Multiple 403 Forbidden Errors on QA Tests

master / package-and-qa

For package-and-qa and master, it appears that when certain QA tests run for the first time, it can intermittently get into a bad state where a non-admin user created within the test ends up being used in API calls made by later tests.

Because some of those API requests require admin access or certain permissions, 403 Forbidden errors occur.

So far, these are the 3 tests I've observed that, when starting off a test run, cause 403 errors for later tests:

• qa/qa/specs/features/browser_ui/1_manage/user/follow_user_activity_spec.rb
• qa/qa/specs/features/ee/browser_ui/1_manage/user/minimal_access_user_spec.rb
• qa/qa/specs/features/browser_ui/1_manage/login/register_spec.rb

Please see comment for an example with application logs

package-and-qa:

• https://gitlab.com/gitlab-org/gitlab-qa-mirror/-/jobs/2599162296#L1033

master:

• https://gitlab.com/gitlab-org/gitlab-qa-mirror/-/jobs/2600570992
• https://gitlab.com/gitlab-org/gitlab-qa-mirror/-/jobs/2601197358

---

Production and Canary

Multiple 403 Forbidden - Your account has been blocked. errors were also occurring on 2022-06-15 on production and canary test runs temporarily for gitlab-qa user.

I believe these may have had a different root cause than the errors seen for master / package-and-qa because:

1. The error seen in master shows 403 Forbidden while in production it showed 403 Forbidden - Your account has been blocked.
2. The errors are still occurring for master but seemed to be temporary for production

Production canary full-run:

• 2022-06-15 Test session report | canary-full (gitlab-org/quality/testcase-sessions#50162 - closed)

Production sanity run:

• 2022-06-15 Test session report | production-sanity (gitlab-org/quality/testcase-sessions#50159 - closed)
  • Passed on retry

Production canary sanity run:

• 2022-06-15 Test session report | canary-sanity (gitlab-org/quality/testcase-sessions#50158 - closed)
  • Passed on retry