diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-09-19 04:45:44 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-09-19 04:45:44 +0300 |
| commit | 85dc423f7090da0a52c73eb66faf22ddb20efff9 (patch) | |
| tree | 9160f299afd8c80c038f08e1545be119f5e3f1e1 /scripts/review_apps | |
| parent | 15c2c8c66dbe422588e5411eee7e68f1fa440bb8 (diff) | |
Add latest changes from gitlab-org/gitlab@13-4-stable-ee
Diffstat (limited to 'scripts/review_apps')
| -rwxr-xr-x | scripts/review_apps/review-apps.sh | 5 | ||||
| -rw-r--r-- | scripts/review_apps/seed-dast-test-data.sh | 69 |
2 files changed, 71 insertions, 3 deletions
diff --git a/scripts/review_apps/review-apps.sh b/scripts/review_apps/review-apps.sh index 59189c94cde..862c3b4bb62 100755 --- a/scripts/review_apps/review-apps.sh +++ b/scripts/review_apps/review-apps.sh @@ -147,13 +147,12 @@ function disable_sign_ups() { run_task "${ruby_cmd}" # Disable sign-ups - retry 'curl --silent --show-error --request PUT --header "PRIVATE-TOKEN: ${REVIEW_APPS_ROOT_TOKEN}" "${CI_ENVIRONMENT_URL}/api/v4/application/settings?signup_enabled=false"' + local signup_enabled=$(retry 'curl --silent --show-error --request PUT --header "PRIVATE-TOKEN: ${REVIEW_APPS_ROOT_TOKEN}" "${CI_ENVIRONMENT_URL}/api/v4/application/settings?signup_enabled=false" | jq ".signup_enabled"') - local signup_enabled=$(retry 'curl --silent --show-error --request GET --header "PRIVATE-TOKEN: ${REVIEW_APPS_ROOT_TOKEN}" "${CI_ENVIRONMENT_URL}/api/v4/application/settings" | jq ".signup_enabled"') if [[ "${signup_enabled}" == "false" ]]; then echoinfo "Sign-ups have been disabled successfully." else - echoerr "Sign-ups should be disabled but are still enabled!" + echoerr "Sign-ups are still enabled!" false fi } diff --git a/scripts/review_apps/seed-dast-test-data.sh b/scripts/review_apps/seed-dast-test-data.sh new file mode 100644 index 00000000000..cba5859a1db --- /dev/null +++ b/scripts/review_apps/seed-dast-test-data.sh @@ -0,0 +1,69 @@ +[[ "$TRACE" ]] && set -x + +function create_user() { + local user="${1}" + + # API details at https://docs.gitlab.com/ee/api/users.html#user-creation + # + # We set "can_create_group=false" because we don't want the DAST user to create groups. + # Otherwise, the DAST user likely creates a group and enables 2FA for all group members, + # which leads to the DAST scan getting "stuck" on the 2FA set up page. + # Once https://gitlab.com/gitlab-org/gitlab/-/issues/231447 is resolved, we can use + # DAST_AUTH_EXCLUDE_URLS instead to prevent DAST from enabling 2FA. + curl --silent --show-error --header "PRIVATE-TOKEN: ${REVIEW_APPS_ROOT_TOKEN}" \ + --data "email=${user}@example.com" \ + --data "name=${user}" \ + --data "username=${user}" \ + --data "password=${REVIEW_APPS_ROOT_PASSWORD}" \ + --data "skip_confirmation=true" \ + --data "can_create_group=false" \ + "${CI_ENVIRONMENT_URL}/api/v4/users" > /tmp/user.json + + [[ "$TRACE" ]] && cat /tmp/user.json >&2 + + jq .id /tmp/user.json +} + +function create_project_for_user() { + local userid="${1}" + + # API details at https://docs.gitlab.com/ee/api/projects.html#create-project-for-user + curl --silent --show-error --header "PRIVATE-TOKEN: ${REVIEW_APPS_ROOT_TOKEN}" \ + --data "user_id=${userid}" \ + --data "name=awesome-test-project-${userid}" \ + --data "visibility=private" \ + "${CI_ENVIRONMENT_URL}/api/v4/projects/user/${userid}" > /tmp/project.json + + [[ "$TRACE" ]] && cat /tmp/project.json >&2 +} + +function trigger_proj_user_creation(){ + local u1=$(create_user "user1") + create_project_for_user $u1 + local u2=$(create_user "user2") + create_project_for_user $u2 + local u3=$(create_user "user3") + create_project_for_user $u3 + local u4=$(create_user "user4") + create_project_for_user $u4 + local u5=$(create_user "user5") + create_project_for_user $u5 + local u6=$(create_user "user6") + create_project_for_user $u6 + local u7=$(create_user "user7") + create_project_for_user $u7 + local u8=$(create_user "user8") + create_project_for_user $u8 + local u9=$(create_user "user9") + create_project_for_user $u9 + local u10=$(create_user "user10") + create_project_for_user $u10 + local u11=$(create_user "user11") + create_project_for_user $u11 + local u12=$(create_user "user12") + create_project_for_user $u12 + local u13=$(create_user "user13") + create_project_for_user $u13 + local u14=$(create_user "user14") + create_project_for_user $u14 +} |