Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openQA for openSUSE:Factory checked in at 2026-04-13 23:19:34 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openQA (Old) and /work/SRC/openSUSE:Factory/.openQA.new.21863 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openQA" Mon Apr 13 23:19:34 2026 rev:836 rq:1346421 version:5.1776072800.e5bc7424 Changes: -------- --- /work/SRC/openSUSE:Factory/openQA/openQA.changes 2026-04-11 22:31:57.258084107 +0200 +++ /work/SRC/openSUSE:Factory/.openQA.new.21863/openQA.changes 2026-04-13 23:21:22.938303909 +0200 @@ -1,0 +2,12 @@ +Mon Apr 13 09:33:28 UTC 2026 - [email protected] + +- Update to version 5.1776072800.e5bc7424: + * chore(ci): bump checkout v4->v6 + * feat: implement "None" authentication provider + * feat: Prevent job assignments when running out of space by default + * fix(results_min_free_storage_space_percentage): Allow disabling with `0` + * fix(results_min_free_storage_space_percentage): Add to `Setup.pm` + * feat: make compute_build_results faster by passing the query for jobs + * feat: optimize comment_data_for_jobs when passed a result set + +------------------------------------------------------------------- Old: ---- openQA-5.1775828534.8622a781.obscpio New: ---- openQA-5.1776072800.e5bc7424.obscpio ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openQA-client-test.spec ++++++ --- /var/tmp/diff_new_pack.nae1pG/_old 2026-04-13 23:21:26.274441549 +0200 +++ /var/tmp/diff_new_pack.nae1pG/_new 2026-04-13 23:21:26.274441549 +0200 @@ -18,7 +18,7 @@ %define short_name openQA-client Name: %{short_name}-test -Version: 5.1775828534.8622a781 +Version: 5.1776072800.e5bc7424 Release: 0 Summary: Test package for %{short_name} License: GPL-2.0-or-later ++++++ openQA-devel-test.spec ++++++ --- /var/tmp/diff_new_pack.nae1pG/_old 2026-04-13 23:21:26.322443530 +0200 +++ /var/tmp/diff_new_pack.nae1pG/_new 2026-04-13 23:21:26.330443860 +0200 @@ -18,7 +18,7 @@ %define short_name openQA-devel Name: %{short_name}-test -Version: 5.1775828534.8622a781 +Version: 5.1776072800.e5bc7424 Release: 0 Summary: Test package for %{short_name} License: GPL-2.0-or-later ++++++ openQA-test.spec ++++++ --- /var/tmp/diff_new_pack.nae1pG/_old 2026-04-13 23:21:26.362445181 +0200 +++ /var/tmp/diff_new_pack.nae1pG/_new 2026-04-13 23:21:26.366445346 +0200 @@ -18,7 +18,7 @@ %define short_name openQA Name: %{short_name}-test -Version: 5.1775828534.8622a781 +Version: 5.1776072800.e5bc7424 Release: 0 Summary: Test package for openQA License: GPL-2.0-or-later ++++++ openQA-worker-test.spec ++++++ --- /var/tmp/diff_new_pack.nae1pG/_old 2026-04-13 23:21:26.394446501 +0200 +++ /var/tmp/diff_new_pack.nae1pG/_new 2026-04-13 23:21:26.398446666 +0200 @@ -18,7 +18,7 @@ %define short_name openQA-worker Name: %{short_name}-test -Version: 5.1775828534.8622a781 +Version: 5.1776072800.e5bc7424 Release: 0 Summary: Test package for %{short_name} License: GPL-2.0-or-later ++++++ openQA.spec ++++++ --- /var/tmp/diff_new_pack.nae1pG/_old 2026-04-13 23:21:26.450448811 +0200 +++ /var/tmp/diff_new_pack.nae1pG/_new 2026-04-13 23:21:26.454448976 +0200 @@ -99,7 +99,7 @@ %define devel_requires %devel_no_selenium_requires chromedriver Name: openQA -Version: 5.1775828534.8622a781 +Version: 5.1776072800.e5bc7424 Release: 0 Summary: The openQA web-frontend, scheduler and tools License: GPL-2.0-or-later ++++++ openQA-5.1775828534.8622a781.obscpio -> openQA-5.1776072800.e5bc7424.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/.github/workflows/check-containers.yml new/openQA-5.1776072800.e5bc7424/.github/workflows/check-containers.yml --- old/openQA-5.1775828534.8622a781/.github/workflows/check-containers.yml 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/.github/workflows/check-containers.yml 2026-04-13 11:33:20.000000000 +0200 @@ -8,6 +8,6 @@ contents: read runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Test our container definitions run: make test-check-containers diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/.github/workflows/check-helm-chart.yml new/openQA-5.1776072800.e5bc7424/.github/workflows/check-helm-chart.yml --- old/openQA-5.1775828534.8622a781/.github/workflows/check-helm-chart.yml 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/.github/workflows/check-helm-chart.yml 2026-04-13 11:33:20.000000000 +0200 @@ -9,7 +9,7 @@ runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Install Helm uses: azure/setup-helm@v4 @@ -35,7 +35,7 @@ REGISTRY_PATH: registry.opensuse.org/devel/openqa/containers16.0 steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Install Helm uses: azure/setup-helm@v4 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/.github/workflows/checklist.yml new/openQA-5.1776072800.e5bc7424/.github/workflows/checklist.yml --- old/openQA-5.1775828534.8622a781/.github/workflows/checklist.yml 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/.github/workflows/checklist.yml 2026-04-13 11:33:20.000000000 +0200 @@ -10,7 +10,7 @@ name: Checklist job steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Checklist uses: wyozi/contextual-qa-checklist-action@master with: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/.github/workflows/compose.yml new/openQA-5.1776072800.e5bc7424/.github/workflows/compose.yml --- old/openQA-5.1775828534.8622a781/.github/workflows/compose.yml 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/.github/workflows/compose.yml 2026-04-13 11:33:20.000000000 +0200 @@ -9,6 +9,6 @@ runs-on: ubuntu-latest timeout-minutes: 60 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Verify that containers can be composed run: make test-containers-compose diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/.github/workflows/javascript.yml new/openQA-5.1776072800.e5bc7424/.github/workflows/javascript.yml --- old/openQA-5.1775828534.8622a781/.github/workflows/javascript.yml 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/.github/workflows/javascript.yml 2026-04-13 11:33:20.000000000 +0200 @@ -14,7 +14,7 @@ node-version: [22] os: [ubuntu-latest] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Setup Node (version ${{ matrix.node-version }}) uses: actions/setup-node@v4 with: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/.github/workflows/obs-helper.yaml new/openQA-5.1776072800.e5bc7424/.github/workflows/obs-helper.yaml --- old/openQA-5.1775828534.8622a781/.github/workflows/obs-helper.yaml 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/.github/workflows/obs-helper.yaml 2026-04-13 11:33:20.000000000 +0200 @@ -12,7 +12,7 @@ name: Report OBS URL runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: debug run: | env | sort diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/.github/workflows/perl-critic.yml new/openQA-5.1776072800.e5bc7424/.github/workflows/perl-critic.yml --- old/openQA-5.1775828534.8622a781/.github/workflows/perl-critic.yml 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/.github/workflows/perl-critic.yml 2026-04-13 11:33:20.000000000 +0200 @@ -12,5 +12,5 @@ container: image: perldocker/perl-tester steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - run: make test-critic diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/.github/workflows/prove.yml new/openQA-5.1776072800.e5bc7424/.github/workflows/prove.yml --- old/openQA-5.1775828534.8622a781/.github/workflows/prove.yml 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/.github/workflows/prove.yml 2026-04-13 11:33:20.000000000 +0200 @@ -19,7 +19,7 @@ container: image: registry.opensuse.org/devel/openqa/ci/containers/base:latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install dependencies run: bash -x tools/ci/build_cache.sh - name: Build os-autoinst diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/container/openqa_data/data.template/conf/openqa.ini new/openQA-5.1776072800.e5bc7424/container/openqa_data/data.template/conf/openqa.ini --- old/openQA-5.1775828534.8622a781/container/openqa_data/data.template/conf/openqa.ini 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/container/openqa_data/data.template/conf/openqa.ini 2026-04-13 11:33:20.000000000 +0200 @@ -27,7 +27,7 @@ ## Authentication method to use for user management [auth] -# method = Fake|OpenID +# method = Fake|OpenID|OAuth2|None method = OpenID [logging] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/docs/Installing.asciidoc new/openQA-5.1776072800.e5bc7424/docs/Installing.asciidoc --- old/openQA-5.1775828534.8622a781/docs/Installing.asciidoc 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/docs/Installing.asciidoc 2026-04-13 11:33:20.000000000 +0200 @@ -571,8 +571,8 @@ [[authentication]] === User authentication -openQA supports three different authentication methods: OpenID (default), -OAuth2 and Fake (for development). +openQA supports four different authentication methods: OpenID (default), +OAuth2, Fake (for development) and None (no authentication). Use the `auth` section in <<GettingStarted.asciidoc#_configuration,the web UI configuration>> to configure @@ -655,11 +655,16 @@ ==== Fake -For development purposes only! Fake authentication bypass any authentication and -automatically allow any login requests as 'Demo user' with administrator privileges -and without password. To ease worker testing, API key and secret is created (or updated) -with validity of one day during login. -You can then use following as `/etc/openqa/client.conf`: +For development purposes only! This method is a "mock" authentication provider +designed for openQA developers to test permissions and role-based access +control (RBAC). It requires an explicit visit to the `/login` route but allows +simulating different user roles (e.g. `?user=nobody` for a non-privileged +user). + +To ease worker testing, an API key and secret are created (or updated) for the +'Demo user' with administrator privileges and a validity of one day during +login. +You can then use the following as `/etc/openqa/client.conf`: [source,ini] -------------------------------------------------------------------------------- @@ -672,8 +677,26 @@ secret = 1234567890ABCDEF -------------------------------------------------------------------------------- -If you switch authentication method from Fake to any other, review your API keys! -You may be vulnerable for up to a day until Fake API key expires. +If you switch the authentication method from Fake to any other, review your +API keys! You may be vulnerable for up to a day until the Fake API key +expires. + + +==== None + +This method bypasses any authentication entirely and automatically treats +every visitor as an 'admin' user with administrator privileges. No explicit +login is required. It is ideal for private, local, or trusted network +instances where any form of login (even a "Fake" one) is considered +unnecessary, for example in automated CI setups. Do not use for any exposed +instances! + +[source,ini] +-------------------------------------------------------------------------------- +[auth] +# method name is case sensitive! +method = None +-------------------------------------------------------------------------------- [[priority-throttling]] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/etc/openqa/openqa.ini new/openQA-5.1776072800.e5bc7424/etc/openqa/openqa.ini --- old/openQA-5.1775828534.8622a781/etc/openqa/openqa.ini 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/etc/openqa/openqa.ini 2026-04-13 11:33:20.000000000 +0200 @@ -173,7 +173,7 @@ ## Authentication method to use for user management [auth] -#method = Fake|OpenID|OAuth2 +#method = Fake|OpenID|OAuth2|None ## whether authentication is required to access assets; caveats: ## - Does NOT affect assets made available outside the scope of the openQA service (e.g. via Apache, NGINX or NFS). ## - Might not work well with other features like openqa-clone-job and the cache service. @@ -462,8 +462,8 @@ #dynamic_job_limit_interval = 60 ## Minimum percentage of free storage in the file system where job results are ## regularly stored on; scheduling is suspended if the free storage falls under -## the specified percentage. Defaults to 0 which disables this check. -#results_min_free_storage_space_percentage = 0 +## the specified percentage. Defaults to 5. Set to 0 to disable. +#results_min_free_storage_space_percentage = 5 ## Configuration of the label/bugref carry-over [carry_over] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/lib/OpenQA/BuildResults.pm new/openQA-5.1776072800.e5bc7424/lib/OpenQA/BuildResults.pm --- old/openQA-5.1775828534.8622a781/lib/OpenQA/BuildResults.pm 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/lib/OpenQA/BuildResults.pm 2026-04-13 11:33:20.000000000 +0200 @@ -206,7 +206,7 @@ $seen{$key}++ ? () : $_; } @all_jobs; next unless @jobs; - my $comment_data = $group->result_source->schema->resultset('Comments')->comment_data_for_jobs(\@jobs); + my $comment_data = $group->result_source->schema->resultset('Comments')->comment_data_for_jobs($jobs); for my $job (@jobs) { $jr{distris}->{$job->DISTRI} = 1; if ($newest) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/lib/OpenQA/Schema/ResultSet/Comments.pm new/openQA-5.1776072800.e5bc7424/lib/OpenQA/Schema/ResultSet/Comments.pm --- old/openQA-5.1775828534.8622a781/lib/OpenQA/Schema/ResultSet/Comments.pm 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/lib/OpenQA/Schema/ResultSet/Comments.pm 2026-04-13 11:33:20.000000000 +0200 @@ -99,8 +99,9 @@ =cut sub comment_data_for_jobs ($self, $jobs, $args = {}) { - my @job_ids = map { $_->id } ref $jobs eq 'ARRAY' ? @$jobs : $jobs->all; - my $comments = $self->search({job_id => {in => \@job_ids}}, {order_by => 'me.id', select => [qw(text job_id)]}); + my $job_id_clause = ref $jobs eq 'ARRAY' ? [map { $_->id } @$jobs] : $jobs->get_column('id')->as_query; + my %args = (order_by => 'me.id', select => [qw(text job_id)]); + my $comments = $self->search({job_id => {in => $job_id_clause}}, \%args); my $bugs = $self->result_source->schema->resultset('Bugs'); my (%res, %bugdetails); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/lib/OpenQA/Setup.pm new/openQA-5.1776072800.e5bc7424/lib/OpenQA/Setup.pm --- old/openQA-5.1775828534.8622a781/lib/OpenQA/Setup.pm 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/lib/OpenQA/Setup.pm 2026-04-13 11:33:20.000000000 +0200 @@ -159,6 +159,7 @@ dynamic_job_limit_load_critical => 0, dynamic_job_limit_step => 10, dynamic_job_limit_interval => 60, + results_min_free_storage_space_percentage => 5, }, logging => { level => undef, @@ -321,7 +322,12 @@ my $defaults = default_config(); # in development and test mode we use fake auth and log to stderr - my %devel_and_test_defaults = (auth => {method => 'Fake'}, logging => {file => undef, level => 'debug'}); + my %devel_and_test_defaults = ( + auth => {method => 'Fake'}, + logging => {file => undef, level => 'debug'}, + # disable results_…_percentage for consistent results despite possibly limited storage in test env + scheduler => {results_min_free_storage_space_percentage => 0}, + ); my %mode_defaults = (development => \%devel_and_test_defaults, test => \%devel_and_test_defaults); my $config = _load_config($app, $defaults, \%mode_defaults); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/lib/OpenQA/Shared/Plugin/SharedHelpers.pm new/openQA-5.1776072800.e5bc7424/lib/OpenQA/Shared/Plugin/SharedHelpers.pm --- old/openQA-5.1775828534.8622a781/lib/OpenQA/Shared/Plugin/SharedHelpers.pm 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/lib/OpenQA/Shared/Plugin/SharedHelpers.pm 2026-04-13 11:33:20.000000000 +0200 @@ -51,8 +51,17 @@ # If the value is not in the stash my $current_user = $c->stash('current_user'); unless ($current_user && ($current_user->{no_user} || defined $current_user->{user})) { - my $id = $c->session->{user}; + my $auth_method = $c->app->config->{auth}->{method} // ''; + my $id = $c->session->{user} // ($auth_method eq 'None' ? 'admin' : undef); my $user = $id ? $c->schema->resultset('Users')->find({username => $id}) : undef; + if (!$user && $auth_method eq 'None') { + $user = $c->schema->resultset('Users') + ->create_user('admin', fullname => 'Administrator', email => '[email protected]'); + $user->update({is_admin => 1, is_operator => 1}); + } + if ($user && $auth_method eq 'None' && !($user->is_admin && $user->is_operator)) { + $user->update({is_admin => 1, is_operator => 1}); + } $c->stash(current_user => $current_user = $user ? {user => $user} : {no_user => 1}); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/lib/OpenQA/Utils.pm new/openQA-5.1776072800.e5bc7424/lib/OpenQA/Utils.pm --- old/openQA-5.1775828534.8622a781/lib/OpenQA/Utils.pm 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/lib/OpenQA/Utils.pm 2026-04-13 11:33:20.000000000 +0200 @@ -935,7 +935,7 @@ sub results_storage_below_threshold () { my $percentage = OpenQA::App->singleton->config->{scheduler}->{results_min_free_storage_space_percentage}; - return 0 unless defined $percentage; + return 0 unless $percentage; return 1 if $percentage == 100; my ($available_bytes, $total_bytes); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/lib/OpenQA/WebAPI/Auth/None.pm new/openQA-5.1776072800.e5bc7424/lib/OpenQA/WebAPI/Auth/None.pm --- old/openQA-5.1775828534.8622a781/lib/OpenQA/WebAPI/Auth/None.pm 1970-01-01 01:00:00.000000000 +0100 +++ new/openQA-5.1776072800.e5bc7424/lib/OpenQA/WebAPI/Auth/None.pm 2026-04-13 11:33:20.000000000 +0200 @@ -0,0 +1,27 @@ +# Copyright SUSE LLC +# SPDX-License-Identifier: GPL-2.0-or-later + +package OpenQA::WebAPI::Auth::None; +use Mojo::Base -base, -signatures; +use Time::Seconds; + +sub auth_setup ($app) { + my $key_val = $ENV{OPENQA_AUTH_NONE_KEY} // 'DEADBEEFDEADBEEF'; + my $secret_val = $ENV{OPENQA_AUTH_NONE_SECRET} // 'DEADBEEFDEADBEEF'; + my $user = $app->schema->resultset('Users')->create_user( + 'admin', + fullname => 'Administrator', + email => '[email protected]' + ); + $user->update({is_admin => 1, is_operator => 1}); + my $key = $user->api_keys->find_or_create({key => $key_val, secret => $secret_val}); + $key->update({t_expiration => DateTime->from_epoch(epoch => time + ONE_DAY * 3650)}); +} + +sub auth_login ($self) { + auth_setup($self->app); + $self->session->{user} = 'admin'; + return (error => 0); +} + +1; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/t/03-auth.t new/openQA-5.1776072800.e5bc7424/t/03-auth.t --- old/openQA-5.1775828534.8622a781/t/03-auth.t 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/t/03-auth.t 2026-04-13 11:33:20.000000000 +0200 @@ -65,6 +65,45 @@ $t->content_unlike(qr/asset-ok/, 'asset via test not accessible when logged out'); }; +subtest None => sub { + my $t = test_auth_method_startup('None'); + $t->get_ok('/session/test')->status_is(200)->content_like(qr/you are admin/); + $t->get_ok('/admin/users')->status_is(200)->content_like(qr/Administrator/); + + my $user = $t->app->schema->resultset('Users')->find({username => 'admin'}); + ok $user, 'admin user exists'; + my $key = $user->api_keys->find({key => 'DEADBEEFDEADBEEF'}); + ok $key, 'admin API key exists'; + is $key->secret, 'DEADBEEFDEADBEEF', 'admin API secret matches'; + + $t->get_ok('/api/v1/auth' => {Authorization => 'Bearer admin:DEADBEEFDEADBEEF:DEADBEEFDEADBEEF'})->status_is(200) + ->content_is('ok'); + + $user->audit_events->delete; + $user->api_keys->delete; + $user->delete; + $t->get_ok('/session/test')->status_is(200)->content_like(qr/you are admin/); + $user = $t->app->schema->resultset('Users')->find({username => 'admin'}); + ok $user, 'admin user re-created'; + ok $user->is_admin && $user->is_operator, 're-created user has admin/operator permissions'; + + $user->update({is_admin => 0, is_operator => 0}); + $t->get_ok('/session/test')->status_is(200)->content_like(qr/you are admin/); + $user->discard_changes; + ok $user->is_admin && $user->is_operator, 'helper restored admin/operator permissions'; + + $t->get_ok('/')->status_is(200)->content_unlike(qr/Logout/); + + { + local $ENV{OPENQA_AUTH_NONE_KEY} = 'CUSTOMKEY'; + local $ENV{OPENQA_AUTH_NONE_SECRET} = 'CUSTOMSECRET'; + my $t2 = test_auth_method_startup('None'); + my $key2 = $t2->app->schema->resultset('ApiKeys')->find({key => 'CUSTOMKEY'}); + ok $key2, 'custom API key exists'; + is $key2->secret, 'CUSTOMSECRET', 'custom API secret matches'; + } +}; + subtest OpenID => sub { # OpenID relies on external server which we mock to not rely on external dependencies my $openid_mock = Test::MockModule->new('Net::OpenID::Consumer'); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/t/06-users.t new/openQA-5.1776072800.e5bc7424/t/06-users.t --- old/openQA-5.1775828534.8622a781/t/06-users.t 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/t/06-users.t 2026-04-13 11:33:20.000000000 +0200 @@ -33,7 +33,7 @@ subtest 'new user is admin if no admin is present' => sub { my $admins = $users->search({is_admin => 1}); - $_->update({is_admin => 0}) while $admins->next; + while (my $admin = $admins->next) { $admin->update({is_admin => 0}) } ok !$users->search({is_admin => 1})->all, 'no admin is present'; my $user = $users->create_user('test_user'); ok $user->is_admin, 'new user is admin by default if there was no admin'; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/t/config.t new/openQA-5.1776072800.e5bc7424/t/config.t --- old/openQA-5.1775828534.8622a781/t/config.t 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/t/config.t 2026-04-13 11:33:20.000000000 +0200 @@ -52,6 +52,7 @@ = ' .status:not(.result_passed):not(.result_softfailed)'; $test_config->{auth}->{method} = 'Fake'; $test_config->{minion_task_triggers}->{on_job_done} = []; + $test_config->{scheduler}->{results_min_free_storage_space_percentage} = 0; for my $l ($test_config->{default_group_limits}, $test_config->{no_group_limits}) { $l->{result_storage_duration} = OpenQA::JobGroupDefaults::KEEP_RESULTS_IN_DAYS; $l->{important_result_storage_duration} = OpenQA::JobGroupDefaults::KEEP_IMPORTANT_RESULTS_IN_DAYS; @@ -93,6 +94,7 @@ $test_config->{_openid_secret} = $config->{_openid_secret}; $test_config->{auth}->{method} = 'OpenID'; $test_config->{global}->{service_port_delta} = 2; + $test_config->{scheduler}->{results_min_free_storage_space_percentage} = 5; delete $config->{global}->{auto_clone_regex}; delete $config->{'test_preset example'}; delete $test_config->{logging}; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-5.1775828534.8622a781/templates/webapi/layouts/navbar.html.ep new/openQA-5.1776072800.e5bc7424/templates/webapi/layouts/navbar.html.ep --- old/openQA-5.1775828534.8622a781/templates/webapi/layouts/navbar.html.ep 2026-04-10 15:42:14.000000000 +0200 +++ new/openQA-5.1776072800.e5bc7424/templates/webapi/layouts/navbar.html.ep 2026-04-13 11:33:20.000000000 +0200 @@ -100,9 +100,12 @@ % if (config->{global}{mcp_enabled} eq 'read-only') { %= link_to 'MCP help' => url_for('mcp_help') => class => 'dropdown-item' % } - %= link_to 'Changelog' => url_for('changelog') => class => 'dropdown-item' - %= link_to 'Logout' => url_for('logout') => 'data-method' => 'delete' => class => 'dropdown-item' - </div> + %= link_to 'Changelog' => url_for('changelog') => class => 'dropdown-item' + % if (config->{auth}->{method} ne 'None') { + %= link_to 'Logout' => url_for('logout') => 'data-method' => 'delete' => class => 'dropdown-item' + % } + </div> + </li> % } else { <li class='nav-item' id="user-action"> ++++++ openQA.obsinfo ++++++ --- /var/tmp/diff_new_pack.nae1pG/_old 2026-04-13 23:21:46.575279110 +0200 +++ /var/tmp/diff_new_pack.nae1pG/_new 2026-04-13 23:21:46.583279440 +0200 @@ -1,5 +1,5 @@ name: openQA -version: 5.1775828534.8622a781 -mtime: 1775828534 -commit: 8622a7811a51b3959fd7433f0b69418778a57e84 +version: 5.1776072800.e5bc7424 +mtime: 1776072800 +commit: e5bc742416a9bcb03b24716c89c3a23c380625df
