pact_broker 2.78.1 → 2.79.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1b7b3f32acd207f0828dbe2c81fbffb7ed26fc7c522f04719d6d72a123a37331
-  data.tar.gz: 28776d82bfb587c908fd20b1570d6b94c58cb8669c2aad5179308f38d512d0ce
+  metadata.gz: 9dcfded08b30d1554aaf7160b039a69d58bcb16d9c591938949d4c7799f84d29
+  data.tar.gz: 85f93ef0a51d494fc382efe6398e4c89d866d00c6c5efccf8674a845ccf3fe33
 SHA512:
-  metadata.gz: 0a296391274edd0473b51db73d13d8e22f0519ca4b01e6d6fe3217f0881baead02496bf5423c15dfe5d1a7a9eae43da65eccbe94a967b2f51dd6f62e977fdea9
-  data.tar.gz: 3f9bab9d45e6315e4dbec1ee575f5a40c929308af166db3028c3f471bc59b42e8a6631c774513e864523ff0665b7061014cae8ddf67e7c696912a603df53b21f
+  metadata.gz: 48de943377489d86ebadff9afac10cf9a725347ed68a5d86cc7a8e563ace8359f33f44df2db658a6d2a29dd1026a8dfa522e5cbfdcb04678792db234110c0d5e
+  data.tar.gz: 19c55a44ab12d418d1af72d138a45ea2b3269ec4c21c5644c81a3159d88ac703f2d885a700aa770ff6844e70a2407ab6a9efb75de9785b90ba7a8de8f41d1320

data/.github/workflows/release_gem.yml

@@ -4,6 +4,7 @@ on:
   repository_dispatch:
     types:
       - release-triggered
+  workflow_dispatch:
 
 jobs:
   release:

data/CHANGELOG.md

@@ -1,3 +1,15 @@
+<a name="v2.79.0"></a>
+### v2.79.0 (2021-02-25)
+
+#### Features
+
+* allow multiple base URLs to be configured	 ([6d0dc8b3](/../../commit/6d0dc8b3))
+* copy full git sha rather than abbreviated one when clicking the copy button next to an application version	 ([dae9cae5](/../../commit/dae9cae5))
+
+#### Bug Fixes
+
+* fix missing verification status colours in matrix rows	 ([687d4647](/../../commit/687d4647))
+
 <a name="v2.78.1"></a>
 ### v2.78.1 (2021-02-18)
 

data/DEVELOPER_DOCUMENTATION.md

@@ -148,3 +148,16 @@ In the beginning, I made a lot of Sequel models based on views that pulled in th
   * Write a spec for the repository.
 * Go back and make the original feature spec pass.
 * Profit.
+
+## Writing Data migrations
+
+The same database may be used by multiple application instances to support highly available set ups and no downtime deployments. This can lead to the situation where the database migrations have been applied, but new data is written to the database by old application code, which may lead to some columns not being populated. The mitigation to this problem is to run the *data* migrations only each time an application instance starts up. This ensures that that any data inserted into the database by a previous version of the application are migrated. This is done automatically in the `PactBroker::App` class.
+
+If you write a schema migration that then requires a data migration to populate or update any columns:
+
+* Create a data migrations class in `lib/pact_broker/db/data_migrations`, copying the existing pattern.
+* Add a call to the new class at the end of `lib/pact_broker/db/migrate_data.rb`
+* Make sure you check for the existance of the required columns, because you don't know which version of the database might be running with this code.
+* Add a null check (eg. `db[:my_table].where(my_column: nil).update(...)`) where appropriate to make sure that the data migration doesn't run more than once.
+* Don't use any Sequel Models, as this will run before the model classes are loaded, and migrations should never depend on Models because models change as the schema migrations are applied.
+* Create a migration file in `db/migrations` that calls the data migration (eg. like `db/migrations/20190603_migrate_webhook_headers.rb`)

data/config.ru

@@ -27,7 +27,7 @@ app = PactBroker::App.new do | config |
   config.webhook_scheme_whitelist = ['http', 'https']
   config.webhook_http_method_whitelist = ['GET', 'POST']
   config.webhook_http_code_success = [200, 201, 202, 203, 204, 205, 206]
-  #config.base_url = ENV['PACT_BROKER_BASE_URL']
+  config.base_url = ENV['PACT_BROKER_BASE_URL']
 
   database_logger = PactBroker::DB::LogQuietener.new(config.logger)
   config.database_connection = Sequel.connect(DATABASE_URL, DB_OPTIONS.merge(logger: database_logger))

data/docker-compose-dev-postgres.yml

@@ -23,7 +23,9 @@ services:
     environment:
       DATABASE_URL: postgres://postgres:postgres@postgres/postgres
       PACT_BROKER_HIDE_PACTFLOW_MESSAGES: 'true'
-    command: dockerize -wait tcp://postgres:5432 /home/start.sh
+      PACT_BROKER_BASE_URL: 'http://localhost:9292 http://pact-broker:9292'
+    command: -wait tcp://postgres:5432 /usr/local/bin/start
+    entrypoint: dockerize
     volumes:
       - ./lib:/home/lib
       - ./db:/home/db
@@ -31,5 +33,11 @@ services:
       - ./tasks:/home/tasks
       - ./Rakefile:/home/Rakefile
 
+  shell:
+    image: ruby:2.5.3-alpine
+    depends_on:
+      - pact-broker
+    entrypoint: /bin/sh
+
 volumes:
   postgres-volume:

data/lib/pact_broker/api/resources/default_base_resource.rb

@@ -68,6 +68,11 @@ module PactBroker
         alias_method :path_info, :identifier_from_path
 
         def base_url
+          # Have to use something for the base URL here - we can't use an empty string as we can in the UI.
+          # Can't work out if cache poisoning is a vulnerability for APIs or not.
+          # Using the request base URI as a fallback if the base_url is not configured may be a vulnerability,
+          # but the documentation recommends that the
+          # base_url should be set in the configuration to mitigate this.
           request.env["pactbroker.base_url"] || request.base_uri.to_s.chomp('/')
         end
 

data/lib/pact_broker/app.rb

@@ -191,7 +191,7 @@ module PactBroker
       @app_builder.use Rack::Static, :urls => ["/favicon.ico"], :root => PactBroker.project_root.join("public/images"), header_rules: [[:all, {'Content-Type' => 'image/x-icon'}]]
       @app_builder.use Rack::PactBroker::ConvertFileExtensionToAcceptHeader
       # Rack::PactBroker::SetBaseUrl needs to be before the Rack::PactBroker::HalBrowserRedirect
-      @app_builder.use Rack::PactBroker::SetBaseUrl, configuration.base_url
+      @app_builder.use Rack::PactBroker::SetBaseUrl, configuration.base_urls
 
       if configuration.use_hal_browser
         logger.info "Mounting HAL browser"

data/lib/pact_broker/configuration.rb

@@ -255,6 +255,10 @@ module PactBroker
       @webhook_host_whitelist = parse_space_delimited_string_list_property('webhook_host_whitelist', webhook_host_whitelist)
     end
 
+    def base_urls
+      base_url ? base_url.split(" ") : []
+    end
+
     def warning_error_classes
       warning_error_class_names.collect do | class_name |
         begin

data/lib/pact_broker/db/data_migrations/set_extra_columns_for_tags.rb

@@ -9,7 +9,7 @@ module PactBroker
         def self.call(connection)
           if columns_exist?(connection, :tags, [:version_id, :pacticipant_id]) &&
               columns_exist?(connection, :versions, [:id, :pacticipant_id])
-            connection[:tags].update(
+            connection[:tags].where(pacticipant_id: nil).update(
               pacticipant_id: connection[:versions].select(:pacticipant_id)
                                 .where(Sequel[:versions][:id] => Sequel[:tags][:version_id])
             )
@@ -17,7 +17,7 @@ module PactBroker
 
           if columns_exist?(connection, :tags, [:version_id, :version_order]) &&
               columns_exist?(connection, :versions, [:id, :order])
-            connection[:tags].update(
+            connection[:tags].where(version_order: nil).update(
               version_order: connection[:versions].select(:order)
                                 .where(Sequel[:versions][:id] => Sequel[:tags][:version_id])
             )

data/lib/pact_broker/ui/view_models/index_item.rb

@@ -30,7 +30,11 @@ module PactBroker
         end
 
         def consumer_version_number
-          PactBroker::Versions::AbbreviateNumber.call(@relationship.consumer_version_number)
+          @relationship.consumer_version_number
+        end
+
+        def display_consumer_version_number
+          PactBroker::Versions::AbbreviateNumber.call(consumer_version_number)
         end
 
         def consumer_version_order
@@ -38,7 +42,11 @@ module PactBroker
         end
 
         def provider_version_number
-          PactBroker::Versions::AbbreviateNumber.call(@relationship.provider_version_number)
+          @relationship.provider_version_number
+        end
+
+        def display_provider_version_number
+          PactBroker::Versions::AbbreviateNumber.call(provider_version_number)
         end
 
         def latest?

data/lib/pact_broker/ui/view_models/matrix_line.rb

@@ -188,8 +188,8 @@ module PactBroker
 
         def verification_status_class
           case @line.success
-            when true then 'success'
-            when false then 'danger'
+            when true then 'table-success'
+            when false then 'table-danger'
             else ''
           end
         end

data/lib/pact_broker/ui/views/index/show-with-tags.haml

@@ -39,9 +39,9 @@
               %a{:href => index_item.consumer_group_url }
                 = index_item.consumer_name
             %td.consumer-version-number{"data-text": index_item.consumer_version_order}
-              %div.clippable
-                = index_item.consumer_version_number
-                - if index_item.consumer_version_number
+              %div.clippable{"data-clippable": index_item.consumer_version_number}
+                = index_item.display_consumer_version_number
+                - if index_item.display_consumer_version_number
                   %button.clippy.invisible{ title: "Copy to clipboard" }
                     %span.copy-icon
               - if index_item.latest?
@@ -63,9 +63,9 @@
               %a{ href: index_item.provider_group_url }
                 = index_item.provider_name
             %td.provider-version-number
-              %div.clippable
-                = index_item.provider_version_number
-                - if index_item.provider_version_number
+              %div.clippable{"data-clippable": index_item.provider_version_number}
+                = index_item.display_provider_version_number
+                - if index_item.display_provider_version_number
                   %button.clippy.invisible{ title: "Copy to clipboard" }
                     %span.copy-icon
               - if index_item.provider_version_branch

data/lib/pact_broker/ui/views/matrix/show.haml

@@ -112,7 +112,7 @@
             %a{href: line.consumer_name_url}
               = line.consumer_name
           %td.consumer-version{'data-sort-value' => line.consumer_version_order, 'data-consumer-version-id' => line.consumer_version_id}
-            %div.clippable
+            %div.clippable{'data-clippable': line.consumer_version_number}
               %a{href: line.consumer_version_number_url}
                 = line.display_consumer_version_number
               - if line.display_consumer_version_number
@@ -144,7 +144,7 @@
             %a{href: line.provider_name_url}
               = line.provider_name
           %td.provider-version{'data-sort-value' => line.provider_version_order, 'data-provider-version-id' => line.provider_version_id }
-            %div.clippable
+            %div.clippable{'data-clippable': line.provider_version_number}
               %a{href: line.provider_version_number_url}
                 = line.display_provider_version_number
               - if line.display_provider_version_number

data/lib/pact_broker/version.rb

@@ -1,3 +1,3 @@
 module PactBroker
-  VERSION = '2.78.1'
+  VERSION = '2.79.0'
 end

data/lib/rack/pact_broker/set_base_url.rb

@@ -1,22 +1,52 @@
 module Rack
   module PactBroker
     class SetBaseUrl
-      def initialize app, base_url
+      X_FORWARDED_PATTERN = /_X_FORWARDED_/.freeze
+
+      def initialize app, base_urls
         @app = app
-        @base_url = base_url
+        @base_urls = base_urls
       end
 
-      def call env
+      def call(env)
         if env["pactbroker.base_url"]
           app.call(env)
         else
-          app.call(env.merge("pactbroker.base_url" => base_url))
+          app.call(env.merge("pactbroker.base_url" => select_matching_base_url(env)))
         end
       end
 
       private
 
-      attr_reader :app, :base_url
+      attr_reader :app, :base_urls
+
+      def select_matching_base_url(env)
+        if base_urls.size > 1
+          return matching_base_url_considering_x_forwarded_headers(env) ||
+            matching_base_url_not_considering_x_forwarded_headers(env) ||
+            default_base_url
+        end
+        default_base_url
+      end
+
+      def default_base_url
+        base_urls.first
+      end
+
+      def matching_base_url_considering_x_forwarded_headers(env)
+        matching_base_url(env)
+      end
+
+      def matching_base_url_not_considering_x_forwarded_headers(env)
+        matching_base_url(env.reject{ |k, _| k =~ X_FORWARDED_PATTERN} )
+      end
+
+      def matching_base_url(env)
+        request_base_url = Rack::Request.new(env).base_url
+        if base_urls.include?(request_base_url)
+          request_base_url
+        end
+      end
     end
   end
 end

data/public/javascripts/clipboard.js

@@ -24,9 +24,15 @@ function initializeClipper(selector) {
     .children(".clippy")
     .click(function() {
       const clippyButton = $(this);
-      const text = $.trim(clippyButton.closest(selector).text());
+      const clipTarget = clippyButton.closest(selector);
+      let text = null;
+      if(clipTarget.data('clippable')) {
+        text = clipTarget.data('clippable');
+      } else {
+        text = clippyButton.closest(selector).text();
+      }
+      copyToClipboard($.trim(text));
 
-      copyToClipboard(text);
       flashClipped(clippyButton);
     });
 }

data/spec/lib/rack/pact_broker/set_base_url_spec.rb

@@ -0,0 +1,86 @@
+require 'rack/pact_broker/set_base_url'
+
+module Rack
+  module PactBroker
+    describe SetBaseUrl do
+      let(:base_urls) { ["http://pact-broker"] }
+      let(:rack_env) { {} }
+      let(:target_app) { double('app', call: [200, {}, []]) }
+      let(:app) { SetBaseUrl.new(target_app, base_urls) }
+
+      subject { get("/", {}, rack_env) }
+
+      describe "#call" do
+        context "when the base_url is already set" do
+          let(:rack_env) { { "pactbroker.base_url" => "http://foo"} }
+
+          it "does not overwrite it" do
+            expect(target_app).to receive(:call).with(hash_including("pactbroker.base_url" => "http://foo"))
+            subject
+          end
+        end
+
+        context "when there is one base URL" do
+          it "sets that base_url" do
+            expect(target_app).to receive(:call).with(hash_including("pactbroker.base_url" => "http://pact-broker"))
+            subject
+          end
+        end
+
+        context "when there are no base URLs" do
+          let(:base_urls) { [] }
+
+          it "sets the base URL to nil" do
+            expect(target_app).to receive(:call).with(hash_including("pactbroker.base_url" => nil))
+            subject
+          end
+        end
+
+        context "when there are multiple base URLs" do
+          let(:base_urls) { ["https://foo", "https://pact-broker-external", "http://pact-broker-internal"] }
+
+          let(:host) { "pact-broker-internal" }
+          let(:scheme) { "http" }
+          let(:forwarded_host) { "pact-broker-external" }
+          let(:forwarded_scheme) { "https" }
+          let(:rack_env) do
+            {
+              Rack::HTTP_HOST => host,
+              Rack::RACK_URL_SCHEME => scheme,
+              "HTTP_X_FORWARDED_HOST" => forwarded_host,
+              "HTTP_X_FORWARDED_SCHEME" => forwarded_scheme
+            }
+          end
+
+          context "when the base URL created taking any X-Forwarded headers into account matches one of the base URLs" do
+            it "uses that base URL" do
+              expect(target_app).to receive(:call).with(hash_including("pactbroker.base_url" => "https://pact-broker-external"))
+              subject
+            end
+          end
+
+          context "when the base URL created NOT taking the X-Forwarded headers into account matches one of the base URLs (potential cache poisoning)" do
+            let(:forwarded_host) { "pact-broker-external-wrong" }
+
+            it "uses that base URL" do
+              expect(target_app).to receive(:call).with(hash_including("pactbroker.base_url" => "http://pact-broker-internal"))
+              subject
+            end
+          end
+
+          context "when neither base URL matches the base URLs (potential cache poisoning)" do
+            before do
+              rack_env["HTTP_HOST"] = "silly-buggers-1"
+              rack_env["HTTP_X_FORWARDED_HOST"] = "silly-buggers-1"
+            end
+
+            it "uses the first base URL" do
+              expect(target_app).to receive(:call).with(hash_including("pactbroker.base_url" => "https://foo"))
+              subject
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/tasks/database.rb

@@ -14,7 +14,7 @@ module PactBroker
     extend self
 
     def migrate target = nil
-      opts = target ? {target: target} : {}
+      opts = target ? { target: target } : {}
       PactBroker::DB::Migrate.call(database, opts)
     end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pact_broker
 version: !ruby/object:Gem::Version
-  version: 2.78.1
+  version: 2.79.0
 platform: ruby
 authors:
 - Bethany Skurrie
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-02-18 00:00:00.000000000 Z
+date: 2021-02-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: httparty
@@ -1431,6 +1431,7 @@ files:
 - spec/lib/rack/pact_broker/database_transaction_spec.rb
 - spec/lib/rack/pact_broker/invalid_uri_protection_spec.rb
 - spec/lib/rack/pact_broker/request_target_spec.rb
+- spec/lib/rack/pact_broker/set_base_url_spec.rb
 - spec/lib/rack/pact_broker/use_when_spec.rb
 - spec/lib/sequel/plugins/insert_ignore_spec.rb
 - spec/lib/sequel/plugins/upsert_spec.rb
@@ -1848,6 +1849,7 @@ test_files:
 - spec/lib/rack/pact_broker/database_transaction_spec.rb
 - spec/lib/rack/pact_broker/invalid_uri_protection_spec.rb
 - spec/lib/rack/pact_broker/request_target_spec.rb
+- spec/lib/rack/pact_broker/set_base_url_spec.rb
 - spec/lib/rack/pact_broker/use_when_spec.rb
 - spec/lib/sequel/plugins/insert_ignore_spec.rb
 - spec/lib/sequel/plugins/upsert_spec.rb