QA failure: qa/specs/features/ee/browser_ui/18_security_risk_management/security_policies_spec.rb

Overview

• Environment: gprd-cny
• Coordinated pipeline: https://ops.gitlab.net/gitlab-org/release/tools/-/pipelines/4634845
• Auto-deploy package: 18.2.202506201306-77b6aabd17b.dd56f13f2ef

Pipeline:

• https://ops.gitlab.net/gitlab-org/quality/canary/-/jobs/18964890

1) Security Risk Management Security policies can create a new policy
     [31mGot 0 failures and 2 other errors:[0m

     1.1) [31mFailure/Error: QA::Support::Waiter.wait_until { QA::Page::MergeRequest::Show.perform(&:has_merge_button?) }[0m
          [31m[0m
          [31mQA::Support::Repeater::WaitExceededError:[0m
          [31m  Wait failed after 60 seconds[0m
          [36m# ./qa/support/repeater.rb:74:in `repeat_until'[0m
          [36m# ./qa/support/waiter.rb:20:in `wait_until'[0m
          [36m# ./qa/specs/features/ee/browser_ui/18_security_risk_management/security_policies_spec.rb:63:in `block (3 levels) in <module:QA>'[0m
          [36m# /home/gitlab/spec/support/fast_quarantine.rb:22:in `block (2 levels) in <top (required)>'[0m
          [36m# ./qa/specs/runner.rb:124:in `run_rspec'[0m
          [36m# ./qa/specs/runner.rb:32:in `perform'[0m
          [36m# ./qa/scenario/template.rb:10:in `block in perform'[0m
          [36m# ./qa/scenario/template.rb:8:in `perform'[0m
          [36m# ./qa/scenario/template.rb:63:in `perform'[0m
          [36m# ./qa/scenario/template.rb:10:in `block in perform'[0m
          [36m# ./qa/scenario/template.rb:8:in `perform'[0m
          [36m# ./qa/scenario/bootable.rb:52:in `launch!'[0m

     1.2) [31mFailure/Error:[0m
          [31m            raise(PageError, <<~MSG)[0m
          [31m              Error Code: #{error_code}[0m
          [31m  [0m
          [31m              #{report}[0m
          [31m  [0m
          [31m              Path: #{page.current_path}#{request_id_string}[0m
          [31m            MSG[0m
          [31m[0m
          [31mQA::Support::PageErrorChecker::PageError:[0m
          [31m  Error Code: 500[0m
          [31m[0m
          [31m  There were 10 SEVERE level errors:[0m
          [31m[0m
          [31m  ["https://www.googletagmanager.com/gtm.js?id=GTM-NJXWQL 261 Refused to connect to 'https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fgitlab.com%2Fusers%2Fsign_in&scrsrc=www.googletagmanager.com&frm=0&rnd=788663182.1750436484&dt=Sign%20in%20%C2%B7%20GitLab&auid=1832352186.1750436484&navt=n&npa=0&gdid=dYWJhMj&gtm=45He56g0v72277150za200&gcs=G111&gcd=13t3t3l3l5l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684204~104684207~104718208~104766473~104766475~104791498~104791500&tft=1750436483628&tfd=2066&apve=1&apvf=sb' because it violates the following Content Security Policy directive: \"connect-src 'self' https://gitlab.com wss://gitlab.com https://sentry.gitlab.net https://new-sentry.gitlab.net https://customers.gitlab.com https://snowplow.trx.gitlab.net https://sourcegraph.com https://collector.prd-278964.gl-product-analytics.com https://analytics.gitlab.com snowplowprd.trx.gitlab.net https://cdn.cookielaw.org https://*.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.analytics.gitlab.com *.google.com/pagead/landing pagead2.googlesyndication.com/pagead/landing\".\n", "https://www.googletagmanager.com/ - Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: \"frame-src https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://www.googletagmanager.com/ns.html https://*.zuora.com/apps/PublicHostedPageLite.do https://gitlab.com/admin/ https://gitlab.com/assets/ https://gitlab.com/-/speedscope/index.html https://gitlab.com/-/sandbox/\".\n", "https://www.googletagmanager.com/ - Refused to frame 'https://analytics.gitlab.com/' because it violates the following Content Security Policy directive: \"frame-src https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://www.googletagmanager.com/ns.html https://*.zuora.com/apps/PublicHostedPageLite.do https://gitlab.com/admin/ https://gitlab.com/assets/ https://gitlab.com/-/speedscope/index.html https://gitlab.com/-/sandbox/\".\n", "https://gitlab.com/assets/webpack/sentry.7833496f.chunk.js 0 Refused to connect to 'https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fgitlab.com%2Fusers%2Fsign_in&scrsrc=www.googletagmanager.com&frm=0&rnd=1597284379.1750436492&dt=Sign%20in%20%C2%B7%20GitLab&auid=1832352186.1750436484&navt=n&npa=0&gdid=dYWJhMj&gtm=45He56g0v72277150za200&gcs=G111&gcd=13t3t3l3l5l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684204~104684207~104718208~104766473~104766475~104791498~104791500&tft=1750436492053&tfd=1626&apve=1&apvf=f' because it violates the following Content Security Policy directive: \"connect-src 'self' wss://gitlab.com https://new-sentry.gitlab.net https://collector.prd-278964.gl-product-analytics.com snowplowprd.trx.gitlab.net https://cdn.cookielaw.org https://*.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.analytics.gitlab.com *.google.com/pagead/landing pagead2.googlesyndication.com/pagead/landing\".\n", "https://gitlab.com/assets/webpack/sentry.7833496f.chunk.js 0 Refused to connect to 'https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fgitlab.com%2Fusers%2Fsign_in&scrsrc=www.googletagmanager.com&frm=0&rnd=1597284379.1750436492&dt=Sign%20in%20%C2%B7%20GitLab&auid=1832352186.1750436484&navt=n&npa=0&gdid=dYWJhMj&gtm=45He56g0v72277150za200&gcs=G111&gcd=13t3t3l3l5l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684204~104684207~104718208~104766473~104766475~104791498~104791500&tft=1750436492053&tfd=1626&apve=1&apvf=f' because it violates the document's Content Security Policy.", "https://gitlab.com/assets/webpack/sentry.7833496f.chunk.js 0 Refused to connect to 'https://analytics.gitlab.com/g/collect?v=2&tid=G-ENFH3X7M5Y&gtm=45je56g0v886122411z872277150za200zb72277150&_p=1750436490628&gcs=G111&gcd=13t3t3l3l5l1&npa=0&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684204~104684207~104718208~104791498~104791500&gdid=dYWJhMj&cid=1131320064.1750436484&ecid=1097316696&ul=en-us&sr=800x600&ur=US-SC&uaa=&uab=&uafvl=&uamb=0&uam=&uap=Linux&uapv=&uaw=0&frm=0&pscdl=noapi&_eu=AAAAAAQ&sst.rnd=1597284379.1750436492&sst.tft=1750436490628&sst.lpc=254696350&sst.navt=n&sst.ude=0&sst.sw_exp=1&_s=1&dl=https%3A%2F%2Fgitlab.com%2Fusers%2Fsign_in&sid=1750436483&sct=1&seg=1&dt=Sign%20in%20%C2%B7%20GitLab&_tu=BA&en=page_view&ep.page_exclude_localization=gitlab.com%2Fusers%2Fsign_in&up.browser_width_height=1480x2113&up.client_id=1131320064.1750436484&tfd=1646&richsstsse' because it violates the following Content Security Policy directive: \"connect-src 'self' wss://gitlab.com https://new-sentry.gitlab.net https://collector.prd-278964.gl-product-analytics.com snowplowprd.trx.gitlab.net https://cdn.cookielaw.org https://*.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.analytics.gitlab.com *.google.com/pagead/landing pagead2.googlesyndication.com/pagead/landing\".\n", "https://gitlab.com/assets/webpack/sentry.7833496f.chunk.js 0 Refused to connect to 'https://analytics.gitlab.com/g/collect?v=2&tid=G-ENFH3X7M5Y&gtm=45je56g0v886122411z872277150za200zb72277150&_p=1750436490628&gcs=G111&gcd=13t3t3l3l5l1&npa=0&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684204~104684207~104718208~104791498~104791500&gdid=dYWJhMj&cid=1131320064.1750436484&ecid=1097316696&ul=en-us&sr=800x600&ur=US-SC&uaa=&uab=&uafvl=&uamb=0&uam=&uap=Linux&uapv=&uaw=0&frm=0&pscdl=noapi&_eu=AAAAAAQ&sst.rnd=1597284379.1750436492&sst.tft=1750436490628&sst.lpc=254696350&sst.navt=n&sst.ude=0&sst.sw_exp=1&_s=1&dl=https%3A%2F%2Fgitlab.com%2Fusers%2Fsign_in&sid=1750436483&sct=1&seg=1&dt=Sign%20in%20%C2%B7%20GitLab&_tu=BA&en=page_view&ep.page_exclude_localization=gitlab.com%2Fusers%2Fsign_in&up.browser_width_height=1480x2113&up.client_id=1131320064.1750436484&tfd=1646&richsstsse' because it violates the document's Content Security Policy.", "https://www.googletagmanager.com/ - Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: \"frame-src https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://www.googletagmanager.com/ns.html https://*.zuora.com/apps/PublicHostedPageLite.do https://gitlab.com/admin/ https://gitlab.com/assets/ https://gitlab.com/-/speedscope/index.html https://gitlab.com/-/sandbox/\".\n", "https://www.googletagmanager.com/ - Refused to frame 'https://analytics.gitlab.com/' because it violates the following Content Security Policy directive: \"frame-src https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://www.googletagmanager.com/ns.html https://*.zuora.com/apps/PublicHostedPageLite.do https://gitlab.com/admin/ https://gitlab.com/assets/ https://gitlab.com/-/speedscope/index.html https://gitlab.com/-/sandbox/\".\n", "https://gitlab.com/gitlab-e2e-sandbox-group-6/e2e-test-2025-06-20-16-21-23-099ac31424a2da88/the_awesome_project-bf8f0bd8bb3e32e5-security-policy-project/-/merge_requests/1 - Failed to load resource: the server responded with a status of 500 ()"][0m
/builds/gitlab-org/quality/canary/.gems/bin/gitlab-qa: Command `docker run -t --rm --net=bridge --env QA_CAN_TEST_GIT_PROTOCOL_V2="$QA_CAN_TEST_GIT_PROTOCOL_V2" ...` failed! [31m✘[0m (Gitlab::QA::Support::ShellCommand::StatusError)
/builds/gitlab-org/quality/canary/.gems/bin/gitlab-qa: Command `docker run -t --rm --net=bridge --env QA_CAN_TEST_GIT_PROTOCOL_V2="$QA_CAN_TEST_GIT_PROTOCOL_V2" ...` failed! [31m✘[0m (Gitlab::QA::Support::ShellCommand::StatusError)
          [31m[0m
          [31m  Path: /gitlab-e2e-sandbox-group-6/e2e-test-2025-06-20-16-21-23-099ac31424a2da88/the_awesome_project-bf8f0bd8bb3e32e5-security-policy-project/-/merge_requests/1[0m
          [31m[0m
          [31m  Correlation Id: 01JY72B1WTAG4GNJFB29FRNJ3B[0m
          [31m  Sentry Url: https://new-sentry.gitlab.net/organizations/gitlab/issues/?environment=gprd&project=3&query=correlation_id%3A%2201JY72B1WTAG4GNJFB29FRNJ3B%22[0m
          [31m  Kibana - Discover Url: https://log.gprd.gitlab.net/app/discover#/?_a=%28index:%277092c4e2-4eb5-46f2-8305-a7da2edad090%27%2Cquery%3A%28language%3Akuery%2Cquery%3A%27json.correlation_id%20%3A%2001JY72B1WTAG4GNJFB29FRNJ3B%27%29%29&_g=%28time%3A%28from%3A%272025-06-19T16:22:50.686Z%27%2Cto%3A%272025-06-20T16:22:50.686Z%27%29%29[0m
          [31m  Kibana - Dashboard Url: https://log.gprd.gitlab.net/app/dashboards#/view/5e6d3440-7597-11ed-9f43-e3784d7fe3ca?_g=%28time%3A%28from:%272025-06-19T16:22:50.686Z%27%2Cto%3A%272025-06-20T16:22:50.686Z%27%29%29&_a=%28filters%3A%21%28%28query%3A%28match_phrase%3A%28json.correlation_id%3A%2701JY72B1WTAG4GNJFB29FRNJ3B%27%29%29%29%29%29[0m
          [36m# ./qa/support/page_error_checker.rb:22:in `report!'[0m
          [36m# ./qa/support/page_error_checker.rb:61:in `check_page_for_error_code'[0m
          [36m# ./qa/specs/spec_helper.rb:102:in `block (2 levels) in <top (required)>'[0m
          [36m# /home/gitlab/spec/support/fast_quarantine.rb:22:in `block (2 levels) in <top (required)>'[0m
          [36m# ./qa/specs/runner.rb:124:in `run_rspec'[0m
          [36m# ./qa/specs/runner.rb:32:in `perform'[0m
          [36m# ./qa/scenario/template.rb:10:in `block in perform'[0m
          [36m# ./qa/scenario/template.rb:8:in `perform'[0m
          [36m# ./qa/scenario/template.rb:63:in `perform'[0m
          [36m# ./qa/scenario/template.rb:10:in `block in perform'[0m
          [36m# ./qa/scenario/template.rb:8:in `perform'[0m
          [36m# ./qa/scenario/bootable.rb:52:in `launch!'[0m

Finished in 1 minute 31.19 seconds (files took 1.97 seconds to load)
[31m1 example, 1 failure[0m

Failed examples:

[31mrspec ./qa/specs/features/ee/browser_ui/18_security_risk_management/security_policies_spec.rb:51[0m [36m# Security Risk Management Security policies can create a new policy[0m