diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-04-11 12:09:05 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-04-11 12:09:05 +0000 |
commit | 28e90894e1e6f17320f5b1d2fff6fe736bf65dff (patch) | |
tree | 21d63bf124b6064eb1650acc3e2aabe6dbc99f58 /qa | |
parent | a48957b317edf23b1bcfc6df0c098a824eae86f4 (diff) | |
download | gitlab-ce-28e90894e1e6f17320f5b1d2fff6fe736bf65dff.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'qa')
-rw-r--r-- | qa/Dockerfile | 7 | ||||
-rw-r--r-- | qa/qa.rb | 3 | ||||
-rw-r--r-- | qa/qa/page/main/login.rb | 6 | ||||
-rw-r--r-- | qa/qa/runtime/env.rb | 20 | ||||
-rw-r--r-- | qa/qa/specs/features/browser_ui/1_manage/login/oauth_login_with_github_spec.rb | 18 | ||||
-rw-r--r-- | qa/qa/vendor/github/page/base.rb | 14 | ||||
-rw-r--r-- | qa/qa/vendor/github/page/login.rb | 36 | ||||
-rw-r--r-- | qa/qa/vendor/one_password/cli.rb | 59 | ||||
-rw-r--r-- | qa/tasks/ci.rake | 2 |
9 files changed, 161 insertions, 4 deletions
diff --git a/qa/Dockerfile b/qa/Dockerfile index 6efc8ac09fa..2bf668abc49 100644 --- a/qa/Dockerfile +++ b/qa/Dockerfile @@ -22,6 +22,13 @@ RUN apt-get update \ && rm -rf /var/lib/apt/lists/* ## +# Install 1Password CLI +# +RUN wget -P /tmp/ https://downloads.1password.com/linux/debian/$(dpkg --print-architecture)/stable/1password-cli-$(dpkg --print-architecture)-latest.deb +RUN dpkg -i /tmp/1password-cli-$(dpkg --print-architecture)-latest.deb +RUN op --version + +## # Install root certificate # RUN mkdir -p /usr/share/ca-certificates/gitlab @@ -83,7 +83,8 @@ module QA "vscode" => "VSCode", "registry_with_cdn" => "RegistryWithCDN", "fips" => "FIPS", - "ci_cd_settings" => "CICDSettings" + "ci_cd_settings" => "CICDSettings", + "cli" => "CLI" ) loader.setup diff --git a/qa/qa/page/main/login.rb b/qa/qa/page/main/login.rb index 4a5f9d90630..9fb1179373d 100644 --- a/qa/qa/page/main/login.rb +++ b/qa/qa/page/main/login.rb @@ -40,6 +40,7 @@ module QA view 'app/helpers/auth_helper.rb' do element :saml_login_button + element :github_login_button end view 'app/views/layouts/devise.html.haml' do @@ -177,6 +178,11 @@ module QA click_element :standard_tab end + def sign_in_with_github + set_initial_password_if_present + click_element :github_login_button + end + def sign_in_with_saml set_initial_password_if_present click_element :saml_login_button diff --git a/qa/qa/runtime/env.rb b/qa/qa/runtime/env.rb index 7da529becbd..34e392c6263 100644 --- a/qa/qa/runtime/env.rb +++ b/qa/qa/runtime/env.rb @@ -210,11 +210,11 @@ module QA end def github_username - ENV['GITHUB_USERNAME'] + ENV['QA_GITHUB_USERNAME'] end def github_password - ENV['GITHUB_PASSWORD'] + ENV['QA_GITHUB_PASSWORD'] end def forker? @@ -541,6 +541,22 @@ module QA raise "Missing Slack env: #{missing_env.map(&:upcase).join(', ')}" end + def one_p_email + ENV['QA_1P_EMAIL'] + end + + def one_p_password + ENV['QA_1P_PASSWORD'] + end + + def one_p_secret + ENV['QA_1P_SECRET'] + end + + def one_p_github_uuid + ENV['QA_1P_GITHUB_UUID'] + end + private def remote_grid_credentials diff --git a/qa/qa/specs/features/browser_ui/1_manage/login/oauth_login_with_github_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/login/oauth_login_with_github_spec.rb new file mode 100644 index 00000000000..3ac050c1649 --- /dev/null +++ b/qa/qa/specs/features/browser_ui/1_manage/login/oauth_login_with_github_spec.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +module QA + RSpec.describe 'Manage', :orchestrated, :oauth, product_group: :authentication_and_authorization do + describe 'OAuth' do + it 'connects and logs in with GitHub OAuth', + testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/402405' do + Runtime::Browser.visit(:gitlab, Page::Main::Login) + + Page::Main::Login.perform(&:sign_in_with_github) + + Vendor::Github::Page::Login.perform(&:login) + + expect(page).to have_content('Welcome to GitLab') + end + end + end +end diff --git a/qa/qa/vendor/github/page/base.rb b/qa/qa/vendor/github/page/base.rb new file mode 100644 index 00000000000..3b96180afe9 --- /dev/null +++ b/qa/qa/vendor/github/page/base.rb @@ -0,0 +1,14 @@ +# frozen_string_literal: true + +module QA + module Vendor + module Github + module Page + class Base + include Capybara::DSL + include Scenario::Actable + end + end + end + end +end diff --git a/qa/qa/vendor/github/page/login.rb b/qa/qa/vendor/github/page/login.rb new file mode 100644 index 00000000000..17a7471e251 --- /dev/null +++ b/qa/qa/vendor/github/page/login.rb @@ -0,0 +1,36 @@ +# frozen_string_literal: true + +require 'capybara/dsl' +require 'benchmark' + +module QA + module Vendor + module Github + module Page + class Login < Page::Base + def login + fill_in 'login', with: QA::Runtime::Env.github_username + fill_in 'password', with: QA::Runtime::Env.github_password + click_on 'Sign in' + + current_otp = OnePassword::CLI.instance.current_otp + + fill_in 'app_otp', with: current_otp + + if has_text?('Two-factor authentication failed', wait: 2) + new_otp = OnePassword::CLI.instance.new_otp(otp) + + fill_in 'app_otp', with: new_otp + end + + authorize_app + end + + def authorize_app + click_on 'Authorize' if has_button?('Authorize') + end + end + end + end + end +end diff --git a/qa/qa/vendor/one_password/cli.rb b/qa/qa/vendor/one_password/cli.rb new file mode 100644 index 00000000000..f443ba05492 --- /dev/null +++ b/qa/qa/vendor/one_password/cli.rb @@ -0,0 +1,59 @@ +# frozen_string_literal: true + +require 'benchmark' + +module QA + module Vendor + module OnePassword + class CLI + include Singleton + + def initialize + @email = QA::Runtime::Env.one_p_email + @password = QA::Runtime::Env.one_p_password + @secret = QA::Runtime::Env.one_p_secret + @github_uuid = QA::Runtime::Env.one_p_github_uuid + @address = 'gitlab.1password.com' + end + + def new_otp(old_otp = "") + # Fetches a new OTP that is not equal to the old OTP + new_otp = "" + time = Benchmark.realtime do + # An otp is valid for 30 seconds so 64 attempts with 0.5 interval are enough to ensure a new OTP is obtained + Support::Retrier.retry_until(max_attempts: 64, sleep_interval: 0.5) do + new_otp = current_otp + new_otp != old_otp + end + end + + QA::Runtime::Logger.info("Fetched new OTP in: #{time} seconds") + + new_otp + end + + def current_otp + result = nil + + time = Benchmark.realtime do + result = `op item get #{@github_uuid} --otp --session #{session_token}`.chop + end + + QA::Runtime::Logger.info("Fetched current OTP in: #{time} seconds") + + result + end + + private + + # OP session tokens are valid for 30 minutes. We are caching the session token here and this is fine currently + # as we just have one test that is not expected to go over 30 minutes. + # But note that if we add more tests that use this class, we might need to add a mechanism to invalidate + # the cache after 30 minutes or if the session_token is rejected by op CLI. + def session_token + @session_token ||= `echo '#{@password}' | op account add --address #{@address} --email #{@email} --secret-key #{@secret} --signin --raw` # rubocop:disable Layout/LineLength + end + end + end + end +end diff --git a/qa/tasks/ci.rake b/qa/tasks/ci.rake index aaf691de1b5..e5f4acb158b 100644 --- a/qa/tasks/ci.rake +++ b/qa/tasks/ci.rake @@ -32,7 +32,7 @@ namespace :ci do if run_all_label_present logger.info(" merge request has pipeline:run-all-e2e label, full test suite will be executed") - append_to_file(env_file, "QA_RUN_ALL_TESTS=true\n") + append_to_file(env_file, "QA_RUN_ALL_E2E_LABEL=true\n") elsif qa_changes.framework_changes? # run all tests when framework changes detected logger.info(" merge request contains qa framework changes, full test suite will be executed") append_to_file(env_file, "QA_FRAMEWORK_CHANGES=true\n") |