gitlab-qa 2.6.0 → 2.7.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 81d278d6accac93b1610339e1abcc4d64b189226ea7f676ff7b63dfe132ab04d
4
- data.tar.gz: 034dbc5b7b2e6b1414ddea72dbf0a458bfdc0b24008fd2ae1870f2ef94830607
3
+ metadata.gz: 7231b698980bf0b656855e460090d63516d8c0ee1e602bf1be80034eabaa948f
4
+ data.tar.gz: 112641e434d83121666328a13951dea5f4b8c7e36bf0f35328256227e5e77b7a
5
5
  SHA512:
6
- metadata.gz: 4d726dd622f3ddd1da43419bd770d6b8234918a8922499c4c9b2a1efd60ddff75c24943925a9071ed932a029f9306a8a4760935c32ac4d593cc5bccca2602856
7
- data.tar.gz: 0776cbfc64d1173cb52d97b8098b7004bc76688da40183ea0b080de48c3acd5aa899b4cbd3457c2a702df01db1c5d7c8f97ad3383663f37077b01a4901a317bc
6
+ metadata.gz: dcdb2c0f75ac6944038d714bb3c3de967d7ad75185ab503e26fec5eb3674943afd4f8045087d69b583fb9b16e1adb5a48e5ff1f3812c82dd31f22b77c77e9d6a
7
+ data.tar.gz: fb19a43f654b1e9082df331fb459df1eb2fd4c6d176d9fde381fda15f34ee8cb07448a72b3edb31138d3664524653e481bec1c5dd6903130edd9bcedfaef2731
data/.gitlab-ci.yml CHANGED
@@ -186,7 +186,21 @@ ee:ldap:
186
186
  <<: *high-capacity
187
187
  <<: *ee-qa
188
188
 
189
- ee:saml:
189
+ ce:instance_saml:
190
+ script:
191
+ - bin/qa Test::Integration::InstanceSAML ${RELEASE:=CE}
192
+ <<: *test
193
+ <<: *high-capacity
194
+ <<: *ce-qa
195
+
196
+ ee:instance_saml:
197
+ script:
198
+ - bin/qa Test::Integration::InstanceSAML ${RELEASE:=EE}
199
+ <<: *test
200
+ <<: *high-capacity
201
+ <<: *ee-qa
202
+
203
+ ee:group_saml:
190
204
  script:
191
205
  - bin/qa Test::Integration::GroupSAML ${RELEASE:=EE}
192
206
  <<: *test
@@ -0,0 +1,7 @@
1
+ ### New scenarios
2
+
3
+ - !xxx Description of the change (usually the title of the MR).
4
+
5
+ ### Other changes
6
+
7
+ - !xxx Description of the change (usually the title of the MR).
@@ -182,6 +182,60 @@ $ gitlab-qa Test::Integration::LDAP EE
182
182
 
183
183
  [test-integration-ldap]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/qa/qa/scenario/test/integration/ldap.rb
184
184
 
185
+ ### `Test::Integration::GroupSAML EE|<full image address>`
186
+
187
+ This tests that Group SAML login works as expected with an external SAML identity provider (idp).
188
+
189
+ This scenario spins up a SAML idp provider and verifies that a user is able to login to a group
190
+ in GitLab that has SAML SSO enabled.
191
+
192
+ To run tests against the GitLab containers, a GitLab QA (`gitlab/gitlab-qa`)
193
+ container is spun up and tests are run from it by running the
194
+ `Test::Integration::GroupSAML` scenario (located under [`gitlab-org/gitlab-ce@qa/qa/ee/scenario/test/integration/group_saml.rb`][test-integration-group-saml] in the GitLab EE project).
195
+
196
+ [test-integration-group-saml]: https://gitlab.com/gitlab-org/gitlab-ee/blob/master/qa/qa/ee/scenario/test/integration/group_saml.rb
197
+
198
+ **Required environment variables:**
199
+
200
+ - `EE_LICENSE`: A valid EE license.
201
+
202
+ Example:
203
+
204
+ ```
205
+ $ export EE_LICENSE=$(cat /path/to/Geo.gitlab_license)
206
+
207
+ $ gitlab-qa Test::Integration::GroupSAML EE
208
+ ```
209
+
210
+ ### `Test::Integration::InstanceSAML CE|EE|<full image address>`
211
+
212
+ This tests that a GitLab instance works as expected with an external
213
+ SAML identity provider (idp).
214
+
215
+ This scenario spins up a SAML idp provider and verifies that a user is able to login to GitLab instance
216
+ using SAML.
217
+
218
+ To run tests against the GitLab containers, a GitLab QA (`gitlab/gitlab-qa`)
219
+ container is spun up and tests are run from it by running the
220
+ `Test::Integration::InstanceSAML` scenario (located under [`gitlab-org/gitlab-ce@qa/qa/scenario/test/integration/instance_saml.rb`][test-integration-instance-saml] in the GitLab CE project).
221
+
222
+ [test-integration-instance-saml]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/qa/qa/scenario/test/integration/instance_saml.rb
223
+
224
+ **Required environment variables:**
225
+
226
+ - [For EE only] `EE_LICENSE`: A valid EE license.
227
+
228
+ Example:
229
+
230
+ ```
231
+ $ gitlab-qa Test::Integration::InstanceSAML CE
232
+
233
+ # For EE
234
+ $ export EE_LICENSE=$(cat /path/to/Geo.gitlab_license)
235
+
236
+ $ gitlab-qa Test::Integration::InstanceSAML EE
237
+ ```
238
+
185
239
  ### `Test::Integration::Mattermost CE|EE|<full image address>`
186
240
 
187
241
  This tests that a GitLab instance works as expected when enabling the embedded
data/lib/gitlab/qa.rb CHANGED
@@ -30,7 +30,9 @@ module Gitlab
30
30
  module Integration
31
31
  autoload :Geo, 'qa/scenario/test/integration/geo'
32
32
  autoload :LDAP, 'qa/scenario/test/integration/ldap'
33
+ autoload :SAML, 'qa/scenario/test/integration/saml'
33
34
  autoload :GroupSAML, 'qa/scenario/test/integration/group_saml'
35
+ autoload :InstanceSAML, 'qa/scenario/test/integration/instance_saml'
34
36
  autoload :Mattermost, 'qa/scenario/test/integration/mattermost'
35
37
  autoload :Kubernetes, 'qa/scenario/test/integration/kubernetes'
36
38
  autoload :ObjectStorage, 'qa/scenario/test/integration/object_storage'
@@ -12,7 +12,7 @@ module Gitlab
12
12
 
13
13
  attr_reader :release, :docker
14
14
  attr_accessor :volumes, :network, :environment
15
- attr_writer :name, :relative_path
15
+ attr_writer :name, :relative_path, :exec_commands
16
16
 
17
17
  def_delegators :release, :tag, :image, :edition
18
18
 
@@ -23,6 +23,7 @@ module Gitlab
23
23
  @network_aliases = []
24
24
 
25
25
  self.release = 'CE'
26
+ self.exec_commands = []
26
27
  end
27
28
 
28
29
  def omnibus_config=(config)
@@ -60,6 +61,7 @@ module Gitlab
60
61
  start
61
62
  reconfigure
62
63
  wait
64
+ process_exec_commands
63
65
 
64
66
  yield self
65
67
 
@@ -142,8 +144,14 @@ module Gitlab
142
144
  manifest['software']['gitlab-rails']['locked_version']
143
145
  end
144
146
 
147
+ def process_exec_commands
148
+ exec_commands.each { |command| @docker.exec(name, command) }
149
+ end
150
+
145
151
  private
146
152
 
153
+ attr_reader :exec_commands
154
+
147
155
  def ensure_configured!
148
156
  raise 'Please configure an instance first!' unless [name, release, network].all?
149
157
  end
@@ -23,6 +23,10 @@ module Gitlab
23
23
  end
24
24
  end
25
25
 
26
+ def exec(name, command)
27
+ Docker::Command.execute("exec #{name} bash -c '#{command}'")
28
+ end
29
+
26
30
  def read_file(image, tag, path, &block)
27
31
  cat_file = "run --rm --entrypoint /bin/cat #{image}:#{tag} #{path}"
28
32
  Docker::Command.execute(cat_file, &block)
@@ -4,6 +4,8 @@ module Gitlab
4
4
  module Test
5
5
  module Integration
6
6
  class Geo < Scenario::Template
7
+ GIT_LFS_VERSION = '2.5.2'.freeze
8
+
7
9
  ##
8
10
  # rubocop:disable Lint/MissingCopEnableDirective
9
11
  # rubocop:disable Metrics/MethodLength
@@ -31,6 +33,7 @@ module Gitlab
31
33
  sidekiq['concurrency'] = 2;
32
34
  unicorn['worker_processes'] = 2;
33
35
  OMNIBUS
36
+ primary.exec_commands = fast_ssh_key_lookup_commands + git_lfs_install_commands
34
37
 
35
38
  primary.instance do
36
39
  Component::Gitlab.perform do |secondary|
@@ -44,13 +47,14 @@ module Gitlab
44
47
  unicorn['worker_processes'] = 2;
45
48
  gitlab_rails['monitoring_whitelist'] = ['0.0.0.0/0'];
46
49
  OMNIBUS
50
+ secondary.exec_commands = fast_ssh_key_lookup_commands + git_lfs_install_commands
47
51
 
48
52
  secondary.act do
49
53
  # TODO, we do not wait for secondary to start because of
50
54
  # https://gitlab.com/gitlab-org/gitlab-ee/issues/3999
51
55
  #
52
56
  # rubocop:disable Style/Semicolon
53
- prepare; start; reconfigure
57
+ prepare; start; reconfigure; process_exec_commands
54
58
 
55
59
  # shellout to instance specs
56
60
  puts 'Running Geo primary / secondary specs!'
@@ -73,6 +77,30 @@ module Gitlab
73
77
  end
74
78
  end
75
79
  end
80
+
81
+ private
82
+
83
+ def fast_ssh_key_lookup_content
84
+ @fast_ssh_key_lookup_content ||= <<~CONTENT
85
+ # Enable fast SSH key lookup - https://docs.gitlab.com/ee/administration/operations/fast_ssh_key_lookup.html
86
+ AuthorizedKeysCommand /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell-authorized-keys-check git %u %k
87
+ AuthorizedKeysCommandUser git
88
+ CONTENT
89
+ end
90
+
91
+ def fast_ssh_key_lookup_commands
92
+ @fast_ssh_key_lookup_commands ||= [
93
+ %(echo -e "\n#{fast_ssh_key_lookup_content.chomp}" >> /assets/sshd_config),
94
+ 'gitlab-ctl restart sshd'
95
+ ]
96
+ end
97
+
98
+ def git_lfs_install_commands
99
+ @git_lfs_install_commands ||= [
100
+ "cd /tmp ; curl -qsL https://github.com/git-lfs/git-lfs/releases/download/v#{GIT_LFS_VERSION}/git-lfs-linux-amd64-v#{GIT_LFS_VERSION}.tar.gz | tar xzvf -",
101
+ 'cp /tmp/git-lfs /usr/local/bin'
102
+ ]
103
+ end
76
104
  end
77
105
  end
78
106
  end
@@ -5,47 +5,28 @@ module Gitlab
5
5
  module Scenario
6
6
  module Test
7
7
  module Integration
8
- class GroupSAML < Scenario::Template
9
- # rubocop:disable Metrics/AbcSize
10
- def perform(release)
11
- release = Release.new(release)
8
+ class GroupSAML < SAML
9
+ def initialize
10
+ @gitlab_name = 'gitlab-group-saml'
11
+ @spec_suite = 'QA::EE::Scenario::Test::Integration::GroupSAML'
12
+ end
12
13
 
14
+ def before_perform(release)
13
15
  raise ArgumentError, 'Group SAML is EE only feature!' unless release.ee?
16
+ end
14
17
 
15
- Component::Gitlab.perform do |gitlab|
16
- gitlab.release = release.edition
17
- gitlab.name = 'gitlab-saml'
18
- gitlab.network = 'test'
19
-
20
- Component::SAML.perform do |saml|
21
- saml.network = 'test'
22
- saml.set_entity_id("#{gitlab.address}/groups/#{saml.group_name}")
23
- saml.set_assertion_consumer_service("#{gitlab.address}/groups/#{saml.group_name}/-/saml/callback")
24
- saml.set_sandbox_name(saml.group_name)
25
- saml.set_simple_saml_hostname
26
- saml.set_accept_insecure_certs
27
-
28
- gitlab.omnibus_config = <<~OMNIBUS
29
- gitlab_rails['omniauth_enabled'] = true;
30
- gitlab_rails['omniauth_providers'] = [{ name: 'group_saml' }];
31
- OMNIBUS
32
-
33
- saml.instance do
34
- gitlab.instance do
35
- puts 'Running SAML specs!'
18
+ def configure(gitlab, saml)
19
+ saml.set_entity_id("#{gitlab.address}/groups/#{saml.group_name}")
20
+ saml.set_assertion_consumer_service("#{gitlab.address}/groups/#{saml.group_name}/-/saml/callback")
21
+ saml.set_sandbox_name(saml.group_name)
22
+ saml.set_simple_saml_hostname
23
+ saml.set_accept_insecure_certs
36
24
 
37
- Component::Specs.perform do |specs|
38
- specs.suite = 'QA::EE::Scenario::Test::Integration::GroupSAML'
39
- specs.release = release
40
- specs.network = gitlab.network
41
- specs.args = [gitlab.address]
42
- end
43
- end
44
- end
45
- end
46
- end
25
+ gitlab.omnibus_config = <<~OMNIBUS
26
+ gitlab_rails['omniauth_enabled'] = true;
27
+ gitlab_rails['omniauth_providers'] = [{ name: 'group_saml' }];
28
+ OMNIBUS
47
29
  end
48
- # rubocop:enable Metrics/AbcSize
49
30
  end
50
31
  end
51
32
  end
@@ -0,0 +1,44 @@
1
+ require 'yaml'
2
+
3
+ module Gitlab
4
+ module QA
5
+ module Scenario
6
+ module Test
7
+ module Integration
8
+ class InstanceSAML < SAML
9
+ def initialize
10
+ @gitlab_name = 'gitlab-instance-saml'
11
+ @spec_suite = 'Test::Integration::InstanceSAML'
12
+ end
13
+
14
+ def configure(gitlab, saml)
15
+ saml.set_entity_id(gitlab.address)
16
+ saml.set_assertion_consumer_service("#{gitlab.address}/users/auth/saml/callback")
17
+ saml.set_simple_saml_hostname
18
+ saml.set_accept_insecure_certs
19
+
20
+ gitlab.omnibus_config = <<~OMNIBUS
21
+ gitlab_rails['omniauth_enabled'] = true;
22
+ gitlab_rails['omniauth_allow_single_sign_on'] = ['saml'];
23
+ gitlab_rails['omniauth_block_auto_created_users'] = false;
24
+ gitlab_rails['omniauth_auto_link_saml_user'] = true;
25
+ gitlab_rails['omniauth_providers'] = [
26
+ {
27
+ name: 'saml',
28
+ args: {
29
+ assertion_consumer_service_url: '#{gitlab.address}/users/auth/saml/callback',
30
+ idp_cert_fingerprint: '11:9b:9e:02:79:59:cd:b7:c6:62:cf:d0:75:d9:e2:ef:38:4e:44:5f',
31
+ idp_sso_target_url: 'https://#{saml.hostname}:8443/simplesaml/saml2/idp/SSOService.php',
32
+ issuer: '#{gitlab.address}',
33
+ name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'
34
+ }
35
+ }
36
+ ];
37
+ OMNIBUS
38
+ end
39
+ end
40
+ end
41
+ end
42
+ end
43
+ end
44
+ end
@@ -0,0 +1,52 @@
1
+ require 'yaml'
2
+
3
+ module Gitlab
4
+ module QA
5
+ module Scenario
6
+ module Test
7
+ module Integration
8
+ class SAML < Scenario::Template
9
+ attr_reader :gitlab_name, :spec_suite
10
+
11
+ def configure(gitlab, saml)
12
+ raise NotImplementedError
13
+ end
14
+
15
+ def before_perform(release)
16
+ # no-op
17
+ end
18
+
19
+ def perform(release)
20
+ release = Release.new(release)
21
+ before_perform(release)
22
+
23
+ Component::Gitlab.perform do |gitlab|
24
+ gitlab.release = release.edition
25
+ gitlab.network = 'test'
26
+ gitlab.name = gitlab_name
27
+
28
+ Component::SAML.perform do |saml|
29
+ saml.network = 'test'
30
+ configure(gitlab, saml)
31
+
32
+ saml.instance do
33
+ gitlab.instance do
34
+ puts "Running #{spec_suite} specs!"
35
+
36
+ Component::Specs.perform do |specs|
37
+ specs.suite = spec_suite
38
+ specs.release = release
39
+ specs.network = gitlab.network
40
+ specs.args = [gitlab.address]
41
+ end
42
+ end
43
+ end
44
+ end
45
+ end
46
+ end
47
+ end
48
+ end
49
+ end
50
+ end
51
+ end
52
+ end
@@ -1,5 +1,5 @@
1
1
  module Gitlab
2
2
  module QA
3
- VERSION = '2.6.0'.freeze
3
+ VERSION = '2.7.0'.freeze
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gitlab-qa
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.6.0
4
+ version: 2.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Grzegorz Bizon
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2018-10-09 00:00:00.000000000 Z
11
+ date: 2018-10-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: climate_control
@@ -119,6 +119,7 @@ files:
119
119
  - ".dockerignore"
120
120
  - ".gitignore"
121
121
  - ".gitlab-ci.yml"
122
+ - ".gitlab/issue_templates/Release.md"
122
123
  - ".rspec"
123
124
  - ".rubocop.yml"
124
125
  - ".travis.yml"
@@ -164,10 +165,12 @@ files:
164
165
  - lib/gitlab/qa/scenario/test/instance/staging.rb
165
166
  - lib/gitlab/qa/scenario/test/integration/geo.rb
166
167
  - lib/gitlab/qa/scenario/test/integration/group_saml.rb
168
+ - lib/gitlab/qa/scenario/test/integration/instance_saml.rb
167
169
  - lib/gitlab/qa/scenario/test/integration/kubernetes.rb
168
170
  - lib/gitlab/qa/scenario/test/integration/ldap.rb
169
171
  - lib/gitlab/qa/scenario/test/integration/mattermost.rb
170
172
  - lib/gitlab/qa/scenario/test/integration/object_storage.rb
173
+ - lib/gitlab/qa/scenario/test/integration/saml.rb
171
174
  - lib/gitlab/qa/scenario/test/omnibus/image.rb
172
175
  - lib/gitlab/qa/scenario/test/omnibus/update.rb
173
176
  - lib/gitlab/qa/scenario/test/omnibus/upgrade.rb