Class: Gitlab::QA::Scenario::Test::Instance::Airgapped
- Inherits:
-
Gitlab::QA::Scenario::Template
- Object
- Gitlab::QA::Scenario::Template
- Gitlab::QA::Scenario::Test::Instance::Airgapped
- Defined in:
- lib/gitlab/qa/scenario/test/instance/airgapped.rb
Instance Attribute Summary collapse
-
#commands ⇒ Object
Returns the value of attribute commands.
Instance Method Summary collapse
-
#initialize ⇒ Airgapped
constructor
A new instance of Airgapped.
- #perform(release, *rspec_args) ⇒ Object
Methods inherited from Gitlab::QA::Scenario::Template
Constructor Details
#initialize ⇒ Airgapped
Returns a new instance of Airgapped.
12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
# File 'lib/gitlab/qa/scenario/test/instance/airgapped.rb', line 12 def initialize gitlab_ip = Resolv.getaddress('registry.gitlab.com') @commands = <<~AIRGAP_AND_VERIFY_COMMAND.split(/\n+/) # Should not fail before airgapping due to eg. DNS failure # Ping and wget check apt-get update && apt-get install -y iptables nmap nmap -sT #{gitlab_ip} -p 80 && (echo \"Regular connectivity nmap check passed.\" && exit 0) || (echo \"Regular connectivity nmap check failed.\" && exit 1) echo "Checking regular connectivity..." \ && wget --retry-connrefused --waitretry=1 --read-timeout=15 --timeout=10 -t 2 http://registry.gitlab.com > /dev/null 2>&1 \ && (echo "Regular connectivity wget check passed." && exit 0) || (echo "Regular connectivity wget check failed." && exit 1) iptables -P INPUT DROP && iptables -P OUTPUT DROP iptables -A INPUT -i lo -j ACCEPT && iptables -A OUTPUT -o lo -j ACCEPT # LOOPBACK iptables -I INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT # Jenkins on port 8080 and 50000 iptables -A OUTPUT -p tcp -m tcp --dport 8080 -m state --state NEW,ESTABLISHED -j ACCEPT \ && iptables -A OUTPUT -p tcp -m tcp --dport 50000 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -p tcp -m tcp --sport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -p tcp -m tcp --sport 80 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT # Should now fail to ping and wget, port 80 should be open nmap -sT #{gitlab_ip} -p 80 && (echo \"Airgapped network faulty. Connectivity nmap check failed.\" && exit 1) || (echo \"Connectivity nmap check passed.\" && exit 0) nmap -sT 127.0.0.1 -p 22 && (echo "Airgapped connectivity port 22 check passed." && exit 0) || (echo "Airgapped connectivity port 22 check failed." && exit 1) nmap -sT 10 127.0.0.1 -p 80 && (echo "Airgapped connectivity port 80 check passed." && exit 0) || (echo "Airgapped connectivity port 80 check failed." && exit 1) echo "Checking airgapped connectivity..." \ && wget --retry-connrefused --waitretry=1 --read-timeout=15 --timeout=10 -t 2 http://registry.gitlab.com > /dev/null 2>&1 \ && (echo "Airgapped network faulty. Connectivity wget check failed." && exit 1) || (echo "Airgapped network confirmed. Connectivity wget check passed." && exit 0) AIRGAP_AND_VERIFY_COMMAND end |
Instance Attribute Details
#commands ⇒ Object
Returns the value of attribute commands.
10 11 12 |
# File 'lib/gitlab/qa/scenario/test/instance/airgapped.rb', line 10 def commands @commands end |
Instance Method Details
#perform(release, *rspec_args) ⇒ Object
46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 |
# File 'lib/gitlab/qa/scenario/test/instance/airgapped.rb', line 46 def perform(release, *rspec_args) Component::Gitlab.perform do |gitlab| gitlab.release = release gitlab.network = 'test' gitlab.runner_network = 'airgapped' gitlab.exec_commands = @commands rspec_args << "--" unless rspec_args.include?('--') rspec_args << %w[--tag ~orchestrated] gitlab.instance do Component::Specs.perform do |specs| specs.suite = 'Test::Instance::Airgapped' specs.release = gitlab.release specs.network = gitlab.network specs.runner_network = gitlab.runner_network specs.args = [gitlab.address, *rspec_args] end end end end |