2019-07-07 11:18:12 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2014-09-02 18:07:02 +05:30
|
|
|
require 'spec_helper'
|
|
|
|
|
2020-07-28 23:09:34 +05:30
|
|
|
RSpec.describe WebHook do
|
2021-06-08 01:23:25 +05:30
|
|
|
include AfterNextHelpers
|
|
|
|
|
|
|
|
let_it_be(:project) { create(:project) }
|
|
|
|
|
|
|
|
let(:hook) { build(:project_hook, project: project) }
|
|
|
|
|
|
|
|
around do |example|
|
2021-11-11 11:23:49 +05:30
|
|
|
if example.metadata[:skip_freeze_time]
|
|
|
|
example.run
|
|
|
|
else
|
|
|
|
freeze_time { example.run }
|
|
|
|
end
|
2021-06-08 01:23:25 +05:30
|
|
|
end
|
2017-09-10 17:25:29 +05:30
|
|
|
|
|
|
|
describe 'associations' do
|
2019-12-21 20:55:43 +05:30
|
|
|
it { is_expected.to have_many(:web_hook_logs) }
|
2017-09-10 17:25:29 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
describe 'validations' do
|
2015-04-26 12:48:37 +05:30
|
|
|
it { is_expected.to validate_presence_of(:url) }
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2016-06-02 11:05:42 +05:30
|
|
|
describe 'url' do
|
2017-09-10 17:25:29 +05:30
|
|
|
it { is_expected.to allow_value('http://example.com').for(:url) }
|
|
|
|
it { is_expected.to allow_value('https://example.com').for(:url) }
|
|
|
|
it { is_expected.to allow_value(' https://example.com ').for(:url) }
|
|
|
|
it { is_expected.to allow_value('http://test.com/api').for(:url) }
|
|
|
|
it { is_expected.to allow_value('http://test.com/api?key=abc').for(:url) }
|
|
|
|
it { is_expected.to allow_value('http://test.com/api?key=abc&type=def').for(:url) }
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
it { is_expected.not_to allow_value('example.com').for(:url) }
|
|
|
|
it { is_expected.not_to allow_value('ftp://example.com').for(:url) }
|
|
|
|
it { is_expected.not_to allow_value('herp-and-derp').for(:url) }
|
2016-06-02 11:05:42 +05:30
|
|
|
|
2021-10-27 15:23:28 +05:30
|
|
|
context 'when url is local' do
|
|
|
|
let(:url) { 'http://localhost:9000' }
|
|
|
|
|
|
|
|
it { is_expected.not_to allow_value(url).for(:url) }
|
|
|
|
|
|
|
|
it 'is valid if application settings allow local requests from web hooks' do
|
|
|
|
settings = ApplicationSetting.new(allow_local_requests_from_web_hooks_and_services: true)
|
|
|
|
allow(ApplicationSetting).to receive(:current).and_return(settings)
|
|
|
|
|
|
|
|
is_expected.to allow_value(url).for(:url)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-06-02 11:05:42 +05:30
|
|
|
it 'strips :url before saving it' do
|
2017-09-10 17:25:29 +05:30
|
|
|
hook.url = ' https://example.com '
|
2021-04-29 21:17:54 +05:30
|
|
|
hook.save!
|
2016-06-02 11:05:42 +05:30
|
|
|
|
|
|
|
expect(hook.url).to eq('https://example.com')
|
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
2018-03-17 18:26:18 +05:30
|
|
|
|
|
|
|
describe 'token' do
|
|
|
|
it { is_expected.to allow_value("foobar").for(:token) }
|
|
|
|
|
|
|
|
it { is_expected.not_to allow_values("foo\nbar", "foo\r\nbar").for(:token) }
|
|
|
|
end
|
2018-11-20 20:47:30 +05:30
|
|
|
|
|
|
|
describe 'push_events_branch_filter' do
|
|
|
|
it { is_expected.to allow_values("good_branch_name", "another/good-branch_name").for(:push_events_branch_filter) }
|
|
|
|
it { is_expected.to allow_values("").for(:push_events_branch_filter) }
|
|
|
|
it { is_expected.not_to allow_values("bad branch name", "bad~branchname").for(:push_events_branch_filter) }
|
|
|
|
|
|
|
|
it 'gets rid of whitespace' do
|
|
|
|
hook.push_events_branch_filter = ' branch '
|
2021-04-29 21:17:54 +05:30
|
|
|
hook.save!
|
2018-11-20 20:47:30 +05:30
|
|
|
|
|
|
|
expect(hook.push_events_branch_filter).to eq('branch')
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'stores whitespace only as empty' do
|
|
|
|
hook.push_events_branch_filter = ' '
|
2021-04-29 21:17:54 +05:30
|
|
|
hook.save!
|
2018-11-20 20:47:30 +05:30
|
|
|
|
|
|
|
expect(hook.push_events_branch_filter).to eq('')
|
|
|
|
end
|
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
2018-12-05 23:21:45 +05:30
|
|
|
describe 'encrypted attributes' do
|
|
|
|
subject { described_class.encrypted_attributes.keys }
|
|
|
|
|
|
|
|
it { is_expected.to contain_exactly(:token, :url) }
|
|
|
|
end
|
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
describe 'execute' do
|
|
|
|
let(:data) { { key: 'value' } }
|
|
|
|
let(:hook_name) { 'project hook' }
|
2015-12-23 02:04:40 +05:30
|
|
|
|
2021-06-08 01:23:25 +05:30
|
|
|
it '#execute' do
|
|
|
|
expect_next(WebHookService).to receive(:execute)
|
|
|
|
|
|
|
|
hook.execute(data, hook_name)
|
2015-12-23 02:04:40 +05:30
|
|
|
end
|
2016-01-14 18:37:52 +05:30
|
|
|
|
2021-06-08 01:23:25 +05:30
|
|
|
it 'does not execute non-executable hooks' do
|
|
|
|
hook.update!(disabled_until: 1.day.from_now)
|
|
|
|
|
|
|
|
expect(WebHookService).not_to receive(:new)
|
2016-01-14 18:37:52 +05:30
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
hook.execute(data, hook_name)
|
2016-01-14 18:37:52 +05:30
|
|
|
end
|
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
it '#async_execute' do
|
2021-06-08 01:23:25 +05:30
|
|
|
expect_next(WebHookService).to receive(:async_execute)
|
|
|
|
|
|
|
|
hook.async_execute(data, hook_name)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not async execute non-executable hooks' do
|
|
|
|
hook.update!(disabled_until: 1.day.from_now)
|
|
|
|
|
|
|
|
expect(WebHookService).not_to receive(:new)
|
2016-01-14 18:37:52 +05:30
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
hook.async_execute(data, hook_name)
|
2016-01-14 18:37:52 +05:30
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
2019-12-21 20:55:43 +05:30
|
|
|
|
|
|
|
describe '#destroy' do
|
|
|
|
it 'cascades to web_hook_logs' do
|
|
|
|
web_hook = create(:project_hook)
|
|
|
|
create_list(:web_hook_log, 3, web_hook: web_hook)
|
|
|
|
|
2021-04-29 21:17:54 +05:30
|
|
|
expect { web_hook.destroy! }.to change(web_hook.web_hook_logs, :count).by(-3)
|
2019-12-21 20:55:43 +05:30
|
|
|
end
|
|
|
|
end
|
2021-06-08 01:23:25 +05:30
|
|
|
|
|
|
|
describe '.executable' do
|
|
|
|
let(:not_executable) do
|
|
|
|
[
|
|
|
|
[0, Time.current],
|
|
|
|
[0, 1.minute.from_now],
|
|
|
|
[1, 1.minute.from_now],
|
|
|
|
[3, 1.minute.from_now],
|
|
|
|
[4, nil],
|
|
|
|
[4, 1.day.ago],
|
|
|
|
[4, 1.minute.from_now]
|
|
|
|
].map do |(recent_failures, disabled_until)|
|
|
|
|
create(:project_hook, project: project, recent_failures: recent_failures, disabled_until: disabled_until)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
let(:executables) do
|
|
|
|
[
|
|
|
|
[0, nil],
|
|
|
|
[0, 1.day.ago],
|
|
|
|
[1, nil],
|
|
|
|
[1, 1.day.ago],
|
|
|
|
[3, nil],
|
|
|
|
[3, 1.day.ago]
|
|
|
|
].map do |(recent_failures, disabled_until)|
|
|
|
|
create(:project_hook, project: project, recent_failures: recent_failures, disabled_until: disabled_until)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'finds the correct set of project hooks' do
|
|
|
|
expect(described_class.where(project_id: project.id).executable).to match_array executables
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the feature flag is not enabled' do
|
|
|
|
before do
|
|
|
|
stub_feature_flags(web_hooks_disable_failed: false)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'is the same as all' do
|
|
|
|
expect(described_class.where(project_id: project.id).executable).to match_array(executables + not_executable)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '#executable?' do
|
|
|
|
let(:web_hook) { create(:project_hook, project: project) }
|
|
|
|
|
|
|
|
where(:recent_failures, :not_until, :executable) do
|
|
|
|
[
|
|
|
|
[0, :not_set, true],
|
|
|
|
[0, :past, true],
|
|
|
|
[0, :future, false],
|
|
|
|
[0, :now, false],
|
|
|
|
[1, :not_set, true],
|
|
|
|
[1, :past, true],
|
|
|
|
[1, :future, false],
|
|
|
|
[3, :not_set, true],
|
|
|
|
[3, :past, true],
|
|
|
|
[3, :future, false],
|
|
|
|
[4, :not_set, false],
|
|
|
|
[4, :past, false],
|
|
|
|
[4, :future, false]
|
|
|
|
]
|
|
|
|
end
|
|
|
|
|
|
|
|
with_them do
|
|
|
|
# Phasing means we cannot put these values in the where block,
|
|
|
|
# which is not subject to the frozen time context.
|
|
|
|
let(:disabled_until) do
|
|
|
|
case not_until
|
|
|
|
when :not_set
|
|
|
|
nil
|
|
|
|
when :past
|
|
|
|
1.minute.ago
|
|
|
|
when :future
|
|
|
|
1.minute.from_now
|
|
|
|
when :now
|
|
|
|
Time.current
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
before do
|
|
|
|
web_hook.update!(recent_failures: recent_failures, disabled_until: disabled_until)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'has the correct state' do
|
|
|
|
expect(web_hook.executable?).to eq(executable)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the feature flag is enabled for a project' do
|
|
|
|
before do
|
|
|
|
stub_feature_flags(web_hooks_disable_failed: project)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'has the expected value' do
|
|
|
|
expect(web_hook.executable?).to eq(executable)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the feature flag is not enabled' do
|
|
|
|
before do
|
|
|
|
stub_feature_flags(web_hooks_disable_failed: false)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'is executable' do
|
|
|
|
expect(web_hook).to be_executable
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '#next_backoff' do
|
|
|
|
context 'when there was no last backoff' do
|
|
|
|
before do
|
|
|
|
hook.backoff_count = 0
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'is 10 minutes' do
|
|
|
|
expect(hook.next_backoff).to eq(described_class::INITIAL_BACKOFF)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when we have backed off once' do
|
|
|
|
before do
|
|
|
|
hook.backoff_count = 1
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'is twice the initial value' do
|
|
|
|
expect(hook.next_backoff).to eq(20.minutes)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when we have backed off 3 times' do
|
|
|
|
before do
|
|
|
|
hook.backoff_count = 3
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'grows exponentially' do
|
|
|
|
expect(hook.next_backoff).to eq(80.minutes)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the previous backoff was large' do
|
|
|
|
before do
|
|
|
|
hook.backoff_count = 8 # last value before MAX_BACKOFF
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not exceed the max backoff value' do
|
|
|
|
expect(hook.next_backoff).to eq(described_class::MAX_BACKOFF)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-10-27 15:23:28 +05:30
|
|
|
shared_examples 'is tolerant of invalid records' do
|
|
|
|
specify do
|
|
|
|
hook.url = nil
|
|
|
|
|
|
|
|
expect(hook).to be_invalid
|
|
|
|
run_expectation
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-06-08 01:23:25 +05:30
|
|
|
describe '#enable!' do
|
2021-09-04 01:27:46 +05:30
|
|
|
it 'makes a hook executable if it was marked as failed' do
|
2021-06-08 01:23:25 +05:30
|
|
|
hook.recent_failures = 1000
|
|
|
|
|
|
|
|
expect { hook.enable! }.to change(hook, :executable?).from(false).to(true)
|
|
|
|
end
|
2021-09-04 01:27:46 +05:30
|
|
|
|
|
|
|
it 'makes a hook executable if it is currently backed off' do
|
|
|
|
hook.disabled_until = 1.hour.from_now
|
|
|
|
|
|
|
|
expect { hook.enable! }.to change(hook, :executable?).from(false).to(true)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not update hooks unless necessary' do
|
2021-10-27 15:23:28 +05:30
|
|
|
sql_count = ActiveRecord::QueryRecorder.new { hook.enable! }.count
|
2021-09-04 01:27:46 +05:30
|
|
|
|
2021-10-27 15:23:28 +05:30
|
|
|
expect(sql_count).to eq(0)
|
2021-09-04 01:27:46 +05:30
|
|
|
end
|
|
|
|
|
2021-10-27 15:23:28 +05:30
|
|
|
include_examples 'is tolerant of invalid records' do
|
|
|
|
def run_expectation
|
|
|
|
hook.recent_failures = 1000
|
2021-09-04 01:27:46 +05:30
|
|
|
|
2021-10-27 15:23:28 +05:30
|
|
|
expect { hook.enable! }.to change(hook, :executable?).from(false).to(true)
|
|
|
|
end
|
2021-09-04 01:27:46 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'backoff!' do
|
|
|
|
it 'sets disabled_until to the next backoff' do
|
|
|
|
expect { hook.backoff! }.to change(hook, :disabled_until).to(hook.next_backoff.from_now)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'increments the backoff count' do
|
|
|
|
expect { hook.backoff! }.to change(hook, :backoff_count).by(1)
|
|
|
|
end
|
|
|
|
|
2022-01-26 12:08:38 +05:30
|
|
|
context 'when the hook is permanently disabled' do
|
|
|
|
before do
|
|
|
|
allow(hook).to receive(:permanently_disabled?).and_return(true)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not set disabled_until' do
|
|
|
|
expect { hook.backoff! }.not_to change(hook, :disabled_until)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not increment the backoff count' do
|
|
|
|
expect { hook.backoff! }.not_to change(hook, :backoff_count)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-11-11 11:23:49 +05:30
|
|
|
context 'when we have backed off MAX_FAILURES times' do
|
|
|
|
before do
|
|
|
|
stub_const("#{described_class}::MAX_FAILURES", 5)
|
|
|
|
5.times { hook.backoff! }
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not let the backoff count exceed the maximum failure count' do
|
|
|
|
expect { hook.backoff! }.not_to change(hook, :backoff_count)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not change disabled_until', :skip_freeze_time do
|
|
|
|
travel_to(hook.disabled_until - 1.minute) do
|
|
|
|
expect { hook.backoff! }.not_to change(hook, :disabled_until)
|
|
|
|
end
|
|
|
|
end
|
2021-09-04 01:27:46 +05:30
|
|
|
|
2021-11-11 11:23:49 +05:30
|
|
|
it 'changes disabled_until when it has elapsed', :skip_freeze_time do
|
|
|
|
travel_to(hook.disabled_until + 1.minute) do
|
|
|
|
expect { hook.backoff! }.to change { hook.disabled_until }
|
|
|
|
expect(hook.backoff_count).to eq(described_class::MAX_FAILURES)
|
|
|
|
end
|
|
|
|
end
|
2021-09-04 01:27:46 +05:30
|
|
|
end
|
2021-10-27 15:23:28 +05:30
|
|
|
|
|
|
|
include_examples 'is tolerant of invalid records' do
|
|
|
|
def run_expectation
|
|
|
|
expect { hook.backoff! }.to change(hook, :backoff_count).by(1)
|
|
|
|
end
|
|
|
|
end
|
2021-09-04 01:27:46 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
describe 'failed!' do
|
|
|
|
it 'increments the failure count' do
|
|
|
|
expect { hook.failed! }.to change(hook, :recent_failures).by(1)
|
|
|
|
end
|
|
|
|
|
2021-10-27 15:23:28 +05:30
|
|
|
it 'does not update the hook if the the failure count exceeds the maximum value' do
|
2021-09-04 01:27:46 +05:30
|
|
|
hook.recent_failures = described_class::MAX_FAILURES
|
|
|
|
|
2021-10-27 15:23:28 +05:30
|
|
|
sql_count = ActiveRecord::QueryRecorder.new { hook.failed! }.count
|
|
|
|
|
|
|
|
expect(sql_count).to eq(0)
|
|
|
|
end
|
|
|
|
|
|
|
|
include_examples 'is tolerant of invalid records' do
|
|
|
|
def run_expectation
|
|
|
|
expect { hook.failed! }.to change(hook, :recent_failures).by(1)
|
|
|
|
end
|
2021-09-04 01:27:46 +05:30
|
|
|
end
|
2021-06-08 01:23:25 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
describe '#disable!' do
|
|
|
|
it 'disables a hook' do
|
|
|
|
expect { hook.disable! }.to change(hook, :executable?).from(true).to(false)
|
|
|
|
end
|
2021-10-27 15:23:28 +05:30
|
|
|
|
|
|
|
include_examples 'is tolerant of invalid records' do
|
|
|
|
def run_expectation
|
|
|
|
expect { hook.disable! }.to change(hook, :executable?).from(true).to(false)
|
|
|
|
end
|
|
|
|
end
|
2021-06-08 01:23:25 +05:30
|
|
|
end
|
2022-01-26 12:08:38 +05:30
|
|
|
|
|
|
|
describe '#temporarily_disabled?' do
|
|
|
|
it 'is false when not temporarily disabled' do
|
|
|
|
expect(hook).not_to be_temporarily_disabled
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when hook has been told to back off' do
|
|
|
|
before do
|
|
|
|
hook.backoff!
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'is true' do
|
|
|
|
expect(hook).to be_temporarily_disabled
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'is false when `web_hooks_disable_failed` flag is disabled' do
|
|
|
|
stub_feature_flags(web_hooks_disable_failed: false)
|
|
|
|
|
|
|
|
expect(hook).not_to be_temporarily_disabled
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '#permanently_disabled?' do
|
|
|
|
it 'is false when not disabled' do
|
|
|
|
expect(hook).not_to be_permanently_disabled
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when hook has been disabled' do
|
|
|
|
before do
|
|
|
|
hook.disable!
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'is true' do
|
|
|
|
expect(hook).to be_permanently_disabled
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'is false when `web_hooks_disable_failed` flag is disabled' do
|
|
|
|
stub_feature_flags(web_hooks_disable_failed: false)
|
|
|
|
|
|
|
|
expect(hook).not_to be_permanently_disabled
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '#rate_limited?' do
|
|
|
|
context 'when there are rate limits' do
|
|
|
|
before do
|
|
|
|
allow(hook).to receive(:rate_limit).and_return(3)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'is false when hook has not been rate limited' do
|
|
|
|
expect(Gitlab::ApplicationRateLimiter).to receive(:peek).and_return(false)
|
|
|
|
expect(hook).not_to be_rate_limited
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'is true when hook has been rate limited' do
|
|
|
|
expect(Gitlab::ApplicationRateLimiter).to receive(:peek).and_return(true)
|
|
|
|
expect(hook).to be_rate_limited
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when there are no rate limits' do
|
|
|
|
before do
|
|
|
|
allow(hook).to receive(:rate_limit).and_return(nil)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not call Gitlab::ApplicationRateLimiter, and is false' do
|
|
|
|
expect(Gitlab::ApplicationRateLimiter).not_to receive(:peek)
|
|
|
|
expect(hook).not_to be_rate_limited
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|