Set GITLAB_QA_USER_AGENT as a Rails env var
What does this MR do and why?
Sets GITLAB_QA_USER_AGENT as a Rails env var so that it can be used to bypass features that are allowlisted by GitLab itself (as opposed to external services, as in https://gitlab.com/gitlab-com/gl-infra/cloudflare-firewall/-/issues/63).
Also:
- Masks the credentials when they're shown as part of the omnibus-gitlab config settings.
- Allows other secrets to be masked via the
mask_secretskeyword arg.
See gitlab-org/quality/quality-engineering/team-tasks#1599 (comment 1240112223)
How to set up and validate locally
- Set the env var
export GITLAB_QA_USER_AGENT=<from 1Password> - Run the tests
bundle exec exe/gitlab-qa Test::Instance::Image EE - Note that the secret is masked:
[Jan 17 2023 10:52:00 AEDT (Gitlab QA)] INFO -- Shell command: `docker exec gitlab-ee-4390e310 bash -c "echo \"# Generated by GitLab QA Omnibus Configurator at 2023-01-17 10:51:56 # Gitlab::QA::Runtime::OmnibusConfigurations::Default gitlab_rails['gitlab_default_theme'] = 10 # Light Red Theme gitlab_rails['gitlab_disable_animations'] = true # Disable animations gitlab_rails['application_settings_cache_seconds'] = 0 # Settings cache expiry gitlab_rails['initial_root_password'] = '5iveL!fe' # Initial root password gitlab_rails['env'] = {'GITLAB_QA_USER_AGENT'=>'*****'}\" > /etc/gitlab/gitlab.rb;"`
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Mark Lapierre