From 6b4c082fc8f266aa796595103e6c5f6ddb199280 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Sun, 14 Jun 2020 21:08:25 +0000 Subject: [PATCH] Add latest changes from gitlab-org/gitlab@master --- qa/qa.rb | 1 + qa/qa/scenario/test/instance/airgapped.rb | 19 +++++++++++++++++++ qa/qa/service/docker_run/base.rb | 9 +++++++++ qa/qa/service/docker_run/gitlab_runner.rb | 19 ++++++++++++++++++- qa/qa/service/docker_run/jenkins.rb | 8 ++++++-- .../scenario/test/instance/airgapped_spec.rb | 8 ++++++++ spec/models/concerns/bulk_insert_safe_spec.rb | 4 +++- 7 files changed, 64 insertions(+), 4 deletions(-) create mode 100644 qa/qa/scenario/test/instance/airgapped.rb create mode 100644 qa/spec/scenario/test/instance/airgapped_spec.rb diff --git a/qa/qa.rb b/qa/qa.rb index c387a0e38d2..cf73d19bc57 100644 --- a/qa/qa.rb +++ b/qa/qa.rb @@ -137,6 +137,7 @@ module QA module Instance autoload :All, 'qa/scenario/test/instance/all' autoload :Smoke, 'qa/scenario/test/instance/smoke' + autoload :Airgapped, 'qa/scenario/test/instance/airgapped' end module Integration diff --git a/qa/qa/scenario/test/instance/airgapped.rb b/qa/qa/scenario/test/instance/airgapped.rb new file mode 100644 index 00000000000..556741ec040 --- /dev/null +++ b/qa/qa/scenario/test/instance/airgapped.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +module QA + module Scenario + module Test + module Instance + class Airgapped < Template + include Bootable + include SharedAttributes + def perform(address, *rspec_options) + Runtime::Scenario.define(:runner_network, 'airgapped') + + super + end + end + end + end + end +end diff --git a/qa/qa/service/docker_run/base.rb b/qa/qa/service/docker_run/base.rb index b02bbea8ff5..512960e8232 100644 --- a/qa/qa/service/docker_run/base.rb +++ b/qa/qa/service/docker_run/base.rb @@ -8,6 +8,7 @@ module QA def initialize @network = Runtime::Scenario.attributes[:network] || 'test' + @runner_network = Runtime::Scenario.attributes[:runner_network] || @network end def network @@ -18,6 +19,14 @@ module QA @network end + def runner_network + shell "docker network inspect #{@runner_network}" + rescue CommandError + network + else + @runner_network + end + def pull shell "docker pull #{@image}" end diff --git a/qa/qa/service/docker_run/gitlab_runner.rb b/qa/qa/service/docker_run/gitlab_runner.rb index 834f6b430ac..6022ee4ceab 100644 --- a/qa/qa/service/docker_run/gitlab_runner.rb +++ b/qa/qa/service/docker_run/gitlab_runner.rb @@ -1,5 +1,6 @@ # frozen_string_literal: true +require 'resolv' require 'securerandom' module QA @@ -38,11 +39,16 @@ module QA def register! shell <<~CMD.tr("\n", ' ') docker run -d --rm --entrypoint=/bin/sh - --network #{network} --name #{@name} + --network #{runner_network} --name #{@name} #{'-v /var/run/docker.sock:/var/run/docker.sock' if @executor == :docker} --privileged #{@image} -c "#{register_command}" CMD + + # Prove airgappedness + if runner_network == 'airgapped' + shell("docker exec #{@name} sh -c '#{prove_airgap}'") + end end def tags=(tags) @@ -85,6 +91,17 @@ module QA gitlab-runner run CMD end + + # Ping CloudFlare DNS, should fail + # Ping Registry, should fail to resolve + def prove_airgap + gitlab_ip = Resolv.getaddress 'registry.gitlab.com' + <<~CMD + echo "Checking airgapped connectivity..." + nc -zv -w 10 #{gitlab_ip} 80 && (echo "Airgapped network faulty. Connectivity netcat check failed." && exit 1) || (echo "Connectivity netcat check passed." && exit 0) + wget --retry-connrefused --waitretry=1 --read-timeout=15 --timeout=10 -t 2 http://registry.gitlab.com > /dev/null 2>&1 && (echo "Airgapped network faulty. Connectivity wget check failed." && exit 1) || (echo "Airgapped network confirmed. Connectivity wget check passed." && exit 0) + CMD + end end end end diff --git a/qa/qa/service/docker_run/jenkins.rb b/qa/qa/service/docker_run/jenkins.rb index 00b63282484..808fab80c63 100644 --- a/qa/qa/service/docker_run/jenkins.rb +++ b/qa/qa/service/docker_run/jenkins.rb @@ -16,7 +16,9 @@ module QA end def host_name - return 'localhost' unless QA::Runtime::Env.running_in_ci? + if !QA::Runtime::Env.running_in_ci? && !runner_network.equal?('airgapped') + 'localhost' + end super end @@ -33,7 +35,9 @@ module QA #{@image} CMD - command.gsub!("--network #{network} ", '') unless QA::Runtime::Env.running_in_ci? + if !QA::Runtime::Env.running_in_ci? && !runner_network.equal?('airgapped') + command.gsub!("--network #{network} ", '') + end shell command end diff --git a/qa/spec/scenario/test/instance/airgapped_spec.rb b/qa/spec/scenario/test/instance/airgapped_spec.rb new file mode 100644 index 00000000000..0c4167eafff --- /dev/null +++ b/qa/spec/scenario/test/instance/airgapped_spec.rb @@ -0,0 +1,8 @@ +# frozen_string_literal: true + +describe QA::Scenario::Test::Instance::Airgapped do + describe '#perform' do + it_behaves_like 'a QA scenario class' do + end + end +end diff --git a/spec/models/concerns/bulk_insert_safe_spec.rb b/spec/models/concerns/bulk_insert_safe_spec.rb index 5d65d614ac5..07d6cee487f 100644 --- a/spec/models/concerns/bulk_insert_safe_spec.rb +++ b/spec/models/concerns/bulk_insert_safe_spec.rb @@ -3,7 +3,7 @@ require 'spec_helper' describe BulkInsertSafe do - class BulkInsertItem < ApplicationRecord + class BulkInsertItem < ActiveRecord::Base include BulkInsertSafe include ShaAttribute @@ -74,6 +74,8 @@ describe BulkInsertSafe do ActiveRecord::Schema.define do drop_table :bulk_insert_items, force: true end + + BulkInsertItem.reset_column_information end describe BulkInsertItem do