Merge branch 'qa-shl-nightly-121-fix-login-via-oauth-spec' into 'master'

Use 1Password CLI to pull OTP for GitHub OAuth

Closes gitlab-org/quality/nightly#121

See merge request gitlab-org/gitlab!17691

qa/qa.rb

@@ -435,6 +435,10 @@ module QA
         autoload :Login, 'qa/vendor/github/page/login'
       end
     end
+
+    module OnePassword
+      autoload :CLI, 'qa/vendor/one_password/cli'
+    end
   end
 
   # Classes that provide support to other parts of the framework.

qa/qa/runtime/env.rb

@@ -177,6 +177,22 @@ module QA
         ENV['GITLAB_QA_PASSWORD_6']
       end
 
+      def gitlab_qa_1p_email
+        ENV['GITLAB_QA_1P_EMAIL']
+      end
+
+      def gitlab_qa_1p_password
+        ENV['GITLAB_QA_1P_PASSWORD']
+      end
+
+      def gitlab_qa_1p_secret
+        ENV['GITLAB_QA_1P_SECRET']
+      end
+
+      def gitlab_qa_1p_github_uuid
+        ENV['GITLAB_QA_1P_GITHUB_UUID']
+      end
+
       def knapsack?
         !!(ENV['KNAPSACK_GENERATE_REPORT'] || ENV['KNAPSACK_REPORT_PATH'] || ENV['KNAPSACK_TEST_FILE_PATTERN'])
       end

qa/qa/specs/features/browser_ui/1_manage/login/login_via_oauth_spec.rb

 # frozen_string_literal: true
 
 module QA
-  # Failure issue: https://gitlab.com/gitlab-org/quality/nightly/issues/121
-  context 'Manage', :orchestrated, :oauth, :quarantine do
+  context 'Manage', :orchestrated, :oauth do
     describe 'OAuth login' do
       it 'User logs in to GitLab with GitHub OAuth' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)

qa/qa/vendor/github/page/login.rb

@@ -12,6 +12,12 @@ module QA
             fill_in 'password', with: QA::Runtime::Env.github_password
             click_on 'Sign in'
 
+            otp = OnePassword::CLI.new.otp
+
+            fill_in 'otp', with: otp
+
+            click_on 'Verify'
+
             click_on 'Authorize gitlab-qa' if has_button?('Authorize gitlab-qa')
           end
         end

qa/qa/vendor/one_password/cli.rb

+# frozen_string_literal: true
+
+module QA
+  module Vendor
+    module OnePassword
+      class CLI
+        def initialize
+          @email = QA::Runtime::Env.gitlab_qa_1p_email
+          @password = QA::Runtime::Env.gitlab_qa_1p_password
+          @secret = QA::Runtime::Env.gitlab_qa_1p_secret
+          @github_uuid = QA::Runtime::Env.gitlab_qa_1p_github_uuid
+        end
+
+        def otp
+          `#{op_path} get totp #{@github_uuid} --session=#{session_token}`.to_i
+        end
+
+        private
+
+        def session_token
+          `echo '#{@password}' | #{op_path} signin gitlab.1password.com #{@email} #{@secret} --output=raw --shorthand=gitlab_qa`
+        end
+
+        def op_path
+          File.expand_path(File.join(%W[qa vendor one_password #{os} op]))
+        end
+
+        def os
+          RUBY_PLATFORM.include?("darwin") ? "darwin" : "linux"
+        end
+      end
+    end
+  end
+end