Add container registry to object storage

qa/qa.rb

@@ -50,7 +50,8 @@ module QA
     "user_gpg" => "UserGPG",
     "smtp" => "SMTP",
     "otp" => "OTP",
-    "jira_api" => "JiraAPI"
+    "jira_api" => "JiraAPI",
+    "registry_tls" => "RegistryTLS"
   )
 
   loader.setup

qa/qa/scenario/test/integration/registry_tls.rb

+# frozen_string_literal: true
+
+module QA
+  module Scenario
+    module Test
+      module Integration
+        class RegistryTLS < Test::Instance::All
+          tags :registry_tls
+        end
+      end
+    end
+  end
+end

qa/qa/specs/features/browser_ui/5_package/container_registry/container_registry_omnibus_spec.rb

 # frozen_string_literal: true
 
 module QA
-  RSpec.describe 'Package', :registry, :orchestrated, only: { pipeline: :main } do
+  RSpec.describe 'Package', :orchestrated do
     describe 'Self-managed Container Registry' do
       let(:project) do
         Resource::Project.fabricate_via_api! do |project|
@@ -28,59 +28,112 @@ module QA
         runner.remove_via_api!
       end
 
-      it "pushes image and deletes tag", testcase: 'https://gitlab.com/gitlab-org/quality/testcases/-/quality/test_cases/1911' do
-        Resource::Repository::Commit.fabricate_via_api! do |commit|
-          commit.project = project
-          commit.commit_message = 'Add .gitlab-ci.yml'
-          commit.add_files([{
-                              file_path: '.gitlab-ci.yml',
-                              content:
-                                  <<~YAML
-                                    build:
-                                      image: docker:19.03.12
-                                      stage: build
-                                      services:
-                                      - name: docker:19.03.12-dind
-                                        command:
-                                        - /bin/sh
-                                        - -c
-                                        - |
-                                          apk add --no-cache openssl
-                                          true | openssl s_client -showcerts -connect gitlab.test:5050 > /usr/local/share/ca-certificates/gitlab.test.crt
-                                          update-ca-certificates
-                                          dockerd-entrypoint.sh || exit                                
-                                      variables:
-                                        IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
-                                      script:
-                                        - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD gitlab.test:5050
-                                        - docker build -t $IMAGE_TAG .
-                                        - docker push $IMAGE_TAG
-                                      tags:
-                                        - "runner-for-#{project.name}"
-                                  YAML
-                          }])
-        end
+      context 'when tls is enabled' do
+        it "pushes image and deletes tag", :registry_tls, testcase: 'https://gitlab.com/gitlab-org/quality/testcases/-/quality/test_cases/1911' do
+          Resource::Repository::Commit.fabricate_via_api! do |commit|
+            commit.project = project
+            commit.commit_message = 'Add .gitlab-ci.yml'
+            commit.add_files([{
+                                file_path: '.gitlab-ci.yml',
+                                content:
+                                <<~YAML
+                                  build:
+                                    image: docker:19.03.12
+                                    stage: build
+                                    services:
+                                    - name: docker:19.03.12-dind
+                                      command:
+                                      - /bin/sh
+                                      - -c
+                                      - |
+                                        apk add --no-cache openssl
+                                        true | openssl s_client -showcerts -connect gitlab.test:5050 > /usr/local/share/ca-certificates/gitlab.test.crt
+                                        update-ca-certificates
+                                        dockerd-entrypoint.sh || exit                                
+                                    variables:
+                                      IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
+                                    script:
+                                      - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD gitlab.test:5050
+                                      - docker build -t $IMAGE_TAG .
+                                      - docker push $IMAGE_TAG
+                                    tags:
+                                      - "runner-for-#{project.name}"
+                                YAML
+                            }])
+          end
 
-        Flow::Pipeline.visit_latest_pipeline
+          Flow::Pipeline.visit_latest_pipeline
 
-        Page::Project::Pipeline::Show.perform do |pipeline|
-          pipeline.click_job('build')
-        end
+          Page::Project::Pipeline::Show.perform do |pipeline|
+            pipeline.click_job('build')
+          end
+
+          Page::Project::Job::Show.perform do |job|
+            expect(job).to be_successful(timeout: 800)
+          end
+
+          Page::Project::Menu.perform(&:go_to_container_registry)
+
+          Page::Project::Registry::Show.perform do |registry|
+            expect(registry).to have_registry_repository(project.path_with_namespace)
+
+            registry.click_on_image(project.path_with_namespace)
+            expect(registry).to have_tag('master')
 
-        Page::Project::Job::Show.perform do |job|
-          expect(job).to be_successful(timeout: 800)
+            registry.click_delete
+            expect(registry).not_to have_tag('master')
+          end
         end
+      end
+
+      context "when tls is disabled" do
+        it "pushes image and deletes tag", :registry, testcase: 'https://gitlab.com/gitlab-org/quality/testcases/-/quality/test_cases/2378' do
+          Resource::Repository::Commit.fabricate_via_api! do |commit|
+            commit.project = project
+            commit.commit_message = 'Add .gitlab-ci.yml'
+            commit.add_files([{
+                                file_path: '.gitlab-ci.yml',
+                                content:
+                                    <<~YAML
+                                      build:
+                                        image: docker:19.03.12
+                                        stage: build
+                                        services:
+                                        - name: docker:19.03.12-dind
+                                          command: ["--insecure-registry=gitlab.test:5050"]                                
+                                        variables:
+                                          IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
+                                        script:
+                                          - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD gitlab.test:5050
+                                          - docker build -t $IMAGE_TAG .
+                                          - docker push $IMAGE_TAG
+                                        tags:
+                                          - "runner-for-#{project.name}"
+                                    YAML
+                            }])
+          end
+
+          Flow::Pipeline.visit_latest_pipeline
+
+          Page::Project::Pipeline::Show.perform do |pipeline|
+            pipeline.click_job('build')
+          end
+
+          Page::Project::Job::Show.perform do |job|
+            expect(job).to be_successful(timeout: 800)
+          end
 
-        Page::Project::Menu.perform(&:go_to_container_registry)
+          Page::Project::Menu.perform(&:go_to_container_registry)
 
-        Page::Project::Registry::Show.perform do |registry|
-          expect(registry).to have_registry_repository(project.path_with_namespace)
+          Page::Project::Registry::Show.perform do |registry|
+            expect(registry).to have_registry_repository(project.path_with_namespace)
 
-          registry.click_on_image(project.path_with_namespace)
-          expect(registry).to have_tag('master')
+            registry.click_on_image(project.path_with_namespace)
+            expect(registry).to have_tag('master')
 
-          registry.click_delete
-          expect(registry).not_to have_tag('master')
+            registry.click_delete
+            expect(registry).not_to have_tag('master')
+          end
         end
       end
     end

qa/qa/specs/features/browser_ui/5_package/dependency_proxy/dependency_proxy_spec.rb

@@ -57,17 +57,11 @@ module QA
                                         image: "#{docker_client_version}"
                                         services:
                                         - name: "#{docker_client_version}-dind"
-                                          command:
-                                          - /bin/sh
-                                          - -c
-                                          - |
-                                            apk add --no-cache openssl
-                                            true | openssl s_client -showcerts -connect gitlab.test:5050 > /usr/local/share/ca-certificates/gitlab.test.crt
-                                            update-ca-certificates
-                                            dockerd-entrypoint.sh || exit
+                                          command: ["--insecure-registry=gitlab.test:80"]     
                                         before_script:
                                           - apk add curl jq grep
-                                          - docker login -u "$CI_DEPENDENCY_PROXY_USER" -p "$CI_DEPENDENCY_PROXY_PASSWORD" "$CI_DEPENDENCY_PROXY_SERVER"
+                                          - echo $CI_DEPENDENCY_PROXY_SERVER
+                                          - docker login -u "$CI_DEPENDENCY_PROXY_USER" -p "$CI_DEPENDENCY_PROXY_PASSWORD" gitlab.test:80
                                         script:
                                           - docker pull #{dependency_proxy_url}/#{image_sha}
                                           - TOKEN=$(curl "https://auth.docker.io/token?service=registry.docker.io&scope=repository:ratelimitpreview/test:pull" | jq --raw-output .token)