Normalize falsey smtp_authentication to disable SMTP auth

What does this MR do?

When gitlab_rails['smtp_authentication'] was set to false, the smtp_settings.rb template rendered it via to_s.to_sym, producing the symbol :false. With net-smtp 0.5.x, Net::SMTP#start validates any truthy authtype against its known SASL mechanisms and raises ArgumentError: wrong authentication type false. Earlier net-smtp versions (e.g. 0.3.3) silently ignored the value, so this only surfaced after the upgrade.

Normalize the setting at config-parse time in SmtpHelper instead of branching in the template: falsey/"disable" values (false, 'false', 'none', '') become nil so no authentication: line is rendered, while real mechanisms are passed through unchanged. This keeps the template declarative and moves the decision logic into tested Ruby.

Related issues

See gitlab#603334 (closed)

How to validate locally

In /etc/gitlab/gitlab.rb set the following:

gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.server"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "smtp user"
gitlab_rails['smtp_password'] = "smtp password"
gitlab_rails['smtp_domain'] = "example.com"
gitlab_rails['smtp_authentication'] = false
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = false
gitlab_rails['smtp_pool'] = false

Run gitlab-ctl reconfigure. With this change you should see that authentication is omitted in /var/opt/gitlab/gitlab-rails/etc/smtp_settings.rb:

  smtp_settings = {
    user_name: "smtp user",
    password: "smtp password",
    address: "smtp.server",
    port: 465,
    domain: "example.com",
    enable_starttls_auto: true,
    tls: false,

Without the patch, it shows authentication: :false:

  smtp_settings = {
    authentication: :false,
    user_name: "smtp user",
    password: "smtp password",
    address: "smtp.server",
    port: 465,
    domain: "example.com",
    enable_starttls_auto: true,
    tls: false,

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion.

Required

• MR title and description are up to date, accurate, and descriptive.
• MR targeting the appropriate branch.
• Latest Merge Result pipeline is green.
• When ready for review, MR is labeled workflowready for review per the Distribution MR workflow.

For GitLab team members

If you don't have access to this, the reviewer should trigger these jobs for you during the review process.

• The manual Trigger:ee-package jobs have a green pipeline running against latest commit.
• If config/software or config/patches directories are changed, make sure the build-package-on-all-os job within the Trigger:ee-package downstream pipeline succeeded.
• If you are changing anything SSL related, then the Trigger:package:fips manual job within the Trigger:ee-package downstream pipeline must succeed.
• If CI configuration is changed, the branch must be pushed to dev.gitlab.org to confirm regular branch builds aren't broken.

Expected (please provide an explanation if not completing)

• Test plan indicating conditions for success has been posted and passes.
• Documentation created/updated.
• Tests added.
• Integration tests added to GitLab QA.
• Equivalent MR/issue for the GitLab Chart opened.
• Validate potential values for new configuration settings. Formats such as integer 10, duration 10s, URI scheme://user:passwd@host:port may require quotation or other special handling when rendered in a template and written to a configuration file.