gitlab-qa 6.17.0 → 6.19.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fc3ae23427dadce6649bb30dbc58dada153af79f60efb265edd5f7439facc56f
-  data.tar.gz: 9308ba475631df203f08503929787c1015fb4313b455d30a8fee2175016b1429
+  metadata.gz: 981a6afe2aef7aa49d6ea19d627947fa58f24ad84d4443268c582d16ff60a15c
+  data.tar.gz: 2ff55255b8cb84ff2fe4368846da3f1818a069c389afc22e937d49eb2034bc35
 SHA512:
-  metadata.gz: 89c9c13ae10ff6e8f0076fb02d365cb45ede7320901bc5b4e4ca25ae935b9af26bc7da4d48bdab172ea6c3b74092032e5c9c5f04704ee7f98b38b67a594f81e5
-  data.tar.gz: 246f02d2389dd6db83ee1aac5e7dbc3e95ebfb12f9524f11181decf68ec5c9906adaa88531da62f66c2037c800de86084e4741193c3eaced1229ce135610fb1b
+  metadata.gz: 115a7e9805ff2723ffe4d0f41b92315778fc5846481542eafff3f321e0ef23750ef8abeaf620dfcfd8effab56a159b3ac0bf1bed9e07771dc4ea4a3b48f29c2f
+  data.tar.gz: 985e57c53830587cf92d4a9087cd9537382a4247c479b4aec23227d2f703bdf02e58013c60c6d2096e92942af000d5d12855d54a43553ff76c3fb780e4c48dc5

data/.gitlab-ci.yml

@@ -671,6 +671,46 @@ ee:kubernetes-quarantine:
   variables:
     QA_SCENARIO: "Test::Integration::Kubernetes"
 
+ce:ssh_tunnel:
+  extends:
+    - .test
+    - .high-capacity
+    - .ce-qa
+    - .rspec-report-opts
+  allow_failure: true
+  variables:
+    QA_SCENARIO: "Test::Integration::SSHTunnel"
+
+ce:ssh_tunnel-quarantine:
+  extends:
+    - .test
+    - .high-capacity
+    - .ce-qa
+    - .quarantine
+    - .rspec-report-opts
+  variables:
+    QA_SCENARIO: "Test::Integration::SSHTunnel"
+
+ee:ssh_tunnel:
+  extends:
+    - .test
+    - .high-capacity
+    - .ee-qa
+    - .rspec-report-opts
+  allow_failure: true
+  variables:
+    QA_SCENARIO: "Test::Integration::SSHTunnel"
+
+ee:ssh_tunnel-quarantine:
+  extends:
+    - .test
+    - .high-capacity
+    - .ee-qa
+    - .quarantine
+    - .rspec-report-opts
+  variables:
+    QA_SCENARIO: "Test::Integration::SSHTunnel"
+
 ce:object_storage:
   extends:
     - .test
@@ -871,6 +911,22 @@ ee:gitaly-cluster-quarantine:
   variables:
     QA_SCENARIO: "Test::Integration::GitalyCluster"
 
+ce:mtls:
+  extends:
+    - .test
+    - .ce-qa
+    - .rspec-report-opts
+  variables:
+    QA_SCENARIO: "Test::Integration::MTLS"
+
+ee:mtls:
+  extends:
+    - .test
+    - .ee-qa
+    - .rspec-report-opts
+  variables:
+    QA_SCENARIO: "Test::Integration::MTLS"
+
 ce:smtp:
   extends:
     - .test

data/docs/what_tests_can_be_run.md

@@ -1,4 +1,3 @@
-
 # What tests can be run?
 [[_TOC_]]
 ## The two types of QA tests
@@ -142,6 +141,30 @@ To run EE tests, the `EE_LICENSE` environment variable needs to be set:
 
 `$ export EE_LICENSE=$(cat /path/to/GitLab.gitlab_license)`
 
+## Running a specific test (or set of tests)
+
+In most of the scenarios listed below, if you don't want to run all the tests
+it's possible to specify one or more tests. The framework uses RSpec, so tests can be
+specified as you would when using RSpec.
+
+For example, the following would run `create_merge_request_spec.rb`:
+
+```shell
+$ gitlab-qa Test::Instance::Image EE -- qa/specs/features/browser_ui/3_create/merge_request/create_merge_request_spec.rb
+```
+
+While the following would run all Create UI tests:
+
+```shell
+$ gitlab-qa Test::Instance::Image EE -- qa/specs/features/browser_ui/3_create
+```
+
+And the following would run all Create API tests as well as UI tests:
+
+```shell
+$ gitlab-qa Test::Instance::Image EE -- qa/specs/features/browser_ui/3_create qa/specs/features/api/3_create
+```
+
 ## Examples
 
 ### `Test::Instance::Image CE|EE|<full image address>`

data/lib/gitlab/qa.rb

@@ -58,6 +58,7 @@ module Gitlab
           autoload :GitalyCluster, 'gitlab/qa/scenario/test/integration/gitaly_cluster'
           autoload :Jira, 'gitlab/qa/scenario/test/integration/jira'
           autoload :SSHTunnel, 'gitlab/qa/scenario/test/integration/ssh_tunnel'
+          autoload :MTLS, 'gitlab/qa/scenario/test/integration/mtls'
         end
 
         module Sanity

data/lib/gitlab/qa/component/gitlab.rb

@@ -16,8 +16,12 @@ module Gitlab
 
         def_delegators :release, :tag, :image, :edition
 
-        CERTIFICATES_PATH = File.expand_path('../../../../tls_certificates/gitlab'.freeze, __dir__)
+        GITLAB_CERTIFICATES_PATH = File.expand_path('../../../../tls_certificates/gitlab'.freeze, __dir__)
+        GITALY_CERTIFICATES_PATH = File.expand_path('../../../../tls_certificates/gitaly/ssl'.freeze, __dir__)
+        TRUSTED_CERTIFICATES_PATH = File.expand_path('../../../../tls_certificates/gitaly/trusted-certs'.freeze, __dir__)
+
         SSL_PATH = '/etc/gitlab/ssl'.freeze
+        TRUSTED_PATH = '/etc/gitlab/trusted-certs'.freeze
 
         def initialize
           super
@@ -25,7 +29,7 @@ module Gitlab
           @disable_animations = true
           @skip_availability_check = false
 
-          @volumes[CERTIFICATES_PATH] = SSL_PATH
+          @volumes[GITLAB_CERTIFICATES_PATH] = SSL_PATH
 
           self.release = 'CE'
         end
@@ -64,6 +68,16 @@ module Gitlab
           tls ? '443' : '80'
         end
 
+        def mtls
+          @volumes.delete(GITLAB_CERTIFICATES_PATH)
+          @volumes[GITALY_CERTIFICATES_PATH] = SSL_PATH
+          set_trusted_certificates
+        end
+
+        def set_trusted_certificates
+          @volumes[TRUSTED_CERTIFICATES_PATH] = TRUSTED_PATH
+        end
+
         def relative_path
           @relative_path ||= ''
         end

data/lib/gitlab/qa/component/specs.rb

@@ -10,6 +10,9 @@ module Gitlab
       class Specs < Scenario::Template
         attr_accessor :suite, :release, :network, :args, :volumes, :env, :runner_network
 
+        TRUSTED_CERTIFICATES_PATH = File.expand_path('../../../../tls_certificates/gitaly/trusted-certs'.freeze, __dir__)
+        TRUSTED_PATH = '/etc/ssl/certs'.freeze
+
         def initialize
           @docker = Docker::Engine.new
           @volumes = {}
@@ -62,6 +65,10 @@ module Gitlab
           end
         end
 
+        def mtls
+          @volumes[TRUSTED_CERTIFICATES_PATH] = TRUSTED_PATH
+        end
+
         private
 
         def args_with_flags(args, feature_flag_set)

data/lib/gitlab/qa/report/generate_test_session.rb

@@ -22,6 +22,11 @@ module Gitlab
             labels: ['Quality', 'QA', 'triage report', pipeline_name_label]
           )
 
+          # Workaround for https://gitlab.com/gitlab-org/gitlab/-/issues/295493
+          gitlab.create_issue_note(
+            iid: issue.iid,
+            note: "/relate #{Runtime::Env.qa_issue_url}")
+
           File.write('REPORT_ISSUE_URL', issue.web_url)
         end
         # rubocop:enable Metrics/AbcSize

data/lib/gitlab/qa/report/relate_failure_issue.rb

@@ -9,8 +9,9 @@ module Gitlab
     module Report
       # Uses the API to create or update GitLab issues with the results of tests from RSpec report files.
       class RelateFailureIssue < ReportAsIssue
-        DEFAULT_MAX_DIFF_RATIO_FOR_DETECTION = 0.05
-        STACKTRACE_REGEX = %r{### Stack trace\s*(```)\s*(?!.*Failure/Error:)?(.+)(\1)}m.freeze
+        DEFAULT_MAX_DIFF_RATIO_FOR_DETECTION = 0.15
+        FAILURE_STACKTRACE_REGEX = %r{((.*Failure\/Error:(?<stacktrace>.+))|(?<stacktrace>.+))}m.freeze
+        ISSUE_STACKTRACE_REGEX = /### Stack trace\s*(```)#{FAILURE_STACKTRACE_REGEX}(```)/m.freeze
         NEW_ISSUE_LABELS = Set.new(%w[QA Quality test failure::investigating priority::2]).freeze
 
         MultipleIssuesFound = Class.new(StandardError)
@@ -77,7 +78,8 @@ module Gitlab
 
         def find_relevant_failure_issues(test) # rubocop:disable Metrics/AbcSize
           ld = Class.new.extend(Gem::Text).method(:levenshtein_distance)
-          first_test_failure_stacktrace = test.failures.first['message_lines'].join("\n")
+          full_stacktrace = test.failures.first['message_lines'].join("\n")
+          first_test_failure_stacktrace = sanitize_stacktrace(full_stacktrace, FAILURE_STACKTRACE_REGEX) || full_stacktrace
 
           # Search with the `search` param returns 500 errors, so we filter by ~QA and then filter further in Ruby
           failure_issues(test).each_with_object({}) do |issue, memo|
@@ -88,7 +90,7 @@ module Gitlab
             diff_ratio = distance.zero? ? 0.0 : (distance.to_f / first_test_failure_stacktrace.size).round(3)
 
             if diff_ratio <= max_diff_ratio
-              puts "  => [DEBUG] Issue #{issue} has an acceptable diff ratio of #{(diff_ratio * 100).round(2)}%."
+              puts "  => [DEBUG] Issue #{issue.web_url} has an acceptable diff ratio of #{(diff_ratio * 100).round(2)}%."
               # The `Gitlab::ObjectifiedHash` class overrides `#hash` which is used by `Hash#[]=` to compute the hash key.
               # This leads to a `TypeError Exception: no implicit conversion of Hash into Integer` error, so we convert the object to a hash before using it as a Hash key.
               # See:
@@ -96,18 +98,27 @@ module Gitlab
               # - https://github.com/NARKOZ/gitlab/commit/cbdbd1e32623f018a8fae39932a8e3bc4d929abb?_pjax=%23js-repo-pjax-container#r44484494
               memo[issue.to_h] = diff_ratio
             else
-              puts "  => [DEBUG] Found issue #{issue.web_url} but stacktraces are too different (#{(diff_ratio * 100).round(2)}%)."
+              puts "  => [DEBUG] Found issue #{issue.web_url} but stacktraces are too different (#{(diff_ratio * 100).round(2)}%).\n"
+              puts "  => [DEBUG] Issue stacktrace:\n----------------\n#{relevant_issue_stacktrace}\n----------------\n"
+              puts "  => [DEBUG] Failure stacktrace:\n----------------\n#{first_test_failure_stacktrace}\n----------------\n"
             end
           end
         end
 
         def find_issue_stacktrace(issue)
-          issue_stacktrace_match = issue.description.match(STACKTRACE_REGEX)
+          issue_stacktrace = sanitize_stacktrace(issue.description, ISSUE_STACKTRACE_REGEX)
+          return issue_stacktrace if issue_stacktrace
 
-          if issue_stacktrace_match
-            issue_stacktrace_match[2].gsub(/^#.*$/, '').strip
+          puts "  => [DEBUG] Stacktrace couldn't be found for #{issue.web_url}!"
+        end
+
+        def sanitize_stacktrace(stacktrace, regex)
+          stacktrace_match = stacktrace.match(regex)
+
+          if stacktrace_match
+            stacktrace_match[:stacktrace].gsub(/^\s*#.*$/, '').gsub(/^[[:space:]]+/, '').strip
           else
-            puts "  => [DEBUG] Stacktrace couldn't be found for #{issue.web_url}:\n\n#{issue.description}\n\n----------------------------------\n"
+            puts "  => [DEBUG] Stacktrace doesn't match the expected regex (#{regex}):\n----------------\n#{stacktrace}\n----------------\n"
           end
         end
 

data/lib/gitlab/qa/scenario/test/integration/mtls.rb

@@ -0,0 +1,114 @@
+module Gitlab
+  module QA
+    module Scenario
+      module Test
+        module Integration
+          class MTLS < Scenario::Template
+            def initialize
+              @gitlab_name = 'gitlab'
+              @gitaly_name = 'gitaly'
+              @spec_suite = 'Test::Instance::All'
+              @network = 'test'
+              @env = {}
+              @tag = 'mtls'
+            end
+
+            # rubocop:disable Metrics/AbcSize
+            def perform(release, *rspec_args)
+              Component::Gitlab.perform do |gitaly|
+                gitaly.release = QA::Release.new(release)
+                gitaly.name = @gitaly_name
+                gitaly.network = @network
+                gitaly.skip_availability_check = true
+
+                gitaly.set_accept_insecure_certs
+                gitaly.omnibus_config = gitaly_omnibus
+                gitaly.mtls
+
+                gitaly.instance do
+                  Component::Gitlab.perform do |gitlab|
+                    gitlab.release = QA::Release.new(release)
+                    gitlab.name = @gitlab_name
+                    gitlab.network = @network
+
+                    gitlab.set_accept_insecure_certs
+                    gitlab.omnibus_config = gitlab_omnibus
+                    gitlab.tls = true
+                    gitlab.set_trusted_certificates
+
+                    gitlab.instance do
+                      puts "Running mTLS specs!"
+
+                      if @tag
+                        rspec_args << "--" unless rspec_args.include?('--')
+                        rspec_args << "--tag" << @tag
+                      end
+
+                      Component::Specs.perform do |specs|
+                        specs.suite = @spec_suite
+                        specs.release = gitlab.release
+                        specs.network = gitlab.network
+                        specs.args = [gitlab.address, *rspec_args]
+                        specs.env = @env
+                        specs.mtls
+                      end
+                    end
+                  end
+                end
+              end
+            end
+            # rubocop:enable Metrics/AbcSize
+
+            def gitlab_omnibus
+              <<~OMNIBUS
+                gitaly['enable'] = false;
+
+                external_url 'https://#{@gitlab_name}.#{@network}';
+
+                gitlab_rails['gitaly_token'] = 'abc123secret';
+                gitlab_shell['secret_token'] = 'shellsecret';
+
+                git_data_dirs({
+                  'default' => { 'gitaly_address' => 'tls://#{@gitaly_name}.#{@network}:9999' },
+                  'storage1' => { 'gitaly_address' => 'tls://#{@gitaly_name}.#{@network}:9999' },
+                });
+              OMNIBUS
+            end
+
+            def gitaly_omnibus
+              <<~OMNIBUS
+                gitaly['tls_listen_addr'] = '0.0.0.0:9999';
+                gitaly['certificate_path'] = '/etc/gitlab/ssl/gitaly.test.crt';
+                gitaly['key_path'] = '/etc/gitlab/ssl/gitaly.test.key';
+
+                postgresql['enable'] = false;
+                redis['enable'] = false;
+                nginx['enable'] = false;
+                puma['enable'] = false;
+                sidekiq['enable'] = false;
+                gitlab_workhorse['enable'] = false;
+                grafana['enable'] = false;
+                gitlab_exporter['enable'] = false;
+                alertmanager['enable'] = false;
+                prometheus['enable'] = false;
+
+                gitlab_rails['rake_cache_clear'] = false;
+                gitlab_rails['auto_migrate'] = false;
+
+                gitaly['auth_token'] = 'abc123secret';
+                gitlab_shell['secret_token'] = 'shellsecret';
+
+                gitlab_rails['internal_api_url'] = 'https://#{@gitlab_name}.#{@network}';
+
+                git_data_dirs({
+                  'default' => { 'path' => '/var/opt/gitlab/git-data' },
+                  'storage1' => { 'path' => '/mnt/gitlab/git-data' },
+                })
+              OMNIBUS
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/gitlab/qa/scenario/test/integration/ssh_tunnel.rb

@@ -27,7 +27,7 @@ module Gitlab
                       nginx['listen_port'] = 80;
                       nginx['listen_https'] = false;
                       # documentation: https://docs.gitlab.com/omnibus/settings/database.html#seed-the-database-fresh-installs-only
-                      gitlab_rails['initial_root_password'] = '#{Runtime::Env.require_initial_password}'
+                      gitlab_rails['initial_root_password'] = '#{Runtime::Env.require_initial_password!}'
 
                       registry_external_url '#{tunnel_registry.url}';
                       registry_nginx['listen_port'] = 80;

data/lib/gitlab/qa/version.rb

@@ -1,5 +1,5 @@
 module Gitlab
   module QA
-    VERSION = '6.17.0'.freeze
+    VERSION = '6.19.0'.freeze
   end
 end

data/tls_certificates/gitaly/ssl/gitaly.test.crt

@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIFrzCCA5egAwIBAgIUIqdRX5bciBv3inrKacD6KIK4Xi0wDQYJKoZIhvcNAQEL
+BQAwZzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMRYwFAYDVQQHDA1TYW4gRnJh
+bmNpc2NvMQ8wDQYDVQQKDAZHaXRMYWIxDDAKBgNVBAsMA09yZzEUMBIGA1UEAwwL
+Z2l0YWx5LnRlc3QwHhcNMjEwMTA3MDY0MDAwWhcNMzEwMTA1MDY0MDAwWjBnMQsw
+CQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28x
+DzANBgNVBAoMBkdpdExhYjEMMAoGA1UECwwDT3JnMRQwEgYDVQQDDAtnaXRhbHku
+dGVzdDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANm0Y3/IdUh2Fvme
+2XiKy7JNVfBA3clFQJSc8HjXBrB4+p6AFUL1xuUymLJQY71tpcwD5ly90wGtS5wn
+Qw7UVfB1Kia61b8dG73YFkoqnANBfe9dLGAzelIEfueX7ziAU4yIQXu8fReXSM8r
+db/ppuZK7PkhIS0WCdLchyVaPepXTK/SkfNjZlaEVfqlkPNOH68XNGfeW8/O9fZ0
+Z8Nr179jvYcWeMSNrp5rlfp3sq78KE4OykUHFkh40qScT1Taz68NTKQbkXFLVhVM
+OxS02Gl/Hq1Aa7cwhBLcZY1FQHlGHEW3metYXoboudcLYtLiRHvoKafE3RR/9+E8
+ptqphmR37lCcmeFRdzCSlDzFMqJnCIk2jdz0TFU8U+Cf9tfyUCZ8Wy+ZkwW8oBhh
+fBJMXvAYBb8f7rTusHxZlYt3/yPHSMAulC/fPrTRwL3oBbNLxEJeJRfQRVKudAqT
+bzXQ9iK4KegXXj2ZDB9MvfpqzbgYsTunMAOBoHrNQHzNTnFqofG9ca+fW0AI3aXu
+/PoK7UXsGiDQW3VjJmqEybVBDmKSNRffmOdHF2dG0ddCujFo7+g1qyL6/9RoL6If
+QGIidebKeoDnlUBoy2LxX5VAooRiIB7BVvqdNwjTn74XvztcTLZC4q/jAmtte0o0
+/pzh/b2qNvlgkPsIlQOvIfsbmD+DAgMBAAGjUzBRMB0GA1UdDgQWBBTgDy+gHWz0
+PhJ6iJUQS5LvMwTG8zAfBgNVHSMEGDAWgBTgDy+gHWz0PhJ6iJUQS5LvMwTG8zAP
+BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQC6bJWi+ZwKp+cqkoot
+ZaI5mSgnSfsGDy7ywgn/Wh+X2I6m6tmdfqSX7NBLGsbbSXQjZDMUkwFGXqs4+BuL
+tu3B4JAw3XOJtIl2mF8htVYf8ZA2GvkPQLRN4vtahf4yL88/amB82eBEWDJDVWfA
+lu4kJnZeP38C5NBGYwQZwX0Onn0nHdFw7vwmrq0D+If9WYPlB60R2iClLGLQ5Dk9
+ERlSJZWuVSNEI5F1K5/mwoeNgx/y627zvCZdy9CQyZt0gNgTHqjNsZ3ccd1yFj9o
+AnWDvQnyQiht68Szf2Y2ddV0DEGeiSBW5yhQqeLvoTlua1XebFQTIjnWITdYIzbv
+BpFziDcoMUNpwJXhNC2jsezLpHfPo5ZANZZLk1Kbi13N7FFakcn8uMgFjsVC0U5e
+dF5cDP9/q/NdpHB6n+rKK6QrIVtTFvuvEPA7s6rJYm/bst9zidhjXTUuGAZYIEy8
+0SF3EP/59GVvMhArRQ99EgOEQyYvmnwlJPRXJg8HtG78HJ7gE+9fPapNUHZDdk7o
+ySpeyCC6lS660eRrFtcORQ0aXId0LS8UAYAAWfRq+RJiSxnqFJdfOSE73VE27GuX
+BNvj/zv5QjKxY5M+T+9D5CWeL0jeo72+A4hiXX79+pKR5GppXtrCzdpvq3Et9yrg
+5OPk1+2KXQff+lh0m2IKJcYu3g==
+-----END CERTIFICATE-----

data/tls_certificates/gitaly/ssl/gitaly.test.key

@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDZtGN/yHVIdhb5
+ntl4isuyTVXwQN3JRUCUnPB41wawePqegBVC9cblMpiyUGO9baXMA+ZcvdMBrUuc
+J0MO1FXwdSomutW/HRu92BZKKpwDQX3vXSxgM3pSBH7nl+84gFOMiEF7vH0Xl0jP
+K3W/6abmSuz5ISEtFgnS3IclWj3qV0yv0pHzY2ZWhFX6pZDzTh+vFzRn3lvPzvX2
+dGfDa9e/Y72HFnjEja6ea5X6d7Ku/ChODspFBxZIeNKknE9U2s+vDUykG5FxS1YV
+TDsUtNhpfx6tQGu3MIQS3GWNRUB5RhxFt5nrWF6G6LnXC2LS4kR76CmnxN0Uf/fh
+PKbaqYZkd+5QnJnhUXcwkpQ8xTKiZwiJNo3c9ExVPFPgn/bX8lAmfFsvmZMFvKAY
+YXwSTF7wGAW/H+607rB8WZWLd/8jx0jALpQv3z600cC96AWzS8RCXiUX0EVSrnQK
+k2810PYiuCnoF149mQwfTL36as24GLE7pzADgaB6zUB8zU5xaqHxvXGvn1tACN2l
+7vz6Cu1F7Bog0Ft1YyZqhMm1QQ5ikjUX35jnRxdnRtHXQroxaO/oNasi+v/UaC+i
+H0BiInXmynqA55VAaMti8V+VQKKEYiAewVb6nTcI05++F787XEy2QuKv4wJrbXtK
+NP6c4f29qjb5YJD7CJUDryH7G5g/gwIDAQABAoICAA9QUxdwAGACfoc8l0uVZ9K5
+AeyOg4te5bYOfBPj/EJ5oBd6JwS4yS7iKj+QzBNNHTaGp7OqXqdli0YGtP7cDNeH
+RlnHFrYE1Ci8hITfDm5kMvmdcjuqI1aVnl+oHlm5HSdrhj+v+JSqPaLlCblgNC9K
+4fR8Uhsby8EbZh5IhMZxMaHEjCO0wEQhtvKUpueWfUARv8v2pjqt8jtN4OasNVbv
+KyvPdttMpBXct4YQ2W7ZqfQjsjK81uJuLVMK88GiSq2jn9qDXe28QOfqntVMC1UQ
+bhX9zBXswb2Z50LStkBRoDd/PMKDStLul/P6hw8Sf4K/x/5XKL4CamtbmtkSx7M0
+Ter6v6q4ygKWPUc03gyyBMYf8vaTpiUGHP8N9Zl6tbL0YXn6OzQVROnVLTlJBTsO
+McrHpCja5Q79SkRLyQAcIUMnVgNPbPOH3gP/U8anEWWF/DrthzMf78JsCwmKGn9K
+8uJBUsXGuvyUVo4HKkEk9/+vuVU9mUvYhJTThobLDzAbD/V912fYk0pYtEQZTJYj
+8mov+3T23w3t2WqJz5eGy3haP7BzqSshQjrd/csJSiLuFHYCzs4mX3Yd2xl/NTD7
+S6dBSu4E/PP59gfn7zIxZcIZHQKjpow/RyG9XAnKhK8wNh8uN++knSQGcg7nEOD5
+BTm7Apu/eOFnLooV2sgRAoIBAQDtRJGXnxSFz98BVf2W43Xz043DaZVTBqYspujy
+Tzk2g48pZu7c+PjSY/P9TXHxuoQCMflZEz/xcZEZGgJjsTGb/v8XniHimJtnfQAx
+47niOYwpRXpz6twaCp5K5QebjMkv/GcMPv2MFAmz6s/r/fIpgGkQ46BWcKxTjr4P
+9h4WPhEbdcTI8YTzIrQUn+hvh1krB2V3J74iaRhGo6/RWbr9jXXfAMLbh0krJr7X
+FzYSD2LV6GXYs4bnZYNFptjVP8kKC9FcbKL8HTvmNl3rkJu1dByUT+N4sWN8WEz+
+ev8DB1lY/I39hFJ4y3ZQnADLyIFLS9p30SlWUFdOockXzM5/AoIBAQDq5G1Z6Cu6
+ns0qoObESRbmaJ5WwqBV0ges1BucEgyrL3SrAMh4ya3RonsgYAYS+mF0hE74j689
+HJtg19oKkewb4p3ZeoRM0lw6wT/p5o6F3DL26gD/YvqSB8ddq/eAmVzIlZ097oso
+Ixqh3nldlo8AV4wT2pr7Se/qZkI7b/bWVbUxeUbPCHUBV7bg/kmbXC6yKO/b8VvU
+c8DPrWKpOqId+/oXP7KBdqPqR+jDHhfu99T+gN+apRmSP3ygAGqhlLs2PB8b+XOO
+8djqZaRJdU2ZBDhv7+RZp79zTSkaR0gXKYCgTXRltU2uHkzAZWwn/XrnoDj+8WwR
+v1lo1WvbUdT9AoIBAQCAb6GwRbjCRqgc/QNs7mwnNNmEcl8Wtn61pRRsNl5uGAEj
+FEkw7MUkfl7RO172z1QuLAciJL10YVl+EQpCFOUZ4IsNqdgF5T4aYxv75Z31y9kH
+bki+/t9uaVkOibP4i9lMVIEjq+VsMlyeO/mZcbnopU46ij19DTj7ckWINl5LBAYW
+q0V+0N57DsoUcAtOdCHcnQBb4/OUhPdTJcBCvyPtpOmtcagJVc5RwYOEw1fNpu6F
+hGu9RlE8aUMKLSsrJIAbJBKMyXHgr6KBF+T3YywmqVffIO+tobiM0u+6wbHRXeUL
+uorSNRK/uMOvFwOHTF5Q+BqmyV5rDsp0Ejfc3kzZAoIBAQCLdFTLxQB5SqCqR17a
+eD5FSyV+gwxoB0sRO9isfzbQR1tvzwY2WB5/UITjQr84czh60baE8eFrWdmR1HUa
+Q2o3YAKxRIDZjya8p1EH0B8bsBD98Q3okd4L5txha6CE1Ah2+gSh6Ubq7HR6V7gc
+bS+3V0LN4sKSoGH0+wMlgKK+u6HYnpUAg5fb1TS5PZ97wm3izlUhcpk/d/2oDtt9
+d1cakCf5t5KGNGa6yDiT5wD0mmT1OJQIny6gWlrmL3kfN0sytt0NYbtOyZ0sBG5W
+QnNwfkX3hyg+Zk5O6SeW920Ae15nTbTmUY6t6kVNEKn20BIxBDnyemjb3Iv7poHj
+cyENAoIBAGOK2yNK9WG38emchXiRJ/HevdMs3nyRAldcRLAC867zV9NdVu96wE43
+XFaXtLBiseoF11/w7URi/r15Ez/qhe4AqdMZcD3ARaBLe6pLFv69C70iHDuuWocb
+FJ2hN3H4kZBm26Li3tJrfiuV99pIKG0L+l6x9EgdmDMkwuWJ0CC+n/nLgfHEaCqS
+0zdUEdNfx5Yf5RdAyyvBoBYSUR9Dq9s03lRKROPlfNYB53xxHkOwGZECuCUYm0yG
+sBQvqdnGhIp6GXXoLIVc13iWozzXEZT6gVR4iSU6p2MyRTzFp2ER9wM5ah4qcfEw
+nh4iw7J+eIfaBUd7gtbLgkmkz5Bt21g=
+-----END PRIVATE KEY-----

data/tls_certificates/gitaly/trusted-certs/gitaly.test.crt

@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIFrzCCA5egAwIBAgIUIqdRX5bciBv3inrKacD6KIK4Xi0wDQYJKoZIhvcNAQEL
+BQAwZzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMRYwFAYDVQQHDA1TYW4gRnJh
+bmNpc2NvMQ8wDQYDVQQKDAZHaXRMYWIxDDAKBgNVBAsMA09yZzEUMBIGA1UEAwwL
+Z2l0YWx5LnRlc3QwHhcNMjEwMTA3MDY0MDAwWhcNMzEwMTA1MDY0MDAwWjBnMQsw
+CQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28x
+DzANBgNVBAoMBkdpdExhYjEMMAoGA1UECwwDT3JnMRQwEgYDVQQDDAtnaXRhbHku
+dGVzdDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANm0Y3/IdUh2Fvme
+2XiKy7JNVfBA3clFQJSc8HjXBrB4+p6AFUL1xuUymLJQY71tpcwD5ly90wGtS5wn
+Qw7UVfB1Kia61b8dG73YFkoqnANBfe9dLGAzelIEfueX7ziAU4yIQXu8fReXSM8r
+db/ppuZK7PkhIS0WCdLchyVaPepXTK/SkfNjZlaEVfqlkPNOH68XNGfeW8/O9fZ0
+Z8Nr179jvYcWeMSNrp5rlfp3sq78KE4OykUHFkh40qScT1Taz68NTKQbkXFLVhVM
+OxS02Gl/Hq1Aa7cwhBLcZY1FQHlGHEW3metYXoboudcLYtLiRHvoKafE3RR/9+E8
+ptqphmR37lCcmeFRdzCSlDzFMqJnCIk2jdz0TFU8U+Cf9tfyUCZ8Wy+ZkwW8oBhh
+fBJMXvAYBb8f7rTusHxZlYt3/yPHSMAulC/fPrTRwL3oBbNLxEJeJRfQRVKudAqT
+bzXQ9iK4KegXXj2ZDB9MvfpqzbgYsTunMAOBoHrNQHzNTnFqofG9ca+fW0AI3aXu
+/PoK7UXsGiDQW3VjJmqEybVBDmKSNRffmOdHF2dG0ddCujFo7+g1qyL6/9RoL6If
+QGIidebKeoDnlUBoy2LxX5VAooRiIB7BVvqdNwjTn74XvztcTLZC4q/jAmtte0o0
+/pzh/b2qNvlgkPsIlQOvIfsbmD+DAgMBAAGjUzBRMB0GA1UdDgQWBBTgDy+gHWz0
+PhJ6iJUQS5LvMwTG8zAfBgNVHSMEGDAWgBTgDy+gHWz0PhJ6iJUQS5LvMwTG8zAP
+BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQC6bJWi+ZwKp+cqkoot
+ZaI5mSgnSfsGDy7ywgn/Wh+X2I6m6tmdfqSX7NBLGsbbSXQjZDMUkwFGXqs4+BuL
+tu3B4JAw3XOJtIl2mF8htVYf8ZA2GvkPQLRN4vtahf4yL88/amB82eBEWDJDVWfA
+lu4kJnZeP38C5NBGYwQZwX0Onn0nHdFw7vwmrq0D+If9WYPlB60R2iClLGLQ5Dk9
+ERlSJZWuVSNEI5F1K5/mwoeNgx/y627zvCZdy9CQyZt0gNgTHqjNsZ3ccd1yFj9o
+AnWDvQnyQiht68Szf2Y2ddV0DEGeiSBW5yhQqeLvoTlua1XebFQTIjnWITdYIzbv
+BpFziDcoMUNpwJXhNC2jsezLpHfPo5ZANZZLk1Kbi13N7FFakcn8uMgFjsVC0U5e
+dF5cDP9/q/NdpHB6n+rKK6QrIVtTFvuvEPA7s6rJYm/bst9zidhjXTUuGAZYIEy8
+0SF3EP/59GVvMhArRQ99EgOEQyYvmnwlJPRXJg8HtG78HJ7gE+9fPapNUHZDdk7o
+ySpeyCC6lS660eRrFtcORQ0aXId0LS8UAYAAWfRq+RJiSxnqFJdfOSE73VE27GuX
+BNvj/zv5QjKxY5M+T+9D5CWeL0jeo72+A4hiXX79+pKR5GppXtrCzdpvq3Et9yrg
+5OPk1+2KXQff+lh0m2IKJcYu3g==
+-----END CERTIFICATE-----

data/tls_certificates/gitaly/trusted-certs/gitlab.test.crt

@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFSjCCAzICCQDft0SZAQGuIzANBgkqhkiG9w0BAQsFADBnMQswCQYDVQQGEwJV
+UzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDzANBgNVBAoM
+BkdpdExhYjEMMAoGA1UECwwDT3JnMRQwEgYDVQQDDAtnaXRsYWIudGVzdDAeFw0x
+ODEwMjUwOTU0MzRaFw0yODEwMjIwOTU0MzRaMGcxCzAJBgNVBAYTAlVTMQswCQYD
+VQQIDAJDQTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEPMA0GA1UECgwGR2l0TGFi
+MQwwCgYDVQQLDANPcmcxFDASBgNVBAMMC2dpdGxhYi50ZXN0MIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEAykiE+PF8CBAP/k0NMHiMJ+TqMnupLl5Ypo0N
+TH/Y8qFEqV4MaiGoqHwHiqY3tC0Zshe7uowS7NDnmTH/5DeNOmi/zI+FhTEHJKhP
+DM5Q0MXJrUIi6eGmojB5l/3t3OBnvoFaC0zpkpg5uR8QL5RbB8Gyf5/5eCEbP3/h
+R2q9JFUOEyTYEyv+1K/WegQyaLPtiPtvfTTmx1uEDfP1vuiMKuPOQ/3N8nFky1ny
+8c0P2wQv6E/qtRafKxaPbA/OmSpx0JGol43EjgOqy5FIJBT+yYP2navvAw+BvZ3k
+6qiQL6dx5pOGPAd8uxLmcj4In54IZWxs8fxUlNpcLWbo8noVxIQP2j7MAGXwGatM
+eaUnyD5DmHlHS92gvHU3nKagDEuJjnBCCWtaVugeAWuW+8fJHgYbwuRQ8h/5hTWc
+T80cEHDmKB/Uft4QLc65C7LQjKmfeX5qLgufk+dMmWj116csejiTFPCue0/RjSxK
+C/562dbt/ZcScLXymkUiewc7FzHKExquY42I/yudoMYS9EBAyDcDE72WrUcIpECH
+OMIt+EgXoDw1e/aTc5orlBIFjhknnPnP5RtrBj/OdXEgwMfD/N+ZYpY43ZIjBHWM
+Zpj4YxLdBXkFJ/JG632Pp+bOgF5TgzCnV2Je6r1VMAAH8U0B105xAnyl5qtepUO5
++THpCdUCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEADFyEMU0aLOrNO60PerQ25kE9
+jqzVhySyg6Pwsus7LIKTQLeo9abGmdjcbuqmBRLdxCYHbjbgW07I28YS4x4m7/ay
+YAePaMRb4Qt1yyaWcPIsw57sMnoC8iqRqXJPyr8i9F+RtzoC7Hki6zORxms8TF5C
+FbNB2ZBO/mbe8Lro0G1j5rxrvndQ6/OnwLQFW/VCfDDOIM7TXm6yYyiUpj3MSBay
+LDJaT9N5xMxF82OjcMB0/flWFxI7QmNXTe7M6HQbp05Jyw9VCEAVflI7zkaYY329
+7XvVJbpf1A3SegqxGlF2gD31cxViYBRV7t0pO6mcwt0/iAzAVicg/qtoPUg8zFwN
+xU89jk+UV5oTQc06u6CbIuF1eYy3MJGmQlCsEd/OOC9zl7xRHBA4ro3CTCH238L6
+lGEi8FRombuPcv3hD9PuW/RAQ5v03lF9D7UVtEHtb2VCZ0EXL8YFRuqQpPvdPqQ+
+znaohk2jKRSttvZCXw5TaWdDctDue/b70cEVPoAzXACjaX/oOau+MJvMaI7i5BXF
+JhBcoXh7FXIgyDszzgGq5DxjCcpy0X5o2TGC5id8zUNBY8ek6UV3mHk2FQzYf+7C
+8Qvv++R3+Ubk5DryuuWa/R2ybemQja830Fgiab9hgvhhgCOCbmxLIKVrePenMOXc
+vvjQTrP9ZinR50bKUf8=
+-----END CERTIFICATE-----

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-qa
 version: !ruby/object:Gem::Version
-  version: 6.17.0
+  version: 6.19.0
 platform: ruby
 authors:
 - Grzegorz Bizon
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-12-22 00:00:00.000000000 Z
+date: 2021-01-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: climate_control
@@ -305,6 +305,7 @@ files:
 - lib/gitlab/qa/scenario/test/integration/ldap_no_tls.rb
 - lib/gitlab/qa/scenario/test/integration/ldap_tls.rb
 - lib/gitlab/qa/scenario/test/integration/mattermost.rb
+- lib/gitlab/qa/scenario/test/integration/mtls.rb
 - lib/gitlab/qa/scenario/test/integration/object_storage.rb
 - lib/gitlab/qa/scenario/test/integration/packages.rb
 - lib/gitlab/qa/scenario/test/integration/praefect.rb
@@ -321,6 +322,10 @@ files:
 - lib/gitlab/qa/support/http_request.rb
 - lib/gitlab/qa/support/invalid_response_error.rb
 - lib/gitlab/qa/version.rb
+- tls_certificates/gitaly/ssl/gitaly.test.crt
+- tls_certificates/gitaly/ssl/gitaly.test.key
+- tls_certificates/gitaly/trusted-certs/gitaly.test.crt
+- tls_certificates/gitaly/trusted-certs/gitlab.test.crt
 - tls_certificates/gitlab/gitlab.test.crt
 - tls_certificates/gitlab/gitlab.test.key
 homepage: http://about.gitlab.com