Skip to content

[E2E] Mask secrets in kubernettes_cluster setup

John McDonnell requested to merge jmd/mask-secrets-workspace into master

What does this MR do and why?

For security purposes we should avoid logging test secret values and tokens during E2E test execution to avoid any potential for them to be leaked inadvertently.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After

How to set up and validate locally

WORKSPACES_OAUTH_APP_ID=aaa WORKSPACES_OAUTH_APP_SECRET=bbb WORKSPACES_PROXY_DOMAIN=abc.def WORKSPACES_OAUTH_SIGNING_KEY=ccc WORKSPACES_DOMAIN_CERT=ddd workspaces_domain_key=eee WORKSPACES_WILDCARD_CERT=fff WORKSPACES_WILDCARD_KEY=ggg WORKSPACES_DOMAIN_KEY=hhh bundle exec rspec qa/specs/features/ee/browser_ui/3_create/remote_development/workspace_actions_spec.rb

Note when the test runs the helm repo add gitlab-workspaces-proxy .... command these variables should be masked in the console output.

     QA::Service::Shellout::CommandError:
       Command: `helm repo add gitlab-workspaces-proxy   https://gitlab.com/api/v4/projects/gitlab-org%2fremote-development%2fgitlab-workspaces-proxy/packages/helm/devel && helm repo update && helm upgrade --install gitlab-workspaces-proxy   gitlab-workspaces-proxy/gitlab-workspaces-proxy   --version 0.1.6   --namespace=gitlab-workspaces   --create-namespace   --set="auth.client_id=aaa"   --set="auth.client_secret=****"   --set="auth.host=http://gdk.test:3000"   --set="auth.redirect_uri=https://abc.def/auth/callback"   --set="auth.signing_key=****"   --set="ingress.host.workspaceDomain=abc.def"   --set="ingress.host.wildcardDomain=*.abc.def"   --set="ingress.tls.workspaceDomainCert=$(cat ddd)"   --set="ingress.tls.workspaceDomainKey=$(cat hhh)"   --set="ingress.tls.wildcardDomainCert=$(cat fff)"   --set="ingress.tls.wildcardDomainKey=$(cat ggg)"   --set="ingress.className=nginx" ` failed! ✘

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by John McDonnell

Merge request reports