Use configured values for Devise instead of hard-coded numbers

What does this MR do and why?

Fixes master:broken gitlab-org/quality/engineering-productivity/master-broken-incidents#8934 (closed).

      # spec/initializers/8_devise_spec.rb
      allow(Gitlab::CurrentSettings).to receive(:max_login_attempts).and_return(35)
      allow(Gitlab::CurrentSettings).to receive(:failed_login_attempts_unlock_period_in_minutes).and_return(15)

The state resulting to the above stubs are leaked causing specs in spec/models/concerns/require_email_verification_spec.rb to fail.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before

$ bin/rspec spec/initializers/8_devise_spec.rb spec/models/concerns/require_email_verification_spec.rb

......F.F....F.F....F.F....F.F....F.F....F.F....F.F...........F.F....F.F....F.F....F.F....F.F....F.F....F.F....F.F.

Finished in 24.78 seconds (files took 43.14 seconds to load)
115 examples, 30 failures

Failed examples:

rspec './spec/models/concerns/require_email_verification_spec.rb[1:2:2:3:1]' # RequireEmailVerification feature_flag_enabled: true, two_factor_enabled: true, oauth_user: true, skipped: true #attempts_exceeded? when failed_attempts is GTE Devise default amount is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:2:3:2:1]' # RequireEmailVerification feature_flag_enabled: true, two_factor_enabled: true, oauth_user: true, skipped: true #lock_expired? when locked longer ago than Devise default time but shorter ago than overriden time is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:3:2:3:1]' # RequireEmailVerification feature_flag_enabled: true, two_factor_enabled: true, oauth_user: true, skipped: false #attempts_exceeded? when failed_attempts is GTE Devise default amount is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:3:3:2:1]' # RequireEmailVerification feature_flag_enabled: true, two_factor_enabled: true, oauth_user: true, skipped: false #lock_expired? when locked longer ago than Devise default time but shorter ago than overriden time is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:4:2:3:1]' # RequireEmailVerification feature_flag_enabled: true, two_factor_enabled: true, oauth_user: false, skipped: true #attempts_exceeded? when failed_attempts is GTE Devise default amount is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:4:3:2:1]' # RequireEmailVerification feature_flag_enabled: true, two_factor_enabled: true, oauth_user: false, skipped: true #lock_expired? when locked longer ago than Devise default time but shorter ago than overriden time is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:5:2:3:1]' # RequireEmailVerification feature_flag_enabled: true, two_factor_enabled: true, oauth_user: false, skipped: false #attempts_exceeded? when failed_attempts is GTE Devise default amount is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:5:3:2:1]' # RequireEmailVerification feature_flag_enabled: true, two_factor_enabled: true, oauth_user: false, skipped: false #lock_expired? when locked longer ago than Devise default time but shorter ago than overriden time is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:6:2:3:1]' # RequireEmailVerification feature_flag_enabled: true, two_factor_enabled: false, oauth_user: true, skipped: true #attempts_exceeded? when failed_attempts is GTE Devise default amount is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:6:3:2:1]' # RequireEmailVerification feature_flag_enabled: true, two_factor_enabled: false, oauth_user: true, skipped: true #lock_expired? when locked longer ago than Devise default time but shorter ago than overriden time is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:7:2:3:1]' # RequireEmailVerification feature_flag_enabled: true, two_factor_enabled: false, oauth_user: true, skipped: false #attempts_exceeded? when failed_attempts is GTE Devise default amount is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:7:3:2:1]' # RequireEmailVerification feature_flag_enabled: true, two_factor_enabled: false, oauth_user: true, skipped: false #lock_expired? when locked longer ago than Devise default time but shorter ago than overriden time is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:8:2:3:1]' # RequireEmailVerification feature_flag_enabled: true, two_factor_enabled: false, oauth_user: false, skipped: true #attempts_exceeded? when failed_attempts is GTE Devise default amount is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:8:3:2:1]' # RequireEmailVerification feature_flag_enabled: true, two_factor_enabled: false, oauth_user: false, skipped: true #lock_expired? when locked longer ago than Devise default time but shorter ago than overriden time is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:10:2:3:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: true, oauth_user: true, skipped: true #attempts_exceeded? when failed_attempts is GTE Devise default amount is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:10:3:2:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: true, oauth_user: true, skipped: true #lock_expired? when locked longer ago than Devise default time but shorter ago than overriden time is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:11:2:3:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: true, oauth_user: true, skipped: false #attempts_exceeded? when failed_attempts is GTE Devise default amount is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:11:3:2:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: true, oauth_user: true, skipped: false #lock_expired? when locked longer ago than Devise default time but shorter ago than overriden time is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:12:2:3:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: true, oauth_user: false, skipped: true #attempts_exceeded? when failed_attempts is GTE Devise default amount is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:12:3:2:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: true, oauth_user: false, skipped: true #lock_expired? when locked longer ago than Devise default time but shorter ago than overriden time is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:13:2:3:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: true, oauth_user: false, skipped: false #attempts_exceeded? when failed_attempts is GTE Devise default amount is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:13:3:2:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: true, oauth_user: false, skipped: false #lock_expired? when locked longer ago than Devise default time but shorter ago than overriden time is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:14:2:3:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: false, oauth_user: true, skipped: true #attempts_exceeded? when failed_attempts is GTE Devise default amount is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:14:3:2:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: false, oauth_user: true, skipped: true #lock_expired? when locked longer ago than Devise default time but shorter ago than overriden time is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:15:2:3:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: false, oauth_user: true, skipped: false #attempts_exceeded? when failed_attempts is GTE Devise default amount is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:15:3:2:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: false, oauth_user: true, skipped: false #lock_expired? when locked longer ago than Devise default time but shorter ago than overriden time is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:16:2:3:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: false, oauth_user: false, skipped: true #attempts_exceeded? when failed_attempts is GTE Devise default amount is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:16:3:2:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: false, oauth_user: false, skipped: true #lock_expired? when locked longer ago than Devise default time but shorter ago than overriden time is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:17:2:3:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: false, oauth_user: false, skipped: false #attempts_exceeded? when failed_attempts is GTE Devise default amount is expected to eq true
rspec './spec/models/concerns/require_email_verification_spec.rb[1:17:3:2:1]' # RequireEmailVerification feature_flag_enabled: false, two_factor_enabled: false, oauth_user: false, skipped: false #lock_expired? when locked longer ago than Devise default time but shorter ago than overriden time is expected to eq true

After

$ bin/rspec spec/initializers/8_devise_spec.rb spec/models/concerns/require_email_verification_spec.rb
...................................................................................................................

Finished in 1 minute 0.38 seconds (files took 48.46 seconds to load)
115 examples, 0 failures

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

assigned to @eugielimpin

added pipelinetier-1 label

added master:broken label

added Quality label

added pipelineexpedited label and removed Quality master:broken pipelinetier-1 labels

added Quality master:broken labels

added backend label

	2 Warnings
⚠	The master pipeline status page reported failures in rspec unit pg14 22/44 If these jobs fail in your merge request with the same errors, then they are not caused by your changes. Please check for any on-going incidents in the incident issue tracker or in the #master-broken Slack channel.
⚠	This merge request does not refer to an existing milestone.

	1 Message
📖	CHANGELOG missing: If this merge request needs a changelog entry, add the Changelog trailer to the commit message you want to add to the changelog. If this merge request doesn't need a CHANGELOG entry, feel free to ignore this message.

Reviewer roulette

Category	Reviewer	Maintainer
backend	@OmarQunsulGitlab (UTC+2, 6 hours behind author)	@dskim_gitlab (UTC+11, 3 hours ahead of author)

Please refer to documentation page for guidance on how you can benefit from the Reviewer Roulette, or use the GitLab Review Workload Dashboard to find other available reviewers.

If needed, you can retry the 🔁 danger-review job that generated this comment.

Generated by 🚫 Danger

👋 @eugielimpin - please see the following guidance and update this merge request.

	1 Error
❌	Please add typebug typefeature, or typemaintenance label to this merge request.

changed the description

added pipeline:run-all-rspec label

added pipelinetier-3 label and removed pipelineexpedited label

mentioned in incident gitlab-org/quality/engineering-productivity/master-broken-incidents#8934 (closed)

approved this merge request

@eugielimpin lgtm. I've validated the specs locally bin/rspec spec/initializers/8_devise_spec.rb spec/models/concerns/require_email_verification_spec.rb and it passes.

added pipeline:mr-approved label

changed milestone to %17.6

added typemaintenance label

resolved all threads

enabled automatic add to merge train when checks pass

changed the description

requested review from @schin1

started a merge train

merged

mentioned in commit 922d4cd0

mentioned in issue gitlab-org/release/tasks#13628 (closed)

mentioned in incident gitlab-com/gl-infra/production#18702 (closed)

added Pick into auto-deploy severity2 labels

Successfully picked into 17-5-auto-deploy-2024101406.

This merge request will receive additional notifications as it's deployed. You can also use the following chatops command to check its status: /chatops run auto_deploy status https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169065

removed Pick into auto-deploy label

added severity1 label and removed severity2 label

added priority1 severity2 labels and removed severity1 label

Adding labels severity::1 and priority::1 following this guide.

added workflowstaging-canary label

added workflowcanary label and removed workflowstaging-canary label

added workflowstaging label and removed workflowcanary label

added workflowproduction label and removed workflowstaging label

added workflowpost-deploy-db-staging label and removed workflowproduction label

added workflowpost-deploy-db-production label and removed workflowpost-deploy-db-staging label

mentioned in issue #499026 (closed)

mentioned in issue #499027 (closed)

mentioned in issue #499028 (closed)

mentioned in issue #499029 (closed)

mentioned in issue #499030 (closed)

mentioned in issue #499031 (closed)

mentioned in issue #499032 (closed)

mentioned in issue #499033 (closed)

mentioned in issue #499034 (closed)

mentioned in issue #499036 (closed)

mentioned in issue #499035 (closed)

mentioned in issue #499037 (closed)

mentioned in issue #499038 (closed)

mentioned in issue #499039 (closed)

mentioned in issue #499040 (closed)

mentioned in issue #499041 (closed)

mentioned in issue #499042 (closed)

mentioned in issue #499043 (closed)

mentioned in issue #499044 (closed)

mentioned in issue #499045 (closed)

added releasedcandidate label

added releasedpublished label and removed releasedcandidate label

picked the changes into the branch cherry-pick-922d4cd0 with commit 18e26719

mentioned in commit 18e26719

mentioned in merge request !174397 (closed)

mentioned in incident gitlab-org/release/tasks#15607 (closed)