summaryrefslogtreecommitdiff
path: root/app/models/hooks
Commit message (Collapse)AuthorAgeFilesLines
* Remove unencrypted webhook token and URL columnsNick Thomas2018-10-091-34/+0
|
* Encrypt webhook tokens and URLs in the databaseNick Thomas2018-10-011-0/+44
|
* Merge branch 'rubocop-code-reuse' into 'master'Robert Speicher2018-09-132-0/+6
|\ | | | | | | | | Add RuboCop cops to enforce code reusing rules See merge request gitlab-org/gitlab-ce!21391
| * Disable existing offenses for the CodeReuse copsYorick Peterse2018-09-112-0/+6
| | | | | | | | | | This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop.
* | Enable frozen string in vestigial filesgfyoung2018-09-111-0/+2
|/ | | | Partially addresses #47424.
* Refactor ProtectedRefMatcher to be more genericDuana Saskia2018-08-131-26/+2
|
* Filter project hooks by branchDuana Saskia2018-08-132-0/+39
| | | | | | Allow specificying a branch filter for a project hook and only trigger a project hook if either the branch filter is blank or the branch matches. Only supported for push_events for now.
* Enable more frozen string in app/models/**/*.rbgfyoung2018-08-075-0/+10
| | | | Partially addresses #47424.
* Fixed pagination of web hook logsYorick Peterse2018-07-031-0/+5
| | | | | | | | | | | | | | | | | | | | For reasons unknown, the logs of a web hook were paginated in memory. This would result in the "Edit" page of a web hook timing out once it has more than a few thousand log entries. This commit makes the following changes: 1. We use LIMIT/OFFSET to paginate the data, instead of doing this in memory. 2. We limit the logs to the last two days, just like the documentation says (instead of retrieving everything). 3. We change the indexes on "web_hook_logs" so the query to get the data can perform a backwards index scan, without the need for a Filter. These changes combined ensure that Projects::HooksController#edit no longer times out.
* Add validation to webhook and service URLs to ensure they are not blocked ↵Francisco Javier López2018-06-012-1/+13
| | | | because of SSRF
* Merge branch 'jej/mattermost-notification-confidentiality-10-6' into ↵Douwe Maan2018-04-051-0/+1
| | | | | | | | | | 'security-10-6' [10.6] Prevent notes on confidential issues from being sent to chat See merge request gitlab/gitlabhq!2366 # Conflicts: # app/helpers/services_helper.rb
* Merge branch 'feature/merge-request-system-hook' into 'master'Douwe Maan2018-01-182-22/+20
|\ | | | | | | | | System hooks for Merge Requests See merge request gitlab-org/gitlab-ce!14387
| * no need for a named parameterAlexis Reigel2018-01-172-2/+2
| |
| * extract concern for hook triggersAlexis Reigel2018-01-172-23/+19
| |
| * execute system hooks from projectAlexis Reigel2018-01-041-1/+3
| |
* | Merge branch ↵Robert Speicher2018-01-161-0/+1
|/ | | | | | | | | | | | '41293-fix-command-injection-vulnerability-on-system_hook_push-queue-through-web-hook' into 'security-10-3' Don't allow line breaks on HTTP headers See merge request gitlab/gitlabhq!2277 (cherry picked from commit 7fc0a6fc096768a5604d6dd24d7d952e53300c82) 073b8f9c Don't allow line breaks on HTTP headers
* Wrong data type when testing webhooksAlexander Randa2017-07-204-23/+27
|
* Rename ActiverecordSerialize copYorick Peterse2017-07-061-3/+3
| | | | | This cop has been renamed to ActiveRecordSerialize to match the way "ActiveRecord" is usually written.
* Added Cop to blacklist the use of `dependent:`Yorick Peterse2017-07-061-1/+1
| | | | | | | | This is allowed for existing instances so we don't end up 76 offenses right away, but for new code one should _only_ use this if they _have_ to remove non database data. Even then it's usually better to do this in a service class as this gives you more control over how to remove the data (e.g. in bulk).
* Added Cop to blacklist the use of serializedocument-not-using-serializeYorick Peterse2017-05-311-3/+3
| | | | | This Cop blacklists the use of ActiveRecord's "serialize" method, except for cases where we already use this.
* Implement web hooks loggingAlexander Randa2017-05-254-44/+18
| | | | | | | | * implemented logging of project and system web hooks * implemented UI for user area (project hooks) * implemented UI for admin area (system hooks) * implemented retry of logged webhook * NOT imeplemented log remover
* Merge branch 'bvl-rename-build-events-to-job-events' into 'master' cherry-pick-0663458cDouwe Maan2017-05-162-2/+2
| | | | | | | Rename `build_events` to `job_events` Closes #31620 See merge request !11287
* Revert "Merge branch 'bvl-rename-build-events-to-job-events' into 'master'"Douwe Maan2017-05-152-2/+2
| | | This reverts merge request !11287
* Rename `build_events` to `job_events` in codeBob Van Landuyt2017-05-152-2/+2
|
* Make the new repository_update_events configurable in System Hooks UIGabriel Mazetto2017-05-121-0/+3
|
* Added repository_update hookGabriel Mazetto2017-05-122-0/+3
|
* Enable the Style/TrailingCommaInLiteral copRémy Coutable2017-05-101-1/+1
| | | | | | Use the EnforcedStyleForMultiline: no_comma option. Signed-off-by: Rémy Coutable <remy@rymai.me>
* Scope hooks thal will run for confidential issuesDouglas Barbosa Alexandre2016-08-311-0/+1
|
* Add option to confidential issues events to trigger WebhooksDouglas Barbosa Alexandre2016-08-311-0/+1
|
* Implement pipeline hooks, extracted from !5525Lin Jen-Shin2016-08-022-0/+2
| | | | Closes #20115
* Merge branch 'hook-docs-behavior' into 'master' Robert Speicher2016-05-111-1/+1
|\ | | | | | | | | | | | | | | Improve documentation and web test for web hooks Tips and documentation of actual hook behavior. Improved user feedback when testing hooks via the web UI. See merge request !4015
| * Remove extra sanitizationJacob Vosmaer2016-05-101-1/+1
| | | | | | | | | | Robert Speicher and I believe this string gets sanitized further down the stack anyway. Doing this in a model class feels wrong.
| * Improve documentation and web test for web hooksJacob Vosmaer2016-05-031-1/+1
| | | | | | | | | | I wanted to share what I learned trying to debug web hooks using netcat.
* | Remove the annotate gem and delete old annotationsJeroen van Baarsen2016-05-094-88/+0
| | | | | | | | | | | | | | | | | | In 8278b763d96ef10c6494409b18b7eb541463af29 the default behaviour of annotation has changes, which was causing a lot of noise in diffs. We decided in #17382 that it is better to get rid of the whole annotate gem, and instead let people look at schema.rb for the columns in a table. Fixes: #17382
* | Annotate modelsDmitriy Zaporozhets2016-05-064-0/+4
| | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* | Annotate the modelsZeger-Jan van de Weg2016-05-064-4/+4
|/
* Backported minimal safewebhook implementation to GitLab CEGabriel Mazetto2016-04-304-9/+18
|
* add slack notifications for wiki pagesSebastian Klier2016-04-201-0/+1
| | | | update changelog
* moving overlapping scopes to webhookGabriel Mazetto2016-04-193-5/+3
|
* Added System Hooks for push and tag_pushGabriel Mazetto2016-04-191-0/+6
| | | | | Code is based on Project Webhooks, removing deprecations and without commits listing.
* Raise hook url limitKirilll Zaycev2016-01-154-8/+8
|
* Use CGI.escape instead of URI.escape, because URI is obsoleted.Jason Lee2016-01-121-2/+2
| | | | ref: https://github.com/ruby/ruby/commit/238b979f1789f95262a267d8df6239806f2859cc
* Merge branch 'accept-2xx-status-codes-for-webhooks' into 'master' Dmitriy Zaporozhets2016-01-081-1/+1
|\ | | | | | | | | | | | | Accept 2xx status codes for successful Web hook triggers Closes https://github.com/gitlabhq/gitlabhq/issues/9956 See merge request !2332
| * Accept 2xx status codes for successful Web hook triggersStan Hu2016-01-071-1/+1
| | | | | | | | Closes https://github.com/gitlabhq/gitlabhq/issues/9956
* | Annotate modelsStan Hu2016-01-064-0/+4
|/
* Migrate CI::Services and CI::WebHooks to Services and WebHooksKamil Trzcinski2015-12-102-0/+2
|
* Add custom UrlValidatorRobert Speicher2015-12-071-2/+1
|
* Handle and report SSL errors in Web hook test. Check for status 200 for success.Stan Hu2015-12-041-17/+19
| | | | | | | | | If a Web hook test fails due to an SSL error or some other error, report the result back to the user instead of an Error 500. Closes #3656 Handle response
* Annotate modelsDmitriy Zaporozhets2015-11-134-48/+52
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* enable SSL by defaultenable_ssl_by_defaultValery Sizov2015-09-171-1/+1
|
View Lorry Controller Status