Merge branch 'tomi/qa/new_test/codeowners' into 'master'

Adding a new test for codeowners using an MR

See merge request gitlab-org/gitlab!48143

config/feature_flags/development/gitaly_go_user_merge_branch.yml

+---
+name: gitaly_go_user_merge_branch
+introduced_by_url: 
+rollout_issue_url: 
+milestone: 
+type: development
+group: 
+default_enabled: false

doc/development/testing_guide/end_to_end/best_practices.md

@@ -278,10 +278,10 @@ In line with [using the API](#prefer-api-over-ui), use a `Commit` resource whene
 
 ```ruby
 # Using a commit resource
-Resource::Commit.fabricate_via_api! do |commit|
+Resource::Repository::Commit.fabricate_via_api! do |commit|
   commit.commit_message = 'Initial commit'
   commit.add_files([
-    {file_path: 'README.md', content: 'Hello, GitLab'}
+    { file_path: 'README.md', content: 'Hello, GitLab' }
   ])
 end
 

qa/qa/page/project/settings/protected_branches.rb

@@ -58,7 +58,7 @@ module QA
             allowed[:roles] = Resource::ProtectedBranch::Roles::NO_ONE unless allowed.key?(:roles)
 
             within_element(:"allowed_to_#{action}_dropdown") do
-              click_on allowed[:roles]
+              click_on allowed[:roles][:description]
               allowed[:users].each { |user| click_on user.username } if allowed.key?(:users)
               allowed[:groups].each { |group| click_on group.name } if allowed.key?(:groups)
             end

qa/qa/resource/protected_branch.rb

@@ -8,7 +8,6 @@ module QA
       attr_accessor :branch_name,
                     :allowed_to_push,
                     :allowed_to_merge,
-                    :protected,
                     :new_branch,
                     :require_code_owner_approval
 
@@ -20,13 +19,14 @@ module QA
       end
 
       attribute :branch do
-        Repository::ProjectPush.fabricate! do |project_push|
-          project_push.project = project
-          project_push.file_name = "new_file-#{SecureRandom.hex(8)}.md"
-          project_push.commit_message = 'Add new file'
-          project_push.branch_name = branch_name
-          project_push.new_branch = true
-          project_push.remote_branch = branch_name
+        Resource::Repository::Commit.fabricate_via_api! do |commit|
+          commit.project = project
+          commit.branch = branch_name
+          commit.start_branch = 'master'
+          commit.commit_message = 'Add new file'
+          commit.add_files([
+            { file_path: "new_file-#{SecureRandom.hex(8)}.md", content: 'new file' }
+          ])
         end
       end
 
@@ -39,16 +39,11 @@ module QA
         @allowed_to_merge = {
           roles: Resource::ProtectedBranch::Roles::DEVS_AND_MAINTAINERS
         }
-        @protected = false
-        @require_code_owner_approval = true
+        @require_code_owner_approval = false
       end
 
       def fabricate!
-        if new_branch
-          populate(:branch)
-
-          project.wait_for_push_new_branch branch_name
-        end
+        populate_new_branch_if_required
 
         project.visit!
         Page::Project::Menu.perform(&:go_to_repository_settings)
@@ -67,6 +62,12 @@ module QA
         end
       end
 
+      def fabricate_via_api!
+        populate_new_branch_if_required
+
+        super
+      end
+
       def self.unprotect_via_api!(&block)
         self.remove_via_api!(&block)
       end
@@ -79,10 +80,49 @@ module QA
         "/projects/#{project.id}/protected_branches/#{branch_name}"
       end
 
+      def api_post_path
+        "/projects/#{project.id}/protected_branches"
+      end
+
+      def api_post_body
+        {
+          name: branch_name,
+          code_owner_approval_required: require_code_owner_approval
+        }
+        .merge(allowed_to_push_hash)
+        .merge(allowed_to_merge_hash)
+      end
+
+      def allowed_to_push_hash
+        allowed = {}
+        allowed.merge({ push_access_level: allowed_to_push[:roles][:access_level] }) if allowed_to_push.key?(:roles)
+      end
+
+      def allowed_to_merge_hash
+        allowed = {}
+        allowed.merge({ merge_access_level: allowed_to_merge[:roles][:access_level] }) if allowed_to_merge.key?(:roles)
+      end
+
+      def resource_web_url(resource)
+        super
+      rescue ResourceURLMissingError
+        # this particular resource does not expose a web_url property
+      end
+
       class Roles
-        NO_ONE = 'No one'
-        DEVS_AND_MAINTAINERS = 'Developers + Maintainers'
-        MAINTAINERS = 'Maintainers'
+        NO_ONE = { description: 'No one', access_level: 0 }.freeze
+        DEVS_AND_MAINTAINERS = { description: 'Developers + Maintainers', access_level: 30 }.freeze
+        MAINTAINERS = { description: 'Maintainers', access_level: 40 }.freeze
+      end
+
+      private
+
+      def populate_new_branch_if_required
+        return unless new_branch
+
+        populate(:branch)
+
+        project.wait_for_push_new_branch(branch_name)
       end
     end
   end

qa/qa/resource/repository/commit.rb

@@ -9,7 +9,8 @@ module QA
                       :branch,
                       :commit_message,
                       :file_path,
-                      :sha
+                      :sha,
+                      :start_branch
 
         attribute :short_id
 
@@ -85,7 +86,7 @@ module QA
             author_name: @author_name || Runtime::User.username,
             commit_message: commit_message,
             actions: actions
-          }
+          }.merge(new_branch)
         end
 
         def actions
@@ -104,6 +105,14 @@ module QA
             raise ArgumentError, "Please provide an array of hashes e.g.: [{file_path: 'file1', content: 'foo'}]"
           end
         end
+
+        def new_branch
+          return {} unless start_branch
+
+          {
+            start_branch: start_branch
+          }
+        end
       end
     end
   end

qa/qa/specs/features/browser_ui/3_create/repository/push_protected_branch_spec.rb

@@ -40,7 +40,7 @@ module QA
       end
 
       def create_protected_branch(allowed_to_push:)
-        Resource::ProtectedBranch.fabricate! do |resource|
+        Resource::ProtectedBranch.fabricate_via_api! do |resource|
           resource.branch_name = branch_name
           resource.project = project
           resource.allowed_to_push = allowed_to_push

qa/qa/specs/features/ee/browser_ui/3_create/repository/assign_code_owners_spec.rb

@@ -43,9 +43,10 @@ module QA
         end
 
         # Create a projected branch that requires approval from code owners
-        Resource::ProtectedBranch.fabricate! do |protected_branch|
+        Resource::ProtectedBranch.fabricate_via_browser_ui! do |protected_branch|
           protected_branch.branch_name = branch_name
           protected_branch.project = project
+          protected_branch.require_code_owner_approval = true
         end
 
         # Push a new CODEOWNERS file

qa/qa/specs/features/ee/browser_ui/3_create/repository/code_owners_with_protected_branch_and_squashed_commits_spec.rb

+# frozen_string_literal: true
+
+module QA
+  RSpec.describe 'Create', :requires_admin do
+    describe 'Setup an MR with codeowners file' do
+      let(:project) do
+        Resource::Project.fabricate_via_api!
+      end
+
+      let!(:target) do
+        Resource::Repository::Commit.fabricate_via_api! do |commit|
+          commit.project = project
+          commit.branch = 'master'
+          commit.add_files([
+            { file_path: '.gitlab/CODEOWNERS', content: '* @root' }
+          ])
+        end
+      end
+
+      let!(:source) do
+        Resource::Repository::Commit.fabricate_via_api! do |commit|
+          commit.project = project
+          commit.branch = 'codeowners_test'
+          commit.start_branch = 'master'
+          commit.add_files([
+            { file_path: 'test1.txt', content: '1' }
+          ])
+        end
+
+        Resource::Repository::Commit.fabricate_via_api! do |commit|
+          commit.project = project
+          commit.branch = 'codeowners_test'
+          commit.add_files([
+            { file_path: 'test2.txt', content: '2' }
+          ])
+        end
+      end
+
+      before do
+        Runtime::Feature.enable(:gitaly_go_user_merge_branch)
+        Flow::Login.sign_in
+      end
+
+      after do
+        Runtime::Feature.disable(:gitaly_go_user_merge_branch)
+      end
+
+      it 'creates a merge request with codeowners file and squashing commits enabled', testcase: 'https://gitlab.com/gitlab-org/quality/testcases/-/issues/1090' do
+        # The default branch is already protected, and we can't update a protected branch via the API (yet)
+        # so we unprotect it first and then protect it again with the desired parameters
+        Resource::ProtectedBranch.unprotect_via_api! do |branch|
+          branch.project = project
+          branch.branch_name = 'master'
+        end
+
+        Resource::ProtectedBranch.fabricate_via_api! do |branch|
+          branch.project = project
+          branch.new_branch = false
+          branch.branch_name = 'master'
+          branch.allowed_to_push = { roles: Resource::ProtectedBranch::Roles::NO_ONE }
+          branch.allowed_to_merge = { roles: Resource::ProtectedBranch::Roles::MAINTAINERS }
+          branch.require_code_owner_approval = true
+        end
+
+        Resource::MergeRequest.fabricate_via_api! do |mr|
+          mr.no_preparation = true
+          mr.project = project
+          mr.source_branch = source.branch
+          mr.target_branch = target.branch
+          mr.title = 'merging two commits'
+        end.visit!
+
+        Page::MergeRequest::Show.perform do |mr|
+          mr.mark_to_squash
+          mr.merge!
+
+          expect(mr).to be_merged
+        end
+      end
+    end
+  end
+end

qa/qa/specs/features/ee/browser_ui/3_create/repository/restrict_push_protected_branch_spec.rb

@@ -47,7 +47,7 @@ module QA
 
           login
 
-          Resource::ProtectedBranch.fabricate! do |protected_branch|
+          Resource::ProtectedBranch.fabricate_via_browser_ui! do |protected_branch|
             protected_branch.branch_name = branch_name
             protected_branch.project = project
             protected_branch.allowed_to_merge = {
@@ -84,7 +84,7 @@ module QA
 
           project.add_member(user_maintainer, Resource::Members::AccessLevel::MAINTAINER)
 
-          Resource::ProtectedBranch.fabricate! do |protected_branch|
+          Resource::ProtectedBranch.fabricate_via_browser_ui! do |protected_branch|
             protected_branch.branch_name = branch_name
             protected_branch.project = project
             protected_branch.allowed_to_merge = {

qa/spec/support/shared_examples/merge_with_code_owner_shared_examples.rb

@@ -31,7 +31,14 @@ module QA
       end
 
       # Require approval from code owners on master
-      Resource::ProtectedBranch.fabricate! do |protected_branch|
+      # The default branch is already protected, and we can't update a protected branch via the API (yet)
+      # so we unprotect it first and then protect it again with the desired parameters
+      Resource::ProtectedBranch.unprotect_via_api! do |protected_branch|
+        protected_branch.project = project
+        protected_branch.branch_name = 'master'
+      end
+
+      Resource::ProtectedBranch.fabricate_via_api! do |protected_branch|
         protected_branch.project = project
         protected_branch.branch_name = 'master'
         protected_branch.new_branch = false