gitlab-qa 5.14.0 → 5.17.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 50cde662fbba863a232e44eacbb2aa7535762949816bd6281e5e0ce4fd916337
-  data.tar.gz: 67a222363326b5ab0767db8e894d56c351dd10a1e5c63aefd84991b009973a9e
+  metadata.gz: d14680b847d514a92a3db02e62d17566d165c3aa2fa7772cbf4cdb5eb3746d6f
+  data.tar.gz: f8669ae124311588e59bd52f743b5aafb41a2f7ca40073f12eae28f860e7f54a
 SHA512:
-  metadata.gz: dcd1486c1b47346d82c1bb5be090ec24ee25e0bd620232b8bbeef32e556cd6a7b8ebad3c5f05132de5ceb90636a78d10f4d5c6d4dd451784eac2d79b69429509
-  data.tar.gz: '0418804183dce1d3e5072381bb0ac6eef32c9eb7c0d98231a8e5ea94cc63255d43e14f94e61a91a6f47a1b3aa8ad44bf628ac7ce77544d80ccb6b13c6f8cccc5'
+  metadata.gz: be1aa1c90f7bbfe3e9fab71640f14517d212d5dbfcd5d412e2576b1c6553ad445a2530088f9999fee9fa02cf3bc813f3ee23ae1f2474b2d48a4e2979710163c6
+  data.tar.gz: 138a8b071f801af2bf9db1bed412976ba29be624352bef902f97d5a041ecb6cb45e1e1e32373af6c17e47847900aef791fe3e7219a53736781035fa143425449

data/.gitlab-ci.yml

@@ -31,6 +31,8 @@ workflow:
     - if: '$CI_COMMIT_BRANCH == "master"'
     # For tags, create a pipeline.
     - if: '$CI_COMMIT_TAG'
+    # For triggers from GitLab MR pipelines (and pipelines from other projects), create a pipeline
+    - if: '$CI_PIPELINE_SOURCE == "pipeline"'
 
 .default-rules:
   rules:
@@ -92,7 +94,7 @@ release:
     - exe/gitlab-qa ${QA_SCENARIO:=Test::Instance::Image} ${RELEASE:=$DEFAULT_RELEASE} -- $QA_TESTS $QA_RSPEC_TAGS $RSPEC_REPORT_OPTS || test_run_exit_code=$?
     - exe/gitlab-qa-report --update-screenshot-path "gitlab-qa-run-*/**/rspec-*.xml"
     - export GITLAB_QA_ACCESS_TOKEN="$GITLAB_QA_PRODUCTION_ACCESS_TOKEN"
-    - if [ "$TOP_UPSTREAM_SOURCE_REF" == "master" ]; then exe/gitlab-qa-report --report-in-issues "gitlab-qa-run-*/**/rspec-*.xml" --project "$QA_TESTCASES_REPORTING_PROJECT"; fi
+    - if [ "$TOP_UPSTREAM_SOURCE_REF" == "master" ]; then $(exe/gitlab-qa-report --report-in-issues "gitlab-qa-run-*/**/rspec-*.xml" --project "$QA_TESTCASES_REPORTING_PROJECT") || true; fi
     - exit $test_run_exit_code
 
 .ce-qa:
@@ -830,6 +832,44 @@ ee:praefect-quarantine:
     QA_CAN_TEST_PRAEFECT: "true"
     QA_RSPEC_TAGS: "--tag quarantine --tag ~orchestrated"
 
+ce:gitaly-cluster:
+  extends:
+    - .test
+    - .high-capacity
+    - .ce-qa
+    - .rspec-report-opts
+  variables:
+    QA_SCENARIO: "Test::Integration::GitalyCluster"
+
+ce:gitaly-cluster-quarantine:
+  extends:
+    - .test
+    - .high-capacity
+    - .ce-qa
+    - .quarantine
+    - .rspec-report-opts
+  variables:
+    QA_SCENARIO: "Test::Integration::GitalyCluster"
+
+ee:gitaly-cluster:
+  extends:
+    - .test
+    - .high-capacity
+    - .ee-qa
+    - .rspec-report-opts
+  variables:
+    QA_SCENARIO: "Test::Integration::GitalyCluster"
+
+ee:gitaly-cluster-quarantine:
+  extends:
+    - .test
+    - .high-capacity
+    - .ee-qa
+    - .quarantine
+    - .rspec-report-opts
+  variables:
+    QA_SCENARIO: "Test::Integration::GitalyCluster"
+
 ce:smtp:
   extends:
     - .test
@@ -891,7 +931,8 @@ ee:jira-quarantine:
 staging:
   script:
     - unset EE_LICENSE
-    - exe/gitlab-qa Test::Instance::Staging
+    - 'echo "Running: exe/gitlab-qa Test::Instance::Staging ${RELEASE:=$DEFAULT_RELEASE} -- $QA_TESTS $QA_RSPEC_TAGS"'
+    - exe/gitlab-qa Test::Instance::Staging ${RELEASE:=$DEFAULT_RELEASE} -- $QA_TESTS $QA_RSPEC_TAGS
   extends:
     - .test
     - .high-capacity

data/README.md

@@ -121,11 +121,58 @@ All the scenarios you can run are described in the
 
 Note: The GitLab QA tool requires that [Docker](https://docs.docker.com/install/) is installed.
 
-### How to add new scenarios
-
-Scenarios (test cases) and scripts to run them are located in the
-[CE](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/qa) and
-[EE](https://gitlab.com/gitlab-org/gitlab-ee/tree/master/qa)
+### Command-line options
+
+In addition to the [arguments you can use to specify the scenario and
+tests to run](/docs/what_tests_can_be_run.md), you can use the
+following options to control the tool's behavior.
+
+**Note:** These are `gitlab-qa` options so if you specify RSpec
+options as well, including test file paths, be sure to add these
+options before the `--` that indicates that subsequent arguments are
+intended for RSpec.
+
+| Option | Description |
+| ------ | ----------- |
+| `--no-teardown` | Skip teardown of containers after the scenario completes |
+| `--no-tests` | Orchestrates the docker containers but does not run the tests. Implies `--no-teardown` |
+
+For example, the following command would start an EE GitLab Docker
+container and would leave the instance running, but would not run the
+tests:
+
+```plaintext
+$ gitlab-qa Test::Instance::Image EE --no-tests
+```
+
+GitLab QA will have automatically run the `docker ps` command to show
+the port that container is running on, for example:
+
+```plaintext
+...
+Skipping tests.
+The orchestrated docker containers have not been removed.
+Docker shell command: `docker ps`
+CONTAINER ID  IMAGE                     ... PORTS
+fdeffd791b69  gitlab/gitlab-ee:nightly      22/tcp, 443/tcp, 0.0.0.0:32768->80/tcp
+```
+
+You could then run tests against that instance in a similar way to
+[running tests against GDK](/docs/run_qa_against_gdk.md). This can be
+useful if you want to run and debug a specific test, for example:
+
+```plaintext
+# From /path/to/gdk/gitlab/qa
+$ bundle exec bin/qa Test::Instance::All http://localhost:32768 -- qa/specs/features/browser_ui/3_create/merge_request/create_merge_request_spec.rb
+```
+
+### How to add new tests
+
+Please see the [Beginner's guide to writing end-to-end tests](https://docs.gitlab.com/ee/development/testing_guide/end_to_end/beginners_guide.html).
+
+Test cases and scripts to run them are located in the
+[GitLab FOSS](https://gitlab.com/gitlab-org/gitlab-foss/tree/master/qa) and
+[GitLab](https://gitlab.com/gitlab-org/gitlab/tree/master/qa)
 repositories under the `qa/` directory, so please also check the documentation
 there.
 

data/docs/what_tests_can_be_run.md

@@ -1,5 +1,6 @@
-# What tests can be run?
 
+# What tests can be run?
+[[_TOC_]]
 ## The two types of QA tests
 
 First of all, the first thing to choose is whether you want to run orchestrated
@@ -28,6 +29,8 @@ For more details on the internals, please read the
 
 ## Supported GitLab environment variables
 
+All environment variables used by GitLab QA should be defined in [`lib/gitlab/qa/runtime/env.rb`](https://gitlab.com/gitlab-org/gitlab-qa/-/blob/master/lib/gitlab/qa/runtime/env.rb).
+
 |        Variable       | Default   | Description           | Required |
 |-----------------------|-----------|-----------------------|----------|
 | `GITLAB_USERNAME`       | `root`  | Username to use when signing into GitLab. | Yes|
@@ -53,7 +56,8 @@ For more details on the internals, please read the
 | `GITLAB_SANDBOX_NAME`   | `gitlab-qa-sandbox` | The sandbox group name the test suite is going to use. | No|
 | `GITLAB_QA_ACCESS_TOKEN`|-  | A valid personal access token with the `api` scope. This is used for API access during tests, and is used in the version that staging is currently running. An existing token that is valid on [`Test::Instance::Staging`](#testinstancestaging) scenario to retrieve the staging can be found in the shared 1Password vault. |No|
 | `GITLAB_QA_ADMIN_ACCESS_TOKEN` |-  | A valid personal access token with the `api` scope from a user with admin access. Used for API access as an admin during tests. | No|
-| `EE_LICESEN` |-  | Enterprise Edition license. | No|
+| `GITLAB_QA_CONTAINER_REGISTRY_ACCESS_TOKEN` | - | A valid personal access token with the `read_registry` scope. Used to [access the container registry on `registry.gitlab.com` when tests run in a CI job that _is not_ triggered via another pipeline](https://gitlab.com/gitlab-org/gitlab-qa/-/blob/364addb83e7b136ff0f9d8719ca9553d290aa9ab/lib/gitlab/qa/release.rb#L152). For example, if you manually run a [new Staging pipeline](https://ops.gitlab.net/gitlab-org/quality/staging/-/pipelines/new), this token will be used. | No |
+| `EE_LICENSE` |-  | Enterprise Edition license. | No|
 | `QA_ARTIFACTS_DIR` |`/tmp/gitlab-qa`| Path to a directory where artifacts (logs and screenshots) for failing tests will be saved. | No|
 | `DOCKER_HOST` |`http://localhost`| Docker host to run tests against. | No|
 | `CHROME_HEADLESS` |-  | When running locally, set to `false` to allow Chrome tests to be visible - watch your tests being run. | No|
@@ -83,8 +87,27 @@ For more details on the internals, please read the
 
 ## Running tests with a feature flag enabled
 
-It is possible to enable a feature flag before running tests. See the [QA
-framework documentation](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/qa/README.md#running-tests-with-a-feature-flag-enabled) for details.
+It is possible to enable or disable a feature flag before running tests.
+To test a Gitlab image with a feature flag enabled, run this command:
+```
+$ gitlab-qa Test::Instance::Image gitlab/gitlab-ee:12.4.0-ee.0 --enable-feature feature_flag_name
+```
+
+To run a test with feature flag disabled, run this command:
+```
+$ gitlab-qa Test::Instance::Image gitlab/gitlab-ee:12.4.0-ee.0 --disable-feature feature_flag_name
+```
+
+You an also test a GitLab image multiple times with different feature flag settings:
+```
+$ gitlab-qa Test::Instance::Image gitlab/gitlab-ee:12.4.0-ee.0 --disable-feature feature_flag_name --enable-feature feature_flag_name
+```
+This will first disable `feature_flag_name` flag and run the tests and then enable it and run the tests again.
+
+You can pass any number of feature flag settings. The tests will run once for each setting.
+
+See the [QA framework documentation](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/qa/README.md#running-tests-with-a-feature-flag-enabled)
+for information on running the tests with different feature flag settings from the QA framework.
 
 ## Specifying the GitLab version
 
@@ -217,6 +240,26 @@ $ gitlab-qa Test::Integration::Geo EE
 
 [test-geo]: https://gitlab.com/gitlab-org/gitlab-ee/blob/master/qa/qa/ee/scenario/test/geo.rb
 
+### `Test::Integration::GitalyCluster CE|EE|<full image address>`
+
+This tests [Gitaly Cluster](https://docs.gitlab.com/ee/administration/gitaly/praefect.html),
+a clustered configuration of the Gitaly repository storage service.
+
+The scenario configures and starts several docker containers to
+represent the [recommended minimum configuration](https://docs.gitlab.com/ee/administration/gitaly/praefect.html#requirements-for-configuring-a-gitaly-cluster)
+of a Gitaly Cluster.
+
+To run tests against the GitLab container, a GitLab QA (`gitlab/gitlab-qa`)
+container is spun up and tests are run from it by running the
+`Test::Integration::GitalyHA` scenario, which includes tests written
+specifically to test Gitaly Cluster features.
+
+Example:
+
+```
+$ gitlab-qa Test::Integration::GitalyCluster EE
+```
+
 ### `Test::Integration::LDAPNoTLS CE|EE|<full image address>`
 
 This tests that a GitLab instance works as expected with an external
@@ -545,7 +588,7 @@ in the GitLab CE project).
 
 - `GITLAB_QA_DEV_ACCESS_TOKEN`: A valid personal access token for the
   `gitlab-qa-bot` on `dev.gitlab.org` with the `registry` scope.
-  This is used to pull the QA Docker from the Omnibus GitLab `dev` Container Registry.
+  This is used to pull the QA Docker image from the Omnibus GitLab `dev` Container Registry.
   If the variable isn't present, the QA image from Docker Hub will be used.
   This can be found in the shared 1Password vault.
 
@@ -560,6 +603,41 @@ $ export GITLAB_PASSWORD="$GITLAB_QA_PASSWORD"
 $ gitlab-qa Test::Instance::Staging
 ```
 
+### `Test::Instance::StagingGeo`
+
+This scenario tests that the Geo staging deployment (with [`staging.gitlab.com`](https://staging.gitlab.com) as the primary site and [`geo.staging.gitlab.com`](https://geo.staging.gitlab.com) as the secondary site) works as expected by running tests tagged `:geo` against it. This is done by spinning up a GitLab QA (`gitlab/gitlab-qa`) container and running the `QA::EE::Scenario::Test::Geo` scenario. Note that the Geo setup steps in the `QA::EE::Scenario::Test::Geo` scenario are skipped when testing a live Geo deployment.
+
+**Required user properties:**
+
+- The user must provide OAuth authorization on the secondary site before running Geo tests. This can be done via the authorization modal that appears after logging into the secondary node for the first time.
+
+- Some Geo tests require the user to have Admin access level (for example, the Geo Nodes API tests)
+
+**Required environment variables:**
+
+- `GITLAB_QA_ACCESS_TOKEN`: A valid personal access token with the `api` scope.
+  This is used to retrieve the version that staging is currently running.
+  This can be found in the shared 1Password vault.
+
+**Optional environment variables:**
+
+- `GITLAB_QA_DEV_ACCESS_TOKEN`: A valid personal access token for the
+  `gitlab-qa-bot` on `dev.gitlab.org` with the `registry` scope.
+  This is used to pull the QA Docker image from the Omnibus GitLab `dev` Container Registry.
+  If the variable isn't present, the QA image from Docker Hub will be used.
+  This can be found in the shared 1Password vault.
+
+Example:
+
+```
+$ export GITLAB_QA_ACCESS_TOKEN=your_api_access_token
+$ export GITLAB_QA_DEV_ACCESS_TOKEN=your_dev_registry_access_token
+$ export GITLAB_USERNAME="gitlab-qa"
+$ export GITLAB_PASSWORD="$GITLAB_QA_PASSWORD"
+
+$ gitlab-qa Test::Instance::StagingGeo
+```
+
 ### `Test::Instance::Production`
 
 This scenario functions the same as `Test::Instance::Staging`
@@ -633,6 +711,25 @@ $ export EE_LICENSE=$(cat /path/to/gitlab_license)
 $ gitlab-qa Test::Instance::Airgapped EE -- --tag smoke
 ```
 
+### `Test::Instance::Geo EE|<full image address>:nightly|latest|any_tag http://geo-primary.gitlab http://geo-secondary.gitlab`
+
+This scenario will run tests tagged `:geo` against a live Geo deployment, by spinning up a GitLab QA (`gitlab/gitlab-qa`)
+container and running the `QA::EE::Scenario::Test::Geo` scenario. Note that the Geo setup steps in the `QA::EE::Scenario::Test::Geo` scenario are skipped when testing a live Geo deployment. The URLs for the primary site and secondary site of the live Geo deployment must be provided as command line arguments.
+
+**Required user properties:**
+
+- The user must provide OAuth authorization on the secondary site before running Geo tests. This can be done via the authorization modal that appears after signing into the secondary node for the first time.
+
+- Some Geo tests require the user to have Admin access level (for example, the Geo Nodes API tests)
+
+Example:
+
+```
+$ export GITLAB_USERNAME="gitlab-qa"
+$ export GITLAB_PASSWORD="$GITLAB_QA_PASSWORD"
+
+$ gitlab-qa Test::Instance::Geo EE https://primary.gitlab.com https://secondary.gitlab.com
+```
 ----
 
 [Back to README.md](../README.md)

data/lib/gitlab/qa.rb

@@ -54,7 +54,7 @@ module Gitlab
           autoload :Praefect, 'gitlab/qa/scenario/test/integration/praefect'
           autoload :Elasticsearch, 'gitlab/qa/scenario/test/integration/elasticsearch'
           autoload :SMTP, 'gitlab/qa/scenario/test/integration/smtp'
-          autoload :GitalyHA, 'gitlab/qa/scenario/test/integration/gitaly_ha'
+          autoload :GitalyCluster, 'gitlab/qa/scenario/test/integration/gitaly_cluster'
           autoload :Jira, 'gitlab/qa/scenario/test/integration/jira'
         end
 

data/lib/gitlab/qa/component/base.rb

@@ -42,6 +42,16 @@ module Gitlab
         end
 
         def instance
+          instance_no_teardown do
+            yield self if block_given?
+          end
+        ensure
+          teardown
+        end
+
+        alias_method :launch_and_teardown_instance, :instance
+
+        def instance_no_teardown
           prepare
           start
           reconfigure
@@ -49,20 +59,14 @@ module Gitlab
           process_exec_commands
 
           yield self if block_given?
-        ensure
-          teardown
         end
 
-        alias_method :launch_and_teardown_instance, :instance
-
         def prepare
           prepare_docker_image
           prepare_network
         end
 
         def prepare_docker_image
-          return if Runtime::Env.skip_pull?
-
           pull
         end
 
@@ -106,6 +110,17 @@ module Gitlab
         end
 
         def teardown
+          unless teardown?
+            puts "The orchestrated docker containers have not been removed."
+            docker.ps
+
+            return
+          end
+
+          teardown!
+        end
+
+        def teardown!
           assert_name!
 
           return unless docker.running?(name)
@@ -115,6 +130,8 @@ module Gitlab
         end
 
         def pull
+          return if Runtime::Env.skip_pull?
+
           docker.pull(image, tag)
         end
 
@@ -129,6 +146,10 @@ module Gitlab
         def assert_name!
           raise 'Invalid instance name!' unless name
         end
+
+        def teardown?
+          !Runtime::Scenario.attributes.include?(:teardown) || Runtime::Scenario.teardown
+        end
       end
     end
   end

data/lib/gitlab/qa/component/specs.rb

@@ -17,6 +17,8 @@ module Gitlab
         end
 
         def perform # rubocop:disable Metrics/AbcSize
+          return puts "Skipping tests." if skip_tests?
+
           raise ArgumentError unless [suite, release].all?
 
           @docker.login(**release.login_params) if release.login_params
@@ -25,23 +27,53 @@ module Gitlab
 
           name = "#{release.project_name}-qa-#{SecureRandom.hex(4)}"
 
-          @docker.run(release.qa_image, release.qa_tag, suite, *args) do |command|
-            command << "-t --rm --net=#{network || 'bridge'}"
+          feature_flag_sets = []
 
-            env.merge(Runtime::Env.variables).each do |key, value|
-              command.env(key, value)
-            end
+          # When `args` includes `[..., "--disable-feature", "a", "--enable-feature", "b", ...]`
+          # `feature_flag_sets` will be set to `[["--disable-feature", "a"], ["--enable-feature", "b"]]`
+          # This will result in tests running twice, once with each feature.
+          while (index = args&.index { |x| x =~ /--.*-feature/ })
+            feature_flag_sets << args.slice!(index, 2)
+          end
 
-            command.volume('/var/run/docker.sock', '/var/run/docker.sock')
-            command.volume(File.join(Runtime::Env.host_artifacts_dir, name), File.join(Docker::Volumes::QA_CONTAINER_WORKDIR, 'tmp'))
+          # When `args` do not have either "--disable-feature" or "--enable-feature", we
+          # add [] so that test is run exactly once.
+          feature_flag_sets << [] unless feature_flag_sets.any?
 
-            @volumes.to_h.each do |to, from|
-              command.volume(to, from)
-            end
+          feature_flag_sets.each do |feature_flag_set|
+            @docker.run(release.qa_image, release.qa_tag, suite, *args_with_flags(args, feature_flag_set)) do |command|
+              command << "-t --rm --net=#{network || 'bridge'}"
 
-            command.name(name)
+              env.merge(Runtime::Env.variables).each do |key, value|
+                command.env(key, value)
+              end
+
+              command.volume('/var/run/docker.sock', '/var/run/docker.sock')
+              command.volume(File.join(Runtime::Env.host_artifacts_dir, name), File.join(Docker::Volumes::QA_CONTAINER_WORKDIR, 'tmp'))
+
+              @volumes.to_h.each do |to, from|
+                command.volume(to, from)
+              end
+
+              command.name(name)
+            end
           end
         end
+
+        private
+
+        def args_with_flags(args, feature_flag_set)
+          return args if feature_flag_set.empty?
+
+          puts "Running with feature flag: #{feature_flag_set.join(' ')}"
+
+          args_with_f = args.dup
+          args_with_f.insert(1, *feature_flag_set)
+        end
+
+        def skip_tests?
+          Runtime::Scenario.attributes.include?(:run_tests) && !Runtime::Scenario.run_tests
+        end
       end
     end
   end

data/lib/gitlab/qa/docker/command.rb

@@ -4,8 +4,9 @@ module Gitlab
       class Command
         attr_reader :args
 
-        def initialize(cmd = nil)
+        def initialize(cmd = nil, mask_secrets: nil)
           @args = Array(cmd)
+          @mask_secrets = Array(mask_secrets)
         end
 
         def <<(*args)
@@ -28,6 +29,17 @@ module Gitlab
           "docker #{@args.join(' ')}"
         end
 
+        # Returns a masked string form of a Command
+        #
+        # @example
+        #   Command.new('a docker command', mask_secrets: 'command').mask_secrets #=> 'a docker *****'
+        #   Command.new('a docker command', mask_secrets: %w[docker command]).mask_secrets #=> 'a ***** *****'
+        #
+        # @return [String] The masked command string
+        def mask_secrets
+          @mask_secrets.each_with_object(to_s) { |secret, s| s.gsub!(secret, '*****') }
+        end
+
         def ==(other)
           to_s == other.to_s
         end
@@ -36,8 +48,8 @@ module Gitlab
           Docker::Shellout.new(self).execute!(&block)
         end
 
-        def self.execute(cmd, &block)
-          new(cmd).execute!(&block)
+        def self.execute(cmd, mask_secrets: nil, &block)
+          new(cmd, mask_secrets: mask_secrets).execute!(&block)
         end
       end
     end

data/lib/gitlab/qa/docker/engine.rb

@@ -10,7 +10,7 @@ module Gitlab
         end
 
         def login(username:, password:, registry:)
-          Docker::Command.execute(%(login --username "#{username}" --password "#{password}" #{registry}))
+          Docker::Command.execute(%(login --username "#{username}" --password "#{password}" #{registry}), mask_secrets: password)
         end
 
         def pull(image, tag)
@@ -82,6 +82,10 @@ module Gitlab
         def running?(name)
           Docker::Command.execute("ps -f name=#{name}").include?(name)
         end
+
+        def ps(name = nil)
+          Docker::Command.execute(['ps', name].compact.join(' '))
+        end
       end
     end
   end

data/lib/gitlab/qa/docker/shellout.rb

@@ -10,7 +10,7 @@ module Gitlab
           @command = command
           @output = []
 
-          puts "Docker shell command: `#{@command}`"
+          puts "Docker shell command: `#{@command.mask_secrets}`"
         end
 
         def execute!
@@ -28,7 +28,7 @@ module Gitlab
             end
 
             if wait.value.exited? && wait.value.exitstatus.nonzero?
-              raise StatusError, "Docker command `#{@command}` failed!"
+              raise StatusError, "Docker command `#{@command.mask_secrets}` failed!"
             end
           end
 

data/lib/gitlab/qa/release.rb

@@ -136,6 +136,8 @@ module Gitlab
       end
 
       def login_params
+        return if Runtime::Env.skip_pull?
+
         if dev_gitlab_org?
           Runtime::Env.require_qa_dev_access_token!
 
@@ -145,11 +147,18 @@ module Gitlab
             registry: DEV_REGISTRY
           }
         elsif omnibus_mirror?
-          Runtime::Env.require_gitlab_bot_multi_project_pipeline_polling_token!
-
+          username, password = if Runtime::Env.ci_job_token && Runtime::Env.ci_pipeline_source == 'pipeline'
+                                 ['gitlab-ci-token', Runtime::Env.ci_job_token]
+                               elsif Runtime::Env.qa_container_registry_access_token
+                                 [Runtime::Env.gitlab_username, Runtime::Env.qa_container_registry_access_token]
+                               else
+                                 Runtime::Env.require_qa_access_token!
+
+                                 [Runtime::Env.gitlab_username, Runtime::Env.qa_access_token]
+                               end
           {
-            username: Runtime::Env.gitlab_username,
-            password: Runtime::Env.gitlab_bot_multi_project_pipeline_polling_token,
+            username: username,
+            password: password,
             registry: COM_REGISTRY
           }
         end
@@ -167,6 +176,10 @@ module Gitlab
         canonical? || release.match?(CUSTOM_GITLAB_IMAGE_REGEX)
       end
 
+      def api_project_name
+        project_name.gsub('ce', 'foss').gsub('-ee', '')
+      end
+
       private
 
       def canonical?

data/lib/gitlab/qa/runner.rb

@@ -4,22 +4,20 @@ module Gitlab
   module QA
     # rubocop:disable Metrics/AbcSize
     class Runner
-      # These options are implemented in the QA framework (i.e., in the CE/EE codebase)
-      # They're included here so that gitlab-qa treats them as valid options
-      PASS_THROUGH_OPTS = [
-        ['--address URL', 'Address of the instance to test'],
-        ['--enable-feature FEATURE_FLAG', 'Enable a feature before running tests'],
-        ['--mattermost-address URL', 'Address of the Mattermost server'],
-        ['--parallel', 'Execute tests in parallel'],
-        ['--loop', 'Execute tests in a loop']
-      ].freeze
-
       def self.run(args)
-        options = OptionParser.new do |opts|
+        Runtime::Scenario.define(:teardown, true)
+        Runtime::Scenario.define(:run_tests, true)
+
+        @options = OptionParser.new do |opts|
           opts.banner = 'Usage: gitlab-qa [options] Scenario URL [[--] path] [rspec_options]'
 
-          PASS_THROUGH_OPTS.each do |opt|
-            opts.on(*opt)
+          opts.on('--no-teardown', 'Skip teardown of containers after the scenario completes.') do
+            Runtime::Scenario.define(:teardown, false)
+          end
+
+          opts.on('--no-tests', 'Orchestrates the docker containers but does not run the tests. Implies --no-teardown') do
+            Runtime::Scenario.define(:run_tests, false)
+            Runtime::Scenario.define(:teardown, false)
           end
 
           opts.on_tail('-v', '--version', 'Show the version') do
@@ -33,19 +31,29 @@ module Gitlab
             exit
           end
 
-          opts.parse(args)
+          begin
+            opts.parse(args)
+          rescue OptionParser::InvalidOption
+            # Ignore invalid options and options that are passed through to the tests
+          end
         end
 
+        args.reject! { |arg| gitlab_qa_options.include?(arg) }
+
         if args.size >= 1
           Scenario
             .const_get(args.shift)
             .perform(*args)
         else
-          puts options
+          puts @options
           exit 1
         end
       end
       # rubocop:enable Metrics/AbcSize
+
+      def self.gitlab_qa_options
+        @gitlab_qa_options ||= @options.top.list.map(&:long).flatten
+      end
     end
   end
 end

data/lib/gitlab/qa/runtime/env.rb

@@ -6,6 +6,8 @@ module Gitlab
       module Env
         extend self
 
+        # Variables that are used in tests and are passed through to the docker container that executes the tests.
+        # These variables should be listed in /docs/what_tests_can_be_run.md#supported-gitlab-environment-variables
         ENV_VARIABLES = {
           'QA_REMOTE_GRID' => :remote_grid,
           'QA_REMOTE_GRID_USERNAME' => :remote_grid_username,
@@ -38,6 +40,7 @@ module Gitlab
           'SIGNUP_DISABLED' => :signup_disabled,
           'QA_ADDITIONAL_REPOSITORY_STORAGE' => :qa_additional_repository_storage,
           'QA_PRAEFECT_REPOSITORY_STORAGE' => :qa_praefect_repository_storage,
+          'QA_GITALY_NON_CLUSTER_STORAGE' => :qa_gitaly_non_cluster_storage,
           'QA_COOKIES' => :qa_cookie,
           'QA_DEBUG' => :qa_debug,
           'QA_LOG_PATH' => :qa_log_path,
@@ -104,10 +107,18 @@ module Gitlab
           ENV['CI_JOB_NAME']
         end
 
+        def ci_job_token
+          ENV['CI_JOB_TOKEN']
+        end
+
         def ci_job_url
           ENV['CI_JOB_URL']
         end
 
+        def ci_pipeline_source
+          ENV['CI_PIPELINE_SOURCE']
+        end
+
         def ci_project_name
           ENV['CI_PROJECT_NAME']
         end
@@ -144,6 +155,10 @@ module Gitlab
           ENV['GITLAB_QA_DEV_ACCESS_TOKEN']
         end
 
+        def qa_container_registry_access_token
+          ENV['GITLAB_QA_CONTAINER_REGISTRY_ACCESS_TOKEN']
+        end
+
         def host_artifacts_dir
           @host_artifacts_dir ||= File.join(ENV['QA_ARTIFACTS_DIR'] || '/tmp/gitlab-qa', Runtime::Env.run_id)
         end
@@ -207,12 +222,6 @@ module Gitlab
           end
         end
 
-        def require_gitlab_bot_multi_project_pipeline_polling_token!
-          return unless ENV['GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN'].to_s.strip.empty?
-
-          raise ArgumentError, "Please provide GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN"
-        end
-
         def skip_pull?
           enabled?(ENV['QA_SKIP_PULL'], default: false)
         end

data/lib/gitlab/qa/scenario/test/instance/geo.rb

@@ -8,9 +8,6 @@ module Gitlab
 
           class Geo < Scenario::Template
             def perform(release, primary_address, secondary_address, *rspec_args)
-              # Geo requires an EE license
-              Runtime::Env.require_license!
-
               Component::Specs.perform do |specs|
                 specs.suite = 'QA::EE::Scenario::Test::Geo'
                 specs.release = QA::Release.new(release)

data/lib/gitlab/qa/scenario/test/integration/geo.rb

@@ -27,13 +27,14 @@ module Gitlab
                   gitlab_rails['db_pool'] = 5;
                   gitlab_rails['geo_node_name'] = '#{primary.name}';
                   gitlab_rails['monitoring_whitelist'] = ['0.0.0.0/0'];
+                  gitlab_rails['packages_enabled'] = true;
                   postgresql['listen_address'] = '0.0.0.0';
                   postgresql['max_replication_slots'] = 1;
                   postgresql['md5_auth_cidr_addresses'] = ['0.0.0.0/0'];
                   postgresql['sql_user_password'] = 'e1d1469ec5f533651918b4567a3ed1ae';
                   postgresql['trust_auth_cidr_addresses'] = ['0.0.0.0/0','0.0.0.0/0'];
                   sidekiq['concurrency'] = 2;
-                  unicorn['worker_processes'] = 2;
+                  puma['worker_processes'] = 2;
                 OMNIBUS
                 primary.exec_commands = fast_ssh_key_lookup_commands + git_lfs_install_commands
 
@@ -50,11 +51,12 @@ module Gitlab
                       gitlab_rails['db_pool'] = 5;
                       gitlab_rails['geo_node_name'] = '#{secondary.name}';
                       gitlab_rails['monitoring_whitelist'] = ['0.0.0.0/0'];
+                      gitlab_rails['packages_enabled'] = true;
                       postgresql['listen_address'] = '0.0.0.0';
                       postgresql['md5_auth_cidr_addresses'] = ['0.0.0.0/0'];
                       postgresql['sql_user_password'] = 'e1d1469ec5f533651918b4567a3ed1ae';
                       sidekiq['concurrency'] = 2;
-                      unicorn['worker_processes'] = 2;
+                      puma['worker_processes'] = 2;
                     OMNIBUS
                     secondary.exec_commands = fast_ssh_key_lookup_commands + git_lfs_install_commands
 

data/lib/gitlab/qa/scenario/test/integration/gitaly_cluster.rb

@@ -0,0 +1,201 @@
+module Gitlab
+  module QA
+    module Scenario
+      module Test
+        module Integration
+          class GitalyCluster < Scenario::Template
+            attr_reader :gitlab_name, :spec_suite
+
+            def initialize
+              @gitlab_name = 'gitlab-gitaly-ha'
+              @primary_node_name = 'gitaly1'
+              @secondary_node_name = 'gitaly2'
+              @tertiary_node_name = 'gitaly3'
+              @praefect_node_name = 'praefect'
+              @database = 'postgres'
+              @spec_suite = 'Test::Integration::GitalyHA'
+              @network = 'test'
+            end
+
+            # rubocop:disable Metrics/AbcSize
+            def perform(release, *rspec_args)
+              gitaly_primary_node = gitaly(@primary_node_name, release)
+              gitaly_secondary_node = gitaly(@secondary_node_name, release)
+              gitaly_tertiary_node = gitaly(@tertiary_node_name, release)
+
+              sql_node = Component::PostgreSQL.new.tap do |sql|
+                sql.name = @database
+                sql.network = @network
+                sql.instance_no_teardown do
+                  sql.run_psql '-d template1 -c "CREATE DATABASE praefect_production OWNER postgres"'
+                end
+              end
+
+              praefect_node = Component::Gitlab.new.tap do |praefect|
+                praefect.release = QA::Release.new(release)
+                praefect.name = @praefect_node_name
+                praefect.network = @network
+                praefect.skip_availability_check = true
+
+                praefect.omnibus_config = praefect_omnibus_configuration
+
+                praefect.instance_no_teardown
+              end
+
+              Component::Gitlab.perform do |gitlab|
+                gitlab.release = QA::Release.new(release)
+                gitlab.name = gitlab_name
+                gitlab.network = @network
+
+                gitlab.omnibus_config = gitlab_omnibus_configuration
+                gitlab.instance do
+                  puts "Running Gitaly HA specs!"
+
+                  Component::Specs.perform do |specs|
+                    specs.suite = spec_suite
+                    specs.release = gitlab.release
+                    specs.network = gitlab.network
+                    specs.args = [gitlab.address, *rspec_args]
+                  end
+                end
+              end
+            ensure
+              praefect_node&.teardown
+              sql_node&.teardown
+              gitaly_primary_node&.teardown
+              gitaly_secondary_node&.teardown
+              gitaly_tertiary_node&.teardown
+            end
+            # rubocop:enable Metrics/AbcSize
+
+            private
+
+            def disable_other_services
+              <<~OMNIBUS
+                postgresql['enable'] = false;
+                redis['enable'] = false;
+                nginx['enable'] = false;
+                prometheus['enable'] = false;
+                grafana['enable'] = false;
+                puma['enable'] = false;
+                sidekiq['enable'] = false;
+                gitlab_workhorse['enable'] = false;
+                gitlab_rails['rake_cache_clear'] = false;
+                gitlab_rails['auto_migrate'] = false;
+              OMNIBUS
+            end
+
+            def praefect_omnibus_configuration
+              <<~OMNIBUS
+                #{disable_other_services}
+                gitaly['enable'] = false;
+                praefect['enable'] = true;
+                praefect['listen_addr'] = '0.0.0.0:2305';
+                praefect['prometheus_listen_addr'] = '0.0.0.0:9652';
+                praefect['auth_token'] = 'PRAEFECT_EXTERNAL_TOKEN';
+                praefect['database_host'] = '#{@database}.#{@network}';
+                praefect['database_user'] = 'postgres';
+                praefect['database_port'] = 5432;
+                praefect['database_password'] = 'SQL_PASSWORD';
+                praefect['database_dbname'] = 'praefect_production';
+                praefect['database_sslmode'] = 'disable';
+                praefect['postgres_queue_enabled'] = true;
+                praefect['failover_enabled'] = true;
+                praefect['virtual_storages'] = {
+                  'default' => {
+                    '#{@primary_node_name}' => {
+                      'address' => 'tcp://#{@primary_node_name}.#{@network}:8075',
+                      'token'   => 'PRAEFECT_INTERNAL_TOKEN',
+                      'primary' => true
+                    },
+                    '#{@secondary_node_name}' => {
+                      'address' => 'tcp://#{@secondary_node_name}.#{@network}:8075',
+                      'token'   => 'PRAEFECT_INTERNAL_TOKEN'
+                    },
+                    '#{@tertiary_node_name}' => {
+                      'address' => 'tcp://#{@tertiary_node_name}.#{@network}:8075',
+                      'token'   => 'PRAEFECT_INTERNAL_TOKEN'
+                    }
+                  }
+                };
+              OMNIBUS
+            end
+
+            def gitaly_omnibus_configuration
+              <<~OMNIBUS
+                #{disable_other_services}
+                prometheus['enable'] = true;
+                prometheus_monitoring['enable'] = false;
+                gitaly['enable'] = true;
+                gitaly['listen_addr'] = '0.0.0.0:8075';
+                gitaly['prometheus_listen_addr'] = '0.0.0.0:9236';
+                gitaly['auth_token'] = 'PRAEFECT_INTERNAL_TOKEN';
+                gitlab_shell['secret_token'] = 'GITLAB_SHELL_SECRET_TOKEN';
+                gitlab_rails['internal_api_url'] = 'http://#{@gitlab_name}.#{@network}';
+                git_data_dirs({
+                  '#{@primary_node_name}' => {
+                    'path' => '/var/opt/gitlab/git-data'
+                  },
+                  '#{@secondary_node_name}' => {
+                    'path' => '/var/opt/gitlab/git-data'
+                  },
+                  '#{@tertiary_node_name}' => {
+                    'path' => '/var/opt/gitlab/git-data'
+                  }
+                });
+              OMNIBUS
+            end
+
+            def gitlab_omnibus_configuration
+              <<~OMNIBUS
+                external_url 'http://#{@gitlab_name}.#{@network}';
+
+                git_data_dirs({
+                  'default' => {
+                    'gitaly_address' => 'tcp://#{@praefect_node_name}.#{@network}:2305',
+                    'gitaly_token' => 'PRAEFECT_EXTERNAL_TOKEN'
+                  }
+                });
+                gitaly['listen_addr'] = '0.0.0.0:8075';
+                gitlab_shell['secret_token'] = 'GITLAB_SHELL_SECRET_TOKEN';
+                prometheus['scrape_configs'] = [
+                  {
+                    'job_name' => 'praefect',
+                    'static_configs' => [
+                      'targets' => [
+                        '#{@praefect_node_name}.#{@network}:9652'
+                      ]
+                    ]
+                  },
+                  {
+                    'job_name' => 'praefect-gitaly',
+                    'static_configs' => [
+                      'targets' => [
+                        '#{@primary_node_name}.#{@network}:9236',
+                        '#{@secondary_node_name}.#{@network}:9236',
+                        '#{@tertiary_node_name}.#{@network}:9236'
+                      ]
+                    ]
+                  }
+                ];
+                grafana['disable_login_form'] = false;
+                grafana['admin_password'] = 'GRAFANA_ADMIN_PASSWORD';
+              OMNIBUS
+            end
+
+            def gitaly(name, release)
+              Component::Gitlab.new.tap do |gitaly|
+                gitaly.release = QA::Release.new(release)
+                gitaly.name = name
+                gitaly.network = @network
+                gitaly.skip_availability_check = true
+                gitaly.omnibus_config = gitaly_omnibus_configuration
+                gitaly.instance_no_teardown
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/gitlab/qa/scenario/test/integration/praefect.rb

@@ -13,7 +13,11 @@ module Gitlab
                   gitlab.name = 'gitlab'
                   gitlab.network = 'test'
                   gitlab.volumes = volumes
-                  gitlab.exec_commands = ['gitlab-psql -d template1 -c "CREATE DATABASE praefect_production OWNER gitlab"']
+                  gitlab.exec_commands = [
+                    'gitlab-psql -d template1 -c "CREATE DATABASE praefect_production OWNER gitlab"',
+                    'mkdir -p /var/opt/gitlab/git-data/repositories/praefect',
+                    'chown -R git:root /var/opt/gitlab/git-data/repositories'
+                  ]
 
                   gitlab.act do
                     prepare
@@ -21,7 +25,7 @@ module Gitlab
                     reconfigure
                     process_exec_commands
                     wait
-                    teardown
+                    teardown!
                   end
                 end
 
@@ -61,21 +65,26 @@ module Gitlab
             def omnibus_config_with_praefect
               <<~OMNIBUS
                 gitaly['enable'] = true;
-                gitaly['auth_token'] = 'praefect-gitaly-token';
+                gitaly['listen_addr'] = '0.0.0.0:8075';
+                gitaly['auth_token'] = 'secret-token';
                 gitaly['storage'] = [
                   {
                     'name' => 'praefect-gitaly-0',
-                    'path' => '/var/opt/gitlab/git-data/repositories'
+                    'path' => '/var/opt/gitlab/git-data/repositories/praefect'
+                  },
+                  {
+                    'name' => 'gitaly',
+                    'path' => '/var/opt/gitlab/git-data/repositories/gitaly'
                   }
                 ];
                 praefect['enable'] = true;
                 praefect['listen_addr'] = '0.0.0.0:2305';
-                praefect['auth_token'] = 'praefect-token';
+                praefect['auth_token'] = 'secret-token';
                 praefect['virtual_storages'] = {
                   'default' => {
                     'praefect-gitaly-0' => {
-                      'address' => 'unix:/var/opt/gitlab/gitaly/gitaly.socket',
-                      'token'   => 'praefect-gitaly-token',
+                      'address' => 'tcp://localhost:8075',
+                      'token'   => 'secret-token',
                       'primary' => true
                     }
                   }
@@ -84,10 +93,13 @@ module Gitlab
                 praefect['database_user'] = 'gitlab';
                 praefect['database_dbname'] = 'praefect_production';
                 praefect['postgres_queue_enabled'] = true;
-                gitlab_rails['gitaly_token'] = 'praefect-token';
+                gitlab_rails['gitaly_token'] = 'secret-token';
                 git_data_dirs({
                   'default' => {
                     'gitaly_address' => 'tcp://localhost:2305'
+                  },
+                  'gitaly' => {
+                    'path' => '/var/opt/gitlab/git-data/repositories/gitaly'
                   }
                 });
               OMNIBUS

data/lib/gitlab/qa/scenario/test/sanity/version.rb

@@ -24,7 +24,7 @@ module Gitlab
                 end
               end
 
-              project = "gitlab-org/#{QA::Release.new(release).project_name}"
+              project = "gitlab-org/#{QA::Release.new(release).api_project_name}"
               commit = recent_commits(project).find { |c| c['id'] == version }
 
               if commit

data/lib/gitlab/qa/version.rb

@@ -1,5 +1,5 @@
 module Gitlab
   module QA
-    VERSION = '5.14.0'.freeze
+    VERSION = '5.17.1'.freeze
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-qa
 version: !ruby/object:Gem::Version
-  version: 5.14.0
+  version: 5.17.1
 platform: ruby
 authors:
 - Grzegorz Bizon
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-06-14 00:00:00.000000000 Z
+date: 2020-08-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: climate_control
@@ -284,7 +284,7 @@ files:
 - lib/gitlab/qa/scenario/test/instance/staging_geo.rb
 - lib/gitlab/qa/scenario/test/integration/elasticsearch.rb
 - lib/gitlab/qa/scenario/test/integration/geo.rb
-- lib/gitlab/qa/scenario/test/integration/gitaly_ha.rb
+- lib/gitlab/qa/scenario/test/integration/gitaly_cluster.rb
 - lib/gitlab/qa/scenario/test/integration/group_saml.rb
 - lib/gitlab/qa/scenario/test/integration/instance_saml.rb
 - lib/gitlab/qa/scenario/test/integration/jira.rb

data/lib/gitlab/qa/scenario/test/integration/gitaly_ha.rb

@@ -1,166 +0,0 @@
-module Gitlab
-  module QA
-    module Scenario
-      module Test
-        module Integration
-          class GitalyHA < Scenario::Template
-            attr_reader :gitlab_name, :spec_suite
-
-            def initialize
-              @gitlab_name = 'gitlab-gitaly-ha'
-              @primary_node = 'gitaly1'
-              @secondary_node = 'gitaly2'
-              @praefect_node = 'praefect'
-              @database = 'postgres'
-              @spec_suite = 'Test::Integration::GitalyHA'
-              @network = 'test'
-            end
-
-            # rubocop:disable Metrics/AbcSize
-            def perform(release, *rspec_args)
-              gitaly(@primary_node, release) do
-                gitaly(@secondary_node, release) do
-                  Component::PostgreSQL.perform do |sql|
-                    sql.name = @database
-                    sql.network = @network
-
-                    sql.instance do
-                      sql.run_psql '-d template1 -c "CREATE DATABASE praefect_production OWNER postgres"'
-
-                      Component::Gitlab.perform do |praefect|
-                        praefect.release = QA::Release.new(release)
-                        praefect.name = @praefect_node
-                        praefect.network = @network
-                        praefect.skip_availability_check = true
-
-                        praefect.omnibus_config = praefect_omnibus_configuration
-
-                        praefect.instance do
-                          Component::Gitlab.perform do |gitlab|
-                            gitlab.release = QA::Release.new(release)
-                            gitlab.name = gitlab_name
-                            gitlab.network = @network
-
-                            gitlab.omnibus_config = gitlab_omnibus_configuration
-                            gitlab.instance do
-                              puts "Running Gitaly HA specs!"
-
-                              Component::Specs.perform do |specs|
-                                specs.suite = spec_suite
-                                specs.release = gitlab.release
-                                specs.network = gitlab.network
-                                specs.args = [gitlab.address, *rspec_args]
-                              end
-                            end
-                          end
-                        end
-                      end
-                    end
-                  end
-                end
-              end
-            end
-            # rubocop:enable Metrics/AbcSize
-
-            private
-
-            def disable_other_services
-              <<~OMNIBUS
-                postgresql['enable'] = false;
-                redis['enable'] = false;
-                nginx['enable'] = false;
-                prometheus['enable'] = false;
-                grafana['enable'] = false;
-                unicorn['enable'] = false;
-                sidekiq['enable'] = false;
-                gitlab_workhorse['enable'] = false;
-                gitlab_rails['rake_cache_clear'] = false;
-                gitlab_rails['auto_migrate'] = false;
-              OMNIBUS
-            end
-
-            def praefect_omnibus_configuration
-              <<~OMNIBUS
-                #{disable_other_services}
-                gitaly['enable'] = false;
-                praefect['enable'] = true;
-                praefect['listen_addr'] = '0.0.0.0:2305';
-                praefect['prometheus_listen_addr'] = '0.0.0.0:9652';
-                praefect['auth_token'] = 'PRAEFECT_EXTERNAL_TOKEN';
-                praefect['database_host'] = '#{@database}.#{@network}';
-                praefect['database_user'] = 'postgres';
-                praefect['database_port'] = 5432;
-                praefect['database_password'] = 'SQL_PASSWORD';
-                praefect['database_dbname'] = 'praefect_production';
-                praefect['database_sslmode'] = 'disable';
-                praefect['postgres_queue_enabled'] = true;
-                praefect['failover_enabled'] = true;
-                praefect['virtual_storages'] = {
-                  'default' => {
-                    '#{@primary_node}' => {
-                      'address' => 'tcp://#{@primary_node}.#{@network}:8075',
-                      'token'   => 'PRAEFECT_INTERNAL_TOKEN',
-                      'primary' => true
-                    },
-                    '#{@secondary_node}' => {
-                      'address' => 'tcp://#{@secondary_node}.#{@network}:8075',
-                      'token'   => 'PRAEFECT_INTERNAL_TOKEN'
-                    }
-                  }
-                };
-              OMNIBUS
-            end
-
-            def gitaly_omnibus_configuration
-              <<~OMNIBUS
-                #{disable_other_services}
-                prometheus_monitoring['enable'] = false;
-                gitaly['enable'] = true;
-                gitaly['listen_addr'] = '0.0.0.0:8075';
-                gitaly['prometheus_listen_addr'] = '0.0.0.0:9236';
-                gitaly['auth_token'] = 'PRAEFECT_INTERNAL_TOKEN';
-                gitlab_shell['secret_token'] = 'GITLAB_SHELL_SECRET_TOKEN';
-                gitlab_rails['internal_api_url'] = 'http://#{@gitlab_name}.#{@network}';
-                git_data_dirs({
-                  '#{@primary_node}' => {
-                    'path' => '/var/opt/gitlab/git-data'
-                  },
-                  '#{@secondary_node}' => {
-                    'path' => '/var/opt/gitlab/git-data'
-                  }
-                });
-              OMNIBUS
-            end
-
-            def gitlab_omnibus_configuration
-              <<~OMNIBUS
-                git_data_dirs({
-                  'default' => {
-                    'gitaly_address' => 'tcp://#{@praefect_node}.#{@network}:2305',
-                    'gitaly_token' => 'PRAEFECT_EXTERNAL_TOKEN'
-                  }
-                });
-                gitlab_shell['secret_token'] = 'GITLAB_SHELL_SECRET_TOKEN';
-              OMNIBUS
-            end
-
-            def gitaly(name, release)
-              Component::Gitlab.perform do |gitaly|
-                gitaly.release = QA::Release.new(release)
-                gitaly.name = name
-                gitaly.network = @network
-                gitaly.skip_availability_check = true
-
-                gitaly.omnibus_config = gitaly_omnibus_configuration
-
-                gitaly.instance do
-                  yield self
-                end
-              end
-            end
-          end
-        end
-      end
-    end
-  end
-end