From bba43d5b2b1859553d174cf5bcd4c239f7fc0865 Mon Sep 17 00:00:00 2001
From: Andrejs Cunskis <acunskis@gitlab.com>
Date: Wed, 25 Sep 2024 06:24:56 +0000
Subject: [PATCH] Remove admin password reset from license fabrication
---
qa/qa/ce/strategy.rb | 91 +++++++++++++++++++++++-------------
qa/qa/ee/resource/license.rb | 15 ++----
qa/qa/ee/strategy.rb | 17 +++----
3 files changed, 69 insertions(+), 54 deletions(-)
diff --git a/qa/qa/ce/strategy.rb b/qa/qa/ce/strategy.rb
index 608060ecfeccd..93b94db840fea 100644
--- a/qa/qa/ce/strategy.rb
+++ b/qa/qa/ce/strategy.rb
@@ -3,49 +3,76 @@
module QA
module CE
module Strategy
- extend self
-
- # Perform global setup
- #
- # @return [Boolean] returns true if hooks were performed successfully
- def perform_before_hooks
- if QA::Runtime::Env.admin_personal_access_token.present?
- QA::Resource::PersonalAccessTokenCache.set_token_for_username(
- QA::Runtime::User.admin_username,
- QA::Runtime::Env.admin_personal_access_token
- )
+ class << self
+ # Perform global setup
+ #
+ # @return [Boolean] returns true if hooks were performed successfully
+ def perform_before_hooks
+ cache_tokens!
+ log_browser_versions
+
+ if Runtime::Env.rspec_retried?
+ Runtime::Logger.info('Skipping global hooks due to retry process')
+ return false
+ end
+
+ QA::Support::Retrier.retry_on_exception do
+ QA::Runtime::Browser.visit(:gitlab, QA::Page::Main::Login)
+ end
+
+ # Reset admin password if admin token is present but can't be used due to expired password
+ reset_admin_password!
+
+ if Runtime::Env.allow_local_requests?
+ Runtime::ApplicationSettings.set_application_settings(
+ allow_local_requests_from_web_hooks_and_services: true
+ )
+ end
+
+ true
end
- if QA::Runtime::Env.personal_access_token.present? && QA::Runtime::Env.user_username.present?
- QA::Resource::PersonalAccessTokenCache.set_token_for_username(
- QA::Runtime::Env.user_username,
- QA::Runtime::Env.personal_access_token
+ private
+
+ def cache_tokens!
+ if Runtime::Env.admin_personal_access_token.present?
+ Resource::PersonalAccessTokenCache.set_token_for_username(
+ Runtime::User.admin_username,
+ Runtime::Env.admin_personal_access_token
+ )
+ end
+
+ return unless Runtime::Env.personal_access_token.present? && Runtime::Env.user_username.present?
+
+ Resource::PersonalAccessTokenCache.set_token_for_username(
+ Runtime::Env.user_username,
+ Runtime::Env.personal_access_token
)
end
- QA::Runtime::Logger.info("Using Browser: #{QA::Runtime::Env.browser}")
+ def log_browser_versions
+ Runtime::Logger.info("Using Browser: #{Runtime::Env.browser}")
+ return unless Runtime::Env.use_selenoid?
- if QA::Runtime::Env.use_selenoid?
- QA::Runtime::Logger.info("Using Selenoid Browser version: #{QA::Runtime::Env.selenoid_browser_version}")
+ Runtime::Logger.info("Using Selenoid Browser version: #{Runtime::Env.selenoid_browser_version}")
end
- if Runtime::Env.rspec_retried?
- Runtime::Logger.info('Skipping global hooks due to retry process')
- return false
- end
+ def reset_admin_password!
+ return unless Runtime::Env.admin_personal_access_token.present?
- # The login page could take some time to load the first time it is visited.
- # We visit the login page and wait for it to properly load only once before the tests.
- QA::Runtime::Logger.info("Performing sanity check for environment!")
- QA::Support::Retrier.retry_on_exception do
- QA::Runtime::Browser.visit(:gitlab, QA::Page::Main::Login)
- end
+ response = Support::API.get(Runtime::API::Request.new(Runtime::API::Client.as_admin, "/user").url)
+ return unless response.code == 403 && response.body.include?("Your password expired")
- if QA::Runtime::Env.allow_local_requests?
- Runtime::ApplicationSettings.set_application_settings(allow_local_requests_from_web_hooks_and_services: true)
- end
+ # Mostly issue with gdk where default seeded password for admin user will be expired
+ Runtime::Logger.warn(
+ "Admin password must be reset before the configured access token can be used. Setting password now..."
+ )
- true
+ Runtime::Browser.visit(:gitlab, Page::Main::Login)
+ Page::Main::Login.perform(&:sign_in_using_admin_credentials)
+ Page::Main::Login.perform(&:set_up_new_admin_password_if_required)
+ Page::Main::Menu.perform(&:sign_out_if_signed_in)
+ end
end
end
end
diff --git a/qa/qa/ee/resource/license.rb b/qa/qa/ee/resource/license.rb
index 7b1904399a417..c5e2242bce863 100644
--- a/qa/qa/ee/resource/license.rb
+++ b/qa/qa/ee/resource/license.rb
@@ -40,6 +40,7 @@ def initialize
end
def fabricate!
+ QA::Page::Main::Menu.perform(&:sign_out_if_signed_in)
QA::Page::Main::Login.perform(&:sign_in_using_admin_credentials)
QA::Page::Main::Menu.perform(&:go_to_admin_area)
QA::Page::Main::Login.perform(&:set_up_new_admin_password_if_required)
@@ -83,18 +84,8 @@ def fabricate_via_api!
api_post.tap { QA::Runtime::Logger.info("Successfully added license key. Details:\n#{license_info}") }
rescue RuntimeError => e
- unless e.message.include?('Your password expired')
- QA::Runtime::Logger.error("Following license fabrication failed: #{base_license_info}")
- raise(e)
- end
-
- QA::Runtime::Logger.warn('Admin password must be reset before the default access token can be used. ' \
- 'Setting password now...')
-
- QA::Page::Main::Login.perform(&:sign_in_using_admin_credentials)
- QA::Page::Main::Login.perform(&:set_up_new_admin_password_if_required)
-
- retry
+ QA::Runtime::Logger.error("Following license fabrication failed: #{base_license_info}")
+ raise(e)
end
end
diff --git a/qa/qa/ee/strategy.rb b/qa/qa/ee/strategy.rb
index 61ff4bd51956e..a4efc2e071ee8 100644
--- a/qa/qa/ee/strategy.rb
+++ b/qa/qa/ee/strategy.rb
@@ -12,23 +12,20 @@ def perform_before_hooks
if QA::Runtime::Env.ee_license.present?
QA::Runtime::Logger.info("Performing initial license fabrication!")
- QA::Page::Main::Menu.perform(&:sign_out_if_signed_in)
EE::Resource::License.fabricate! do |resource|
resource.license = QA::Runtime::Env.ee_license
end
end
- unless QA::Runtime::Env.running_on_dot_com?
- QA::Runtime::Logger.info("Disabling sync with External package metadata database")
- # we can't pass [] here, otherwise it causes a validation error, because the value we pass
- # must be a valid purl_type. Instead, we pass the `deb` purl_type which is only used for
- # container scanning advisories, which are not yet supported/ingested, so this is effectively
- # the same thing as disabling the sync.
- QA::Runtime::ApplicationSettings.set_application_settings(package_metadata_purl_types: [DEB_PURL_TYPE])
- end
+ return if QA::Runtime::Env.running_on_dot_com?
- QA::Page::Main::Menu.perform(&:sign_out_if_signed_in)
+ QA::Runtime::Logger.info("Disabling sync with External package metadata database")
+ # we can't pass [] here, otherwise it causes a validation error, because the value we pass
+ # must be a valid purl_type. Instead, we pass the `deb` purl_type which is only used for
+ # container scanning advisories, which are not yet supported/ingested, so this is effectively
+ # the same thing as disabling the sync.
+ QA::Runtime::ApplicationSettings.set_application_settings(package_metadata_purl_types: [DEB_PURL_TYPE])
end
end
end
--
GitLab