gitlab-qa 7.6.0 → 7.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1a3edbc7044be8bd41d66f9a132918f13eafb37c31afce7423ec40f494678624
-  data.tar.gz: 4b4884f9b89b1c2575914d3e6257d7b7754bcf7af566e5f15451e18ebfde024b
+  metadata.gz: b1a1313f56de2ef2b59bdaccf1bc7d035d6bffd01c5d5d2ddaca7365293017c9
+  data.tar.gz: 3fd92bbd855ab71f59f48e605eb9aa9385fe9173113b85c83a8d592ec28fb0b9
 SHA512:
-  metadata.gz: b42783395647923f61c5581e684e2427866ee873577bc9ce7a3ab88b432e8e9719119042e730889e0ac52828a5029731092f422376f45685d99988e335d79c4b
-  data.tar.gz: b4f70c9b678bc6fc4292951564da6f7bbeced7b611a53b555e538824d11bf9fa5abbf38b5215be753b4b673e6724d3083daed6890b7f861840b91b5246f8e195
+  metadata.gz: 577ede9a1cb24fb98710686ede8c7da92fe7a2e357aa6094bd6ddcdb6a6418660a5983f926a470dc367ad41655466bab93522e22721dae757f26fada187ad6ea
+  data.tar.gz: db1ac78a81bd21165d5f34c81970dd9c02025c522876d39590b24e807d87833482e0c5cee4ea13a6106bde12f797132aaaf3a4c8179b8fc2741815e82acbbded

data/.gitlab-ci.yml

@@ -640,57 +640,16 @@ ee:group_saml-quarantine:
   variables:
     QA_SCENARIO: "Test::Integration::GroupSAML"
 
-ce:kubernetes:
-  extends:
-    - .test
-    - .high-capacity
-    - .ce-qa
-    - .rspec-report-opts
-  allow_failure: true
-  variables:
-    QA_SCENARIO: "Test::Integration::Kubernetes"
-
-ce:kubernetes-quarantine:
-  extends:
-    - .test
-    - .high-capacity
-    - .ce-qa
-    - .quarantine
-    - .rspec-report-opts
-  variables:
-    QA_SCENARIO: "Test::Integration::Kubernetes"
-
-ee:kubernetes:
-  extends:
-    - .test
-    - .high-capacity
-    - .ee-qa
-    - .rspec-report-opts
-  allow_failure: true
-  variables:
-    QA_SCENARIO: "Test::Integration::Kubernetes"
-
-ee:kubernetes-quarantine:
-  extends:
-    - .test
-    - .high-capacity
-    - .ee-qa
-    - .quarantine
-    - .rspec-report-opts
-  variables:
-    QA_SCENARIO: "Test::Integration::Kubernetes"
-
-ce:ssh_tunnel:
+ce:object_storage:
   extends:
     - .test
     - .high-capacity
     - .ce-qa
     - .rspec-report-opts
-  allow_failure: true
   variables:
-    QA_SCENARIO: "Test::Integration::SSHTunnel"
+    GITLAB_QA_OPTS: "--omnibus-config object_storage"
 
-ce:ssh_tunnel-quarantine:
+ce:object_storage-quarantine:
   extends:
     - .test
     - .high-capacity
@@ -698,19 +657,19 @@ ce:ssh_tunnel-quarantine:
     - .quarantine
     - .rspec-report-opts
   variables:
-    QA_SCENARIO: "Test::Integration::SSHTunnel"
+    GITLAB_QA_OPTS: "--omnibus-config object_storage"
 
-ee:ssh_tunnel:
+ee:object_storage_aws:
   extends:
     - .test
     - .high-capacity
     - .ee-qa
     - .rspec-report-opts
-  allow_failure: true
   variables:
-    QA_SCENARIO: "Test::Integration::SSHTunnel"
+    GITLAB_QA_OPTS: "--omnibus-config object_storage_aws"
+    QA_RSPEC_TAGS: "--tag object_storage"
 
-ee:ssh_tunnel-quarantine:
+ee:object_storage_aws-quarantine:
   extends:
     - .test
     - .high-capacity
@@ -718,26 +677,8 @@ ee:ssh_tunnel-quarantine:
     - .quarantine
     - .rspec-report-opts
   variables:
-    QA_SCENARIO: "Test::Integration::SSHTunnel"
-
-ce:object_storage:
-  extends:
-    - .test
-    - .high-capacity
-    - .ce-qa
-    - .rspec-report-opts
-  variables:
-    GITLAB_QA_OPTS: "--omnibus-config object_storage"
-
-ce:object_storage-quarantine:
-  extends:
-    - .test
-    - .high-capacity
-    - .ce-qa
-    - .quarantine
-    - .rspec-report-opts
-  variables:
-    GITLAB_QA_OPTS: "--omnibus-config object_storage"
+    GITLAB_QA_OPTS: "--omnibus-config object_storage_aws"
+    QA_RSPEC_TAGS: "--tag quarantine --tag object_storage"
 
 ee:object_storage:
   extends:
@@ -1036,50 +977,23 @@ ee:jira-quarantine:
   variables:
     QA_SCENARIO: "Test::Integration::Jira"
 
-generate-allure-report:
-  image:
-    name: ${GITLAB_DEPENDENCY_PROXY}andrcuns/allure-report-publisher:0.3.3
-    entrypoint: [""]
-  stage: report
+ce:large-setup:
+  extends:
+    - .test
+    - .high-capacity
+    - .ce-qa
+    - .rspec-report-opts
   variables:
-    GIT_STRATEGY: none
-    STORAGE_CREDENTIALS: $QA_ALLURE_REPORT_GCS_CREDENTIALS
-    GITLAB_AUTH_TOKEN: $GITLAB_QA_MR_ALLURE_REPORT_TOKEN
-    # Override allure variables for upstream triggers
-    ALLURE_PROJECT_PATH: $TOP_UPSTREAM_SOURCE_PROJECT
-    ALLURE_MERGE_REQUEST_IID: $TOP_UPSTREAM_MERGE_REQUEST_IID
-    ALLURE_COMMIT_SHA: $TOP_UPSTREAM_SOURCE_SHA
-  # Override default before script and don't push cache
-  cache:
-    policy: pull
-  before_script:
-    - echo "Generating and publishing allure test report"
-  script:
-    - |
-      allure-report-publisher upload gcs \
-        --results-glob="gitlab-qa-run-*/**/allure-results/*" \
-        --bucket="gitlab-qa-allure-reports" \
-        --prefix="${ALLURE_JOB_NAME}/${TOP_UPSTREAM_SOURCE_REF:=$CI_COMMIT_REF_SLUG}" \
-        --update-pr="comment" \
-        --copy-latest \
-        --ignore-missing-results \
-        --color
-  allow_failure: true
-  rules:
-    # Don't run report generation on release pipelines
-    - if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/gitlab-qa" && $RELEASE == null'
-      changes: ["lib/**/version.rb"]
-      when: never
-    - if: '$CI_COMMIT_TAG'
-      when: never
-    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" || ($CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH)'
-      variables:
-        ALLURE_JOB_NAME: gitlab-qa
-      when: always
-    - if: '$TOP_UPSTREAM_SOURCE_PROJECT && $TOP_UPSTREAM_SOURCE_SHA'
-      variables:
-        ALLURE_JOB_NAME: package-and-qa
-      when: always
+    QA_RSPEC_TAGS: "--tag can_use_large_setup"
+
+ee:large-setup:
+  extends:
+    - .test
+    - .high-capacity
+    - .ee-qa
+    - .rspec-report-opts
+  variables:
+    QA_RSPEC_TAGS: "--tag can_use_large_setup"
 
 # This job requires the `GITLAB_QA_ACCESS_TOKEN` and `GITLAB_QA_DEV_ACCESS_TOKEN`
 # variable to be passed when triggered.
@@ -1177,3 +1091,37 @@ notify_slack:
 include:
   - project: 'gitlab-org/quality/pipeline-common'
     file: '/ci/gem-release.yml'
+  - project: 'gitlab-org/quality/pipeline-common'
+    file: '/ci/allure-report.yml'
+
+generate-allure-report:
+  extends: .generate-allure-report-base
+  stage: report
+  variables:
+    STORAGE_CREDENTIALS: $QA_ALLURE_REPORT_GCS_CREDENTIALS
+    GITLAB_AUTH_TOKEN: $GITLAB_QA_MR_ALLURE_REPORT_TOKEN
+    ALLURE_RESULTS_GLOB: gitlab-qa-run-*/**/allure-results/*
+    # Override allure variables for upstream triggers
+    ALLURE_PROJECT_PATH: $TOP_UPSTREAM_SOURCE_PROJECT
+    ALLURE_MERGE_REQUEST_IID: $TOP_UPSTREAM_MERGE_REQUEST_IID
+    ALLURE_COMMIT_SHA: $TOP_UPSTREAM_SOURCE_SHA
+  # Override default before script and don't push cache
+  cache:
+    policy: pull
+  before_script:
+    - echo "Generating and publishing allure test report"
+  rules:
+    # Don't run report generation on release pipelines
+    - if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/gitlab-qa" && $RELEASE == null'
+      changes: ["lib/**/version.rb"]
+      when: never
+    - if: '$CI_COMMIT_TAG'
+      when: never
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" || ($CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH)'
+      variables:
+        ALLURE_JOB_NAME: gitlab-qa
+      when: always
+    - if: '$TOP_UPSTREAM_SOURCE_PROJECT && $TOP_UPSTREAM_SOURCE_SHA'
+      variables:
+        ALLURE_JOB_NAME: package-and-qa
+      when: always

data/bin/notify_upstream_commit

@@ -3,10 +3,17 @@
 
 require 'gitlab'
 
+# Default to "Multi-pipeline (from 'gitlab-org/gitlab-qa' 'notify_upstream_commit:*' jobs)" from current project
+api_token = ENV.fetch('GITLAB_QA_PROJECT_ACCESS_TOKEN') do
+  puts "The $GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN variable is deprecated in favor of a dedicated project access token: $GITLAB_QA_PROJECT_ACCESS_TOKEN."
+  puts "See https://gitlab.com/groups/gitlab-org/quality/-/epics/17 for more details."
+  ENV['GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN']
+end
+
 # Configure credentials to be used with gitlab gem
 Gitlab.configure do |config|
   config.endpoint = 'https://gitlab.com/api/v4'
-  config.private_token = ENV['GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN']
+  config.private_token = api_token
 end
 
 class CommitComment

data/docs/what_tests_can_be_run.md

@@ -813,6 +813,15 @@ $ export EE_LICENSE=$(cat /path/to/gitlab_license)
 $ gitlab-qa Test::Instance::Airgapped EE -- --tag smoke
 ```
 
+### `Test::Instance::Image CE|EE|<full image address> --omnibus-config object_storage`
+
+This orchestrated scenario runs tests from the test suite against a GitLab instance which has object storage configured instead of using local storage. The omnibus configuration `object_storage` ([configurator](configuring_omnibus.md)), uses Minio and `object_storage_aws` uses an AWS S3 account with credentials configured in the pipeline as CI Variables (available on 1Password). Requires:
+
+* `AWS_S3_REGION` - Region where the bucket is created. To optimize latency, minimize costs, or address regulatory requirements, choose any AWS Region that is geographically close to you.
+* `AWS_S3_KEY_ID` - Key ID for the user accessing the bucket.
+* `AWS_S3_ACCESS_KEY` - Access Key for the user accessing the bucket.
+* `AWS_S3_BUCKET_NAME` - The name of the bucket where objects are stored. After a bucket is created, the name of that bucket cannot be used by another AWS account in any AWS Region until the bucket is deleted.
+
 ### `Test::Instance::Geo EE|<full image address>:nightly|latest|any_tag http://geo-primary.gitlab http://geo-secondary.gitlab`
 
 This scenario will run tests tagged `:geo` against a live Geo deployment, by spinning up a GitLab QA (`gitlab/gitlab-qa`)

data/lib/gitlab/qa.rb

@@ -14,6 +14,7 @@ module Gitlab
         autoload :Default, 'gitlab/qa/runtime/omnibus_configurations/default'
         autoload :Packages, 'gitlab/qa/runtime/omnibus_configurations/packages'
         autoload :ObjectStorage, 'gitlab/qa/runtime/omnibus_configurations/object_storage'
+        autoload :ObjectStorageAws, 'gitlab/qa/runtime/omnibus_configurations/object_storage_aws'
         autoload :LicenseMode, 'gitlab/qa/runtime/omnibus_configurations/license_mode'
       end
     end

data/lib/gitlab/qa/runtime/env.rb

@@ -93,7 +93,11 @@ module Gitlab
           'GITLAB_QA_USER_AGENT' => :gitlab_qa_user_agent,
           'GEO_FAILOVER' => :geo_failover,
           'GITLAB_INITIAL_ROOT_PASSWORD' => :initial_root_password,
-          'GITLAB_TLS_CERTIFICATE' => :gitlab_tls_certificate
+          'GITLAB_TLS_CERTIFICATE' => :gitlab_tls_certificate,
+          'AWS_S3_REGION' => :aws_s3_region,
+          'AWS_S3_KEY_ID' => :aws_s3_key_id,
+          'AWS_S3_ACCESS_KEY' => :aws_s3_access_key,
+          'AWS_S3_BUCKET_NAME' => :aws_s3_bucket_name
         }.freeze
 
         ENV_VARIABLES.each do |env_name, method_name|
@@ -127,10 +131,6 @@ module Gitlab
           ENV['GITLAB_API_BASE'] || 'https://gitlab.com/api/v4'
         end
 
-        def gitlab_bot_multi_project_pipeline_polling_token
-          ENV['GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN']
-        end
-
         def gitlab_ci_api_token
           ENV['GITLAB_CI_API_TOKEN']
         end
@@ -215,6 +215,22 @@ module Gitlab
           ENV['ELASTIC_VERSION'] || '6.4.2'.freeze
         end
 
+        def aws_s3_region
+          ENV['AWS_S3_REGION']
+        end
+
+        def aws_s3_key_id
+          ENV['AWS_S3_KEY_ID']
+        end
+
+        def aws_s3_access_key
+          ENV['AWS_S3_ACCESS_KEY']
+        end
+
+        def aws_s3_bucket_name
+          ENV['AWS_S3_BUCKET_NAME']
+        end
+
         def variables
           vars = {}
 
@@ -270,6 +286,12 @@ module Gitlab
           end
         end
 
+        def require_aws_s3_environment!
+          %w[AWS_S3_REGION AWS_S3_KEY_ID AWS_S3_ACCESS_KEY AWS_S3_BUCKET_NAME].each do |env_key|
+            raise ArgumentError, "Environment variable #{env_key} must be set to run AWS S3 object storage specs" unless ENV.key?(env_key)
+          end
+        end
+
         def require_initial_password!
           return unless ENV['GITLAB_INITIAL_ROOT_PASSWORD'].to_s.strip.empty?
 

data/lib/gitlab/qa/runtime/omnibus_configurations/object_storage_aws.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module QA
+    module Runtime
+      module OmnibusConfigurations
+        class ObjectStorageAws < Default
+          def configuration
+            Runtime::Env.require_aws_s3_environment!
+
+            <<~OMNIBUS
+              gitlab_rails['object_store']['enabled'] = true
+              gitlab_rails['object_store']['proxy_download'] = true
+              gitlab_rails['object_store']['connection'] = { 'provider' => 'AWS', 'region' => '#{Runtime::Env.aws_s3_region}', 'aws_access_key_id' => '#{Runtime::Env.aws_s3_key_id}', 'aws_secret_access_key' => '#{Runtime::Env.aws_s3_access_key}' }
+
+              gitlab_rails['object_store']['objects']['artifacts']['bucket'] = '#{Runtime::Env.aws_s3_bucket_name}'
+              gitlab_rails['object_store']['objects']['external_diffs']['bucket'] = '#{Runtime::Env.aws_s3_bucket_name}'
+              gitlab_rails['object_store']['objects']['lfs']['bucket'] = '#{Runtime::Env.aws_s3_bucket_name}'
+              gitlab_rails['object_store']['objects']['uploads']['bucket'] = '#{Runtime::Env.aws_s3_bucket_name}'
+              gitlab_rails['object_store']['objects']['packages']['bucket'] = '#{Runtime::Env.aws_s3_bucket_name}'
+              gitlab_rails['object_store']['objects']['dependency_proxy']['bucket'] = '#{Runtime::Env.aws_s3_bucket_name}'
+              gitlab_rails['object_store']['objects']['pages']['bucket'] = '#{Runtime::Env.aws_s3_bucket_name}'
+              gitlab_rails['object_store']['objects']['terraform_state']['bucket'] = '#{Runtime::Env.aws_s3_bucket_name}'
+            OMNIBUS
+          end
+        end
+      end
+    end
+  end
+end

data/lib/gitlab/qa/scenario/test/integration/gitaly_cluster.rb

@@ -107,23 +107,24 @@ module Gitlab
                 praefect['database_password'] = 'SQL_PASSWORD';
                 praefect['database_dbname'] = 'praefect_production';
                 praefect['database_sslmode'] = 'disable';
-                praefect['postgres_queue_enabled'] = true;
-                praefect['failover_enabled'] = true;
+                praefect['database_host_no_proxy'] = '#{@database}.#{@network}';
+                praefect['database_port_no_proxy'] = 5432;
                 praefect['failover_election_strategy'] = 'per_repository';
                 praefect['virtual_storages'] = {
                   'default' => {
-                    '#{@primary_node_name}' => {
-                      'address' => 'tcp://#{@primary_node_name}.#{@network}:8075',
-                      'token'   => 'PRAEFECT_INTERNAL_TOKEN',
-                      'primary' => true
-                    },
-                    '#{@secondary_node_name}' => {
-                      'address' => 'tcp://#{@secondary_node_name}.#{@network}:8075',
-                      'token'   => 'PRAEFECT_INTERNAL_TOKEN'
-                    },
-                    '#{@tertiary_node_name}' => {
-                      'address' => 'tcp://#{@tertiary_node_name}.#{@network}:8075',
-                      'token'   => 'PRAEFECT_INTERNAL_TOKEN'
+                    'nodes' => {
+                      '#{@primary_node_name}' => {
+                        'address' => 'tcp://#{@primary_node_name}.#{@network}:8075',
+                        'token'   => 'PRAEFECT_INTERNAL_TOKEN'
+                      },
+                      '#{@secondary_node_name}' => {
+                        'address' => 'tcp://#{@secondary_node_name}.#{@network}:8075',
+                        'token'   => 'PRAEFECT_INTERNAL_TOKEN'
+                      },
+                      '#{@tertiary_node_name}' => {
+                        'address' => 'tcp://#{@tertiary_node_name}.#{@network}:8075',
+                        'token'   => 'PRAEFECT_INTERNAL_TOKEN'
+                      }
                     }
                   }
                 };
@@ -164,7 +165,7 @@ module Gitlab
                     'gitaly_token' => 'PRAEFECT_EXTERNAL_TOKEN'
                   }
                 });
-                gitaly['listen_addr'] = '0.0.0.0:8075';
+                gitaly['enable'] = false;
                 gitlab_shell['secret_token'] = 'GITLAB_SHELL_SECRET_TOKEN';
                 prometheus['scrape_configs'] = [
                   {

data/lib/gitlab/qa/scenario/test/integration/praefect.rb

@@ -27,6 +27,7 @@ module Gitlab
                     'path' => '/var/opt/gitlab/git-data'
                   }
                 });
+                gitaly['enable'] = true;
                 gitaly['listen_addr'] = '0.0.0.0:8075';
                 gitaly['auth_token'] = 'secret-token';
                 gitaly['storage'] = [

data/lib/gitlab/qa/version.rb

@@ -1,5 +1,5 @@
 module Gitlab
   module QA
-    VERSION = '7.6.0'.freeze
+    VERSION = '7.7.0'.freeze
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-qa
 version: !ruby/object:Gem::Version
-  version: 7.6.0
+  version: 7.7.0
 platform: ruby
 authors:
 - GitLab Quality
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-07-12 00:00:00.000000000 Z
+date: 2021-08-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: climate_control
@@ -293,6 +293,7 @@ files:
 - lib/gitlab/qa/runtime/omnibus_configurations/default.rb
 - lib/gitlab/qa/runtime/omnibus_configurations/license_mode.rb
 - lib/gitlab/qa/runtime/omnibus_configurations/object_storage.rb
+- lib/gitlab/qa/runtime/omnibus_configurations/object_storage_aws.rb
 - lib/gitlab/qa/runtime/omnibus_configurations/packages.rb
 - lib/gitlab/qa/runtime/scenario.rb
 - lib/gitlab/qa/runtime/token_finder.rb