Class: Gitlab::QA::Scenario::Test::Instance::Airgapped

Inherits:

Gitlab::QA::Scenario::Template

• Object
• Gitlab::QA::Scenario::Template
• Gitlab::QA::Scenario::Test::Instance::Airgapped

Defined in:

lib/gitlab/qa/scenario/test/instance/airgapped.rb

Instance Attribute Summary

• #airgapped_network_name ⇒ Object readonly

  Returns the value of attribute airgapped_network_name.

• #config ⇒ Object readonly

  Returns the value of attribute config.

• #gitlab_air_gap_commands ⇒ Object readonly

  Returns the value of attribute gitlab_air_gap_commands.

• #iptables_restricted_network ⇒ Object readonly

  Returns the value of attribute iptables_restricted_network.

Instance Method Summary

• #initialize ⇒ Airgapped constructor

  A new instance of Airgapped.

• #perform(release, *rspec_args) ⇒ Object

Methods inherited from Gitlab::QA::Scenario::Template

perform

Constructor Details

#initialize ⇒ Airgapped

Returns a new instance of Airgapped.

# File 'lib/gitlab/qa/scenario/test/instance/airgapped.rb', line 12

def initialize
  # Uses https://docs.docker.com/engine/reference/commandline/network_create/#network-internal-mode
  @airgapped_network_name = 'airgapped'
  # Uses iptables to deny all network traffic, with a number of exceptions for required ports and IPs
  @iptables_restricted_network = Runtime::Env.docker_network
  @config = Component::GitalyCluster::GitalyClusterConfig.new(
    gitlab_name: "gitlab-airgapped-#{SecureRandom.hex(4)}",
    airgapped_network: true,
    network: airgapped_network_name
  )
end

Instance Attribute Details

#airgapped_network_name ⇒ Object (readonly)

Returns the value of attribute airgapped_network_name.

# File 'lib/gitlab/qa/scenario/test/instance/airgapped.rb', line 10

def airgapped_network_name
  @airgapped_network_name
end

#config ⇒ Object (readonly)

Returns the value of attribute config.

# File 'lib/gitlab/qa/scenario/test/instance/airgapped.rb', line 10

def config
  @config
end

#gitlab_air_gap_commands ⇒ Object (readonly)

Returns the value of attribute gitlab_air_gap_commands.

# File 'lib/gitlab/qa/scenario/test/instance/airgapped.rb', line 10

def gitlab_air_gap_commands
  @gitlab_air_gap_commands
end

#iptables_restricted_network ⇒ Object (readonly)

Returns the value of attribute iptables_restricted_network.

# File 'lib/gitlab/qa/scenario/test/instance/airgapped.rb', line 10

def iptables_restricted_network
  @iptables_restricted_network
end

Instance Method Details

#perform(release, *rspec_args) ⇒ Object

# File 'lib/gitlab/qa/scenario/test/instance/airgapped.rb', line 24

def perform(release, *rspec_args)
  Component::Gitlab.perform do |gitlab|
    Component::GitalyCluster.perform do |cluster|
      cluster.config = @config
      cluster.release = release
      # we need to get an IP for praefect before proceeding so it cannot be run in parallel with gitlab
      cluster.instance(true).join
    end
    gitlab.name = config.gitlab_name
    gitlab.release = release
    gitlab.network = iptables_restricted_network # we use iptables to restrict access on the gitlab instance
    gitlab.runner_network = config.network
    gitlab.exec_commands = airgap_gitlab_commands
    gitlab.skip_availability_check = true
    gitlab.omnibus_configuration << gitlab_omnibus_configuration
    rspec_args << "--" unless rspec_args.include?('--')
    rspec_args << "--tag ~orchestrated"
    gitlab.instance do
      Component::Specs.perform do |specs|
        specs.suite = 'Test::Instance::Airgapped'
        specs.release = gitlab.release
        specs.network = gitlab.network
        specs.runner_network = gitlab.runner_network
        specs.args = [gitlab.address, *rspec_args]
      end
    end
  end
end