukvgCEVl
+            GoFTlopsX/CbilNarkwa/nvgQQeZAlrFpONifrtfZffV2Cs6wcwYAL8W5qFtl6iy
+            ZpLGJZdEWAPTxB6ppnDC75/KOg==
+            -----END PRIVATE KEY-----
+          SIGNING_KEY
+
+        # Test validation key to enable direct connection code completions
+        # https://gitlab.com/gitlab-org/modelops/applied-ml/code-suggestions/ai-assist/-/blob/97f54f4b7e43258a39bba7f29f38fe44bd316ce5/example.env#L79
+        TEST_VALIDATION_KEY =
+          <<~VALIDATION_KEY
+            -----BEGIN PRIVATE KEY-----
+            MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDOAJNEB8EoyCAk
+            acSevXg5md0/JJGxBrHpIHqDuSf5FEENU0eGCc3PLZh5IjFcijGThMy0r/OMQn/n
+            /KAVCLlyPBaLEGsxqXJcW2CmNM24A3zyR4b7ghB+POKJY9lD2JoUWe57+B0IgZuz
+            PQbwRvuO7ULsw4xgGoLcoiscYMzKEWuFKDrteim+2vjCif5DDohKZQc3Ic8dwOtL
+            2C6+dV2TdyK0JPD7Kc1ONnH3S/VWJ8W5DDO1q5MrwJ+CQMaofHRqpbZrc66i5v2y
+            6/ooB0W14D1Qy4GmMIkLnkdP9UcYRHL7cVDv0D+bHs0xIyTXgbZaL78VFUyqeq23
+            qR4opOmFAgMBAAECggEABiJ5lZFkN4ew1VoaUzPclwfgUSy7SKSkuwbkPx9OHm/I
+            +XxHvqkfaj0MXlxzUIiDrhtKpqgwE4w4wjrWtZRQmXif9JI6RFIB0thHH4v7rbAv
+            kgjT7zzSAEBl6qYrkTFWcqa0Sxgkx90RkEaP+gB90KV7fxDaZv5DHrjsRGhpkNbi
+            8qtJOrvY6we6nx/YaD3iK69qQk6ktRg1AYUDH3xjBIIzo6brqlL2NJ+Q4VerrHFU
+            2EhTXto+4Y51Qjpas5B7DHmEhghZtYsMceuqFNvDQgGg1IsBPB4icTIREzHJ0rj3
+            Xgh5DMJGYb0p7Ktm74jciTdFIHeDMUCLoxxSPTZavQKBgQDs1njL0VR1hZKiGihO
+            fP0L3BwNL0H6uqKOlPP+DwdnNv7Q99xMKe9qcGWeiFXrLDkVMkd0M2LfU4SH5XUO
+            mt0YSC7Fn/pwozbk61k9+oEnL9cwDpwFwr46ccY6hmp3iihLTrgDuAi0CMSurZrC
+            mnqOOAxuSq6D7a/yhNKdEvckqwKBgQDeq2tIXlWVPXBY6CgIhUakq0oqHn35lhx4
+            CJuc1cujm1C68/UiZvxRK1LLAcFlDLl7+lnCSKnNn6fwK+jCsEsGT8ZuCJ2FznGH
+            wN6B3qrgEsB+FgC6qLir/o83E8I0tSOITaWHHvIc/l1PuXHJbwfCd2yB1sdeshID
+            x9o38/pKjwKBgH1YQRQ11IpiSCnMyDpKAi7Nrnb35OaK8k+d28hBMfzZaWE1XP1e
+            UFy34cBWjYpqnEdwlcqVC6YAcKrvsNUq9wrL4R0svwHwD7R2LoQT2VjhA/VmNgMC
+            f2U1I+GDlENx9kNtBQzK0Khf36BHNxn5YhV06ndQxS4DlNQ4obMJ/40DAoGBAIWm
+            DfaZ6HRzNAOpFJ5IoGYmCZXOR36PAvdo8z3ndRr2FjagRvonJjrx7fe7TgEA6jPn
+            yAg85O5ubbZSJJr2hZF8QHW65hFyH+KDeQoqRBXKK4+CVV2z92QEnqFIUsCgGHuv
+            XzMC9/8/DXLUs99brSSj2ZT0/SVxbC6ovennnssxAoGALtm2AUBMgsU6b9B+Fp2L
+            ZBQSwkyd3bOD7sFJHhbmiRE/ag2lsaE+dNg9H42fhOV0MXfPkEBWCIaGt931T5+q
+            FVATlTTDAx2CRmJCOyXkQ6mGBFTkQPqDwmWvwjbK9B5r0SnGfCpk4uEYWoYYsX05
+            t14Huwf9VVUTCfEi0+wWcko=
+            -----END PRIVATE KEY-----
+          VALIDATION_KEY
+
         def name
           @name ||= 'ai-gateway'
         end
@@ -26,7 +94,9 @@ module Gitlab
             'AIGW_CUSTOMER_PORTAL_URL' => Runtime::Env.customer_portal_url,
             'AIGW_MOCK_MODEL_RESPONSES' => true,
             'AIGW_LOGGING__LEVEL' => 'debug',
-            'AIGW_LOGGING__TO_FILE' => "..#{LOG_DIR}/modelgateway_debug.log"
+            'AIGW_LOGGING__TO_FILE' => "..#{LOG_DIR}/modelgateway_debug.log",
+            'AIGW_SELF_SIGNED_JWT__SIGNING_KEY' => TEST_SIGNING_KEY,
+            'AIGW_SELF_SIGNED_JWT__VALIDATION_KEY' => TEST_VALIDATION_KEY
           }
         end
       end

data/lib/gitlab/qa/component/chaos.rb

@@ -11,7 +11,7 @@ module Gitlab
 
         def initialize
           super
-          @network = "test"
+          @network = Runtime::Env.docker_network
         end
 
         def name

data/lib/gitlab/qa/component/gitaly_cluster.rb

@@ -16,7 +16,7 @@ module Gitlab
 
           def initialize(params = {}) # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity
             @gitlab_name = params[:gitlab_name] || 'gitlab-gitaly-cluster'
-            @network = params[:network] || 'test'
+            @network = params[:network] || Runtime::Env.docker_network
             @airgapped_network = params[:airgapped_network] || false
 
             @praefect_node_name = params[:praefect_node_name] || 'praefect'

data/lib/gitlab/qa/component/gitlab.rb

@@ -154,6 +154,7 @@ module Gitlab
 
           docker.run(image: image, tag: tag) do |command|
             command << "-d"
+            command << "--shm-size 256m"
             command << "--name #{name}"
             command << "--net #{network}"
             command << "--hostname #{hostname}"

data/lib/gitlab/qa/runner.rb

@@ -93,7 +93,6 @@ module Gitlab
           scenario = Scenario.const_get(args.shift)
 
           load_omnibus_configurations
-          load_telegraf(scenario)
 
           begin
             @active_configurators.compact.each do |configurator|
@@ -129,18 +128,6 @@ module Gitlab
         end.compact
       end
 
-      # Start telegraf agent for metrics collection
-      #
-      # Do not load when running against external instance
-      #
-      # @param [Class] scenario
-      # @return [void]
-      def self.load_telegraf(scenario)
-        return if scenario <= Scenario::Test::Instance::DeploymentBase || scenario == Scenario::Test::Instance::Any
-
-        @active_configurators << Component::Telegraf.new
-      end
-
       def self.load_omnibus_configurations
         # OmnibusConfiguration::Test       => --test
         # OmnibusConfiguration::HelloThere => --hello_there

data/lib/gitlab/qa/runtime/env.rb

@@ -17,156 +17,156 @@ module Gitlab
         # Any new key-value pairs should also be added to the hash at /rubocop/cop/gitlab/dangerous_interpolation.rb
         # to prevent Rubocop errors.
         ENV_VARIABLES = {
-          'QA_IMAGE' => :qa_image,
-          'QA_REMOTE_GRID' => :remote_grid,
-          'QA_REMOTE_GRID_USERNAME' => :remote_grid_username,
-          'QA_REMOTE_GRID_ACCESS_KEY' => :remote_grid_access_key,
-          'QA_REMOTE_GRID_PROTOCOL' => :remote_grid_protocol,
-          'QA_REMOTE_MOBILE_DEVICE_NAME' => :remote_mobile_device_name,
-          'QA_REMOTE_TUNNEL_ID' => :remote_tunnel_id,
-          'QA_BROWSER' => :browser,
-          'QA_SELENOID_BROWSER_VERSION' => :selenoid_browser_version,
-          'QA_RECORD_VIDEO' => :record_video,
-          'QA_LAYOUT' => :layout,
-          'QA_VIDEO_RECORDER_IMAGE' => :video_recorder_image,
-          'QA_VIDEO_RECORDER_VERSION' => :video_recorder_version,
-          'QA_SELENOID_BROWSER_IMAGE' => :selenoid_browser_image,
-          'QA_ADDITIONAL_REPOSITORY_STORAGE' => :qa_additional_repository_storage,
-          'QA_PRAEFECT_REPOSITORY_STORAGE' => :qa_praefect_repository_storage,
-          'QA_GITALY_NON_CLUSTER_STORAGE' => :qa_gitaly_non_cluster_storage,
-          'QA_COOKIES' => :qa_cookie,
-          'QA_DEBUG' => :qa_debug,
-          'QA_CAN_TEST_ADMIN_FEATURES' => :qa_can_test_admin_features,
-          'QA_CAN_TEST_GIT_PROTOCOL_V2' => :qa_can_test_git_protocol_v2,
-          'QA_CAN_TEST_PRAEFECT' => :qa_can_test_praefect,
-          'QA_SIMULATE_SLOW_CONNECTION' => :qa_simulate_slow_connection,
-          'QA_SLOW_CONNECTION_LATENCY_MS' => :qa_slow_connection_latency_ms,
-          'QA_SLOW_CONNECTION_THROUGHPUT_KBPS' => :qa_slow_connection_throughput_kbps,
-          'QA_GENERATE_ALLURE_REPORT' => :generate_allure_report,
-          'QA_EXPORT_TEST_METRICS' => :qa_export_test_metrics,
-          'QA_INFLUXDB_URL' => :qa_influxdb_url,
-          'QA_INFLUXDB_TOKEN' => :qa_influxdb_token,
-          'QA_SKIP_PULL' => :qa_skip_pull,
-          'QA_VALIDATE_RESOURCE_REUSE' => :qa_validate_resource_reuse,
-          'WEBDRIVER_HEADLESS' => :webdriver_headless,
-          'GITLAB_ADMIN_USERNAME' => :admin_username,
-          'GITLAB_ADMIN_PASSWORD' => :admin_password,
-          'GITLAB_USERNAME' => :user_username,
-          'GITLAB_PASSWORD' => :user_password,
-          'GITLAB_LDAP_USERNAME' => :ldap_username,
-          'GITLAB_LDAP_PASSWORD' => :ldap_password,
-          'GITLAB_FORKER_USERNAME' => :forker_username,
-          'GITLAB_FORKER_PASSWORD' => :forker_password,
-          'GITLAB_USER_TYPE' => :user_type,
-          'GITLAB_SANDBOX_NAME' => :gitlab_sandbox_name,
-          'GITLAB_QA_ACCESS_TOKEN' => :qa_access_token,
-          'GITLAB_QA_ADMIN_ACCESS_TOKEN' => :qa_admin_access_token,
-          'GITLAB_QA_DEV_ACCESS_TOKEN' => :qa_dev_access_token,
-          'GITLAB_QA_CONTAINER_REGISTRY_ACCESS_TOKEN' => :qa_container_registry_access_token,
-          'GITHUB_ACCESS_TOKEN' => :github_access_token,
-          'GITLAB_URL' => :gitlab_url,
-          'SIMPLE_SAML_HOSTNAME' => :simple_saml_hostname,
-          'SIMPLE_SAML_FINGERPRINT' => :simple_saml_fingerprint,
           'ACCEPT_INSECURE_CERTS' => :accept_insecure_certs,
-          'EE_LICENSE' => :ee_license,
-          'GCLOUD_ACCOUNT_EMAIL' => :gcloud_account_email,
-          'GCLOUD_ACCOUNT_KEY' => :gcloud_account_key,
-          'CLOUDSDK_CORE_PROJECT' => :cloudsdk_core_project,
-          'GCLOUD_REGION' => :gcloud_region,
-          'SIGNUP_DISABLED' => :signup_disabled,
-          'GITLAB_QA_USERNAME_1' => :gitlab_qa_username_1,
-          'GITLAB_QA_PASSWORD_1' => :gitlab_qa_password_1,
-          'GITLAB_QA_USERNAME_2' => :gitlab_qa_username_2,
-          'GITLAB_QA_PASSWORD_2' => :gitlab_qa_password_2,
-          'QA_GITHUB_USERNAME' => :qa_github_username,
-          'QA_GITHUB_PASSWORD' => :qa_github_password,
-          'QA_GITLAB_HOSTNAME' => :qa_gitlab_hostname,
-          'QA_GITLAB_USE_TLS' => :qa_gitlab_use_tls,
-          'KNAPSACK_GENERATE_REPORT' => :knapsack_generate_report,
-          'KNAPSACK_REPORT_PATH' => :knapsack_report_path,
-          'KNAPSACK_TEST_FILE_PATTERN' => :knapsack_test_file_pattern,
-          'KNAPSACK_TEST_DIR' => :knapsack_test_dir,
-          'NO_KNAPSACK' => :no_knapsack,
-          'QA_KNAPSACK_REPORT_GCS_CREDENTIALS' => :qa_knapsack_report_gcs_credentials,
-          'QA_KNAPSACK_REPORT_PATH' => :qa_knapsack_report_path,
-          'QA_RSPEC_REPORT_PATH' => :qa_rspec_report_path,
-          'RSPEC_FAST_QUARANTINE_PATH' => :rspec_fast_quarantine_path,
-          'RSPEC_SKIPPED_TESTS_REPORT_PATH' => :skipped_tests_report_path,
+          'AWS_S3_ACCESS_KEY' => :aws_s3_access_key,
+          'AWS_S3_BUCKET_NAME' => :aws_s3_bucket_name,
+          'AWS_S3_KEY_ID' => :aws_s3_key_id,
+          'AWS_S3_REGION' => :aws_s3_region,
+          'CACHE_NAMESPACE_NAME' => :cache_namespace_name,
+          'CHROME_DISABLE_DEV_SHM' => :chrome_disable_dev_shm,
           'CI' => :ci,
+          'CI_JOB_ID' => :ci_job_id,
           'CI_JOB_NAME' => :ci_job_name,
           'CI_JOB_NAME_SLUG' => :ci_job_name_slug,
-          'CI_JOB_ID' => :ci_job_id,
-          'CI_JOB_URL' => :ci_job_url,
           'CI_JOB_TOKEN' => :ci_job_token,
-          'CI_RUNNER_ID' => :ci_runner_id,
-          'CI_SERVER_HOST' => :ci_server_host,
-          'CI_SERVER_PERSONAL_ACCESS_TOKEN' => :ci_server_personal_access_token,
+          'CI_JOB_URL' => :ci_job_url,
+          'CI_MERGE_REQUEST_IID' => :ci_merge_request_iid,
           'CI_NODE_INDEX' => :ci_node_index,
           'CI_NODE_TOTAL' => :ci_node_total,
+          'CI_PIPELINE_CREATED_AT' => :ci_pipeline_created_at,
+          'CI_PIPELINE_ID' => :ci_pipeline_id,
+          'CI_PIPELINE_SOURCE' => :ci_pipeline_source,
+          'CI_PIPELINE_URL' => :ci_pipeline_url,
           'CI_PROJECT_NAME' => :ci_project_name,
           'CI_PROJECT_PATH' => :ci_project_path,
           'CI_PROJECT_PATH_SLUG' => :ci_project_path_slug,
-          'CI_PIPELINE_SOURCE' => :ci_pipeline_source,
-          'CI_PIPELINE_ID' => :ci_pipeline_id,
-          'CI_PIPELINE_URL' => :ci_pipeline_url,
-          'CI_PIPELINE_CREATED_AT' => :ci_pipeline_created_at,
-          'CI_MERGE_REQUEST_IID' => :ci_merge_request_iid,
-          'GITLAB_CI' => :gitlab_ci,
+          'CI_RUNNER_ID' => :ci_runner_id,
+          'CI_SERVER_HOST' => :ci_server_host,
+          'CI_SERVER_PERSONAL_ACCESS_TOKEN' => :ci_server_personal_access_token,
+          'COLORIZED_LOGS' => :colorized_logs,
+          'CLOUDSDK_CORE_PROJECT' => :cloudsdk_core_project,
+          'EE_LICENSE' => :ee_license,
           'ELASTIC_URL' => :elastic_url,
-          'GITLAB_QA_LOOP_RUNNER_MINUTES' => :gitlab_qa_loop_runner_minutes,
-          'MAILHOG_HOSTNAME' => :mailhog_hostname,
-          'GITLAB_QA_FORMLESS_LOGIN_TOKEN' => :gitlab_qa_formless_login_token,
-          'GEO_MAX_FILE_REPLICATION_TIME' => :geo_max_file_replication_time,
-          'GEO_MAX_DB_REPLICATION_TIME' => :geo_max_db_replication_time,
-          'JIRA_HOSTNAME' => :jira_hostname,
-          'JIRA_ADMIN_USERNAME' => :jira_admin_username,
-          'JIRA_ADMIN_PASSWORD' => :jira_admin_password,
-          'CACHE_NAMESPACE_NAME' => :cache_namespace_name,
-          'GITLAB_QA_USER_AGENT' => :gitlab_qa_user_agent,
+          'FIPS' => :fips,
+          'GCS_BUCKET_NAME' => :gcs_bucket_name,
+          'GCS_CDN_BUCKET_NAME' => :gcs_cdn_bucket_name,
+          'GCLOUD_ACCOUNT_EMAIL' => :gcloud_account_email,
+          'GCLOUD_ACCOUNT_KEY' => :gcloud_account_key,
+          'GCLOUD_REGION' => :gcloud_region,
           'GEO_FAILOVER' => :geo_failover,
+          'GEO_MAX_DB_REPLICATION_TIME' => :geo_max_db_replication_time,
+          'GEO_MAX_FILE_REPLICATION_TIME' => :geo_max_file_replication_time,
+          'GITLAB_ADMIN_PASSWORD' => :admin_password,
+          'GITLAB_ADMIN_USERNAME' => :admin_username,
+          'GITLAB_FORKER_PASSWORD' => :forker_password,
+          'GITLAB_FORKER_USERNAME' => :forker_username,
           'GITLAB_INITIAL_ROOT_PASSWORD' => :initial_root_password,
+          'GITLAB_LDAP_PASSWORD' => :ldap_password,
+          'GITLAB_LDAP_USERNAME' => :ldap_username,
+          'GITLAB_PASSWORD' => :user_password,
+          'GITLAB_QA_ACCESS_TOKEN' => :qa_access_token,
+          'GITLAB_QA_ADMIN_ACCESS_TOKEN' => :qa_admin_access_token,
+          'GITLAB_QA_CONTAINER_REGISTRY_ACCESS_TOKEN' => :qa_container_registry_access_token,
+          'GITLAB_QA_DEV_ACCESS_TOKEN' => :qa_dev_access_token,
+          'GITLAB_QA_FORMLESS_LOGIN_TOKEN' => :gitlab_qa_formless_login_token,
+          'GITLAB_QA_LOOP_RUNNER_MINUTES' => :gitlab_qa_loop_runner_minutes,
+          'GITLAB_QA_PASSWORD_1' => :gitlab_qa_password_1,
+          'GITLAB_QA_PASSWORD_2' => :gitlab_qa_password_2,
+          'GITLAB_QA_USER_AGENT' => :gitlab_qa_user_agent,
+          'GITLAB_QA_USERNAME_1' => :gitlab_qa_username_1,
+          'GITLAB_QA_USERNAME_2' => :gitlab_qa_username_2,
+          'GITLAB_SANDBOX_NAME' => :gitlab_sandbox_name,
           'GITLAB_TLS_CERTIFICATE' => :gitlab_tls_certificate,
-          'AWS_S3_REGION' => :aws_s3_region,
-          'AWS_S3_KEY_ID' => :aws_s3_key_id,
-          'AWS_S3_ACCESS_KEY' => :aws_s3_access_key,
-          'AWS_S3_BUCKET_NAME' => :aws_s3_bucket_name,
-          'TOP_UPSTREAM_MERGE_REQUEST_IID' => :top_upstream_merge_request_iid,
-          'GOOGLE_PROJECT' => :google_project,
-          'GOOGLE_CLIENT_EMAIL' => :google_client_email,
-          'GOOGLE_JSON_KEY' => :google_json_key,
+          'GITLAB_URL' => :gitlab_url,
+          'GITLAB_USER_TYPE' => :user_type,
+          'GITLAB_USERNAME' => :user_username,
+          'GITLAB_CI' => :gitlab_ci,
+          'GITHUB_ACCESS_TOKEN' => :github_access_token,
           'GOOGLE_CDN_JSON_KEY' => :google_cdn_json_key,
           'GOOGLE_CDN_LB' => :google_cdn_load_balancer,
           'GOOGLE_CDN_SIGNURL_KEY' => :google_cdn_signurl_key,
           'GOOGLE_CDN_SIGNURL_KEY_NAME' => :google_cdn_signurl_key_name,
-          'GCS_CDN_BUCKET_NAME' => :gcs_cdn_bucket_name,
-          'GCS_BUCKET_NAME' => :gcs_bucket_name,
-          'SMOKE_ONLY' => :smoke_only,
-          'NO_ADMIN' => :no_admin,
-          'CHROME_DISABLE_DEV_SHM' => :chrome_disable_dev_shm,
-          'COLORIZED_LOGS' => :colorized_logs,
-          'FIPS' => :fips,
+          'GOOGLE_CLIENT_EMAIL' => :google_client_email,
+          'GOOGLE_JSON_KEY' => :google_json_key,
+          'GOOGLE_PROJECT' => :google_project,
           'JH_ENV' => :jh_env,
+          'JIRA_ADMIN_PASSWORD' => :jira_admin_password,
+          'JIRA_ADMIN_USERNAME' => :jira_admin_username,
+          'JIRA_HOSTNAME' => :jira_hostname,
+          'KNAPSACK_GENERATE_REPORT' => :knapsack_generate_report,
+          'KNAPSACK_REPORT_PATH' => :knapsack_report_path,
+          'KNAPSACK_TEST_DIR' => :knapsack_test_dir,
+          'KNAPSACK_TEST_FILE_PATTERN' => :knapsack_test_file_pattern,
+          'MAILHOG_HOSTNAME' => :mailhog_hostname,
+          'NO_KNAPSACK' => :no_knapsack,
+          'QA_ADDITIONAL_REPOSITORY_STORAGE' => :qa_additional_repository_storage,
+          'QA_BROWSER' => :browser,
+          'QA_CAN_TEST_ADMIN_FEATURES' => :qa_can_test_admin_features,
+          'QA_CAN_TEST_GIT_PROTOCOL_V2' => :qa_can_test_git_protocol_v2,
+          'QA_CAN_TEST_PRAEFECT' => :qa_can_test_praefect,
+          'QA_COOKIES' => :qa_cookie,
+          'QA_DEBUG' => :qa_debug,
+          'QA_DOCKER_NETWORK' => :docker_network,
+          'QA_EXPORT_TEST_METRICS' => :qa_export_test_metrics,
+          'QA_GITALY_NON_CLUSTER_STORAGE' => :qa_gitaly_non_cluster_storage,
           'QA_GITHUB_OAUTH_APP_ID' => :github_oauth_app_id,
           'QA_GITHUB_OAUTH_APP_SECRET' => :github_oauth_app_secret,
+          'QA_GITHUB_PASSWORD' => :qa_github_password,
+          'QA_GITHUB_USERNAME' => :qa_github_username,
+          'QA_GITLAB_HOSTNAME' => :qa_gitlab_hostname,
+          'QA_GITLAB_USE_TLS' => :qa_gitlab_use_tls,
+          'QA_IMAGE' => :qa_image,
+          'QA_INFLUXDB_TOKEN' => :qa_influxdb_token,
+          'QA_INFLUXDB_URL' => :qa_influxdb_url,
+          'QA_KNAPSACK_REPORT_GCS_CREDENTIALS' => :qa_knapsack_report_gcs_credentials,
+          'QA_KNAPSACK_REPORT_PATH' => :qa_knapsack_report_path,
+          'QA_LAYOUT' => :layout,
+          'QA_PRAEFECT_REPOSITORY_STORAGE' => :qa_praefect_repository_storage,
+          'QA_RECORD_VIDEO' => :record_video,
+          'QA_REMOTE_GRID' => :remote_grid,
+          'QA_REMOTE_GRID_ACCESS_KEY' => :remote_grid_access_key,
+          'QA_REMOTE_GRID_PROTOCOL' => :remote_grid_protocol,
+          'QA_REMOTE_GRID_USERNAME' => :remote_grid_username,
+          'QA_REMOTE_MOBILE_DEVICE_NAME' => :remote_mobile_device_name,
+          'QA_REMOTE_TUNNEL_ID' => :remote_tunnel_id,
+          'QA_RSPEC_REPORT_PATH' => :qa_rspec_report_path,
+          'QA_SELENOID_BROWSER_IMAGE' => :selenoid_browser_image,
+          'QA_SELENOID_BROWSER_VERSION' => :selenoid_browser_version,
+          'QA_SIMULATE_SLOW_CONNECTION' => :qa_simulate_slow_connection,
+          'QA_SKIP_PULL' => :qa_skip_pull,
+          'QA_SLOW_CONNECTION_LATENCY_MS' => :qa_slow_connection_latency_ms,
+          'QA_SLOW_CONNECTION_THROUGHPUT_KBPS' => :qa_slow_connection_throughput_kbps,
+          'QA_VALIDATE_RESOURCE_REUSE' => :qa_validate_resource_reuse,
+          'QA_VIDEO_RECORDER_IMAGE' => :video_recorder_image,
+          'QA_VIDEO_RECORDER_VERSION' => :video_recorder_version,
           'QA_1P_EMAIL' => :qa_1p_email,
+          'QA_1P_GITHUB_UUID' => :qa_1p_github_uuid,
           'QA_1P_PASSWORD' => :qa_1p_password,
           'QA_1P_SECRET' => :qa_1p_secret,
-          'QA_1P_GITHUB_UUID' => :qa_1p_github_uuid,
           'RELEASE' => :release,
+          'RELEASE_REGISTRY_PASSWORD' => :release_registry_password,
           'RELEASE_REGISTRY_URL' => :release_registry_url,
           'RELEASE_REGISTRY_USERNAME' => :release_registry_username,
-          'RELEASE_REGISTRY_PASSWORD' => :release_registry_password,
+          'RSPEC_FAST_QUARANTINE_PATH' => :rspec_fast_quarantine_path,
+          'RSPEC_SKIPPED_TESTS_REPORT_PATH' => :skipped_tests_report_path,
+          'SCHEDULE_TYPE' => :schedule_type,
           'SELENOID_DIRECTORY' => :selenoid_directory,
+          'SIGNUP_DISABLED' => :signup_disabled,
+          'SIMPLE_SAML_FINGERPRINT' => :simple_saml_fingerprint,
+          'SIMPLE_SAML_HOSTNAME' => :simple_saml_hostname,
+          'SMOKE_ONLY' => :smoke_only,
+          'TOP_UPSTREAM_MERGE_REQUEST_IID' => :top_upstream_merge_request_iid,
           'USE_SELENOID' => :use_selenoid,
-          'SCHEDULE_TYPE' => :schedule_type,
+          'WEBDRIVER_HEADLESS' => :webdriver_headless,
+          'WORKSPACES_DOMAIN_CERT' => { name: :workspaces_domain_cert, type: :file },
+          'WORKSPACES_DOMAIN_KEY' => { name: :workspaces_domain_key, type: :file },
           'WORKSPACES_OAUTH_APP_ID' => :workspaces_oauth_app_id,
           'WORKSPACES_OAUTH_APP_SECRET' => :workspaces_oauth_app_secret,
           'WORKSPACES_OAUTH_SIGNING_KEY' => :workspaces_oauth_signing_key,
           'WORKSPACES_PROXY_DOMAIN' => :workspaces_proxy_domain,
-          'WORKSPACES_DOMAIN_CERT' => { name: :workspaces_domain_cert, type: :file },
-          'WORKSPACES_DOMAIN_KEY' => { name: :workspaces_domain_key, type: :file },
           'WORKSPACES_WILDCARD_CERT' => { name: :workspaces_wildcard_cert, type: :file },
-          'WORKSPACES_WILDCARD_KEY' => { name: :workspaces_wildcard_key, type: :file }
+          'WORKSPACES_WILDCARD_KEY' => { name: :workspaces_wildcard_key, type: :file },
+          'EPIC_SYNC_TEST' => :epic_sync_test
         }.freeze
 
         def variables
@@ -392,9 +392,7 @@ module Gitlab
           live_envs = %w[staging staging-canary staging-ref canary preprod production]
           return unless live_envs.include?(ci_project_name)
 
-          test_subset = if env_var_value_if_defined('NO_ADMIN') == 'true'
-                          'sanity-no-admin'
-                        elsif env_var_value_if_defined('SMOKE_ONLY') == 'true'
+          test_subset = if env_var_value_if_defined('SMOKE_ONLY') == 'true'
                           'sanity'
                         else
                           'full'
@@ -403,6 +401,13 @@ module Gitlab
           "#{ci_project_name}-#{test_subset}"
         end
 
+        # The default network for the Docker containers
+        #
+        # @example <component>.test
+        def docker_network
+          env_var_value_if_defined('QA_DOCKER_NETWORK') || 'test'
+        end
+
         def docker_add_hosts
           (env_var_value_if_defined('QA_DOCKER_ADD_HOSTS') || '').split(',')
         end

data/lib/gitlab/qa/runtime/omnibus_configurations/object_storage.rb

@@ -21,7 +21,7 @@ module Gitlab
           end
 
           def prepare
-            minio.network = 'test'
+            minio.network = Runtime::Env.docker_network
 
             TYPES.each do |bucket_name|
               minio.add_bucket("#{bucket_name}-bucket")

data/lib/gitlab/qa/scenario/test/instance/airgapped.rb

@@ -13,7 +13,7 @@ module Gitlab
               # Uses https://docs.docker.com/engine/reference/commandline/network_create/#network-internal-mode
               @airgapped_network_name = 'airgapped'
               # Uses iptables to deny all network traffic, with a number of exceptions for required ports and IPs
-              @iptables_restricted_network = 'test'
+              @iptables_restricted_network = Runtime::Env.docker_network
               @config = Component::GitalyCluster::GitalyClusterConfig.new(
                 gitlab_name: "gitlab-airgapped-#{SecureRandom.hex(4)}",
                 airgapped_network: true,

data/lib/gitlab/qa/scenario/test/instance/image.rb

@@ -17,7 +17,7 @@ module Gitlab
               Component::Gitlab.perform do |gitlab|
                 gitlab.release = release
                 gitlab.volumes = @volumes
-                gitlab.network = 'test'
+                gitlab.network = Runtime::Env.docker_network
                 gitlab.name = Runtime::Env.qa_gitlab_hostname
                 gitlab.seed_admin_token = @seed_admin_token
                 gitlab.tls = Runtime::Env.qa_gitlab_use_tls?

data/lib/gitlab/qa/scenario/test/instance/relative_url.rb

@@ -9,7 +9,7 @@ module Gitlab
             def perform(release, *rspec_args)
               Component::Gitlab.perform do |gitlab|
                 gitlab.release = release
-                gitlab.network = 'test'
+                gitlab.network = Runtime::Env.docker_network
                 gitlab.relative_path = '/relative'
 
                 gitlab.omnibus_configuration << "external_url '#{gitlab.address}'"