fix(azure-devops): add check for test webhook URL #2809
Conversation
nitrocode
changed the title
|
Sorry @nitrocode - Not had time over the holidays. |
| @@ -43,6 +43,9 @@ const bitbucketCloudRequestIDHeader = "X-Request-UUID" | |||
| const bitbucketServerRequestIDHeader = "X-Request-ID" | |||
| const bitbucketServerSignatureHeader = "X-Hub-Signature" | |||
|
|
|||
| // The URL used for Azure DevOps test webhooks | |||
| const azuredevopsTestURL = "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079" | |||
There was a problem hiding this comment.
How come this url has to be hardcoded?
Shouldn't this value be in the test instead?
Who has access to use this url for testing purposes?
Couldn't this be mocked?
There was a problem hiding this comment.
The PR is to detect and ignore the test webhooks that come from Azure DevOps. The test requests for the 3 webhooks that Atlantis uses are in the PR description. (The tests aren't configurable, they just send the same requests every time)
The URL is a common property that exists in all three requests so we're using it to say: "If the request says it's coming from this URL: Ignore the request"
No access is needed to this URL, we're simply using it to identify these test requests.
Does that sound okay?
There was a problem hiding this comment.
Do you think we'll ever have to configure these urls?
Would you add some additional comments in the code to add this explaination in case people have this question in the future?
nitrocode
changed the title
| @@ -43,6 +43,9 @@ const bitbucketCloudRequestIDHeader = "X-Request-UUID" | |||
| const bitbucketServerRequestIDHeader = "X-Request-ID" | |||
| const bitbucketServerSignatureHeader = "X-Hub-Signature" | |||
|
|
|||
| // The URL used for Azure DevOps test webhooks | |||
There was a problem hiding this comment.
Has this PR been tested in your atlantis deployment? Were you able to verify that this change worked as expected?
There was a problem hiding this comment.
I'll build it and run through some tests - hold off until I've confirmed that's sorted
There was a problem hiding this comment.
Thank you! Once you confirm then we can merge
Co-authored-by: Ken Kaizu <k.kaizu38@gmail.com>
|
Thank you @SSKLCP ! |
* Adding check for Azure DevOps Test Webhook URL so they aren't processed like real events * feat: customize vcs comment command executable name * Altering case on isAzureDevOpsTestRepoURL function * Altering case on URL parameter * Altering checks to ensure all Azure DevOps Ignore tests pass * Extending setup method to support Azure DevOps * Fixing issue from merge conflict error * gofmt * Adding null checks to Test URL checks * moving azuredevopsTestUrl to const * Changing azuredevopsTestUrl to azuredevopsTestURL * Cleaning up return statement Co-authored-by: Ken Kaizu <k.kaizu38@gmail.com> --------- Co-authored-by: Ken Kaizu <k.kaizu38@gmail.com> Co-authored-by: nitrocode <7775707+nitrocode@users.noreply.github.com>
* Adding check for Azure DevOps Test Webhook URL so they aren't processed like real events * feat: customize vcs comment command executable name * Altering case on isAzureDevOpsTestRepoURL function * Altering case on URL parameter * Altering checks to ensure all Azure DevOps Ignore tests pass * Extending setup method to support Azure DevOps * Fixing issue from merge conflict error * gofmt * Adding null checks to Test URL checks * moving azuredevopsTestUrl to const * Changing azuredevopsTestUrl to azuredevopsTestURL * Cleaning up return statement Co-authored-by: Ken Kaizu <k.kaizu38@gmail.com> --------- Co-authored-by: Ken Kaizu <k.kaizu38@gmail.com> Co-authored-by: nitrocode <7775707+nitrocode@users.noreply.github.com>
…so they aren't processed like real events
what
When setting up the webhooks in Azure DevOps you get an option to test them. Running this test fails because it points you to a repo that Atlantis has no access to and can fail ungracefully.
Adding in a check for the test webhook requests and not process them like normal requests, Returns a status 200 as the web request is working.
The check relies on the Repo URL equalling: https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079
Which is consistent across all test webhooks
why
Confusing when the webhooks are setup correctly and it shows a fail for the test.
We don't like ungraceful failures.
help
This is a first draft of what the solution could be. It feels a little bit janky to me and wasn't sure if you have a better idea of how to implement it?
The URL seemed like the most unique similarity between all the requests - Annoyingly they didn't all have a "this is a test" property.
The Commented event json is a different format to the new/updated json so I've had to put in the check twice depending on its route rather than one high level check. Again, not sure if there's a better way.
Here's all the web request bodies for the test webhooks in case you want to take a look:
Pull Request Commented On
{ "subscriptionId": "3cff100b-52db-48fe-a774-7d51e24dd183", "notificationId": 267, "id": "af07be1b-f3ad-44c8-a7f1-c4835f2df06b", "eventType": "ms.vss-code.git-pullrequest-comment-event", "publisherId": "tfs", "message": { "text": "Jamal Hartnett has edited a pull request comment", "html": "Jamal Hartnett has <a href=\"https://fabrikam.visualstudio.com/DefaultCollection/_git/Fabrikam/pullrequest/1?discussionId=5\">edited</a> a pull request comment", "markdown": "Jamal Hartnett has [edited](https://fabrikam.visualstudio.com/DefaultCollection/_git/Fabrikam/pullrequest/1?discussionId=5) a pull request comment" }, "detailedMessage": { "text": "Jamal Hartnett has edited a pull request comment\r\nThis is my comment.\r\n", "html": "Jamal Hartnett has <a href=\"https://fabrikam.visualstudio.com/DefaultCollection/_git/Fabrikam/pullrequest/1?discussionId=5\">edited</a> a pull request comment<p>This is my comment.</p>", "markdown": "Jamal Hartnett has [edited](https://fabrikam.visualstudio.com/DefaultCollection/_git/Fabrikam/pullrequest/1?discussionId=5) a pull request comment\r\nThis is my comment.\r\n" }, "resource": { "comment": { "id": 2, "parentCommentId": 1, "author": { "displayName": "Jamal Hartnett", "url": "https://fabrikam.vssps.visualstudio.com/_apis/Identities/54d125f7-69f7-4191-904f-c5b96b6261c8", "id": "54d125f7-69f7-4191-904f-c5b96b6261c8", "uniqueName": "fabrikamfiber4@hotmail.com", "imageUrl": "https://fabrikam.visualstudio.com/DefaultCollection/_api/_common/identityImage?id=54d125f7-69f7-4191-904f-c5b96b6261c8" }, "content": "This is my comment.", "publishedDate": "2014-06-17T16:55:46.589889Z", "lastUpdatedDate": "2014-06-17T16:58:33.123889Z", "lastContentUpdatedDate": "2014-06-17T16:58:33.123889Z", "commentType": "text", "_links": { "self": { "href": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/pullRequests/1/threads/5/comments/2" }, "repository": { "href": "http://joscol2/DefaultCollection/ebed510c-62eb-474b-965f-fd151ebb82e4/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079" }, "threads": { "href": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/pullRequests/1/threads/5" } } }, "pullRequest": { "repository": { "id": "4bc14d40-c903-45e2-872e-0462c7748079", "name": "Fabrikam", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079", "project": { "id": "6ce954b1-ce1f-45d1-b94d-e6bf2464ba2c", "name": "Fabrikam", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/projects/6ce954b1-ce1f-45d1-b94d-e6bf2464ba2c", "state": "wellFormed", "visibility": "unchanged", "lastUpdateTime": "0001-01-01T00:00:00" }, "defaultBranch": "refs/heads/master", "remoteUrl": "https://fabrikam.visualstudio.com/DefaultCollection/_git/Fabrikam" }, "pullRequestId": 1, "status": "active", "createdBy": { "displayName": "Jamal Hartnett", "url": "https://fabrikam.vssps.visualstudio.com/_apis/Identities/54d125f7-69f7-4191-904f-c5b96b6261c8", "id": "54d125f7-69f7-4191-904f-c5b96b6261c8", "uniqueName": "fabrikamfiber4@hotmail.com", "imageUrl": "https://fabrikam.visualstudio.com/DefaultCollection/_api/_common/identityImage?id=54d125f7-69f7-4191-904f-c5b96b6261c8" }, "creationDate": "2014-06-17T16:55:46.589889Z", "title": "my first pull request", "description": " - test2\r\n", "sourceRefName": "refs/heads/mytopic", "targetRefName": "refs/heads/master", "mergeStatus": "succeeded", "mergeId": "a10bb228-6ba6-4362-abd7-49ea21333dbd", "lastMergeSourceCommit": { "commitId": "53d54ac915144006c2c9e90d2c7d3880920db49c", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/53d54ac915144006c2c9e90d2c7d3880920db49c" }, "lastMergeTargetCommit": { "commitId": "a511f535b1ea495ee0c903badb68fbc83772c882", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/a511f535b1ea495ee0c903badb68fbc83772c882" }, "lastMergeCommit": { "commitId": "eef717f69257a6333f221566c1c987dc94cc0d72", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/eef717f69257a6333f221566c1c987dc94cc0d72" }, "reviewers": [ { "reviewerUrl": null, "vote": 0, "displayName": "[Mobile]\\Mobile Team", "url": "https://fabrikam.vssps.visualstudio.com/_apis/Identities/2ea2d095-48f9-4cd6-9966-62f6f574096c", "id": "2ea2d095-48f9-4cd6-9966-62f6f574096c", "uniqueName": "vstfs:///Classification/TeamProject/f0811a3b-8c8a-4e43-a3bf-9a049b4835bd\\Mobile Team", "imageUrl": "https://fabrikam.visualstudio.com/DefaultCollection/_api/_common/identityImage?id=2ea2d095-48f9-4cd6-9966-62f6f574096c", "isContainer": true } ], "commits": [ { "commitId": "53d54ac915144006c2c9e90d2c7d3880920db49c", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/53d54ac915144006c2c9e90d2c7d3880920db49c" } ], "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/pullRequests/1", "_links": { "web": { "href": "https://fabrikam.visualstudio.com/DefaultCollection/_git/Fabrikam/pullrequest/1#view=discussion" }, "statuses": { "href": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/pullRequests/1/statuses" } } } }, "resourceVersion": "2.0", "resourceContainers": { "collection": { "id": "c12d0eb8-e382-443b-9f9c-c52cba5014c2" }, "account": { "id": "f844ec47-a9db-4511-8281-8b63f4eaf94e" }, "project": { "id": "be9b3917-87e6-42a4-a549-2bc06a7a878f" } }, "createdDate": "2022-12-17T08:18:08.0981478Z" }Pull Request Created
{ "subscriptionId": "bed09de0-2579-4ff1-8b19-5582f8d03eba", "notificationId": 8, "id": "2ab4e3d3-b7a6-425e-92b1-5a9982c1269e", "eventType": "git.pullrequest.created", "publisherId": "tfs", "message": { "text": "Jamal Hartnett created a new pull request", "html": "Jamal Hartnett created a new pull request", "markdown": "Jamal Hartnett created a new pull request" }, "detailedMessage": { "text": "Jamal Hartnett created a new pull request\r\n\r\n- Merge status: Succeeded\r\n- Merge commit: eef717(https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/eef717f69257a6333f221566c1c987dc94cc0d72)\r\n", "html": "Jamal Hartnett created a new pull request\r\n<ul>\r\n<li>Merge status: Succeeded</li>\r\n<li>Merge commit: <a href=\"https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/eef717f69257a6333f221566c1c987dc94cc0d72\">eef717</a></li>\r\n</ul>", "markdown": "Jamal Hartnett created a new pull request\r\n\r\n+ Merge status: Succeeded\r\n+ Merge commit: [eef717](https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/eef717f69257a6333f221566c1c987dc94cc0d72)\r\n" }, "resource": { "repository": { "id": "4bc14d40-c903-45e2-872e-0462c7748079", "name": "Fabrikam", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079", "project": { "id": "6ce954b1-ce1f-45d1-b94d-e6bf2464ba2c", "name": "Fabrikam", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/projects/6ce954b1-ce1f-45d1-b94d-e6bf2464ba2c", "state": "wellFormed", "visibility": "unchanged", "lastUpdateTime": "0001-01-01T00:00:00" }, "defaultBranch": "refs/heads/master", "remoteUrl": "https://fabrikam.visualstudio.com/DefaultCollection/_git/Fabrikam" }, "pullRequestId": 1, "status": "active", "createdBy": { "displayName": "Jamal Hartnett", "url": "https://fabrikam.vssps.visualstudio.com/_apis/Identities/54d125f7-69f7-4191-904f-c5b96b6261c8", "id": "54d125f7-69f7-4191-904f-c5b96b6261c8", "uniqueName": "fabrikamfiber4@hotmail.com", "imageUrl": "https://fabrikam.visualstudio.com/DefaultCollection/_api/_common/identityImage?id=54d125f7-69f7-4191-904f-c5b96b6261c8" }, "creationDate": "2014-06-17T16:55:46.589889Z", "title": "my first pull request", "description": " - test2\r\n", "sourceRefName": "refs/heads/mytopic", "targetRefName": "refs/heads/master", "mergeStatus": "succeeded", "mergeId": "a10bb228-6ba6-4362-abd7-49ea21333dbd", "lastMergeSourceCommit": { "commitId": "53d54ac915144006c2c9e90d2c7d3880920db49c", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/53d54ac915144006c2c9e90d2c7d3880920db49c" }, "lastMergeTargetCommit": { "commitId": "a511f535b1ea495ee0c903badb68fbc83772c882", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/a511f535b1ea495ee0c903badb68fbc83772c882" }, "lastMergeCommit": { "commitId": "eef717f69257a6333f221566c1c987dc94cc0d72", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/eef717f69257a6333f221566c1c987dc94cc0d72" }, "reviewers": [ { "reviewerUrl": null, "vote": 0, "displayName": "[Mobile]\\Mobile Team", "url": "https://fabrikam.vssps.visualstudio.com/_apis/Identities/2ea2d095-48f9-4cd6-9966-62f6f574096c", "id": "2ea2d095-48f9-4cd6-9966-62f6f574096c", "uniqueName": "vstfs:///Classification/TeamProject/f0811a3b-8c8a-4e43-a3bf-9a049b4835bd\\Mobile Team", "imageUrl": "https://fabrikam.visualstudio.com/DefaultCollection/_api/_common/identityImage?id=2ea2d095-48f9-4cd6-9966-62f6f574096c", "isContainer": true } ], "commits": [ { "commitId": "53d54ac915144006c2c9e90d2c7d3880920db49c", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/53d54ac915144006c2c9e90d2c7d3880920db49c" } ], "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/pullRequests/1", "_links": { "web": { "href": "https://fabrikam.visualstudio.com/DefaultCollection/_git/Fabrikam/pullrequest/1#view=discussion" }, "statuses": { "href": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/pullRequests/1/statuses" } } }, "resourceVersion": "1.0", "resourceContainers": { "collection": { "id": "c12d0eb8-e382-443b-9f9c-c52cba5014c2" }, "account": { "id": "f844ec47-a9db-4511-8281-8b63f4eaf94e" }, "project": { "id": "be9b3917-87e6-42a4-a549-2bc06a7a878f" } }, "createdDate": "2022-12-17T08:19:48.5718178Z" }Pull Request Updated
{ "subscriptionId": "7811574c-a1cd-401d-9370-5de70f3c8fe9", "notificationId": 60, "id": "af07be1b-f3ad-44c8-a7f1-c4835f2df06b", "eventType": "git.pullrequest.updated", "publisherId": "tfs", "message": { "text": "Jamal Hartnett marked the pull request as completed", "html": "Jamal Hartnett marked the pull request as completed", "markdown": "Jamal Hartnett marked the pull request as completed" }, "detailedMessage": { "text": "Jamal Hartnett marked the pull request as completed\r\n\r\n- Merge status: Succeeded\r\n- Merge commit: eef717(https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/eef717f69257a6333f221566c1c987dc94cc0d72)\r\n", "html": "Jamal Hartnett marked the pull request as completed\r\n<ul>\r\n<li>Merge status: Succeeded</li>\r\n<li>Merge commit: <a href=\"https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/eef717f69257a6333f221566c1c987dc94cc0d72\">eef717</a></li>\r\n</ul>", "markdown": "Jamal Hartnett marked the pull request as completed\r\n\r\n+ Merge status: Succeeded\r\n+ Merge commit: [eef717](https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/eef717f69257a6333f221566c1c987dc94cc0d72)\r\n" }, "resource": { "repository": { "id": "4bc14d40-c903-45e2-872e-0462c7748079", "name": "Fabrikam", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079", "project": { "id": "6ce954b1-ce1f-45d1-b94d-e6bf2464ba2c", "name": "Fabrikam", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/projects/6ce954b1-ce1f-45d1-b94d-e6bf2464ba2c", "state": "wellFormed", "visibility": "unchanged", "lastUpdateTime": "0001-01-01T00:00:00" }, "defaultBranch": "refs/heads/master", "remoteUrl": "https://fabrikam.visualstudio.com/DefaultCollection/_git/Fabrikam" }, "pullRequestId": 1, "status": "completed", "createdBy": { "displayName": "Jamal Hartnett", "url": "https://fabrikam.vssps.visualstudio.com/_apis/Identities/54d125f7-69f7-4191-904f-c5b96b6261c8", "id": "54d125f7-69f7-4191-904f-c5b96b6261c8", "uniqueName": "fabrikamfiber4@hotmail.com", "imageUrl": "https://fabrikam.visualstudio.com/DefaultCollection/_api/_common/identityImage?id=54d125f7-69f7-4191-904f-c5b96b6261c8" }, "creationDate": "2014-06-17T16:55:46.589889Z", "closedDate": "2014-06-30T18:59:12.3660573Z", "title": "my first pull request", "description": " - test2\r\n", "sourceRefName": "refs/heads/mytopic", "targetRefName": "refs/heads/master", "mergeStatus": "succeeded", "mergeId": "a10bb228-6ba6-4362-abd7-49ea21333dbd", "lastMergeSourceCommit": { "commitId": "53d54ac915144006c2c9e90d2c7d3880920db49c", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/53d54ac915144006c2c9e90d2c7d3880920db49c" }, "lastMergeTargetCommit": { "commitId": "a511f535b1ea495ee0c903badb68fbc83772c882", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/a511f535b1ea495ee0c903badb68fbc83772c882" }, "lastMergeCommit": { "commitId": "eef717f69257a6333f221566c1c987dc94cc0d72", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/eef717f69257a6333f221566c1c987dc94cc0d72" }, "reviewers": [ { "reviewerUrl": null, "vote": 0, "displayName": "[Mobile]\\Mobile Team", "url": "https://fabrikam.vssps.visualstudio.com/_apis/Identities/2ea2d095-48f9-4cd6-9966-62f6f574096c", "id": "2ea2d095-48f9-4cd6-9966-62f6f574096c", "uniqueName": "vstfs:///Classification/TeamProject/f0811a3b-8c8a-4e43-a3bf-9a049b4835bd\\Mobile Team", "imageUrl": "https://fabrikam.visualstudio.com/DefaultCollection/_api/_common/identityImage?id=2ea2d095-48f9-4cd6-9966-62f6f574096c", "isContainer": true } ], "commits": [ { "commitId": "53d54ac915144006c2c9e90d2c7d3880920db49c", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commits/53d54ac915144006c2c9e90d2c7d3880920db49c" } ], "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/pullRequests/1", "_links": { "web": { "href": "https://fabrikam.visualstudio.com/DefaultCollection/_git/Fabrikam/pullrequest/1#view=discussion" }, "statuses": { "href": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/pullRequests/1/statuses" } } }, "resourceVersion": "1.0", "resourceContainers": { "collection": { "id": "c12d0eb8-e382-443b-9f9c-c52cba5014c2" }, "account": { "id": "f844ec47-a9db-4511-8281-8b63f4eaf94e" }, "project": { "id": "be9b3917-87e6-42a4-a549-2bc06a7a878f" } }, "createdDate": "2022-12-17T08:20:49.4937995Z" }references