gitlab-qa 5.13.3 → 5.14.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/docs/run_qa_against_gdk.md +3 -0
- data/docs/what_tests_can_be_run.md +65 -54
- data/lib/gitlab/qa.rb +3 -0
- data/lib/gitlab/qa/component/base.rb +135 -0
- data/lib/gitlab/qa/component/elasticsearch.rb +5 -32
- data/lib/gitlab/qa/component/gitlab.rb +16 -88
- data/lib/gitlab/qa/component/internet_tunnel.rb +6 -29
- data/lib/gitlab/qa/component/jira.rb +5 -44
- data/lib/gitlab/qa/component/ldap.rb +8 -51
- data/lib/gitlab/qa/component/mail_hog.rb +5 -44
- data/lib/gitlab/qa/component/minio.rb +9 -34
- data/lib/gitlab/qa/component/postgresql.rb +4 -36
- data/lib/gitlab/qa/component/saml.rb +5 -54
- data/lib/gitlab/qa/component/specs.rb +2 -11
- data/lib/gitlab/qa/docker/engine.rb +20 -1
- data/lib/gitlab/qa/release.rb +20 -0
- data/lib/gitlab/qa/runtime/env.rb +25 -1
- data/lib/gitlab/qa/runtime/scenario.rb +36 -0
- data/lib/gitlab/qa/scenario/test/instance/airgapped.rb +68 -0
- data/lib/gitlab/qa/scenario/test/integration/gitaly_ha.rb +2 -2
- data/lib/gitlab/qa/version.rb +1 -1
- metadata +6 -3
@@ -6,22 +6,9 @@ require 'securerandom'
|
|
6
6
|
module Gitlab
|
7
7
|
module QA
|
8
8
|
module Component
|
9
|
-
class SAML
|
10
|
-
|
11
|
-
|
12
|
-
SAML_IMAGE = 'jamedjo/test-saml-idp'.freeze
|
13
|
-
SAML_IMAGE_TAG = 'latest'.freeze
|
14
|
-
|
15
|
-
attr_reader :docker
|
16
|
-
attr_accessor :volumes, :network, :environment
|
17
|
-
attr_writer :name
|
18
|
-
|
19
|
-
def initialize
|
20
|
-
@docker = Docker::Engine.new
|
21
|
-
@environment = {}
|
22
|
-
@volumes = {}
|
23
|
-
@network_aliases = []
|
24
|
-
end
|
9
|
+
class SAML < Base
|
10
|
+
DOCKER_IMAGE = 'jamedjo/test-saml-idp'.freeze
|
11
|
+
DOCKER_IMAGE_TAG = 'latest'.freeze
|
25
12
|
|
26
13
|
def set_entity_id(entity_id)
|
27
14
|
@environment['SIMPLESAMLPHP_SP_ENTITY_ID'] = entity_id
|
@@ -31,18 +18,10 @@ module Gitlab
|
|
31
18
|
@environment['SIMPLESAMLPHP_SP_ASSERTION_CONSUMER_SERVICE'] = assertion_con_service
|
32
19
|
end
|
33
20
|
|
34
|
-
def add_network_alias(name)
|
35
|
-
@network_aliases.push(name)
|
36
|
-
end
|
37
|
-
|
38
21
|
def name
|
39
22
|
@name ||= "saml-qa-idp"
|
40
23
|
end
|
41
24
|
|
42
|
-
def hostname
|
43
|
-
"#{name}.#{network}"
|
44
|
-
end
|
45
|
-
|
46
25
|
def group_name
|
47
26
|
@group_name ||= "saml_sso_group-#{SecureRandom.hex(4)}"
|
48
27
|
end
|
@@ -50,25 +29,12 @@ module Gitlab
|
|
50
29
|
def instance
|
51
30
|
raise 'Please provide a block!' unless block_given?
|
52
31
|
|
53
|
-
|
54
|
-
start
|
55
|
-
|
56
|
-
yield self
|
57
|
-
ensure
|
58
|
-
teardown
|
59
|
-
end
|
60
|
-
|
61
|
-
def prepare
|
62
|
-
pull
|
63
|
-
|
64
|
-
return if @docker.network_exists?(network)
|
65
|
-
|
66
|
-
@docker.network_create(network)
|
32
|
+
super
|
67
33
|
end
|
68
34
|
|
69
35
|
# rubocop:disable Metrics/AbcSize
|
70
36
|
def start
|
71
|
-
docker.run(
|
37
|
+
docker.run(image, tag) do |command|
|
72
38
|
command << '-d '
|
73
39
|
command << "--name #{name}"
|
74
40
|
command << "--net #{network}"
|
@@ -91,21 +57,6 @@ module Gitlab
|
|
91
57
|
end
|
92
58
|
# rubocop:enable Metrics/AbcSize
|
93
59
|
|
94
|
-
def restart
|
95
|
-
@docker.restart(name)
|
96
|
-
end
|
97
|
-
|
98
|
-
def teardown
|
99
|
-
raise 'Invalid instance name!' unless name
|
100
|
-
|
101
|
-
@docker.stop(name)
|
102
|
-
@docker.remove(name)
|
103
|
-
end
|
104
|
-
|
105
|
-
def pull
|
106
|
-
@docker.pull(SAML_IMAGE, SAML_IMAGE_TAG)
|
107
|
-
end
|
108
|
-
|
109
60
|
def set_sandbox_name(sandbox_name)
|
110
61
|
::Gitlab::QA::Runtime::Env.gitlab_sandbox_name = sandbox_name
|
111
62
|
end
|
@@ -8,7 +8,7 @@ module Gitlab
|
|
8
8
|
# the `qa/` directory located in GitLab CE / EE repositories.
|
9
9
|
#
|
10
10
|
class Specs < Scenario::Template
|
11
|
-
attr_accessor :suite, :release, :network, :args, :volumes, :env
|
11
|
+
attr_accessor :suite, :release, :network, :args, :volumes, :env, :runner_network
|
12
12
|
|
13
13
|
def initialize
|
14
14
|
@docker = Docker::Engine.new
|
@@ -19,16 +19,7 @@ module Gitlab
|
|
19
19
|
def perform # rubocop:disable Metrics/AbcSize
|
20
20
|
raise ArgumentError unless [suite, release].all?
|
21
21
|
|
22
|
-
if release.
|
23
|
-
Docker::Command.execute(
|
24
|
-
[
|
25
|
-
'login',
|
26
|
-
'--username gitlab-qa-bot',
|
27
|
-
%(--password "#{Runtime::Env.dev_access_token_variable}"),
|
28
|
-
QA::Release::DEV_REGISTRY
|
29
|
-
]
|
30
|
-
)
|
31
|
-
end
|
22
|
+
@docker.login(**release.login_params) if release.login_params
|
32
23
|
|
33
24
|
puts "Running test suite `#{suite}` for #{release.project_name}"
|
34
25
|
|
@@ -3,11 +3,16 @@ module Gitlab
|
|
3
3
|
module Docker
|
4
4
|
class Engine
|
5
5
|
DOCKER_HOST = ENV['DOCKER_HOST'] || 'http://localhost'
|
6
|
+
PRIVILEGED_COMMANDS = [/^iptables.*/].freeze
|
6
7
|
|
7
8
|
def hostname
|
8
9
|
URI(DOCKER_HOST).host
|
9
10
|
end
|
10
11
|
|
12
|
+
def login(username:, password:, registry:)
|
13
|
+
Docker::Command.execute(%(login --username "#{username}" --password "#{password}" #{registry}))
|
14
|
+
end
|
15
|
+
|
11
16
|
def pull(image, tag)
|
12
17
|
Docker::Command.execute("pull #{image}:#{tag}")
|
13
18
|
end
|
@@ -23,8 +28,18 @@ module Gitlab
|
|
23
28
|
end
|
24
29
|
end
|
25
30
|
|
31
|
+
def privileged_command?(command)
|
32
|
+
PRIVILEGED_COMMANDS.each do |privileged_regex|
|
33
|
+
return true if command.match(privileged_regex)
|
34
|
+
end
|
35
|
+
|
36
|
+
false
|
37
|
+
end
|
38
|
+
|
26
39
|
def exec(name, command)
|
27
|
-
|
40
|
+
cmd = ['exec']
|
41
|
+
cmd << '--privileged' if privileged_command?(command)
|
42
|
+
Docker::Command.execute("#{cmd.join(' ')} #{name} bash -c '#{command}'")
|
28
43
|
end
|
29
44
|
|
30
45
|
def read_file(image, tag, path, &block)
|
@@ -63,6 +78,10 @@ module Gitlab
|
|
63
78
|
def port(name, port)
|
64
79
|
Docker::Command.execute("port #{name} #{port}/tcp")
|
65
80
|
end
|
81
|
+
|
82
|
+
def running?(name)
|
83
|
+
Docker::Command.execute("ps -f name=#{name}").include?(name)
|
84
|
+
end
|
66
85
|
end
|
67
86
|
end
|
68
87
|
end
|
data/lib/gitlab/qa/release.rb
CHANGED
@@ -135,6 +135,26 @@ module Gitlab
|
|
135
135
|
end
|
136
136
|
end
|
137
137
|
|
138
|
+
def login_params
|
139
|
+
if dev_gitlab_org?
|
140
|
+
Runtime::Env.require_qa_dev_access_token!
|
141
|
+
|
142
|
+
{
|
143
|
+
username: Runtime::Env.gitlab_dev_username,
|
144
|
+
password: Runtime::Env.dev_access_token_variable,
|
145
|
+
registry: DEV_REGISTRY
|
146
|
+
}
|
147
|
+
elsif omnibus_mirror?
|
148
|
+
Runtime::Env.require_gitlab_bot_multi_project_pipeline_polling_token!
|
149
|
+
|
150
|
+
{
|
151
|
+
username: Runtime::Env.gitlab_username,
|
152
|
+
password: Runtime::Env.gitlab_bot_multi_project_pipeline_polling_token,
|
153
|
+
registry: COM_REGISTRY
|
154
|
+
}
|
155
|
+
end
|
156
|
+
end
|
157
|
+
|
138
158
|
def dev_gitlab_org?
|
139
159
|
image.start_with?(DEV_REGISTRY)
|
140
160
|
end
|
@@ -84,10 +84,22 @@ module Gitlab
|
|
84
84
|
send(:attr_accessor, accessor) # rubocop:disable GitlabSecurity/PublicSend
|
85
85
|
end
|
86
86
|
|
87
|
+
def gitlab_username
|
88
|
+
ENV['GITLAB_USERNAME'] || 'gitlab-qa'
|
89
|
+
end
|
90
|
+
|
91
|
+
def gitlab_dev_username
|
92
|
+
ENV['GITLAB_DEV_USERNAME'] || 'gitlab-qa-bot'
|
93
|
+
end
|
94
|
+
|
87
95
|
def gitlab_api_base
|
88
96
|
ENV['GITLAB_API_BASE'] || 'https://gitlab.com/api/v4'
|
89
97
|
end
|
90
98
|
|
99
|
+
def gitlab_bot_multi_project_pipeline_polling_token
|
100
|
+
ENV['GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN']
|
101
|
+
end
|
102
|
+
|
91
103
|
def ci_job_name
|
92
104
|
ENV['CI_JOB_NAME']
|
93
105
|
end
|
@@ -195,8 +207,14 @@ module Gitlab
|
|
195
207
|
end
|
196
208
|
end
|
197
209
|
|
210
|
+
def require_gitlab_bot_multi_project_pipeline_polling_token!
|
211
|
+
return unless ENV['GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN'].to_s.strip.empty?
|
212
|
+
|
213
|
+
raise ArgumentError, "Please provide GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN"
|
214
|
+
end
|
215
|
+
|
198
216
|
def skip_pull?
|
199
|
-
(ENV['QA_SKIP_PULL']
|
217
|
+
enabled?(ENV['QA_SKIP_PULL'], default: false)
|
200
218
|
end
|
201
219
|
|
202
220
|
def gitlab_qa_formless_login_token
|
@@ -205,6 +223,12 @@ module Gitlab
|
|
205
223
|
|
206
224
|
private
|
207
225
|
|
226
|
+
def enabled?(value, default: true)
|
227
|
+
return default if value.nil?
|
228
|
+
|
229
|
+
(value =~ /^(false|no|0)$/i) != 0
|
230
|
+
end
|
231
|
+
|
208
232
|
def env_value_if_defined(variable)
|
209
233
|
# Pass through the variables if they are defined in the environment
|
210
234
|
return "$#{variable}" if ENV[variable]
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Gitlab
|
4
|
+
module QA
|
5
|
+
module Runtime
|
6
|
+
##
|
7
|
+
# Singleton approach to global test scenario arguments.
|
8
|
+
#
|
9
|
+
module Scenario
|
10
|
+
extend self
|
11
|
+
|
12
|
+
def attributes
|
13
|
+
@attributes ||= {}
|
14
|
+
end
|
15
|
+
|
16
|
+
def define(attribute, value)
|
17
|
+
attributes.store(attribute.to_sym, value)
|
18
|
+
|
19
|
+
define_singleton_method(attribute) do
|
20
|
+
attributes[attribute.to_sym].tap do |value|
|
21
|
+
if value.to_s.empty?
|
22
|
+
raise ArgumentError, "Empty `#{attribute}` attribute!"
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
# rubocop:disable Style/MethodMissing
|
29
|
+
def method_missing(name, *)
|
30
|
+
raise ArgumentError, "Scenario attribute `#{name}` not defined!"
|
31
|
+
end
|
32
|
+
# rubocop:enable Style/MethodMissing
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,68 @@
|
|
1
|
+
module Gitlab
|
2
|
+
module QA
|
3
|
+
module Scenario
|
4
|
+
module Test
|
5
|
+
module Instance
|
6
|
+
class Airgapped < Scenario::Template
|
7
|
+
require 'resolv'
|
8
|
+
attr_accessor :commands
|
9
|
+
|
10
|
+
def initialize
|
11
|
+
gitlab_ip = Resolv.getaddress('registry.gitlab.com')
|
12
|
+
@commands = <<~AIRGAP_AND_VERIFY_COMMAND.split(/\n+/)
|
13
|
+
# Should not fail before airgapping due to eg. DNS failure
|
14
|
+
# Ping and wget check
|
15
|
+
apt-get update && apt-get install -y iptables netcat
|
16
|
+
nc -zv -w 10 #{gitlab_ip} 80 && (echo \"Regular connectivity netcat check passed.\" && exit 0) || (echo \"Regular connectivity netcat check failed.\" && exit 1)
|
17
|
+
echo "Checking regular connectivity..." \
|
18
|
+
&& wget --retry-connrefused --waitretry=1 --read-timeout=15 --timeout=10 -t 2 http://registry.gitlab.com > /dev/null 2>&1 \
|
19
|
+
&& (echo "Regular connectivity wget check passed." && exit 0) || (echo "Regular connectivity wget check failed." && exit 1)
|
20
|
+
|
21
|
+
iptables -P INPUT DROP && iptables -P OUTPUT DROP
|
22
|
+
iptables -A INPUT -i lo -j ACCEPT && iptables -A OUTPUT -o lo -j ACCEPT # LOOPBACK
|
23
|
+
iptables -I INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
|
24
|
+
iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
|
25
|
+
|
26
|
+
# Jenkins on port 8080 and 50000
|
27
|
+
iptables -A OUTPUT -p tcp -m tcp --dport 8080 -m state --state NEW,ESTABLISHED -j ACCEPT \
|
28
|
+
&& iptables -A OUTPUT -p tcp -m tcp --dport 50000 -m state --state NEW,ESTABLISHED -j ACCEPT
|
29
|
+
iptables -A OUTPUT -p tcp -m tcp --sport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
|
30
|
+
iptables -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
|
31
|
+
iptables -A OUTPUT -p tcp -m tcp --sport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
|
32
|
+
iptables -A INPUT -p tcp -m tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
|
33
|
+
|
34
|
+
# Should now fail to ping and wget, port 80 should be open
|
35
|
+
nc -zv -w 10 #{gitlab_ip} 80 && (echo \"Airgapped network faulty. Connectivity netcat check failed.\" && exit 1) || (echo \"Connectivity netcat check passed.\" && exit 0)
|
36
|
+
nc -zv -w 10 127.0.0.1 22 && (echo "Airgapped connectivity port 22 check passed." && exit 0) || (echo "Airgapped connectivity port 22 check failed." && exit 1)
|
37
|
+
nc -zv -w 10 127.0.0.1 80 && (echo "Airgapped connectivity port 80 check passed." && exit 0) || (echo "Airgapped connectivity port 80 check failed." && exit 1)
|
38
|
+
echo "Checking airgapped connectivity..." \
|
39
|
+
&& wget --retry-connrefused --waitretry=1 --read-timeout=15 --timeout=10 -t 2 http://registry.gitlab.com > /dev/null 2>&1 \
|
40
|
+
&& (echo "Airgapped network faulty. Connectivity wget check failed." && exit 1) || (echo "Airgapped network confirmed. Connectivity wget check passed." && exit 0)
|
41
|
+
AIRGAP_AND_VERIFY_COMMAND
|
42
|
+
end
|
43
|
+
|
44
|
+
def perform(release, *rspec_args)
|
45
|
+
Component::Gitlab.perform do |gitlab|
|
46
|
+
gitlab.release = release
|
47
|
+
gitlab.network = 'test'
|
48
|
+
gitlab.runner_network = 'airgapped'
|
49
|
+
gitlab.exec_commands = @commands
|
50
|
+
rspec_args << "--" unless rspec_args.include?('--')
|
51
|
+
rspec_args << %w[--tag ~orchestrated]
|
52
|
+
gitlab.instance do
|
53
|
+
Component::Specs.perform do |specs|
|
54
|
+
specs.suite = 'Test::Instance::Airgapped'
|
55
|
+
specs.release = gitlab.release
|
56
|
+
specs.network = gitlab.network
|
57
|
+
specs.runner_network = gitlab.runner_network
|
58
|
+
specs.args = [gitlab.address, *rspec_args]
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
@@ -31,7 +31,7 @@ module Gitlab
|
|
31
31
|
praefect.release = QA::Release.new(release)
|
32
32
|
praefect.name = @praefect_node
|
33
33
|
praefect.network = @network
|
34
|
-
praefect.
|
34
|
+
praefect.skip_availability_check = true
|
35
35
|
|
36
36
|
praefect.omnibus_config = praefect_omnibus_configuration
|
37
37
|
|
@@ -149,7 +149,7 @@ module Gitlab
|
|
149
149
|
gitaly.release = QA::Release.new(release)
|
150
150
|
gitaly.name = name
|
151
151
|
gitaly.network = @network
|
152
|
-
gitaly.
|
152
|
+
gitaly.skip_availability_check = true
|
153
153
|
|
154
154
|
gitaly.omnibus_config = gitaly_omnibus_configuration
|
155
155
|
|
data/lib/gitlab/qa/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: gitlab-qa
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.
|
4
|
+
version: 5.14.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Grzegorz Bizon
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-06-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: climate_control
|
@@ -237,6 +237,7 @@ files:
|
|
237
237
|
- fixtures/ldap/tanuki.ldif
|
238
238
|
- gitlab-qa.gemspec
|
239
239
|
- lib/gitlab/qa.rb
|
240
|
+
- lib/gitlab/qa/component/base.rb
|
240
241
|
- lib/gitlab/qa/component/elasticsearch.rb
|
241
242
|
- lib/gitlab/qa/component/gitlab.rb
|
242
243
|
- lib/gitlab/qa/component/internet_tunnel.rb
|
@@ -263,10 +264,12 @@ files:
|
|
263
264
|
- lib/gitlab/qa/reporter.rb
|
264
265
|
- lib/gitlab/qa/runner.rb
|
265
266
|
- lib/gitlab/qa/runtime/env.rb
|
267
|
+
- lib/gitlab/qa/runtime/scenario.rb
|
266
268
|
- lib/gitlab/qa/runtime/token_finder.rb
|
267
269
|
- lib/gitlab/qa/scenario/actable.rb
|
268
270
|
- lib/gitlab/qa/scenario/cli_commands.rb
|
269
271
|
- lib/gitlab/qa/scenario/template.rb
|
272
|
+
- lib/gitlab/qa/scenario/test/instance/airgapped.rb
|
270
273
|
- lib/gitlab/qa/scenario/test/instance/any.rb
|
271
274
|
- lib/gitlab/qa/scenario/test/instance/deployment_base.rb
|
272
275
|
- lib/gitlab/qa/scenario/test/instance/geo.rb
|
@@ -327,7 +330,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
327
330
|
- !ruby/object:Gem::Version
|
328
331
|
version: '0'
|
329
332
|
requirements: []
|
330
|
-
rubygems_version: 3.1.
|
333
|
+
rubygems_version: 3.1.4
|
331
334
|
signing_key:
|
332
335
|
specification_version: 4
|
333
336
|
summary: Integration tests for GitLab
|