gitlab-qa 7.9.3 → 7.13.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 87fb79561aa8d1d600bbcc8d8bf39de04bd951450b48bc445bf9b479c31f2fc0
-  data.tar.gz: fd36e810543f04eb94cc8e490ec9851dc56a429a1fb5d5b496795293f9922520
+  metadata.gz: f5669f64ddb8066f756cfa50165883c6615a787810e566d19108e71bfc088527
+  data.tar.gz: cb0af955d1b67846a9b738b26b90cdd5babc8b8b2ad2b4ed3c70b03513ef0acf
 SHA512:
-  metadata.gz: f0935847d3898e27a24fc2552040682aa1782f1da2ab83086983e7d51979468920e26e84a5bac48495d2b683c2d5f2ad869e583807b9dc3295637f2f1a1884cf
-  data.tar.gz: 873e3ebb9efa18b8b85a197436a10fb5411514228396158fb5dfa250bc7284afee75b01af5c97fd8d57eca2a2e0009b26fef56eae401fe33504c421927d41f6a
+  metadata.gz: 74a3906216c1efcffaa0761cefd932d5a06dd68878ca4940eaffd12e80882250cd58b0667ab02546ebeb167afd1b680e2f0a179498a4136dfd05dc2dae1227b8
+  data.tar.gz: 85b86bd17e11d3a1cb8a9264c67ebf5be8a59a1c32a094432a53703fd38dadeeb7d6948881a8984a976a16411796f8a1498b8e8b4360152c88b066dde40484df

data/.gitlab-ci.yml

@@ -756,13 +756,50 @@ ee:packages-quarantine:
     GITLAB_QA_OPTIONS_COMBINED: "$GITLAB_QA_OPTIONS --omnibus-config packages"
     QA_RSPEC_TAGS: "--tag quarantine --tag packages"
 
+ce:object_storage_registry_tls:
+  extends:
+    - .test
+    - .high-capacity
+    - .ce-qa
+    - .rspec-report-opts
+  variables:
+    QA_SCENARIO: "Test::Integration::RegistryTLS --omnibus-config registry_object_storage"
+
+ce:object_storage_registry_tls-quarantine:
+  extends:
+    - .test
+    - .high-capacity
+    - .ce-qa
+    - .quarantine
+    - .rspec-report-opts
+  variables:
+    QA_SCENARIO: "Test::Integration::RegistryTLS --omnibus-config registry_object_storage"
+
+ee:object_storage_registry_tls:
+  extends:
+    - .test
+    - .high-capacity
+    - .ee-qa
+    - .rspec-report-opts
+  variables:
+    QA_SCENARIO: "Test::Integration::RegistryTLS --omnibus-config registry_object_storage"
+
+ee:object_storage_registry_tls-quarantine:
+  extends:
+    - .test
+    - .high-capacity
+    - .ee-qa
+    - .quarantine
+    - .rspec-report-opts
+  variables:
+    QA_SCENARIO: "Test::Integration::RegistryTLS --omnibus-config registry_object_storage"
+
 ce:registry:
   extends:
     - .test
     - .high-capacity
     - .ce-qa
     - .rspec-report-opts
-  allow_failure: true
   variables:
     QA_SCENARIO: "Test::Integration::Registry"
 
@@ -782,7 +819,6 @@ ee:registry:
     - .high-capacity
     - .ee-qa
     - .rspec-report-opts
-  allow_failure: true
   variables:
     QA_SCENARIO: "Test::Integration::Registry"
 

data/docs/what_tests_can_be_run.md

@@ -1,5 +1,7 @@
 # What tests can be run?
+
 [[_TOC_]]
+
 ## The two types of QA tests
 
 First of all, the first thing to choose is whether you want to run orchestrated
@@ -245,8 +247,8 @@ instance-level tests against it.
 To run tests against the GitLab containers, a GitLab QA (`gitlab/gitlab-qa`)
 container is spun up and tests are run from it by running the `Test::Instance`
 scenario (located under
-[`gitlab-org/gitlab-ce@qa/qa/scenario/test/instance.rb`][test-instance] in the
-GitLab CE project).
+[`gitlab-org/gitlab/qa/qa/scenario/test/instance.rb`][test-instance] in the
+GitLab project).
 
 Example:
 
@@ -370,8 +372,8 @@ that LDAP-related features work as expected.
 To run tests against the GitLab containers, a GitLab QA (`gitlab/gitlab-qa`)
 container is spun up and tests are run from it by running the
 `Test::Integration::LDAPNoTLS` scenario (located under
-[`gitlab-org/gitlab-ce@qa/qa/scenario/test/integration/ldap_no_tls.rb`][test-integration-ldap-no-tls]
-in the GitLab CE project).
+[`gitlab-org/gitlab/qa/qa/scenario/test/integration/ldap_no_tls.rb`][test-integration-ldap-no-tls]
+in the GitLab project).
 
 In EE, both the GitLab standard and LDAP credentials are needed:
 
@@ -393,7 +395,7 @@ $ export EE_LICENSE=$(cat /path/to/Geo.gitlab_license)
 $ gitlab-qa Test::Integration::LDAPNoTLS EE
 ```
 
-[test-integration-ldap-no-tls]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/qa/qa/scenario/test/integration/ldap_no_tls.rb
+[test-integration-ldap-no-tls]: https://gitlab.com/gitlab-org/gitlab/blob/master/qa/qa/scenario/test/integration/ldap_no_tls.rb
 
 ### `Test::Integration::LDAPTLS CE|EE|<full image address>`
 
@@ -411,8 +413,8 @@ that LDAP-related features work as expected.
 To run tests against the GitLab containers, a GitLab QA (`gitlab/gitlab-qa`)
 container is spun up and tests are run from it by running the
 `Test::Integration::LDAPTLS` scenario (located under
-[`gitlab-org/gitlab-ce@qa/qa/scenario/test/integration/ldap_tls.rb`][test-integration-ldap-tls]
-in the GitLab CE project).
+[`gitlab-org/gitlab/qa/qa/scenario/test/integration/ldap_tls.rb`][test-integration-ldap-tls]
+in the GitLab project).
 
 In EE, both the GitLab standard and LDAP credentials are needed:
 
@@ -434,8 +436,8 @@ $ export EE_LICENSE=$(cat /path/to/Geo.gitlab_license)
 $ gitlab-qa Test::Integration::LDAPTLS EE
 ```
 
-[test-integration-ldap-tls]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/qa/qa/scenario/test/integration/ldap_tls.rb
-[test-integration-ldap-tls-certs]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/tls_certificates/gitlab
+[test-integration-ldap-tls]: https://gitlab.com/gitlab-org/gitlab/blob/master/qa/qa/scenario/test/integration/ldap_tls.rb
+[test-integration-ldap-tls-certs]: https://gitlab.com/gitlab-org/gitlab/blob/master/tls_certificates/gitlab
 
 ### `Test::Integration::LDAPNoServer EE|<full image address>`
 
@@ -504,9 +506,9 @@ using SAML.
 
 To run tests against the GitLab containers, a GitLab QA (`gitlab/gitlab-qa`)
 container is spun up and tests are run from it by running the
-`Test::Integration::InstanceSAML` scenario (located under [`gitlab-org/gitlab-ce@qa/qa/scenario/test/integration/instance_saml.rb`][test-integration-instance-saml] in the GitLab CE project).
+`Test::Integration::InstanceSAML` scenario (located under [`gitlab-org/gitlab-ce@qa/qa/scenario/test/integration/instance_saml.rb`][test-integration-instance-saml] in the GitLab project).
 
-[test-integration-instance-saml]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/qa/qa/scenario/test/integration/instance_saml.rb
+[test-integration-instance-saml]: https://gitlab.com/gitlab-org/gitlab/blob/master/qa/qa/scenario/test/integration/instance_saml.rb
 
 **Required environment variables:**
 
@@ -531,8 +533,8 @@ Mattermost server (see `Test::Instance::Image` above).
 To run tests against the GitLab container, a GitLab QA (`gitlab/gitlab-qa`)
 container is spun up and tests are run from it by running the
 `Test::Integration::Mattermost` scenario (located under
-[`gitlab-org/gitlab-ce@qa/qa/scenario/test/integration/mattermost.rb`][test-integration-mattermost]
-in the GitLab CE project).
+[`gitlab-org/gitlab/qa/qa/scenario/test/integration/mattermost.rb`][test-integration-mattermost]
+in the GitLab project).
 
 **Required environment variables:**
 
@@ -549,7 +551,7 @@ $ export EE_LICENSE=$(cat /path/to/Geo.gitlab_license)
 $ gitlab-qa Test::Integration::Mattermost EE
 ```
 
-[test-integration-mattermost]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/qa/qa/scenario/test/integration/mattermost.rb
+[test-integration-mattermost]: https://gitlab.com/gitlab-org/gitlab/blob/master/qa/qa/scenario/test/integration/mattermost.rb
 
 ### `Test::Integration::Packages CE|EE|<full image address>`
 
@@ -668,8 +670,8 @@ against it.
 To run tests against the GitLab instance, a GitLab QA (`gitlab/gitlab-qa`)
 container is spun up and tests are run from it by running the
 `Test::Instance` scenario (located under
-[`gitlab-org/gitlab-ce@qa/qa/scenario/test/instance.rb`][test-instance] in the
-in the GitLab CE project).
+[`gitlab-org/gitlab/qa/qa/scenario/test/instance.rb`][test-instance] in the
+in the GitLab project).
 
 Example:
 
@@ -695,8 +697,8 @@ works as expected by running tests against it.
 To run tests against the GitLab instance, a GitLab QA (`gitlab/gitlab-qa`)
 container is spun up and tests are run from it by running the
 `Test::Instance` scenario (located under
-[`gitlab-org/gitlab-ce@qa/qa/scenario/test/instance.rb`][test-instance] in the
-in the GitLab CE project).
+[`gitlab-org/gitlab/qa/qa/scenario/test/instance.rb`][test-instance] in the
+in the GitLab project).
 
 **Required environment variables:**
 
@@ -723,6 +725,42 @@ $ export GITLAB_PASSWORD="$GITLAB_QA_PASSWORD"
 $ gitlab-qa Test::Instance::Staging
 ```
 
+### `Test::Instance::StagingRef`
+
+This scenario tests that the [`Staging Ref`](https://staging-ref.testbed.gitlab.net)
+works as expected by running tests against it.
+
+To run tests against the GitLab instance, a GitLab QA (`gitlab/gitlab-qa`)
+container is spun up and tests are run from it by running the
+`Test::Instance` scenario (located under
+[`gitlab-org/gitlab/qa/qa/scenario/test/instance.rb`][test-instance] in the
+in the GitLab project).
+
+**Required environment variables:**
+
+- `GITLAB_QA_ACCESS_TOKEN`: A valid personal access token with the `api` scope.
+  This is used to retrieve the version that staging is currently running.
+  Staging Ref QA users credentials can be found in the shared GitLab QA 1Password vault.
+
+**Optional environment variables:**
+
+- `GITLAB_QA_DEV_ACCESS_TOKEN`: A valid personal access token for the
+  `gitlab-qa-bot` on `dev.gitlab.org` with the `registry` scope.
+  This is used to pull the QA Docker image from the Omnibus GitLab `dev` Container Registry.
+  If the variable isn't present, the QA image from Docker Hub will be used.
+  This can be found in the shared GitLab QA 1Password vault.
+
+Example:
+
+```
+$ export GITLAB_QA_ACCESS_TOKEN=your_api_access_token
+$ export GITLAB_QA_DEV_ACCESS_TOKEN=your_dev_registry_access_token
+$ export GITLAB_USERNAME="gitlab-qa"
+$ export GITLAB_PASSWORD="$GITLAB_QA_PASSWORD"
+
+$ gitlab-qa Test::Instance::StagingRef
+```
+
 ### `Test::Instance::StagingGeo`
 
 This scenario tests that the Geo staging deployment (with [`staging.gitlab.com`](https://staging.gitlab.com) as the primary site and [`geo.staging.gitlab.com`](https://geo.staging.gitlab.com) as the secondary site) works as expected by running tests tagged `:geo` against it. This is done by spinning up a GitLab QA (`gitlab/gitlab-qa`) container and running the `QA::EE::Scenario::Test::Geo` scenario. Note that the Geo setup steps in the `QA::EE::Scenario::Test::Geo` scenario are skipped when testing a live Geo deployment.
@@ -789,8 +827,8 @@ Smoke tests are quick tests that ensure that some basic functionality of GitLab
 To run tests against the GitLab instance, a GitLab QA (`gitlab/gitlab-qa`)
 container is spun up and tests are run from it by running the
 `Test::Instance::Smoke` scenario (located under
-[`gitlab-org/gitlab-ce@qa/qa/scenario/test/smoke.rb`][smoke-instance] in the
-in the GitLab CE project).
+[`gitlab-org/gitlab/qa/qa/scenario/test/smoke.rb`][smoke-instance] in the
+in the GitLab project).
 
 Example:
 
@@ -863,5 +901,5 @@ $ gitlab-qa Test::Instance::Geo EE https://primary.gitlab.com https://secondary.
 
 [Back to README.md](../README.md)
 
-[test-instance]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/qa/qa/scenario/test/instance/all.rb
-[smoke-instance]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/qa/qa/scenario/test/instance/smoke.rb
+[test-instance]: https://gitlab.com/gitlab-org/gitlab/blob/master/qa/qa/scenario/test/instance/all.rb
+[smoke-instance]: https://gitlab.com/gitlab-org/gitlab/blob/master/qa/qa/scenario/test/instance/smoke.rb

data/lib/gitlab/qa/component/preprod.rb

@@ -1,7 +1,3 @@
-require 'net/http'
-require 'json'
-require 'uri'
-
 module Gitlab
   module QA
     module Component

data/lib/gitlab/qa/component/production.rb

@@ -1,7 +1,3 @@
-require 'net/http'
-require 'json'
-require 'uri'
-
 module Gitlab
   module QA
     module Component

data/lib/gitlab/qa/component/release.rb

@@ -1,7 +1,3 @@
-require 'net/http'
-require 'json'
-require 'uri'
-
 module Gitlab
   module QA
     module Component

data/lib/gitlab/qa/component/staging_ref.rb

@@ -0,0 +1,9 @@
+module Gitlab
+  module QA
+    module Component
+      class StagingRef < Staging
+        ADDRESS = 'https://staging-ref.testbed.gitlab.net'.freeze
+      end
+    end
+  end
+end

data/lib/gitlab/qa/report/report_as_issue.rb

@@ -113,7 +113,7 @@ module Gitlab
             "found:#{pipeline}.gitlab.com"
           when 'preprod'
             'found:pre.gitlab.com'
-          when 'staging-orchestrated', 'nightly', QA::Runtime::Env.default_branch
+          when 'staging-orchestrated', 'nightly', QA::Runtime::Env.default_branch, 'staging-ref'
             "found:#{pipeline}"
           else
             raise "No `found:*` label for the `#{pipeline}` pipeline!"

data/lib/gitlab/qa/runtime/env.rb

@@ -49,6 +49,9 @@ module Gitlab
           'GITLAB_SANDBOX_NAME' => :gitlab_sandbox_name,
           'GITLAB_QA_ACCESS_TOKEN' => :qa_access_token,
           'GITLAB_QA_ADMIN_ACCESS_TOKEN' => :qa_admin_access_token,
+          'GITLAB_QA_DEV_ACCESS_TOKEN' => :qa_dev_access_token,
+          'GITLAB_QA_CONTAINER_REGISTRY_ACCESS_TOKEN' => :qa_container_registry_access_token,
+          'GITLAB_QA_ISSUE_URL' => :qa_issue_url,
           'GITHUB_ACCESS_TOKEN' => :github_access_token,
           'GITLAB_URL' => :gitlab_url,
           'SIMPLE_SAML_HOSTNAME' => :simple_saml_hostname,
@@ -60,6 +63,7 @@ module Gitlab
           'CLOUDSDK_CORE_PROJECT' => :cloudsdk_core_project,
           'GCLOUD_REGION' => :gcloud_region,
           'SIGNUP_DISABLED' => :signup_disabled,
+          'GITLAB_CI_API_TOKEN' => :gitlab_ci_api_token,
           'GITLAB_QA_USERNAME_1' => :gitlab_qa_username_1,
           'GITLAB_QA_PASSWORD_1' => :gitlab_qa_password_1,
           'GITLAB_QA_USERNAME_2' => :gitlab_qa_username_2,
@@ -71,17 +75,24 @@ module Gitlab
           'KNAPSACK_TEST_FILE_PATTERN' => :knapsack_test_file_pattern,
           'KNAPSACK_TEST_DIR' => :knapsack_test_dir,
           'CI' => :ci,
+          'CI_COMMIT_REF_NAME' => :ci_commit_ref_name,
           'CI_JOB_NAME' => :ci_job_name,
           'CI_JOB_URL' => :ci_job_url,
+          'CI_JOB_TOKEN' => :ci_job_token,
           'CI_RUNNER_ID' => :ci_runner_id,
           'CI_SERVER_HOST' => :ci_server_host,
           'CI_SERVER_PERSONAL_ACCESS_TOKEN' => :ci_server_personal_access_token,
           'CI_NODE_INDEX' => :ci_node_index,
           'CI_NODE_TOTAL' => :ci_node_total,
+          'CI_PROJECT_ID' => :ci_project_id,
           'CI_PROJECT_NAME' => :ci_project_name,
           'CI_SLACK_WEBHOOK_URL' => :ci_slack_webhook_url,
+          'CI_PIPELINE_ID' => :ci_pipeline_id,
+          'CI_PIPELINE_SOURCE' => :ci_pipeline_source,
+          'CI_PIPELINE_URL' => :ci_pipeline_url,
           'CI_PIPELINE_CREATED_AT' => :ci_pipeline_created_at,
           'CI_MERGE_REQUEST_IID' => :ci_merge_request_iid,
+          'CI_API_V4_URL' => :ci_api_v4_url,
           'GITLAB_CI' => :gitlab_ci,
           'ELASTIC_URL' => :elastic_url,
           'GITLAB_QA_LOOP_RUNNER_MINUTES' => :gitlab_qa_loop_runner_minutes,
@@ -108,20 +119,32 @@ module Gitlab
           'GOOGLE_PROJECT' => :google_project,
           'GOOGLE_CLIENT_EMAIL' => :google_client_email,
           'GOOGLE_JSON_KEY' => :google_json_key,
-          'GCS_BUCKET_NAME' => :gcs_bucket_name
+          'GCS_BUCKET_NAME' => :gcs_bucket_name,
+          'SMOKE_ONLY' => :smoke_only,
+          'NO_ADMIN' => :no_admin
         }.freeze
 
         ENV_VARIABLES.each do |env_name, method_name|
           attr_writer(method_name)
 
           define_method(method_name) do
-            ENV[env_name] ||
-              if instance_variable_defined?("@#{method_name}")
-                instance_variable_get("@#{method_name}")
-              end
+            ENV[env_name] || (instance_variable_get("@#{method_name}") if instance_variable_defined?("@#{method_name}"))
           end
         end
 
+        def variables
+          vars = {}
+
+          ENV_VARIABLES.each do |name, attribute|
+            # Variables that are overridden in the environment take precedence
+            # over the defaults specified by the QA runtime.
+            value = env_value_if_defined(name) || send(attribute) # rubocop:disable GitlabSecurity/PublicSend
+            vars[name] = value if value
+          end
+
+          vars
+        end
+
         def default_branch
           ENV['QA_DEFAULT_BRANCH'] || 'main'
         end
@@ -142,42 +165,6 @@ module Gitlab
           ENV['GITLAB_API_BASE'] || 'https://gitlab.com/api/v4'
         end
 
-        def gitlab_ci_api_token
-          ENV['GITLAB_CI_API_TOKEN']
-        end
-
-        def ci_api_v4_url
-          ENV['CI_API_V4_URL']
-        end
-
-        def ci_job_name
-          ENV['CI_JOB_NAME']
-        end
-
-        def ci_job_token
-          ENV['CI_JOB_TOKEN']
-        end
-
-        def ci_pipeline_source
-          ENV['CI_PIPELINE_SOURCE']
-        end
-
-        def ci_pipeline_url
-          ENV['CI_PIPELINE_URL']
-        end
-
-        def ci_pipeline_id
-          ENV['CI_PIPELINE_ID']
-        end
-
-        def ci_project_id
-          ENV['CI_PROJECT_ID']
-        end
-
-        def ci_commit_ref_name
-          ENV['CI_COMMIT_REF_NAME']
-        end
-
         def pipeline_from_project_name
           if ci_project_name.to_s.start_with?('gitlab-qa')
             if ENV['TOP_UPSTREAM_SOURCE_JOB'].to_s.start_with?('https://ops.gitlab.net')
@@ -198,22 +185,10 @@ module Gitlab
           env_value_if_defined('GITLAB_QA_DEV_ACCESS_TOKEN')
         end
 
-        def qa_dev_access_token
-          ENV['GITLAB_QA_DEV_ACCESS_TOKEN']
-        end
-
         def initial_root_password
           ENV['GITLAB_INITIAL_ROOT_PASSWORD'] || '5iveL!fe'
         end
 
-        def qa_container_registry_access_token
-          ENV['GITLAB_QA_CONTAINER_REGISTRY_ACCESS_TOKEN']
-        end
-
-        def qa_issue_url
-          ENV['GITLAB_QA_ISSUE_URL']
-        end
-
         def deploy_environment
           ENV['DEPLOY_ENVIRONMENT'] || pipeline_from_project_name
         end
@@ -226,35 +201,6 @@ module Gitlab
           ENV['ELASTIC_VERSION'] || '6.4.2'.freeze
         end
 
-        def aws_s3_region
-          ENV['AWS_S3_REGION']
-        end
-
-        def aws_s3_key_id
-          ENV['AWS_S3_KEY_ID']
-        end
-
-        def aws_s3_access_key
-          ENV['AWS_S3_ACCESS_KEY']
-        end
-
-        def aws_s3_bucket_name
-          ENV['AWS_S3_BUCKET_NAME']
-        end
-
-        def variables
-          vars = {}
-
-          ENV_VARIABLES.each do |name, attribute|
-            # Variables that are overridden in the environment take precedence
-            # over the defaults specified by the QA runtime.
-            value = env_value_if_defined(name) || send(attribute) # rubocop:disable GitlabSecurity/PublicSend
-            vars[name] = value if value
-          end
-
-          vars
-        end
-
         def require_license!
           return if ENV.include?('EE_LICENSE')
 
@@ -293,31 +239,42 @@ module Gitlab
 
         def require_kubernetes_environment!
           %w[GCLOUD_ACCOUNT_EMAIL GCLOUD_ACCOUNT_KEY CLOUDSDK_CORE_PROJECT].each do |env_key|
-            raise ArgumentError, "Environment variable #{env_key} must be set to run kubernetes specs" unless ENV.key?(env_key)
+            unless ENV.key?(env_key)
+              raise ArgumentError, "Environment variable #{env_key} must be set to run kubernetes specs"
+            end
           end
         end
 
         def require_aws_s3_environment!
           %w[AWS_S3_REGION AWS_S3_KEY_ID AWS_S3_ACCESS_KEY AWS_S3_BUCKET_NAME].each do |env_key|
-            raise ArgumentError, "Environment variable #{env_key} must be set to run AWS S3 object storage specs" unless ENV.key?(env_key)
+            unless ENV.key?(env_key)
+              raise ArgumentError, "Environment variable #{env_key} must be set to run AWS S3 object storage specs"
+            end
           end
         end
 
         def require_gcs_environment!
           %w[GOOGLE_PROJECT GOOGLE_CLIENT_EMAIL GOOGLE_JSON_KEY GCS_BUCKET_NAME].each do |env_key|
-            raise ArgumentError, "Environment variable #{env_key} must be set to run GCS object storage specs" unless ENV.key?(env_key)
+            unless ENV.key?(env_key)
+              raise ArgumentError, "Environment variable #{env_key} must be set to run GCS object storage specs"
+            end
           end
         end
 
         def require_initial_password!
           return unless ENV['GITLAB_INITIAL_ROOT_PASSWORD'].to_s.strip.empty?
 
-          raise ArgumentError, "Environment variable GITLAB_INITIAL_ROOT_PASSWORD must be provided to set an initial root password."
+          raise(
+            ArgumentError,
+            "Environment variable GITLAB_INITIAL_ROOT_PASSWORD must be provided to set an initial root password."
+          )
         end
 
         def require_ssh_tunnel!
           %w[TUNNEL_SSH_PRIVATE_KEY TUNNEL_SERVER_HOSTNAME TUNNEL_SSH_USER].each do |env_key|
-            raise ArgumentError, "Environment variable #{env_key} must be set to run tunnel specs" unless ENV.key?(env_key)
+            unless ENV.key?(env_key)
+              raise ArgumentError, "Environment variable #{env_key} must be set to run tunnel specs"
+            end
           end
         end
 

data/lib/gitlab/qa/runtime/omnibus_configurations/registry_object_storage.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module QA
+    module Runtime
+      module OmnibusConfigurations
+        class RegistryObjectStorage < Default
+          def configuration
+            Runtime::Env.require_aws_s3_environment!
+
+            <<~OMNIBUS
+              registry['storage'] = { 's3' => { 'accesskey' => '#{Runtime::Env.aws_s3_key_id}', 'secretkey' => '#{Runtime::Env.aws_s3_access_key}', 'bucket' => '#{Runtime::Env.aws_s3_bucket_name}', 'region' => '#{Runtime::Env.aws_s3_region}' } }
+            OMNIBUS
+          end
+        end
+      end
+    end
+  end
+end

data/lib/gitlab/qa/scenario/test/instance/staging_ref.rb

@@ -0,0 +1,18 @@
+module Gitlab
+  module QA
+    module Scenario
+      module Test
+        module Instance
+          ##
+          # Run test suite against Staging Ref environment
+          #
+          class StagingRef < DeploymentBase
+            def deployment_component
+              Component::StagingRef
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/gitlab/qa/scenario/test/integration/gitaly_cluster.rb

@@ -99,6 +99,7 @@ module Gitlab
                 praefect['listen_addr'] = '0.0.0.0:2305';
                 praefect['prometheus_listen_addr'] = '0.0.0.0:9652';
                 praefect['auth_token'] = 'PRAEFECT_EXTERNAL_TOKEN';
+                praefect['reconciliation_scheduling_interval'] = '10s';
                 praefect['database_host'] = '#{@database}.#{@network}';
                 praefect['database_user'] = 'postgres';
                 praefect['database_port'] = 5432;

data/lib/gitlab/qa/scenario/test/integration/registry.rb

@@ -11,19 +11,10 @@ module Gitlab
                 gitlab.release = release
                 gitlab.network = 'test'
                 gitlab.name = 'gitlab'
-                gitlab.tls = true
 
                 gitlab.omnibus_configuration << <<~OMNIBUS
-                  external_url 'https://#{gitlab.name}.#{gitlab.network}';
-                  registry_external_url 'https://#{gitlab.name}.#{gitlab.network}:5050';
-
-                  letsencrypt['enable'] = false;
-
-                  nginx['redirect_http_to_https'] = true;
-                  nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.test.crt";
-                  nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.test.key";
-                  registry_nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.test.crt";
-                  registry_nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.test.key";
+                  external_url 'http://#{gitlab.name}.#{gitlab.network}';
+                  registry_external_url 'http://#{gitlab.name}.#{gitlab.network}:5050';
                 OMNIBUS
 
                 gitlab.instance do

data/lib/gitlab/qa/scenario/test/integration/registry_tls.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module QA
+    module Scenario
+      module Test
+        module Integration
+          class RegistryTLS < Scenario::Template
+            def perform(release, *rspec_args)
+              Component::Gitlab.perform do |gitlab|
+                gitlab.release = release
+                gitlab.network = 'test'
+                gitlab.name = 'gitlab'
+                gitlab.tls = true
+
+                gitlab.omnibus_configuration << <<~OMNIBUS
+                  external_url 'https://#{gitlab.name}.#{gitlab.network}';
+                  registry_external_url 'https://#{gitlab.name}.#{gitlab.network}:5050';
+
+                  letsencrypt['enable'] = false;
+
+                  nginx['redirect_http_to_https'] = true;
+                  nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.test.crt";
+                  nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.test.key";
+                  registry_nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.test.crt";
+                  registry_nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.test.key";
+                OMNIBUS
+
+                gitlab.instance do
+                  Component::Specs.perform do |specs|
+                    specs.suite = 'Test::Integration::RegistryTLS'
+                    specs.release = gitlab.release
+                    specs.network = gitlab.network
+                    specs.args = [gitlab.address, *rspec_args]
+                  end
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/gitlab/qa/support/get_request.rb

@@ -13,10 +13,11 @@ module Gitlab
         end
 
         def execute!
-          response =
+          response = with_retry_on_too_many_requests do
             Net::HTTP.start(uri.host, uri.port, use_ssl: true) do |http|
               http.request(build_request)
             end
+          end
 
           case response
           when Net::HTTPSuccess
@@ -34,6 +35,24 @@ module Gitlab
             req['Cookie'] = ENV['QA_COOKIES'] if ENV['QA_COOKIES']
           end
         end
+
+        def with_retry_on_too_many_requests
+          response = nil
+          retry_count = 0
+
+          while retry_count < 3
+            response = yield
+
+            break unless response.is_a?(Net::HTTPTooManyRequests)
+
+            retry_count += 1
+            wait_seconds = response["retry-after"].to_i
+            puts "Received 429 - Too many requests. Waiting for #{wait_seconds} seconds."
+            sleep wait_seconds
+          end
+
+          response
+        end
       end
     end
   end

data/lib/gitlab/qa/version.rb

@@ -1,5 +1,5 @@
 module Gitlab
   module QA
-    VERSION = '7.9.3'.freeze
+    VERSION = '7.13.0'.freeze
   end
 end

data/lib/gitlab/qa.rb

@@ -17,6 +17,7 @@ module Gitlab
         autoload :ObjectStorageAws, 'gitlab/qa/runtime/omnibus_configurations/object_storage_aws'
         autoload :ObjectStorageGcs, 'gitlab/qa/runtime/omnibus_configurations/object_storage_gcs'
         autoload :LicenseMode, 'gitlab/qa/runtime/omnibus_configurations/license_mode'
+        autoload :RegistryObjectStorage, 'gitlab/qa/runtime/omnibus_configurations/registry_object_storage'
       end
     end
 
@@ -33,6 +34,7 @@ module Gitlab
           autoload :RelativeUrl, 'gitlab/qa/scenario/test/instance/relative_url'
           autoload :RepositoryStorage, 'gitlab/qa/scenario/test/instance/repository_storage'
           autoload :Staging, 'gitlab/qa/scenario/test/instance/staging'
+          autoload :StagingRef, 'gitlab/qa/scenario/test/instance/staging_ref'
           autoload :Production, 'gitlab/qa/scenario/test/instance/production'
           autoload :Smoke, 'gitlab/qa/scenario/test/instance/smoke'
           autoload :Preprod, 'gitlab/qa/scenario/test/instance/preprod'
@@ -69,6 +71,7 @@ module Gitlab
           autoload :MTLS, 'gitlab/qa/scenario/test/integration/mtls'
           autoload :ClientSSL, 'gitlab/qa/scenario/test/integration/client_ssl'
           autoload :Registry, 'gitlab/qa/scenario/test/integration/registry'
+          autoload :RegistryTLS, 'gitlab/qa/scenario/test/integration/registry_tls'
         end
 
         module Sanity
@@ -85,6 +88,7 @@ module Gitlab
       autoload :SAML, 'gitlab/qa/component/saml'
       autoload :Specs, 'gitlab/qa/component/specs'
       autoload :Staging, 'gitlab/qa/component/staging'
+      autoload :StagingRef, 'gitlab/qa/component/staging_ref'
       autoload :Production, 'gitlab/qa/component/production'
       autoload :Minio, 'gitlab/qa/component/minio'
       autoload :Preprod, 'gitlab/qa/component/preprod'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-qa
 version: !ruby/object:Gem::Version
-  version: 7.9.3
+  version: 7.13.0
 platform: ruby
 authors:
 - GitLab Quality
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-09-27 00:00:00.000000000 Z
+date: 2021-10-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: climate_control
@@ -240,6 +240,7 @@ files:
 - lib/gitlab/qa/component/saml.rb
 - lib/gitlab/qa/component/specs.rb
 - lib/gitlab/qa/component/staging.rb
+- lib/gitlab/qa/component/staging_ref.rb
 - lib/gitlab/qa/docker/command.rb
 - lib/gitlab/qa/docker/engine.rb
 - lib/gitlab/qa/docker/shellout.rb
@@ -268,6 +269,7 @@ files:
 - lib/gitlab/qa/runtime/omnibus_configurations/object_storage_aws.rb
 - lib/gitlab/qa/runtime/omnibus_configurations/object_storage_gcs.rb
 - lib/gitlab/qa/runtime/omnibus_configurations/packages.rb
+- lib/gitlab/qa/runtime/omnibus_configurations/registry_object_storage.rb
 - lib/gitlab/qa/runtime/scenario.rb
 - lib/gitlab/qa/runtime/token_finder.rb
 - lib/gitlab/qa/scenario/actable.rb
@@ -286,6 +288,7 @@ files:
 - lib/gitlab/qa/scenario/test/instance/smoke.rb
 - lib/gitlab/qa/scenario/test/instance/staging.rb
 - lib/gitlab/qa/scenario/test/instance/staging_geo.rb
+- lib/gitlab/qa/scenario/test/instance/staging_ref.rb
 - lib/gitlab/qa/scenario/test/integration/actioncable.rb
 - lib/gitlab/qa/scenario/test/integration/client_ssl.rb
 - lib/gitlab/qa/scenario/test/integration/elasticsearch.rb
@@ -303,6 +306,7 @@ files:
 - lib/gitlab/qa/scenario/test/integration/mtls.rb
 - lib/gitlab/qa/scenario/test/integration/praefect.rb
 - lib/gitlab/qa/scenario/test/integration/registry.rb
+- lib/gitlab/qa/scenario/test/integration/registry_tls.rb
 - lib/gitlab/qa/scenario/test/integration/saml.rb
 - lib/gitlab/qa/scenario/test/integration/smtp.rb
 - lib/gitlab/qa/scenario/test/integration/ssh_tunnel.rb