Use public ip address from third party API

for whitelising when running against static environments Move fetching ip address in its own module Sign in as admin for setting up IP address and some refactoring

Use public ip address from third party API
for whitelising when running against static environments Move fetching ip address in its own module Sign in as admin for setting up IP address and some refactoring
3b76fb19 · Sanad Liaquat · 3832a8ad · 3b76fb19 · 3b76fb19 · 3b76fb19
Commit 3b76fb19 authored Dec 10, 2019 by Sanad Liaquat
7 changed files
--- a/qa/.gitignore
+++ b/qa/.gitignore
 tmp/
 .ruby-version
+.ruby-gemset
 urls.yml
--- a/qa/qa.rb
+++ b/qa/qa.rb
@@ -35,6 +35,7 @@ module QA
    autoload :Logger, 'qa/runtime/logger'
    autoload :GPG, 'qa/runtime/gpg'
    autoload :MailHog, 'qa/runtime/mail_hog'
+    autoload :IPAddress, 'qa/runtime/ip_address'

    module API
      autoload :Client, 'qa/runtime/api/client'

--- a/qa/qa/resource/api_fabricator.rb
+++ b/qa/qa/resource/api_fabricator.rb
@@ -88,7 +88,7 @@ module QA
        url = Runtime::API::Request.new(api_client, api_delete_path).url
        response = delete(url)

-        unless response.code == HTTP_STATUS_NO_CONTENT
+        unless [HTTP_STATUS_NO_CONTENT, HTTP_STATUS_ACCEPTED].include? response.code
          raise ResourceNotDeletedError, "Resource at #{url} could not be deleted (#{response.code}): `#{response}`."
        end


--- a/qa/qa/resource/group.rb
+++ b/qa/qa/resource/group.rb
@@ -70,6 +70,10 @@ module QA
        }
      end

+      def api_delete_path
+        "/groups/#{id}"
+      end
+
      def full_path
        sandbox.path + ' / ' + path
      end

--- a/qa/qa/runtime/ip_address.rb
+++ b/qa/qa/runtime/ip_address.rb
+# frozen_string_literal: true
+require 'socket'
+
+module QA
+  module Runtime
+    module IPAddress
+      include Support::Api
+      HostUnreachableError = Class.new(StandardError)
+
+      LOOPBACK_ADDRESS = '127.0.0.1'
+      PUBLIC_IP_ADDRESS_API = "https://api.ipify.org"
+
+      def fetch_current_ip_address
+        # When running on CI against a live environment such as staging.gitlab.com,
+        # we use the public facing IP address
+        ip_address = if Env.running_in_ci? && !URI.parse(Scenario.gitlab_address).host.include?('test')
+                       response = get(PUBLIC_IP_ADDRESS_API)
+                       raise HostUnreachableError, "#{PUBLIC_IP_ADDRESS_API} is unreachable" unless response.code == Support::Api::HTTP_STATUS_OK
+
+                       response.body
+                     elsif page.current_host.include?('localhost')
+                       LOOPBACK_ADDRESS
+                     else
+                       Socket.ip_address_list.detect { |intf| intf.ipv4_private? }.ip_address
+                     end
+
+        QA::Runtime::Logger.info "Current IP address: #{ip_address}"
+
+        ip_address
+      end
+    end
+  end
+end
--- a/qa/qa/specs/features/ee/browser_ui/1_manage/group/restrict_by_ip_address_spec.rb
+++ b/qa/qa/specs/features/ee/browser_ui/1_manage/group/restrict_by_ip_address_spec.rb
 # frozen_string_literal: true
 require 'securerandom'
-require 'socket'

 module QA
-  # https://gitlab.com/gitlab-org/gitlab/issues/34351
-  context 'Manage', :quarantine do
-    describe 'Group access' do
-      LOOPBACK_ADDRESS = '127.0.0.1'
+  context 'Manage' do
+    describe 'Group access', :requires_admin do
+      include Runtime::IPAddress

      before(:all) do
        @sandbox_group = Resource::Sandbox.fabricate! do |sandbox_group|
@@ -21,31 +19,23 @@ module QA
        end
      end

-      before do
-        Page::Main::Menu.perform do |menu|
-          menu.sign_out if menu.has_personal_area?(wait: 0)
-        end
-
-        Flow::Login.sign_in
+      after(:all) do
+        @group.remove_via_api!
      end

      context 'when restricted by another ip address' do
        it 'denies access' do
-          @group.sandbox.visit!
-
-          Page::Group::Menu.perform(&:click_group_general_settings_item)
+          Flow::Login.while_signed_in_as_admin do
+            @group.sandbox.visit!

-          Page::Group::Settings::General.perform do |settings|
-            settings.set_ip_address_restriction(get_next_ip_address)
-          end
+            Page::Group::Menu.perform(&:click_group_general_settings_item)

-          Page::Main::Menu.perform do |menu|
-            menu.sign_out if menu.has_personal_area?(wait: 0)
+            Page::Group::Settings::General.perform do |settings|
+              settings.set_ip_address_restriction(get_next_ip_address(fetch_current_ip_address))
+            end
          end

-          Page::Main::Login.perform do |menu|
-            menu.sign_in_using_credentials(user: @user)
-          end
+          Flow::Login.sign_in(as: @user)

          @group.sandbox.visit!
          expect(page).to have_text('Page Not Found')
@@ -59,21 +49,17 @@ module QA

      context 'when restricted by user\'s ip address' do
        it 'allows access' do
-          @group.sandbox.visit!
+          Flow::Login.while_signed_in_as_admin do
+            @group.sandbox.visit!

-          Page::Group::Menu.perform(&:click_group_general_settings_item)
+            Page::Group::Menu.perform(&:click_group_general_settings_item)

-          Page::Group::Settings::General.perform do |settings|
-            settings.set_ip_address_restriction(get_current_ip_address)
+            Page::Group::Settings::General.perform do |settings|
+              settings.set_ip_address_restriction(fetch_current_ip_address)
+            end
          end

-          Page::Main::Menu.perform do |menu|
-            menu.sign_out if menu.has_personal_area?(wait: 0)
-          end
-
-          Page::Main::Login.perform do |menu|
-            menu.sign_in_using_credentials(user: @user)
-          end
+          Flow::Login.sign_in(as: @user)

          @group.sandbox.visit!
          expect(page).to have_text(@group.sandbox.path)
@@ -83,22 +69,12 @@ module QA
        end
      end

-      def get_current_ip_address
-        return LOOPBACK_ADDRESS if page.current_host.include?('localhost')
-
-        Socket.ip_address_list.detect { |intf| intf.ipv4_private? }.ip_address
-      end
-
-      def get_next_ip_address
-        current_ip = get_current_ip_address
-
-        QA::Runtime::Logger.info "User's ip address: #{current_ip}"
-
-        current_last_part = current_ip.split(".").pop.to_i
+      def get_next_ip_address(current_ip_address)
+        current_last_part = current_ip_address.split(".").pop.to_i

        updated_last_part = current_last_part < 255 ? current_last_part + 1 : 1

-        current_ip.split(".")[0...-1].push(updated_last_part).join(".")
+        current_ip_address.split(".")[0...-1].push(updated_last_part).join(".")
      end
    end
  end

--- a/qa/qa/support/api.rb
+++ b/qa/qa/support/api.rb
@@ -6,6 +6,7 @@ module QA
      HTTP_STATUS_OK = 200
      HTTP_STATUS_CREATED = 201
      HTTP_STATUS_NO_CONTENT = 204
+      HTTP_STATUS_ACCEPTED = 202

      def post(url, payload)
        RestClient::Request.execute(