diff --git a/app/helpers/ci/variables_helper.rb b/app/helpers/ci/variables_helper.rb
index 79ebed9a82e..86e2667c7bb 100644
--- a/app/helpers/ci/variables_helper.rb
+++ b/app/helpers/ci/variables_helper.rb
@@ -32,14 +32,6 @@ module Ci
end
end
- def ci_variable_masked?(variable, only_key_value)
- if variable && !only_key_value
- variable.masked
- else
- false
- end
- end
-
def ci_variable_maskable_raw_regex
Ci::Maskable::MASK_AND_RAW_REGEX.inspect.sub('\\A', '^').sub('\\z', '$')[1...-1]
end
diff --git a/app/models/integrations/google_play.rb b/app/models/integrations/google_play.rb
index 746f68fdc4c..1d6d563e37f 100644
--- a/app/models/integrations/google_play.rb
+++ b/app/models/integrations/google_play.rb
@@ -18,19 +18,25 @@ module Integrations
field :package_name,
section: SECTION_TYPE_CONNECTION,
placeholder: 'com.example.myapp',
+ description: -> { _('Package name of the app in Google Play.') },
required: true
field :service_account_key_file_name,
section: SECTION_TYPE_CONNECTION,
- required: true
+ required: true,
+ description: -> { _('File name of the Google Play service account key.') }
- field :service_account_key, api_only: true
+ field :service_account_key,
+ required: true,
+ description: -> { _('Google Play service account key.') },
+ api_only: true
field :google_play_protected_refs,
type: :checkbox,
section: SECTION_TYPE_CONFIGURATION,
title: -> { s_('GooglePlayStore|Protected branches and tags only') },
- checkbox_label: -> { s_('GooglePlayStore|Only set variables on protected branches and tags') }
+ description: -> { _('Set variables on protected branches and tags only.') },
+ checkbox_label: -> { s_('GooglePlayStore|Set variables on protected branches and tags only') }
def self.title
s_('GooglePlay|Google Play')
@@ -48,10 +54,10 @@ module Integrations
# rubocop:disable Layout/LineLength
texts = [
- s_("Use the Google Play integration to connect to Google Play with fastlane in CI/CD pipelines."),
- s_("After you enable the integration, the following protected variable is created for CI/CD use:"),
+ s_("Use this integration to connect to Google Play with fastlane in CI/CD pipelines."),
+ s_("After you enable the integration, the following protected variables are created for CI/CD use:"),
variable_list.join('
'),
- s_(format("To generate a Google Play service account key and use this integration, see the integration documentation.", url: Rails.application.routes.url_helpers.help_page_url('user/project/integrations/google_play'))).html_safe
+ s_(format("For more information, see the documentation.", url: Rails.application.routes.url_helpers.help_page_url('user/project/integrations/google_play'))).html_safe
]
# rubocop:enable Layout/LineLength
diff --git a/doc/api/integrations.md b/doc/api/integrations.md
index 2a5b394b7d7..0abf155133e 100644
--- a/doc/api/integrations.md
+++ b/doc/api/integrations.md
@@ -803,6 +803,41 @@ Get the Google Chat integration settings for a project.
GET /projects/:id/integrations/hangouts-chat
```
+## Google Play
+
+### Set up Google Play
+
+Set up the Google Play integration for a project.
+
+```plaintext
+PUT /projects/:id/integrations/google-play
+```
+
+Parameters:
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `package_name` | string | true | Package name of the app in Google Play. |
+| `service_account_key` | string | true | Google Play service account key. |
+| `service_account_key_file_name` | string | true | File name of the Google Play service account key. |
+| `google_play_protected_refs` | boolean | false | Set variables on protected branches and tags only. |
+
+### Disable Google Play
+
+Disable the Google Play integration for a project. Integration settings are reset.
+
+```plaintext
+DELETE /projects/:id/integrations/google-play
+```
+
+### Get Google Play settings
+
+Get the Google Play integration settings for a project.
+
+```plaintext
+GET /projects/:id/integrations/google-play
+```
+
## irker (IRC gateway)
### Set up irker
diff --git a/doc/development/testing_guide/end_to_end/running_tests_that_require_special_setup.md b/doc/development/testing_guide/end_to_end/running_tests_that_require_special_setup.md
index aaea3f8958d..eabc722a26f 100644
--- a/doc/development/testing_guide/end_to_end/running_tests_that_require_special_setup.md
+++ b/doc/development/testing_guide/end_to_end/running_tests_that_require_special_setup.md
@@ -303,6 +303,75 @@ Geo requires an EE license. To visit the Geo sites in your browser, you need a r
- You can increase the wait time for replication by setting `GEO_MAX_FILE_REPLICATION_TIME` and `GEO_MAX_DB_REPLICATION_TIME`. The default is 120 seconds.
- To save time during tests, create a Personal Access Token with API access on the Geo primary node, and pass that value in as `GITLAB_QA_ACCESS_TOKEN` and `GITLAB_QA_ADMIN_ACCESS_TOKEN`.
+## Group SAML Tests
+
+Tests that are tagged with `:group_saml` meta are orchestrated tests where the user accesses a group via SAML SSO.
+
+These tests depend on a SAML IDP Docker container ([jamedjo/test-SAML-idp](https://hub.docker.com/r/jamedjo/test-saml-idp)). The tests spin up the container themselves.
+
+To run these tests on your computer against the GDK:
+
+1. Add these settings to your `gitlab.yml` file:
+
+ ```yaml
+ omniauth:
+ enabled: true
+ providers:
+ - { name: 'group_saml' }
+ ```
+
+1. Run a group SAML test from [`gitlab/qa`](https://gitlab.com/gitlab-org/gitlab/-/tree/d5447ebb5f99d4c72780681ddf4dc25b0738acba/qa) directory:
+
+ ```shell
+ QA_DEBUG=true CHROME_HEADLESS=false bundle exec bin/qa Test::Instance::All http://localhost:3000 qa/specs/features/ee/browser_ui/1_manage/group/group_saml_enforced_sso_spec.rb -- --tag orchestrated
+ ```
+
+For instructions on how to run these tests using the `gitlab-qa` gem, refer to [the GitLab QA documentation](https://gitlab.com/gitlab-org/gitlab-qa/-/blob/master/docs/what_tests_can_be_run.md#testintegrationgroupsaml-eefull-image-address).
+
+## Instance SAML Tests
+
+Tests that are tagged with `:instance_saml` meta are orchestrated tests where the instance level sign-in happens using SAML SSO.
+
+These tests require a SAML IDP Docker container ([jamedjo/test-SAML-idp](https://hub.docker.com/r/jamedjo/test-saml-idp)) to be configured and running.
+
+To run these tests on your computer against the GDK:
+
+1. Add these settings to your `gitlab.yml` file:
+
+ ```yaml
+ omniauth:
+ enabled: true
+ allow_single_sign_on: ["saml"]
+ block_auto_created_users: false
+ auto_link_saml_user: true
+ providers:
+ - { name: 'saml',
+ args: {
+ assertion_consumer_service_url: 'http://gdk.test:3000/users/auth/saml/callback',
+ idp_cert_fingerprint: '11:9b:9e:02:79:59:cd:b7:c6:62:cf:d0:75:d9:e2:ef:38:4e:44:5f',
+ idp_sso_target_url: 'https://gdk.test:8443/simplesaml/saml2/idp/SSOService.php',
+ issuer: 'http://gdk.test:3000',
+ name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'
+ } }
+ ```
+
+1. Start the SAML IDP Docker container:
+
+ ```shell
+ docker run --name=group_saml_qa_idp -p 8080:8080 -p 8443:8443 \
+ -e SIMPLESAMLPHP_SP_ENTITY_ID=http://localhost:3000 \
+ -e SIMPLESAMLPHP_SP_ASSERTION_CONSUMER_SERVICE=http://localhost:3000/users/auth/saml/callback \
+ -d jamedjo/test-saml-idp
+ ```
+
+1. Run the test from [`gitlab/qa`](https://gitlab.com/gitlab-org/gitlab/-/tree/d5447ebb5f99d4c72780681ddf4dc25b0738acba/qa) directory:
+
+ ```shell
+ QA_DEBUG=true CHROME_HEADLESS=false bundle exec bin/qa Test::Instance::All http://localhost:3000 qa/specs/features/browser_ui/1_manage/login/login_via_instance_wide_saml_sso_spec.rb -- --tag orchestrated
+ ```
+
+For instructions on how to run these tests using the `gitlab-qa` gem, refer to [the GitLab QA documentation](https://gitlab.com/gitlab-org/gitlab-qa/-/blob/master/docs/what_tests_can_be_run.md#testintegrationinstancesaml-ceeefull-image-address).
+
## LDAP Tests
Tests that are tagged with `:ldap_tls` and `:ldap_no_tls` meta are orchestrated tests where the sign-in happens via LDAP.
diff --git a/lib/api/helpers/integrations_helpers.rb b/lib/api/helpers/integrations_helpers.rb
index cda1114d581..53a7fc24052 100644
--- a/lib/api/helpers/integrations_helpers.rb
+++ b/lib/api/helpers/integrations_helpers.rb
@@ -325,32 +325,7 @@ module API
desc: 'The URL of the external wiki'
}
],
- 'google-play' => [
- {
- required: true,
- name: :package_name,
- type: String,
- desc: 'The package name of the app in Google Play'
- },
- {
- required: true,
- name: :service_account_key,
- type: String,
- desc: 'The Google Play service account key'
- },
- {
- required: true,
- name: :service_account_key_file_name,
- type: String,
- desc: 'The filename of the Google Play service account key'
- },
- {
- required: false,
- name: :google_play_protected_refs,
- type: ::Grape::API::Boolean,
- desc: 'Only enable for protected refs'
- }
- ],
+ 'google-play' => ::Integrations::GooglePlay.api_fields,
'hangouts-chat' => [
{
required: true,
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 0d8d9fdba93..3c34d2ff287 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -4454,9 +4454,6 @@ msgstr ""
msgid "After the report is generated, an email will be sent with the report attached."
msgstr ""
-msgid "After you enable the integration, the following protected variable is created for CI/CD use:"
-msgstr ""
-
msgid "After you enable the integration, the following protected variables are created for CI/CD use:"
msgstr ""
@@ -20910,6 +20907,9 @@ msgstr ""
msgid "File name"
msgstr ""
+msgid "File name of the Google Play service account key."
+msgstr ""
+
msgid "File permissions"
msgstr ""
@@ -22908,6 +22908,9 @@ msgstr ""
msgid "Google Cloud authorizations required"
msgstr ""
+msgid "Google Play service account key."
+msgstr ""
+
msgid "GoogleCloud|Cancel"
msgstr ""
@@ -22944,10 +22947,10 @@ msgstr ""
msgid "GoogleCloud|Revoke authorizations granted to GitLab. This does not invalidate service accounts."
msgstr ""
-msgid "GooglePlayStore|Only set variables on protected branches and tags"
+msgid "GooglePlayStore|Protected branches and tags only"
msgstr ""
-msgid "GooglePlayStore|Protected branches and tags only"
+msgid "GooglePlayStore|Set variables on protected branches and tags only"
msgstr ""
msgid "GooglePlay|Drag your key file here or %{linkStart}click to upload%{linkEnd}."
@@ -34195,6 +34198,9 @@ msgstr ""
msgid "Package file size limits"
msgstr ""
+msgid "Package name of the app in Google Play."
+msgstr ""
+
msgid "Package recipe already exists"
msgstr ""
@@ -45440,6 +45446,9 @@ msgstr ""
msgid "Set up your project to automatically push and/or pull changes to/from another repository. Branches, tags, and commits will be synced automatically."
msgstr ""
+msgid "Set variables on protected branches and tags only."
+msgstr ""
+
msgid "Set weight"
msgstr ""
@@ -52792,9 +52801,6 @@ msgstr ""
msgid "Use the %{strongStart}Test%{strongEnd} option above to create an event."
msgstr ""
-msgid "Use the Google Play integration to connect to Google Play with fastlane in CI/CD pipelines."
-msgstr ""
-
msgid "Use the link below to confirm your email address (%{email})"
msgstr ""
@@ -52807,6 +52813,9 @@ msgstr ""
msgid "Use the search bar on the top of this page"
msgstr ""
+msgid "Use this integration to connect to Google Play with fastlane in CI/CD pipelines."
+msgstr ""
+
msgid "Use this integration to connect to the Apple App Store with fastlane in CI/CD pipelines."
msgstr ""
diff --git a/spec/helpers/ci/variables_helper_spec.rb b/spec/helpers/ci/variables_helper_spec.rb
index 13970dd95b4..835a7b902e7 100644
--- a/spec/helpers/ci/variables_helper_spec.rb
+++ b/spec/helpers/ci/variables_helper_spec.rb
@@ -42,23 +42,6 @@ RSpec.describe Ci::VariablesHelper, feature_category: :secrets_management do
end
end
- describe '#ci_variable_masked?' do
- let(:variable) { build_stubbed(:ci_variable, key: 'test_key', value: 'test_value', masked: true) }
-
- context 'when variable is provided and only_key_value is false' do
- it 'expect ci_variable_masked? to return true' do
- expect(helper.ci_variable_masked?(variable, false)).to eq(true)
- end
- end
-
- context 'when variable is not provided / provided and only_key_value is true' do
- it 'expect ci_variable_masked? to return false' do
- expect(helper.ci_variable_masked?(nil, true)).to eq(false)
- expect(helper.ci_variable_masked?(variable, true)).to eq(false)
- end
- end
- end
-
describe '#ci_variable_maskable_raw_regex' do
it 'converts to a javascript regex' do
expect(helper.ci_variable_maskable_raw_regex).to eq("^\\S{8,}$")