diff options
15 files changed, 140 insertions, 144 deletions
diff --git a/.gitlab/issue_templates/Security developer workflow.md b/.gitlab/issue_templates/Security developer workflow.md index e63727fe484..3a210c358e5 100644 --- a/.gitlab/issue_templates/Security developer workflow.md +++ b/.gitlab/issue_templates/Security developer workflow.md @@ -9,9 +9,7 @@ Set the title to: `Description of the original issue` ## Prior to starting the security release work - [ ] Read the [security process for developers] if you are not familiar with it. -- [ ] Make sure the issue really needs to follow the security release workflow. - - Verify if the issue you're working on `gitlab-org/gitlab` is confidential, if it's public fix should be placed on GitLab canonical and no backports are required. - - If the issue you're fixing doesn't appear to be something that can be exploited by a malicious person and is instead simply a security enhancement do not hesitate to ping `@gitlab-com/gl-security/appsec` to discuss if the issue can be fixed in the canonical repository. +- [ ] Make sure the [issue really needs to follow the security release workflow]. - [ ] **IMPORTANT**: Mark this [issue as linked] to the Security Release Tracking Issue. You can find it [here](https://gitlab.com/gitlab-org/gitlab/-/issues?sort=created_date&state=opened&label_name[]=upcoming+security+release). This issue MUST be linked for the release bot to know that the associated merge requests should be merged for this security release. - Fill out the [Links section](#links): @@ -71,5 +69,6 @@ After your merge request has been approved according to our [approval guidelines [security Release merge request template]: https://gitlab.com/gitlab-org/security/gitlab/blob/master/.gitlab/merge_request_templates/Security%20Release.md [approval guidelines]: https://docs.gitlab.com/ee/development/code_review.html#approval-guidelines [issue as linked]: https://docs.gitlab.com/ee/user/project/issues/related_issues.html#add-a-linked-issue +[issue really needs to follow the security release workflow]: https://gitlab.com/gitlab-org/release/docs/-/blob/master/general/security/developer.md#making-sure-the-issue-needs-to-follow-the-security-release-workflow /label ~security diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb index f96e080ecf8..4acbb0482f3 100644 --- a/app/controllers/groups_controller.rb +++ b/app/controllers/groups_controller.rb @@ -38,8 +38,6 @@ class GroupsController < Groups::ApplicationController before_action :check_export_rate_limit!, only: [:export, :download_export] - before_action :track_experiment_event, only: [:new] - helper_method :captcha_required? skip_cross_project_access_check :index, :new, :create, :edit, :update, @@ -380,12 +378,6 @@ class GroupsController < Groups::ApplicationController def captcha_required? captcha_enabled? && !params[:parent_id] end - - def track_experiment_event - return if params[:parent_id] - - experiment(:require_verification_for_namespace_creation, user: current_user).track(:start_create_group) - end end GroupsController.prepend_mod_with('GroupsController') diff --git a/app/experiments/require_verification_for_namespace_creation_experiment.rb b/app/experiments/require_verification_for_namespace_creation_experiment.rb index 78390ddd099..1cadac7e7d4 100644 --- a/app/experiments/require_verification_for_namespace_creation_experiment.rb +++ b/app/experiments/require_verification_for_namespace_creation_experiment.rb @@ -1,10 +1,6 @@ # frozen_string_literal: true class RequireVerificationForNamespaceCreationExperiment < ApplicationExperiment # rubocop:disable Gitlab/NamespacedClass - exclude :existing_user - - EXPERIMENT_START_DATE = Date.new(2022, 1, 31) - def control_behavior false end @@ -28,10 +24,4 @@ class RequireVerificationForNamespaceCreationExperiment < ApplicationExperiment def subject context.value[:user] end - - def existing_user - return false unless user_or_actor - - user_or_actor.created_at < EXPERIMENT_START_DATE - end end diff --git a/app/helpers/groups_helper.rb b/app/helpers/groups_helper.rb index 3fbea0c0472..7296560a450 100644 --- a/app/helpers/groups_helper.rb +++ b/app/helpers/groups_helper.rb @@ -139,7 +139,7 @@ module GroupsHelper {} end - def require_verification_for_namespace_creation_enabled? + def require_verification_for_group_creation_enabled? # overridden in EE false end diff --git a/config/feature_flags/experiment/require_verification_for_group_creation.yml b/config/feature_flags/experiment/require_verification_for_group_creation.yml new file mode 100644 index 00000000000..767d5f55bce --- /dev/null +++ b/config/feature_flags/experiment/require_verification_for_group_creation.yml @@ -0,0 +1,8 @@ +--- +name: require_verification_for_group_creation +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77569 +rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/349857 +milestone: '14.7' +type: experiment +group: group::activation +default_enabled: false diff --git a/doc/administration/pages/index.md b/doc/administration/pages/index.md index 053e0f634d3..4d672091753 100644 --- a/doc/administration/pages/index.md +++ b/doc/administration/pages/index.md @@ -1021,7 +1021,7 @@ Migrate your existing Pages deployments from local storage to object storage: sudo gitlab-rake gitlab:pages:deployments:migrate_to_object_storage ``` -You can track progress and verify that all Pages deployments migrated successfully using the +You can track progress and verify that all Pages deployments migrated successfully using the [PostgreSQL console](https://docs.gitlab.com/omnibus/settings/database.html#connecting-to-the-bundled-postgresql-database): - `sudo gitlab-rails dbconsole` for Omnibus GitLab instances. @@ -1037,6 +1037,9 @@ total | filesystem | objectstg 10 | 0 | 10 ``` +After verifying everything is working correctly, +[disable Pages local storage](#disable-pages-local-storage). + ### Rolling Pages deployments back to local storage After the migration to object storage is performed, you can choose to move your Pages deployments back to local storage: @@ -1049,7 +1052,7 @@ sudo gitlab-rake gitlab:pages:deployments:migrate_to_local > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/301159) in GitLab 13.11. -If you use [object storage](#using-object-storage), you can disable local storage: +If you use [object storage](#using-object-storage), you can disable local storage to avoid unnecessary disk usage/writes: 1. Edit `/etc/gitlab/gitlab.rb`: @@ -1080,6 +1083,8 @@ is the default starting from GitLab 14.0. Skip this step if you're already runni 1. If you want to store your pages content in [object storage](#using-object-storage), make sure to configure it. If you want to store the pages content locally or continue using an NFS server, skip this step. 1. [Migrate legacy storage to ZIP storage.](#migrate-legacy-storage-to-zip-storage) +1. If you have configured GitLab to store your pages content in [object storage](#using-object-storage), + [migrate Pages deployments to object storage](#migrate-pages-deployments-to-object-storage) 1. Upgrade GitLab to 14.0. ## Backup diff --git a/doc/user/application_security/policies/index.md b/doc/user/application_security/policies/index.md index ce6f08483a6..5490851d54e 100644 --- a/doc/user/application_security/policies/index.md +++ b/doc/user/application_security/policies/index.md @@ -159,7 +159,7 @@ at the bottom of the editor. You can use policy alerts to track your policy's impact. Alerts are only available if you've [installed](../../clusters/agent/repository.md) -and [configured](../../clusters/agent/install/index.md#register-an-agent-with-gitlab) +and [configured](../../clusters/agent/install/index.md#register-the-agent-with-gitlab) an agent for this project. There are two ways to create policy alerts: diff --git a/doc/user/clusters/agent/ci_cd_tunnel.md b/doc/user/clusters/agent/ci_cd_tunnel.md index 96aa619c104..6c319f575c5 100644 --- a/doc/user/clusters/agent/ci_cd_tunnel.md +++ b/doc/user/clusters/agent/ci_cd_tunnel.md @@ -20,7 +20,7 @@ Only CI/CD jobs set in the configuration project can access one of the configure ## Prerequisites - An existing Kubernetes cluster. -- An agent [installed on your cluster](install/index.md#install-the-agent-into-the-cluster). +- An Agent [installed on your cluster](install/index.md). ## Use the CI/CD Tunnel to run Kubernetes commands from GitLab CI/CD diff --git a/doc/user/clusters/agent/install/index.md b/doc/user/clusters/agent/install/index.md index b2372789284..6b03d1742e5 100644 --- a/doc/user/clusters/agent/install/index.md +++ b/doc/user/clusters/agent/install/index.md @@ -8,110 +8,134 @@ info: To determine the technical writer assigned to the Stage/Group associated w > [Moved](https://gitlab.com/groups/gitlab-org/-/epics/6290) from GitLab Premium to GitLab Free in 14.5. -To get started with the Agent, install it in your cluster. +To connect a cluster to GitLab, you need to install the GitLab Agent +onto your cluster. -## Prerequisites **(SELF)** +## Prerequisites - An existing Kubernetes cluster. - On self-managed GitLab instances, a GitLab administrator needs to set up the [GitLab Agent Server (KAS)](../../../../administration/clusters/kas.md). ## Installation steps -To install the [Agent](../index.md) in your cluster: +To install the GitLab Agent on your cluster: 1. [Define a configuration repository](#define-a-configuration-repository). -1. [Register an agent with GitLab](#register-an-agent-with-gitlab). -1. [Install the agent into the cluster](#install-the-agent-into-the-cluster). +1. [Register the Agent with GitLab](#register-the-agent-with-gitlab). +1. [Install the Agent onto the cluster](#install-the-agent-onto-the-cluster). <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> Watch a GitLab 14.2 [walking-through video](https://www.youtube.com/watch?v=XuBpKtsgGkE) with this process. +When you complete the installation process, you can +[view your Agent's status and activity information](#view-your-agents). +You can also [configure](#configure-the-agent) it to your needs. + ### Define a configuration repository > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/259669) in GitLab 13.7, the Agent manifest configuration can be added to multiple directories (or subdirectories) of its repository. > - Group authorization was [introduced](https://gitlab.com/groups/gitlab-org/-/epics/5784) in GitLab 14.3. -To create an agent, you need a GitLab repository to hold the configuration file. +To create an Agent, you need a GitLab repository to hold its +configuration file. If you already have a repository holding your +cluster's manifest files, you can use it to store your +Agent's configuration file and sync them with no further steps. -After installed, when you update the configuration file, GitLab transmits the -information to the cluster automatically without downtime. +#### Create the Agent's configuration file -In your repository, add the Agent configuration file under: +To create an Agent, go to the repository where you want to store +it and add the Agent's configuration file under: ```plaintext .gitlab/agents/<agent-name>/config.yaml ``` -Make sure that `<agent-name>` conforms to the [Agent's naming format](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/identity_and_auth.md#agent-identity-and-name). - -WARNING: -The agent is only recognized if you use `.yaml` extension for the `config.yaml` file. The extension `.yml` is **not** recognized. +You **don't have to add any content** to this file at the moment you +create it. The fact that the file exists tells GitLab that this is +an Agent. You can edit it later to [configure the Agent](#configure-the-agent). -You **don't have to add any content** to this file when you create it. The fact that the file exists -tells GitLab that this is an agent configuration file and enables the [CI/CD tunnel](../ci_cd_tunnel.md#example-for-a-kubectl-command-using-the-cicd-tunnel). Later on, you can use this -file to [configure the agent](../repository.md) by setting up parameters such as: +When creating this file, pay special attention to: -- Groups and projects that can access the agent via the [CI/CD Tunnel](../ci_cd_tunnel.md). -- [Manifest projects to synchronize](../repository.md#synchronize-manifest-projects). -- The address of the `hubble-relay` for the [Network Security policy integrations](../../../project/clusters/protect/index.md). +- The [Agent's naming format](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/identity_and_auth.md#agent-identity-and-name). +- The file extension: use the `.yaml` extension (`config.yaml`). The `.yml` extension is **not** recognized. -To see all the settings available, read the [Agent configuration repository documentation](../repository.md). - -### Register an agent with GitLab +### Register the Agent with GitLab > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/5786) in GitLab 14.1, you can create a new Agent record directly from the GitLab UI. -Next, create a GitLab Rails Agent record to associate it with -the configuration repository project. Creating this record also creates a Secret needed to configure -the Agent in subsequent steps. +Now that you've created your Agent's configuration file, register it +with GitLab. +When you register the Agent, GitLab generates a token that you need for +installing the Agent onto your cluster. -In GitLab: +In GitLab, go to the project where you added your Agent's configuration +file and: 1. Ensure that [GitLab CI/CD is enabled in your project](../../../../ci/enable_or_disable_ci.md#enable-cicd-in-a-project). 1. From your project's sidebar, select **Infrastructure > Kubernetes clusters**. 1. Select **Actions**. -1. From the **Select an agent** dropdown, select the agent you want to connect and select **Register an agent** to access the installation form. -1. The form reveals your registration token. Securely store this secret token as you cannot view it again. -1. Copy the command under **Recommended installation method**. +1. From the **Select an Agent** dropdown list, select the Agent you want to register and select **Register an Agent**. +1. GitLab generates a registration token for this Agent. Securely store this secret token as you cannot view it again. +1. Copy the command under **Recommended installation method**. You need it to install the Agent onto your cluster through the one-liner installation method. + +### Install the Agent onto the cluster + +To connect your cluster to GitLab, install the registered Agent +onto your cluster. To install it, you can use either: -### Install the agent into the cluster +- [The one-liner installation method](#one-liner-installation). +- [The advanced installation method](#advanced-installation). -In your computer: +You can use the one-liner installation for trying to use the Agent for the first time, to do internal setups with +high trust, and to quickly get started. For long-term production usage, you may want to use the advanced installation +method to benefit from more configuration options. -1. Open your local terminal and connect to your cluster. +#### One-liner installation + +The one-liner installation is the simplest process, but you need +Docker installed locally. If you don't have it, you can either install +it or opt to the [advanced installation method](#advanced-installation). + +To install the Agent on your cluster using the one-liner installation: + +1. In your computer, open the terminal and connect to your cluster. 1. Run the command you copied when registering your cluster in the previous step. -See the following sections to learn about customizing the installation. +Optionally, you can [customize the one-liner installation command](#customize-the-one-liner-installation). -## Simple installation method +##### Customize the one-liner installation -The command provided by GitLab does the following things: +The one-liner command generated by GitLab: - Creates a namespace for the deployment (`gitlab-kubernetes-agent`). -- Sets up a service account with `cluster-admin` rights. Read more on [how you can restrict this service account](#customize-the-permissions-for-the-agentk-service-account). -- Creates a `Secret` resource for the agent registration token. +- Sets up a service account with `cluster-admin` rights (see [how to restrict this service account](#customize-the-permissions-for-the-agentk-service-account)). +- Creates a `Secret` resource for the Agent's registration token. - Creates a `Deployment` resource for the `agentk` pod. -The one-liner installer can be customized at the command line. To find out the various options the above Docker container supports, run: +You can edit these parameters according to your needs to customize the +one-liner installation command at the command line. To find all available +options, run in your terminal: ```shell docker run --pull=always --rm registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/cli:stable generate --help ``` WARNING: -`--agent-version stable` can be used to refer to the latest stable release at the time when the command runs. It's fine for -testing purposes but for production please make sure to specify a matching version explicitly. - -## Advanced installation method +`--agent-version stable` can be used to refer to the latest stable +release at the time when the command runs. It's fine for testing +purposes but for production please make sure to specify a matching +version explicitly. -For more advanced configurations, we recommend to use [the `kpt` based installation method](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/tree/master/build/deployment/gitlab-agent). +#### Advanced installation -Otherwise, follow the manual installation steps described below. +For advanced installation options, use [the `kpt` installation method](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/tree/master/build/deployment/gitlab-agent). -### Customize the permissions for the `agentk` service account +##### Customize the permissions for the `agentk` service account -The GitLab Agent for Kubernetes allows you to fully own your cluster and requires only the permissions you give. Still, for easy getting started, by default the generated manifests provide `cluster-admin` rights to the agent. +The GitLab Agent allows you to fully own your cluster and grant GitLab +the permissions you want. Still, to facilitate the process, by default the +generated manifests provide `cluster-admin` rights to the Agent. -As part of the advanced installation method, you can restrict the agent access rights using Kustomize overlays. [An example is commented out](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/build/deployment/gitlab-agent/cluster/kustomization.yaml) in the `kpt` package you retrieved as part of the installation. +You can restrict the Agent's access rights using Kustomize overlays. [An example is commented out](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/build/deployment/gitlab-agent/cluster/kustomization.yaml) in the `kpt` package you retrieved as part of the installation. To create restricted permissions: @@ -121,50 +145,67 @@ To create restricted permissions: The above setup allows you to regularly update from the upstream package using `kpt pkg update gitlab-agent --strategy resource-merge` and maintain your customizations at the same time. -## Example projects +## Configure the Agent -The following example projects can help you get started with the Agent. +When successfully installed, you can [configure the Agent](../repository.md) +by editing its configuration file. +When you update the configuration file, GitLab transmits the +information to the cluster automatically without downtime. -- [Configuration repository](https://gitlab.com/gitlab-org/configure/examples/kubernetes-agent) -- This basic GitOps example deploys NGINX: [Manifest repository](https://gitlab.com/gitlab-org/configure/examples/gitops-project) +## View your Agents -## View installed Agents +If you have the [Developer role](../../../permissions.md) or above, you can access the Agent's +configuration repository and view the Agent's list: -Users with at least the [Developer](../../../permissions.md) can access the user interface -for the Agent at **Infrastructure > Kubernetes clusters**, under the -**Agent** tab. This page lists all registered agents for the current project, -and the configuration directory for each agent: +1. On the left sidebar, select **Infrastructure > Kubernetes clusters**. +1. Select **Agent** tab to view clusters connected to GitLab through the Agent. - +On this page, you can view: -Additional management interfaces are planned for the GitLab Agent. -[Provide more feedback in the related epic](https://gitlab.com/groups/gitlab-org/-/epics/4739). +- All the registered Agents for the current project. +- The connection status. +- The path to each Agent's configuration file. -## View Agent activity information +Furthermore, if you select one of the Agents on your list, you can view its +[activity information](#view-the-agents-activity-information). + +### View the Agent's activity information > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/277323) in GitLab 14.6. -Users with at least the [Developer](../../../permissions.md) can view the Agent's activity events. -The activity logs help you to identify problems and get the information you need for troubleshooting. -You can see events from a week before the current date. -To access an agent's activity: +The activity logs help you to identify problems and get the information +you need for troubleshooting. You can see events from a week before the +current date. To access an Agent's activity: + +1. In your Agent's repository, go to the Agents list as described [above](#view-your-agents). +1. Select the Agent you want to see the activity. + +The activity list includes: + +- Agent registration events: when a new token is **created**. +- Connection events: when an Agent is successfully **connected** to a cluster. + +Note that the connection status is logged when you connect an Agent for +the first time or after more than an hour of inactivity. -1. Go to your agent's configuration repository. -1. From the sidebar, select **Infrastructure > Kubernetes clusters**. -1. Select the **Agent** tab. -1. Select the agent you want to see the activity. +To check what else is planned for the Agent's UI and provide feedback, +see the [related epic](https://gitlab.com/groups/gitlab-org/-/epics/4739). -You can see the following events on the activity list: +## Create multiple Agents -- Agent registration: - - When a new token is **created**. -- Connection events: - - When an agent is successfully **connected** to a cluster. +You can create and install multiple Agents using the same process +documented above. Give each Agent's configuration file a unique name +and you're good to go. You can create multiple Agents, for example: -Note that the connection status is logged when you connect an agent for the first time -or after more than an hour of inactivity. +- To reach your cluster from different projects. +- To connect multiple clusters to GitLab. - +## Example projects + +The following example projects can help you get started with the Agent. + +- [Configuration repository](https://gitlab.com/gitlab-org/configure/examples/kubernetes-agent) +- This basic GitOps example deploys NGINX: [Manifest repository](https://gitlab.com/gitlab-org/configure/examples/gitops-project) ## Upgrades and version compatibility diff --git a/doc/user/clusters/img/gitlab_agent_activity_events_v14_6.png b/doc/user/clusters/img/gitlab_agent_activity_events_v14_6.png Binary files differdeleted file mode 100644 index 90b41ee849c..00000000000 --- a/doc/user/clusters/img/gitlab_agent_activity_events_v14_6.png +++ /dev/null diff --git a/doc/user/clusters/img/kubernetes-agent-ui-list_v14_5.png b/doc/user/clusters/img/kubernetes-agent-ui-list_v14_5.png Binary files differdeleted file mode 100644 index 3463eeb5d93..00000000000 --- a/doc/user/clusters/img/kubernetes-agent-ui-list_v14_5.png +++ /dev/null diff --git a/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_default_enabled_spec.rb b/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_default_enabled_spec.rb index ecc59aa7cc8..a7c846b2173 100644 --- a/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_default_enabled_spec.rb +++ b/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_default_enabled_spec.rb @@ -10,7 +10,7 @@ module QA Page::Admin::Menu.perform(&:go_to_metrics_and_profiling_settings) end - it 'has service ping toggle enabled' do + it 'has service ping toggle enabled', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/348335' do Page::Admin::Settings::MetricsAndProfiling.perform do |setting| setting.expand_usage_statistics do |page| expect(page).not_to have_disabled_usage_data_checkbox diff --git a/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_disabled_spec.rb b/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_disabled_spec.rb index 309369265c9..cab8bd367f5 100644 --- a/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_disabled_spec.rb +++ b/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_disabled_spec.rb @@ -10,7 +10,7 @@ module QA Page::Admin::Menu.perform(&:go_to_metrics_and_profiling_settings) end - it 'has service ping toggle is disabled' do + it 'has service ping toggle is disabled', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/348340' do Page::Admin::Settings::MetricsAndProfiling.perform do |settings| settings.expand_usage_statistics do |usage_statistics| expect(usage_statistics).to have_disabled_usage_data_checkbox diff --git a/spec/controllers/groups_controller_spec.rb b/spec/controllers/groups_controller_spec.rb index a82c5681911..62171528695 100644 --- a/spec/controllers/groups_controller_spec.rb +++ b/spec/controllers/groups_controller_spec.rb @@ -132,29 +132,6 @@ RSpec.describe GroupsController, factory_default: :keep do end end end - - describe 'require_verification_for_namespace_creation experiment', :experiment do - before do - sign_in(owner) - stub_experiments(require_verification_for_namespace_creation: :candidate) - end - - it 'tracks a "start_create_group" event' do - expect(experiment(:require_verification_for_namespace_creation)).to track( - :start_create_group - ).on_next_instance.with_context(user: owner) - - get :new - end - - context 'when creating a sub-group' do - it 'does not track a "start_create_group" event' do - expect(experiment(:require_verification_for_namespace_creation)).not_to track(:start_create_group) - - get :new, params: { parent_id: group.id } - end - end - end end describe 'GET #activity' do diff --git a/spec/experiments/require_verification_for_namespace_creation_experiment_spec.rb b/spec/experiments/require_verification_for_namespace_creation_experiment_spec.rb index 5d9b0770fb5..87417fe1637 100644 --- a/spec/experiments/require_verification_for_namespace_creation_experiment_spec.rb +++ b/spec/experiments/require_verification_for_namespace_creation_experiment_spec.rb @@ -5,7 +5,7 @@ require 'spec_helper' RSpec.describe RequireVerificationForNamespaceCreationExperiment, :experiment do subject(:experiment) { described_class.new(user: user) } - let(:user) { create(:user, created_at: RequireVerificationForNamespaceCreationExperiment::EXPERIMENT_START_DATE + 1.hour) } + let_it_be(:user) { create(:user) } describe '#candidate?' do context 'when experiment subject is candidate' do @@ -56,20 +56,4 @@ RSpec.describe RequireVerificationForNamespaceCreationExperiment, :experiment do end end end - - describe 'exclusions' do - context 'when user is new' do - it 'is not excluded' do - expect(subject).not_to exclude(user: user) - end - end - - context 'when user is NOT new' do - let(:user) { create(:user, created_at: RequireVerificationForNamespaceCreationExperiment::EXPERIMENT_START_DATE - 1.day) } - - it 'is excluded' do - expect(subject).to exclude(user: user) - end - end - end end |
