Skip to content

E2E: Re-Add test for login with GitHub OAuth

Sanad Liaquat requested to merge qa-shl-add-github-oauth-e2e-spec into master

Description of the test

Adds back the E2E test for OAuth login with GitHub

The OAuth tests will only run in the scheduled nightly pipelines on the canonical GitLab project. This is to avoid running the tests in parallel to ensure we do not hit any limits with external OAuth applications that we had previously encountered. The job will exist as manual in other pipelines. The job will also run when pipeline:run-all-e2e label is present on an MR.

Note: This MR is blocked by the GitLab-QA MR. It should be merged once the GitLab-QA MR is merged and the gitlab-qa gem has been version bumped and released.

Related testcase issue: https://gitlab.com/gitlab-org/quality/testcases/-/issues/3981

Related GiLab-QA MR: gitlab-qa!1148 (merged)

These tests were previously removed based on this conversation and now being added back as corrective action on this incident as based on feedback from the ~"group::authentication and authorization" team.

How to set up and validate locally

In your /private/etc/hosts file, add this line:

127.0.0.1       gitlab-oauth.test

Create test network

docker network create test

Start GitLab in a docker with:

sudo docker run \
    --hostname gitlab-oauth.test \
    --publish 443:443 --publish 80:80 --publish 22:22 \
    --env GITLAB_OMNIBUS_CONFIG="gitlab_rails['initial_root_password']='5iveL\!fe'; gitlab_rails['omniauth_enabled'] = true; gitlab_rails['omniauth_allow_single_sign_on'] = ['github']; gitlab_rails['omniauth_block_auto_created_users'] = false; gitlab_rails['omniauth_providers'] = [{ name: 'github',app_id: '$QA_GITHUB_OAUTH_APP_SECRET', app_secret: '$GITHUB_OAUTH_APP_SECRET', url: 'https://github.com/', verify_ssl: false, args: { scope: 'user:email' }}];" \
    --name gitlab \
   registry.gitlab.com/gitlab-org/build/omnibus-gitlab-mirror/gitlab-ee:222288103355cd9f147b475ce732e5daed84a268

From the qa directory:

bundle install

GITHUB_USERNAME="gitlab-qa" GITHUB_PASSWORD=<GITHUB_PASSWORD> QA_1P_EMAIL="<QA_1P_EMAIL>" QA_1P_PASSWORD="<QA_1P_PASSWORD>" QA_1P_SECRET="<QA_1P_SECRET>" QA_1P_GITHUB_UUID="<QA_1P_GITHUB_UUID>" QA_DEBUG=true CHROME_HEADLESS=false bundle exec bin/qa Test::Instance::All http://gitlab-oauth.test qa/specs/features/browser_ui/1_manage/login/oauth_login_with_github_spec.rb -- --tag orchestrated

All variables are in 1Password with the placeholder names.

Checklist

  • Confirm the test has a testcase: tag linking to an existing test case in the test case project.
  • Note if the test is intended to run in specific scenarios. If a scenario is new, add a link to the MR that adds the new scenario.
  • Follow the end-to-end tests style guide and best practices.
  • Use the appropriate RSpec metadata tag(s).
  • Most resources will be cleaned up via the general cleanup task. Check that is successful, or ensure resources are cleaned up in the test:
    • New resources have api_get_path and api_delete_path implemented if possible.
    • If any resource cannot be deleted in the general delete task, make sure it is ignored.
    • If any resource cannot be deleted in the general delete task, remove it in the test (e.g., in an after block).
  • Ensure that no transient bugs are hidden accidentally due to the usage of waits and reloads.
  • Verify the tags to ensure it runs on the desired test environments.
  • If this MR has a dependency on another MR, such as a GitLab QA MR, specify the order in which the MRs should be merged.
  • (If applicable) Create a follow-up issue to document the special setup necessary to run the test: ISSUE_LINK
  • If the test requires an admin's personal access token, ensure that the test passes on your local environment with and without the GITLAB_QA_ADMIN_ACCESS_TOKEN provided.
Edited by Sanad Liaquat

Merge request reports