12.1.201907040834-2bee4ba61be.01dd6c81b2e QA Issue
Process
Each engineer validates and checks off each of their assigned QA task(s).
- Check off each Merge Request changes that you've tested successfully and note any issues you've created and check them off as they are resolved.
- If a problem is found:
- Create an issue for it and add a sub bullet item under the corresponding validation checklist task. Link the issue there.
- Add the severity label
- Raise the problem in the discussion and tag relevant Engineering and Product managers.
- If a regression is found:
- Create an issue for it
- Add the severity label and the regression label
- Raise the regression in the discussion and tag relevant Engineering and Product managers.
General Quality info can be found in the Quality Handbook.
Note: If you are assigned tasks outside your normal work hours, you're not expected to work overtime. Please complete the tasks as soon as possible during your normal work hours.
Deadline
QA testing on staging.gitlab.com for this issue should be completed by 2019-07-05 10:13 UTC. After this deadline has passed, the issue will be closed automatically.
If the deadline has passed, please perform your task as soon as possible anyway (during your normal work hours). It's important that the testing is performed, even if deployment has proceeded to a later stage.
Merge Requests tested in 12.1.201907040834-2bee4ba61be.01dd6c81b2e
Community contribution
Community contribution-
@eread | Fix typo in docs about Elasticsearch Community contribution ~"Documentation" ~"backstage" ~"docs-fix" ~"elasticsearch" -
@eread | Docs: minor fix to link format 1st contribution Community contribution ~"Documentation" ~"docs-fix" docs-only -
@rymai | Replace 'JIRA' with 'Jira' for EE-specific code comments Community contribution ~"Jira" ~"devops::enablement" ~"external services" ~"group::ecosystem" -
@reprazent | Include events from subgroups in group's activity Community contribution ~"Manage" backend devopsmanage ~"group::access" -
@DouweM | Move colon on merge request notification Community contribution ~"Create" devopscreate groupsource code merge requests notifications -
@smcgivern | db.fixtures: use print instead of puts 1st contribution Community contribution ~"Plan" -
@eread | Expand docs on configuring jobs with private registry access 1st contribution Community contribution ~"Container Registry" ~"Documentation" ~"Verify" docs-only -
@sliaquat | QA: transfer project spec 1st contribution Community contribution -
@mayra-cabrera | Jekyll Pages template: LC_ALL=C.UTF-8 1st contribution Community contribution -
@stanhu | Use PostgreSQL 9.6.11 in CI tests Community contribution ~"PostgreSQL" ~"backstage" ci-build -
@ClemMakesApps | Fix typo in updateResolvableDiscussionsCounts action Community contribution ~"Plan" ~"backstage" coach will finish devopsplan frontend ~"technical debt" -
@eread | Add --globoff
flag to the curl command for Jobs API. 1st contribution Community contribution ~"Documentation" ~"Verify" api devopsverify docs-only -
@eread | Update job_artifacts.md to reflect change: https://gitlab.com/gitlab-org/gitlab-ce/issues/31771 1st contribution Community contribution ~"Documentation" ~"Verify" devopsverify -
@kushalpandya | Remove istanbul JavaScript package Community contribution ~"backstage" ci-build ~"dependency update" frontend -
@pslaughter | Replace slugifyWithHyphens with improved slugify text util 1st contribution Community contribution frontend -
@axil | Gitlab -> GitLab Community contribution ~"Documentation" -
@smcgivern | Backport from CE (issue #55953) Community contribution -
@smcgivern | rename discussion
tothread
Community contribution ~"Plan" devopsplan frontend issues -
@DouweM | Enable AsciiDoc syntax highlighting (using Rouge) Community contribution ~"Create" asciidoc backend groupknowledge highlight
Plan ~"Plan"
-
@arthanzel | Allow collapsing all issue boards CS Top 10 (2018CQ2) ~"Category::Issue Boards" ~"Plan" ~"UX ready" customer devopsplan direction ~"feature" frontend internal customer -
@engwan | Remove group in notification email subject ~"P2" ~"Pick into 12.0" ~"Plan" ~"S3" backend ~"bug" emails notifications regression regression:12.0 -
@arthanzel | Don't show tooltips on Open and Closed boards ~"Category::Issue Boards" ~"Plan" UX debt ~"bug" frontend -
@kushalpandya | Add support for lazy loading Epic children within tree ~"Category::Agile Portfolio Management" GraphQL ~"Plan" UX backend epics ~"feature" frontend ~"performance" -
@winh | Add missing import statement to WeightSelect ~"Category::Issue Boards" ~"Plan" ~"backstage" devopsplan frontend ~"technical debt" -
@jarka | Port of "Use title and description fields for issue trackers" ~"Jira" ~"Plan" backend ~"backstage" database -
@jarka | Use title and description fields for issue trackers ~"Jira" ~"Plan" backend ~"backstage" database -
@rajatgitlab | Don't let logged out user do manual order ~"Plan" ~"bug" frontend
Create ~"Create"
-
@pslaughter | Fix IDE editor to update dimensions on show change ~"Create" Deliverable ~"P3" ~"S3" ~"bug" frontend ~"group::editor" ~"missed-SLO" missed-deliverable missed:12.0 ~"web ide" ~"workflow::In dev" -
@reprazent | Remove deprecated #forked_from?
check ~"Create" ~"backstage" devopscreate forking groupsource code ~"technical debt" -
@igor.drozdov | Add endpoint for fetching diverging commit counts ~"Create" devopscreate groupsource code ~"performance" -
@.luke | Show design boards at previous versions in GraphQL ~"Create" Deliverable GitLab Premium Product Vision FY20 UX backend ~"design management" devopscreate direction ~"feature" frontend groupknowledge ~"workflow::In dev" -
@patrickbajao | Support creating an MR/branch on a fork from an issue ~"Create" Deliverable UX backend ~"backstage" breadth devopscreate direction ~"feature" forking groupsource code internal customer merge requests -
@toupeira | Respect limited indexing when importing projects ~"Create" Deliverable Stretch backend ~"bug" devopscreate ~"elasticsearch" ~"group::editor" -
@iamphill | Fetch branches divergence graph data through API call ~"Create" ~"feature" frontend ~"performance" -
@patrickbajao | Don't show image diff note on text file ~"Create" ~"P2" ~"S3" backend ~"bug" diff groupsource code image diff ~"missed-SLO" ~"workflow::In review" -
@mishunov | Resolve "Cannot delete and upload file of the same name in the Web IDE" ~"Create" Deliverable ~"bug" devopscreate frontend ~"group::editor" missed-deliverable missed:12.0 ~"web ide" ~"workflow::In dev" -
@ntepluhina | Resolve "Multiple discussions per line in merge request diffs" ~"Create" Deliverable ~"UX ready" depth devopscreate diff direction ~"feature" frontend merge requests release post item ~"workflow::In review" -
@reprazent | Remove multiple_code_owner_rules
feature flag ~"Create" approvals ~"backstage" devopscreate groupsource code ~"technical debt" -
@ntepluhina | Resolve "Multiple discussions per line in merge request diffs" ~"Create" Deliverable diff direction ~"feature"
Manage ~"Manage"
-
@ifarkas | Allow blank values for IP restriction setting form ~"Manage" ~"P1" ~"S2" backend ~"bug" ~"group::access" -
@ekigbo | EE Port: Vue-i18n: various js directories Deliverable ~"Manage" auto updated frontend ~"internationalization" -
@ekigbo | Vue-i18n: app/assets/javascripts/serverless directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | Vue-i18n: autofix for app/assets/javascripts/serverless directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | EE Port Vue-i18n: app/assets/javascripts/pages directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | Vue-i18n: autofix for app/assets/javascripts/pages directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | Vue-i18n: autofix for app/assets/javascripts/pipelines directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | EE Port - Vue-i18n: app/assets/javascripts/environments directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | Vue-i18n: autofix for app/assets/javascripts/environments directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | Vue-i18n: autofix for app/assets/javascripts/clusters directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | EE Port: Vue-i18n: app/assets/javascripts/clusters/ directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | EE Port - Vue-i18n: app/assets/javascripts/ide directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | Vue-i18n: autofix for app/assets/javascripts/ide directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@tpresa | Fix License App user count ~"Manage"
Verify ~"Verify"
-
@eread | Clarify requirements for pipelines for MRs ~"Documentation" ~"Verify" devopsverify docs-only -
@shampton | Resolve "Pipeline actions cause full refresh" Deliverable ~"P3" ~"S3" UX ~"Verify" ~"bug" devopsverify frontend merge requests pipeline
Release ~"Release"
-
@krasio | Update Deploy Tokens documentation Deliverable ~"Documentation" ~"Release" backend ~"continuous delivery" deploy ~"devops::release" docs-only ~"feature" -
@filipa | Backports css class used in EE specs ~"Release" frontend single codebase -
@krasio | Custom username for deploy tokens Deliverable ~"Release" backend ~"continuous delivery" database deploy ~"devops::release" ~"feature" -
@marcia | Docs: move content to its own doc ~"Documentation" ~"Release" ~"continuous delivery" ~"devops::release" docs-only ~"docs:improvement"
Geo ~"Geo"
-
@toon | Add rake task to clean orphan artifact files and Geo registries ~"Documentation" ~"Geo" ~"artifacts" backend customer groupgeo rake tasks -
@toon | Add rake task to clean orphan artifact files ~"Geo" ~"artifacts" backend customer groupgeo rake tasks -
@marcel.amirault | Docs: Clean up markdown spacing in geo docs ~"Documentation" ~"Geo" ~"devops::enablement" ~"docs-fix" docs-only groupgeo
Gitaly ~"Gitaly"
-
@zj-gitlab | Remove ignored circuit_breaker columns ~"Gitaly" ~"backstage" -
@johncai | Deprecate diverging commit count with max parameter ~"Gitaly" ~"backstage" feature flag
Package ~"Package"
-
@nkipling | Resolve "Special characters in project name/path prevent users from using the container registry" ~"Container Registry" Deliverable ~"P4" ~"Package" ~"S4" UX ~"bug" container registry expert devopspackage direction ~"docs:improvement" frontend
Configure ~"Configure"
-
@tkuah | Add clusters association to deployment ~"Configure" ~"bug" database environments ~"performance" -
@tkuah | Environment scope should not reorder whole query ~"Configure" ~"bug" environments -
@Alexand | Allow JupyterHub to be uninstalled ~"Configure" backend ~"devops::configure" direction ~"feature" ~"kubernetes" -
@DylanGriffith | Tidy spec for API::ProjectClusters ~"Configure" backend ~"backstage" -
@Alexand | Feature/uninstall cluster ingress ~"Configure" ~"auto devops" ~"devops::configure" ~"feature" -
@DylanGriffith | Docs/Comments only: Better autodevops customization documentation ~"Configure" ~"Documentation" ~"devops::configure" docs-only ~"feature" ~"group::autodevops and kubernetes" -
@tigerwnz | Show deploy boards for group cluster deployments ~"Configure" ~"devops::configure" ~"feature" ~"kubernetes" -
@tigerwnz | Enable terminals button for group clusters ~"Configure" ~"devops::configure" ~"feature" ~"kubernetes"
Monitor ~"Monitor"
-
@jprovaznik | Start UnicornSampler in master process APM ~"Memory" ~"Monitor" ~"bug" -
@alipniagov | Use separate Prometheus metrics dirs in dev/test APM ~"Memory" ~"Monitor" ~"P2" ~"S2" ~"backstage" ~"bug" ~"metrics"
Secure ~"Secure"
-
@farias-gl | First pass at auto remediation changes Deliverable ~"Secure" frontend -
@plafoucriere | No security scan for docs branches ~"Secure" ~"Secure::Static and Dynamic Analysis" backend ~"backstage" ~"dependency scanning" devopsverify ~"sast" -
@dpisek | Fix 'learn more'-link on dependency page ~"P1" ~"S3" ~"Secure" ~"Secure::Software Composition Analysis" ~"bug" dependency list frontend regression -
@plafoucriere | Revert "Merge branch 'fix-dep-list-doc-link' into 'master'" ~"Secure" ~"bug"
frontend
frontend-
@leipert | Update dependency @gitlab/svgs to ^1.66.0 ~"backstage" ~"dependency update" frontend -
@filipa | Removes EE differences for app/views/admin/services/_form.html.haml frontend single codebase -
@filipa | Removes EE differences for app/views/groups/settings/_general.html.haml frontend single codebase
database
database-
@jagood | Add Migration for Strategies Column on operations_feature_flag_scopes backend database databaseapproved ~"feature" -
@jagood | Show Upcoming Status for Releases backend database databaseapproved ~"feature"
uncategorized ~"uncategorized"
-
@arthanzel | Allow collapsing all issue boards ~"feature" -
@godfat | Quarantine schema_version_check because tests after it failed ~"P1" ~"S1" ~"backstage" ~"bug" master:broken -
@stanhu | Fix attachments using the wrong URLs in e-mails ~"bug" devopsplan markdown -
@alipniagov | Get memory data after booting app in production ~"Memory" ~"backstage" -
@alipniagov | Get memory data after booting app in production ~"Memory" ~"P1" ~"backstage" -
@jprovaznik | Fix cleanup of prometheus files on server start ~"Memory" Multithreaded App Server ~"backstage" ~"bug" ~"performance" -
@.luke | CE backport for "Show design boards at previous versions in GraphQL" ~"backstage" -
@ashmckenzie | Add new onboarding to flipper A/B testing ~"A/B test" ~"Growth" ~"backstage" -
@ashmckenzie | Add new onboarding to flipper A/B testing ~"Growth" ~"backstage" -
@mayra-cabrera | Updates Gitlab.pot backend ~"backstage" -
@.luke | Guests can know whether merge request template name exists or not security -
@.luke | Guests can know whether merge request template name exists or not security -
@manojmj | Do not allow localhost urls in GitHub Integration security -
@engwan | Fix color validation regex causing DoS security -
@engwan | Fix color validation regex causing DoS security -
@acroitor | Expose merge requests count based on user access security -
@acroitor | Expose merge requests count based on user access security -
@bob | Fix type authorizations in GraphQL security -
@bob | Fix type authorizations in GraphQL security -
@mdelaossa | Fix DOS when rendering issue/MR comments security -
@mdelaossa | Fix DOS when rendering issue/MR comments security -
@fabiopitino | Prevent Billion Laughs attack ~"bug" security -
@fabiopitino | Prevent Billion Laughs attack ~"bug" feature flag security -
@matteeyah | Fix MR head pipeline leak ~"bug" security -
@matteeyah | [master] Fix MR head pipeline leak ~"bug" security -
@toupeira | Ability to write a note in a private snippet security -
@toupeira | Ability to write a note in a private snippet security -
@oswaldo | Persist tmp snippet uploads at users security -
@oswaldo | Persist tmp snippet uploads at users security -
@ahegyi | Memoizing root_ancestor in Namespace backend ~"backstage" -
@stanhu | [EE] Add a memory cache local to the thread to reduce Redis load backend production request -
@stanhu | Add a memory cache local to the thread to reduce Redis load backend ~"performance" production request -
@steveazz | Disable juint reports tmp ~"backstage" ~"defcon" gitlab.com -
@toupeira | Fix bare URLs in Markdown ~"P1" ~"S1" master:broken -
@dzaporozhets | Regenerate locale for gitlab-ee ~"backstage" master:broken -
@winh | Add @pslaughter to CODEOWNERS ~"backstage" -
@leipert | Prefer offline install for yarn backend ci-build -
@stanhu | [EE] Cache Flipper persisted names directly to local memory storage backend ~"performance" production request -
@stanhu | Cache Flipper persisted names directly to local memory storage backend ~"performance" production request -
@mayra-cabrera | Include username in auth log backend ~"backstage" customer ~"feature" gitlab.com ~"logging" security -
@stanhu | Add Redis call details in Peek performance bar ~"backstage" ~"performance" -
@rymai | Resolve "Broken master due to static-analysis" ~"P1" ~"S1" ~"backstage" ~"bug" ci-build ~"internationalization" master:broken -
@lulalala | Update TODO: allow_collaboration column renaming backend ~"backstage" ~"technical debt"
Automated QA for 12.1.201907040834-2bee4ba61be.01dd6c81b2e
No QA job could be found for this release!
You will need to set up a dedicated environment for 12.1.201907040834-2bee4ba61be.01dd6c81b2e by following the following steps:
Prepare the environments for testing the security fixes
Instructions to prepare environment
- In Google Cloud Console (access to this
should have been granted during on-boarding), create a new VM instance (in the
gitlab-internal
project) from theqa-security-1cpu-3-75gb-ram-ubuntu-16-04-lts
instance template for each version of GitLab. - Find the
.deb
package to install:- First find the pipeline for the
12.1.201907040834+ee.0
tag in the pipelines page. - Then on the pipeline page, click the
Ubuntu-16.04-staging
job in theUpload:gitlab_com
stage (or theStaging_upload
stage for versions prior to 11.5), you will need the job ID later.
- First find the pipeline for the
- Install the
.deb
package from the job artifact:- SSH into the VM via the GCP console.
- Create a
install-gitlab.sh
script in your home folder:TEMP_DEB="$(mktemp)" GITLAB_PACKAGE="https://dev.gitlab.org/api/v4/projects/gitlab%2Fomnibus-gitlab/jobs/${JOB_ID}/artifacts/pkg/ubuntu-xenial/gitlab-ee_${GITLAB_VERSION}-ee.0_amd64.deb" curl -H "PRIVATE-TOKEN: $DEV_TOKEN" "$GITLAB_PACKAGE" -o "$TEMP_DEB" && sudo dpkg -i "$TEMP_DEB" rm -f "$TEMP_DEB"
-
$DEV_TOKEN
needs to be set with adev.gitlab.org
personal access token so that the script can download the package -
$JOB_ID
needs to be set with theUbuntu-16.04-staging
job ID -
$GITLAB_VERSION
needs to be set with the version (without the-ee
prefix, e.g.11.4.10
).
-
- Change the script's permission with
chmod +x install-gitlab.sh
. - Run the script with
./install-gitlab.sh
. - Once GitLab installed, set the
external_url
in/etc/gitlab/gitlab.rb
withsudo vim /etc/gitlab/gitlab.rb
. You can find the VM's IP in the GCP console. - Reconfigure and restart GitLab with
sudo gitlab-ctl reconfigure && sudo gitlab-ctl restart
. - You may need to wait a few minutes after the above command finishes before the instance is actually accessible.
- Set the
root
's user password:- Visit http://IP_OF_THE_GCP_VM and change
root
's password. - Once the environments are ready, capture the information to add to the QA issue.
- Visit http://IP_OF_THE_GCP_VM and change
Automated QA
Instructions to perform automated QA
-
(Optional) If the QA Docker image doesn't exist, you will need to build it manually on your machine, e.g.
# In gitlab-ee › git fetch dev › git checkout v12.1.201907040834-2bee4ba61be.01dd6c81b2e-ee › cd qa › docker build -t dev.gitlab.org:5005/gitlab/omnibus-gitlab/gitlab-ee-qa:12.1.201907040834-2bee4ba61be.01dd6c81b2e-ee .
-
Make sure to export the following environment variables (you can find the token under the GitLab QA - Access tokens
1Password items)-
$QA_IMAGE
the URL of the QA image -
$QA_ENV_URL
with the URL of the environment where the package has been deployed (usually https://staging.gitlab.com for the current version, andhttp://IP_OF_THE_GCP_VM
for back-ported versions). -
$GITLAB_USERNAME
withroot
. -
$GITLAB_ADMIN_USERNAME
with$GITLAB_USERNAME
. -
$GITLAB_PASSWORD
with the password you've set for theroot
user. -
$GITLAB_ADMIN_PASSWORD
with$GITLAB_PASSWORD
. -
$GITHUB_ACCESS_TOKEN
with a valid GitHub API token that can access the https://github.com/gitlab-qa/test-project project -
$DEV_USERNAME
with yourdev
username -
$DEV_TOKEN
with a validdev
personal access token that has theread_registry
scope
› export QA_IMAGE="dev.gitlab.org:5005/gitlab/omnibus-gitlab/gitlab-ee-qa:12.1.201907040834-2bee4ba61be.01dd6c81b2e-ee" › export QA_ENV_URL="<QA_ENV_URL>" › export GITLAB_USERNAME="root" › export GITLAB_ADMIN_USERNAME="$GITLAB_USERNAME" › export GITLAB_PASSWORD="<GITLAB_PASSWORD>" › export GITLAB_ADMIN_PASSWORD="$GITLAB_PASSWORD" › export GITHUB_ACCESS_TOKEN="<GITHUB_ACCESS_TOKEN>" › export DEV_USERNAME="<DEV_USERNAME>" › export DEV_TOKEN="<DEV_TOKEN>"
-
-
Update gitlab-qa
if needed› gem install gitlab-qa
-
Log into the dev
container registry› docker login --username "$DEV_USERNAME" --password "$DEV_TOKEN" dev.gitlab.org:5005
-
Automated QA completed. QA can be parallelized manually (for now): # Tab 1: This should take approximately 4.5 minutes › gitlab-qa Test::Instance::Any $QA_IMAGE $QA_ENV_URL -- qa/specs/features/api/ qa/specs/features/login/ qa/specs/features/merge_request/
# Tab 2: This should take approximately 6 minutes › gitlab-qa Test::Instance::Any $QA_IMAGE $QA_ENV_URL -- qa/specs/features/project/
# Tab 3: This should take approximately 5 minutes › gitlab-qa Test::Instance::Any $QA_IMAGE $QA_ENV_URL -- qa/specs/features/repository/
-
Post results as comments of this issue -
Create Automation Triage RELEASE_MAJOR_VERSION RC#
issues for all the automated QA failures (with failures logs + screenshots) and link it to this issue
Coordinate the Manual QA validation of the release
Click for details
- Notify the Security Engineer to verify the security fixes for the release.
- The manner in which the security fixes are verified can be done in two ways.
- By the Quality Engineer executing the validation with close collaboration and guidance from the Security Engineer.
- By the Security Engineer executing the validation with the Quality Engineer monitoring the steps.
- Note: When encountered with deadline and resource constraints, the work should be assigned for efficiency. Security Engineer should own verifying complex security validations while Quality Engineer is encouraged to help out with simpler validations. However it is important that the Security team signs off on the result of the validation.
- The manner in which the security fixes are verified can be done in two ways.
- Ensure that all the items for validation are validated and checked off before moving forward.
- Hand off the release assignment.
- Once all the validation is completed, Quality Engineer un-assigns themselves from the release issue leaving only the Security Engineer and the Release Manager.
/cc @gl-quality