Skip to content

Commit 911e0f5

Browse files
ilijamtilijamt
committed
feat: upgrade the plugin to Gitlab 17.10
1 parent 4bf658a commit 911e0f5

File tree

109 files changed

+2683
-2378
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

109 files changed

+2683
-2378
lines changed

README.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ through Vault.
1717
- Gitlab Personal Access Tokens - https://docs.gitlab.com/ee/api/personal_access_tokens.html
1818
- Gitlab Project Access Tokens - https://docs.gitlab.com/ee/api/project_access_tokens.html
1919
- Gitlab Group Access Tokens - https://docs.gitlab.com/ee/api/group_access_tokens.html
20-
- Gitlab User Service Account Tokens - https://docs.gitlab.com/ee/api/users.html#create-service-account-user
20+
- Gitlab User Service Account Tokens - https://docs.gitlab.com/api/user_service_accounts/
2121
- Gitlab Group Service Account Tokens - https://docs.gitlab.com/ee/api/group_service_accounts.html
2222
- Gitlab Pipeline Project Trigger Tokens - https://docs.gitlab.com/ee/api/pipeline_triggers.html
2323
- Gitlab Group/Project Deploy Tokens - https://docs.gitlab.com/ee/user/project/deploy_tokens
@@ -34,7 +34,7 @@ To learn specifically about how plugins work, see documentation on [Vault plugin
3434

3535
## GitLab
3636

37-
- GitLab CE/EE - Self Managed
37+
- GitLab CE/EE - Self Managed (tested against 17.10.3)
3838
- gitlab.com (cannot use personal access token, and user service account)
3939
- Dedicated Instance (cannot use personal access token, and user service account)
4040

defs_test.go

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,6 @@
33
package gitlab_test
44

55
import (
6-
"context"
76
"testing"
87

98
"github.com/stretchr/testify/require"
@@ -12,13 +11,13 @@ import (
1211
)
1312

1413
func TestEmptyGitlabClientFromContext(t *testing.T) {
15-
c, ok := gitlab.GitlabClientFromContext(context.Background())
14+
c, ok := gitlab.GitlabClientFromContext(t.Context())
1615
require.False(t, ok)
1716
require.Nil(t, c)
1817
}
1918

2019
func TestEmptyHttpClientFromContext(t *testing.T) {
21-
c, ok := gitlab.HttpClientFromContext(context.Background())
20+
c, ok := gitlab.HttpClientFromContext(t.Context())
2221
require.False(t, ok)
2322
require.Nil(t, c)
2423
}

gitlab_client_test.go

Lines changed: 27 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,6 @@
33
package gitlab_test
44

55
import (
6-
"context"
76
"io"
87
"net/http"
98
"testing"
@@ -45,7 +44,7 @@ func TestGitlabClient(t *testing.T) {
4544
})
4645

4746
t.Run("revoke service account token with empty token", func(t *testing.T) {
48-
var ctx = context.Background()
47+
var ctx = t.Context()
4948
var client, err = gitlab.NewGitlabClient(&gitlab.EntryConfig{
5049
Token: "token",
5150
BaseURL: "https://example.com",
@@ -58,12 +57,13 @@ func TestGitlabClient(t *testing.T) {
5857
}
5958

6059
func TestGitlabClient_InvalidToken(t *testing.T) {
61-
ctx, timeExpiresAt := ctxTestTime(context.Background(), t.Name())
60+
var tokenName = "super-secret-token"
61+
ctx, timeExpiresAt := ctxTestTime(t.Context(), t.Name(), tokenName)
6262
var err error
6363
httpClient, url := getClient(t, "unit")
6464
var client gitlab.Client
6565
client, err = gitlab.NewGitlabClient(&gitlab.EntryConfig{
66-
Token: "super-secret-token",
66+
Token: tokenName,
6767
BaseURL: url,
6868
}, httpClient, nil)
6969
require.NoError(t, err)
@@ -101,12 +101,12 @@ func TestGitlabClient_InvalidToken(t *testing.T) {
101101
}
102102

103103
func TestGitlabClient_RevokeToken_NotFound(t *testing.T) {
104-
var ctx = context.Background()
104+
var ctx = t.Context()
105105
var err error
106106
httpClient, url := getClient(t, "unit")
107107
var client gitlab.Client
108108
client, err = gitlab.NewGitlabClient(&gitlab.EntryConfig{
109-
Token: "glpat-secret-random-token",
109+
Token: getGitlabToken("admin_user_root").Token,
110110
BaseURL: url,
111111
}, httpClient, nil)
112112
require.NoError(t, err)
@@ -120,12 +120,13 @@ func TestGitlabClient_RevokeToken_NotFound(t *testing.T) {
120120
}
121121

122122
func TestGitlabClient_GetGroupIdByPath(t *testing.T) {
123-
var ctx = context.Background()
123+
var ctx = t.Context()
124124
var err error
125+
var tokenName = "admin_user_root"
125126
httpClient, url := getClient(t, "unit")
126127
var client gitlab.Client
127128
client, err = gitlab.NewGitlabClient(&gitlab.EntryConfig{
128-
Token: "glpat-secret-random-token",
129+
Token: getGitlabToken(tokenName).Token,
129130
BaseURL: url,
130131
}, httpClient, nil)
131132
require.NoError(t, err)
@@ -134,19 +135,19 @@ func TestGitlabClient_GetGroupIdByPath(t *testing.T) {
134135

135136
groupId, err := client.GetGroupIdByPath(ctx, "test")
136137
require.NoError(t, err)
137-
require.EqualValues(t, 37, groupId)
138+
require.EqualValues(t, 3, groupId)
138139

139140
_, err = client.GetGroupIdByPath(ctx, "nonexistent")
140141
require.ErrorIs(t, err, gitlab.ErrInvalidValue)
141142
}
142143

143144
func TestGitlabClient_GetUserIdByUsername(t *testing.T) {
144-
var ctx = context.Background()
145+
var ctx = t.Context()
145146
var err error
146147
httpClient, url := getClient(t, "unit")
147148
var client gitlab.Client
148149
client, err = gitlab.NewGitlabClient(&gitlab.EntryConfig{
149-
Token: "glpat-secret-random-token",
150+
Token: getGitlabToken("admin_user_root").Token,
150151
BaseURL: url,
151152
}, httpClient, nil)
152153
require.NoError(t, err)
@@ -160,11 +161,11 @@ func TestGitlabClient_GetUserIdByUsername(t *testing.T) {
160161

161162
func TestGitlabClient_GetUserIdByUsernameDoesNotMatch(t *testing.T) {
162163
var err error
163-
var ctx = context.Background()
164+
var ctx = t.Context()
164165
httpClient, url := getClient(t, "unit")
165166
var client gitlab.Client
166167
client, err = gitlab.NewGitlabClient(&gitlab.EntryConfig{
167-
Token: "glpat-secret-random-token",
168+
Token: getGitlabToken("admin_user_root").Token,
168169
BaseURL: url,
169170
}, httpClient, nil)
170171
require.NoError(t, err)
@@ -181,12 +182,12 @@ func TestGitlabClient_GetUserIdByUsernameDoesNotMatch(t *testing.T) {
181182
}
182183

183184
func TestGitlabClient_Revoke_NonExistingTokens(t *testing.T) {
184-
var ctx = context.Background()
185+
var ctx = t.Context()
185186
var err error
186187
httpClient, url := getClient(t, "unit")
187188
var client gitlab.Client
188189
client, err = gitlab.NewGitlabClient(&gitlab.EntryConfig{
189-
Token: "glpat-secret-random-token",
190+
Token: getGitlabToken("admin_user_root").Token,
190191
BaseURL: url,
191192
}, httpClient, nil)
192193
require.NoError(t, err)
@@ -200,11 +201,11 @@ func TestGitlabClient_Revoke_NonExistingTokens(t *testing.T) {
200201

201202
func TestGitlabClient_CurrentTokenInfo(t *testing.T) {
202203
var err error
203-
var ctx = context.Background()
204+
var ctx = t.Context()
204205
httpClient, url := getClient(t, "unit")
205206
var client gitlab.Client
206207
client, err = gitlab.NewGitlabClient(&gitlab.EntryConfig{
207-
Token: "glpat-secret-random-token",
208+
Token: getGitlabToken("admin_user_root").Token,
208209
BaseURL: url,
209210
}, httpClient, nil)
210211
require.NoError(t, err)
@@ -219,11 +220,11 @@ func TestGitlabClient_CurrentTokenInfo(t *testing.T) {
219220

220221
func TestGitlabClient_Metadata(t *testing.T) {
221222
var err error
222-
var ctx = context.Background()
223+
var ctx = t.Context()
223224
httpClient, url := getClient(t, "unit")
224225
var client gitlab.Client
225226
client, err = gitlab.NewGitlabClient(&gitlab.EntryConfig{
226-
Token: "glpat-secret-random-token",
227+
Token: getGitlabToken("admin_user_root").Token,
227228
BaseURL: url,
228229
}, httpClient, nil)
229230
require.NoError(t, err)
@@ -237,11 +238,12 @@ func TestGitlabClient_Metadata(t *testing.T) {
237238

238239
func TestGitlabClient_CreateAccessToken_And_Revoke(t *testing.T) {
239240
var err error
240-
ctx, timeExpiresAt := ctxTestTime(context.Background(), t.Name())
241+
var tokenName = "admin_user_root"
242+
ctx, timeExpiresAt := ctxTestTime(t.Context(), t.Name(), tokenName)
241243
httpClient, url := getClient(t, "unit")
242244
var client gitlab.Client
243245
client, err = gitlab.NewGitlabClient(&gitlab.EntryConfig{
244-
Token: "glpat-secret-random-token",
246+
Token: getGitlabToken(tokenName).Token,
245247
BaseURL: url,
246248
}, httpClient, nil)
247249
require.NoError(t, err)
@@ -293,18 +295,19 @@ func TestGitlabClient_CreateAccessToken_And_Revoke(t *testing.T) {
293295

294296
func TestGitlabClient_RotateCurrentToken(t *testing.T) {
295297
var err error
296-
var ctx = context.Background()
298+
var ctx = t.Context()
297299
httpClient, url := getClient(t, "unit")
298300
var client gitlab.Client
301+
var tokenName = "admin_user_auto_rotate_token_1"
299302
client, err = gitlab.NewGitlabClient(&gitlab.EntryConfig{
300-
Token: "glpat-secret-admin-token-ar1",
303+
Token: getGitlabToken(tokenName).Token,
301304
BaseURL: url,
302305
}, httpClient, logging.NewVaultLoggerWithWriter(io.Discard, log.Trace))
303306

304307
require.NoError(t, err)
305308
require.NotNil(t, client)
306309
require.True(t, client.Valid(ctx))
307-
ctx, _ = ctxTestTime(ctx, t.Name())
310+
ctx, _ = ctxTestTime(ctx, t.Name(), tokenName)
308311
newToken, oldToken, err := client.RotateCurrentToken(ctx)
309312
require.NoError(t, err)
310313
require.NotNil(t, newToken)

gitlab_record_client_test.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@ func getClient(t *testing.T, target string) (client *http.Client, u string) {
1919
filename := fmt.Sprintf("testdata/%s/%s", target, sanitizePath(t.Name()))
2020
r, err := recorder.New(filename,
2121
[]recorder.Option{
22+
recorder.WithSkipRequestLatency(false),
2223
recorder.WithMode(recorder.ModeRecordOnce),
2324
recorder.WithMatcher(
2425
cassette.NewDefaultMatcher(

helpers_test.go

Lines changed: 75 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ package gitlab_test
55
import (
66
"cmp"
77
"context"
8+
"encoding/json"
89
"errors"
910
"fmt"
1011
"io"
@@ -575,20 +576,45 @@ func sanitizePath(path string) string {
575576

576577
func getCtxGitlabClient(t *testing.T, target string) context.Context {
577578
httpClient, _ := getClient(t, target)
578-
return gitlab.HttpClientNewContext(context.Background(), httpClient)
579+
return gitlab.HttpClientNewContext(t.Context(), httpClient)
579580
}
580581

581582
func getCtxGitlabClientWithUrl(t *testing.T, target string) (context.Context, string) {
582583
httpClient, url := getClient(t, target)
583-
return gitlab.HttpClientNewContext(context.Background(), httpClient), url
584-
}
585-
586-
func ctxTestTime(ctx context.Context, tn string) (_ context.Context, t time.Time) {
587-
switch tn {
588-
case "TestGitlabClient_RotateCurrentToken", "TestWithGitlabUser_RotateToken":
589-
t = time.Date(2024, 12, 12, 0, 0, 0, 0, time.UTC)
590-
default:
591-
t = time.Date(2025, 3, 12, 0, 0, 0, 0, time.UTC)
584+
return gitlab.HttpClientNewContext(t.Context(), httpClient), url
585+
}
586+
587+
func parseTimeFromFile(name string) (t time.Time, err error) {
588+
var buff []byte
589+
if buff, err = os.ReadFile(fmt.Sprintf("./testdata/%s", name)); err != nil {
590+
return t, err
591+
}
592+
return time.Parse(time.RFC3339, string(buff))
593+
}
594+
595+
func ctxTestTime(ctx context.Context, testName string, tokenName string) (_ context.Context, t time.Time) {
596+
var token = getGitlabToken(tokenName)
597+
if token.Empty() {
598+
var err error
599+
switch testName {
600+
case "TestGitlabClient_InvalidToken":
601+
// no token for this test
602+
case "TestWithGitlabUser_RotateToken":
603+
if t, err = parseTimeFromFile("gitlab-com"); err != nil {
604+
panic(err)
605+
}
606+
case "TestWithServiceAccountUser",
607+
"TestWithServiceAccountGroup",
608+
"TestWithServiceAccountUserFail_dedicated",
609+
"TestWithServiceAccountUserFail_saas":
610+
if t, err = parseTimeFromFile("gitlab-selfhosted"); err != nil {
611+
panic(err)
612+
}
613+
default:
614+
panic(fmt.Errorf("unknown test name %s", testName))
615+
}
616+
} else {
617+
t = token.CreatedAtTime()
592618
}
593619
return gitlab.WithStaticTime(ctx, t), t
594620
}
@@ -604,3 +630,42 @@ func filterSlice[T any, Slice ~[]T](collection Slice, predicate func(item T, ind
604630

605631
return result
606632
}
633+
634+
type generatedToken struct {
635+
ID string `json:"id"`
636+
Token string `json:"token"`
637+
CreatedAt string `json:"created_at"`
638+
}
639+
640+
func (g generatedToken) Empty() bool {
641+
return generatedToken{} == g
642+
}
643+
644+
const (
645+
gitlabTimeLayout = "2006-01-02 15:04:05.000 -0700 MST"
646+
)
647+
648+
func (g generatedToken) CreatedAtTime() (t time.Time) {
649+
t, _ = time.Parse(gitlabTimeLayout, g.CreatedAt)
650+
return t
651+
}
652+
653+
type generatedTokens map[string]generatedToken
654+
655+
var loadTokens = sync.OnceValues(func() (t generatedTokens, err error) {
656+
var payload []byte
657+
if payload, err = os.ReadFile("./testdata/tokens.json"); err != nil {
658+
return t, err
659+
}
660+
661+
err = json.Unmarshal(payload, &t)
662+
return t, err
663+
})
664+
665+
func getGitlabToken(name string) generatedToken {
666+
var tokens, _ = loadTokens()
667+
if token, ok := tokens[name]; ok {
668+
return token
669+
}
670+
return generatedToken{}
671+
}

local-env/README.md

Lines changed: 14 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -1,22 +1,23 @@
1-
Local Environment
2-
-----------------
1+
## Local Environment
32

4-
To be able to run the tests against a real Gitlab instance, just run.
3+
To run tests against a real GitLab instance, follow the steps below.
54

6-
```shell
7-
bash initial-setup.sh
8-
```
5+
### Initial Setup
96

10-
This should setup a Gitlab instance that is fully configured for the tests locally.
7+
1. **Run the setup script:**
118

12-
As configuring takes quite a bit of time. After the first start you can run the command bellow.
9+
This command will set up a GitLab instance that is fully configured for testing locally.
1310

14-
```shell
15-
bash backup-volumes.sh
11+
```bash
12+
bash initial-setup.sh
1613
```
1714

18-
And to restore it back to the original setting
15+
**Note:** Setting up the GitLab instance might take some time. After the setup, a complete backup of the PostgreSQL database will be created to facilitate quick restoration if needed.
1916

20-
```shell
17+
### Restoring the Environment
18+
19+
If you need to restore the GitLab instance back to its original configuration, use the following command:
20+
21+
```bash
2122
bash restore-volumes.sh
22-
```
23+
```

local-env/backup-volumes.sh

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
set -x
44

5+
rm backup.tar
56
docker compose stop
67
docker run --rm --volumes-from vpsg-web-1 -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /etc/gitlab /var/opt/gitlab/postgresql/
78
docker compose up -d

local-env/docker-compose.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
name: vpsg
22
services:
33
web:
4-
image: 'gitlab/gitlab-ce:16.11.6-ce.0'
4+
image: 'gitlab/gitlab-ce:17.10.3-ce.0'
55
environment:
66
GITLAB_OMNIBUS_CONFIG: |
77
gitlab_rails['gitlab_shell_ssh_port'] = 2224

0 commit comments

Comments
 (0)