shipit-engine 0.35.1 → 0.36.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7ab32590ea528100fc22999f40a17d9ffcefb72313672eb4858befdb9a6932e1
-  data.tar.gz: fe6fe3d4b026e0e2d0ecb067639d97027649d26fd785c90b9e198ce0e478c2a9
+  metadata.gz: 3336765264c2c554f5dd879ac8ed409b08e4f5b281bbd9127132b688d23184ee
+  data.tar.gz: ac55d9a82c007326c9a231b784d887be1a826ba11cc71c581888a0018ffaed7b
 SHA512:
-  metadata.gz: a51d622ab862751d118d2d0995361366d8035481f090ddfcaa09f01b672c326ed1708c4085831a195899500762cd29b6247c01710e08260b5baf263d2363cc33
-  data.tar.gz: 327aac9271b84975c388c0dbb42c380f99c00d15b1ce6930bba6877066d0333b3c60efcaf8ab56e925d17e90ac1462c48cbccb9ec5da1537c04f45fe6149c49b
+  metadata.gz: a770a63ffadea62d25d8244265d5ea9552930fee64951d6c4b1e5be4a518271d54d34161b83a8760c9331c6f2758995e61114000bfcf5675b0353a955cc41bad
+  data.tar.gz: 7e7d3629476bab8aa1ab7655e099e6218b511fe728ef9161a2591835ae2c369cd22724e7c193243fd29779574ea1148b2adb97119ce8a04def1a46df0168d62c

data/README.md

@@ -390,7 +390,7 @@ machine:
 
 <h3 id="ci">CI</h3>
 
-**<code>ci.require</code>** contains an array of the [statuses context](https://developer.github.com/v3/repos/statuses/) you want Shipit to disallow deploys if any of them is missing on the commit being deployed.
+**<code>ci.require</code>** contains an array of the [statuses context](https://docs.github.com/en/rest/reference/commits#commit-statuses) you want Shipit to disallow deploys if any of them is missing on the commit being deployed.
 
 For example:
 ```yml
@@ -399,7 +399,7 @@ ci:
     - ci/circleci
 ```
 
-**<code>ci.hide</code>** contains an array of the [statuses context](https://developer.github.com/v3/repos/statuses/) you want Shipit to ignore.
+**<code>ci.hide</code>** contains an array of the [statuses context](https://docs.github.com/en/rest/reference/commits#commit-statuses) you want Shipit to ignore.
 
 For example:
 ```yml
@@ -408,7 +408,7 @@ ci:
     - ci/circleci
 ```
 
-**<code>ci.allow_failures</code>** contains an array of the [statuses context](https://developer.github.com/v3/repos/statuses/) you want to be visible but not to required for deploy.
+**<code>ci.allow_failures</code>** contains an array of the [statuses context](https://docs.github.com/en/rest/reference/commits#commit-statuses) you want to be visible but not to required for deploy.
 
 For example:
 ```yml
@@ -417,7 +417,7 @@ ci:
     - ci/circleci
 ```
 
-**<code>ci.blocking</code>** contains an array of the [statuses context](https://developer.github.com/v3/repos/statuses/) you want to disallow deploys if any of them is missing or failing on any of the commits being deployed.
+**<code>ci.blocking</code>** contains an array of the [statuses context](https://docs.github.com/en/rest/reference/commits#commit-statuses) you want to disallow deploys if any of them is missing or failing on any of the commits being deployed.
 
 For example:
 ```yml
@@ -440,7 +440,7 @@ merge:
   revalidate_after: 12m30s
 ```
 
-**<code>merge.require</code>** contains an array of the [statuses context](https://developer.github.com/v3/repos/statuses/) that you want Shipit to consider as failing if they aren't present on the pull request. Defaults to `ci.require` if present, or empty otherwise.
+**<code>merge.require</code>** contains an array of the [statuses context](https://docs.github.com/en/rest/reference/commits#commit-statuses) that you want Shipit to consider as failing if they aren't present on the pull request. Defaults to `ci.require` if present, or empty otherwise.
 
 For example:
 ```yml
@@ -449,7 +449,7 @@ merge:
     - continuous-integration/travis-ci/push
 ```
 
-**<code>merge.ignore</code>** contains an array of the [statuses context](https://developer.github.com/v3/repos/statuses/) that you want Shipit not to consider when merging pull requests. Defaults to the union of `ci.allow_failures` and `ci.hide` if any is present or empty otherwise.
+**<code>merge.ignore</code>** contains an array of the [statuses context](https://docs.github.com/en/rest/reference/commits#commit-statuses) that you want Shipit not to consider when merging pull requests. Defaults to the union of `ci.allow_failures` and `ci.hide` if any is present or empty otherwise.
 
 For example:
 ```yml
@@ -458,7 +458,7 @@ merge:
     - codeclimate
 ```
 
-**<code>merge.method</code>** the [merge method](https://developer.github.com/v3/pulls/#merge-a-pull-request-merge-button) to use for this stack. If it's not set the default merge method will be used. Can be either `merge`, `squash` or `rebase`.
+**<code>merge.method</code>** the [merge method](https://docs.github.com/en/rest/reference/pulls#merge-a-pull-request--parameters) to use for this stack. If it's not set the default merge method will be used. Can be either `merge`, `squash` or `rebase`.
 
 For example:
 ```yml

data/app/controllers/concerns/shipit/authentication.rb

@@ -17,7 +17,11 @@ module Shipit
     private
 
     def force_github_authentication
-      if Shipit.authentication_disabled? || current_user.logged_in?
+      if current_user.logged_in? && current_user.requires_fresh_login?
+        Rails.logger.warn("User #{current_user.id} requires a fresh login, logging out...")
+        reset_session
+        redirect_to(Shipit::Engine.routes.url_helpers.github_authentication_path(origin: request.original_url))
+      elsif Shipit.authentication_disabled? || current_user.logged_in?
         unless current_user.authorized?
           team_handles = Shipit.github_teams.map(&:handle)
           team_list = team_handles.to_sentence(two_words_connector: ' or ', last_word_connector: ', or ')

data/app/controllers/shipit/api/base_controller.rb

@@ -28,6 +28,18 @@ module Shipit
 
       private
 
+      module BasicAuth
+        # Workaround for https://github.com/rails/rails/pull/44610
+        extend ActionController::HttpAuthentication::Basic
+        extend self
+
+        private
+
+        def has_basic_credentials?(request)
+          request.authorization.present? && (auth_scheme(request).downcase == "basic")
+        end
+      end
+
       def namespace_for_serializer
         nil
       end
@@ -36,7 +48,7 @@ module Shipit
         @current_api_client = if Shipit.disable_api_authentication
           UnlimitedApiClient.new
         else
-          authenticate_with_http_basic do |*parts|
+          BasicAuth.authenticate(request) do |*parts|
             token = parts.select(&:present?).join('--')
             ApiClient.authenticate(token)
           end

data/app/controllers/shipit/api/rollbacks_controller.rb

@@ -21,7 +21,7 @@ module Shipit
           param_error!(:force, "Can't rollback, deploy in progress")
         elsif stack.active_task?
           active_task = stack.active_task
-          active_task.abort!(aborted_by: current_user, rollback_once_aborted_to: deploy)
+          active_task.abort!(aborted_by: current_user, rollback_once_aborted_to: deploy, rollback_once_aborted: true)
           response = active_task
         else
           response = deploy.trigger_rollback(current_user, env: deploy_env, force: params.force, lock: params.lock)

data/app/controllers/shipit/api/stacks_controller.rb

@@ -27,7 +27,7 @@ module Shipit
         requires :repo_name, String
         accepts :environment, String
         accepts :branch, String
-        accepts :deploy_url, String
+        accepts :deploy_url, String, allow_nil: true
         accepts :ignore_ci, Boolean
         accepts :merge_queue_enabled, Boolean
         accepts :continuous_deployment, Boolean
@@ -40,8 +40,9 @@ module Shipit
       end
 
       params do
+        accepts :environment, String
         accepts :branch, String
-        accepts :deploy_url, String
+        accepts :deploy_url, String, allow_nil: true
         accepts :ignore_ci, Boolean
         accepts :merge_queue_enabled, Boolean
         accepts :continuous_deployment, Boolean
@@ -60,6 +61,11 @@ module Shipit
         head(:accepted)
       end
 
+      def refresh
+        GithubSyncJob.perform_later(id: stack.id)
+        render_resource(stack, status: :accepted)
+      end
+
       private
 
       def create_params

data/app/controllers/shipit/api/tasks_controller.rb

@@ -3,14 +3,14 @@ module Shipit
   module Api
     class TasksController < BaseController
       require_permission :read, :stack
-      require_permission :deploy, :stack, only: :trigger
+      require_permission :deploy, :stack, only: %i(trigger abort)
 
       def index
         render_resources(stack.tasks)
       end
 
       def show
-        render_resource(stack.tasks.find(params[:id]))
+        render_resource(task)
       end
 
       params do
@@ -23,6 +23,23 @@ module Shipit
           message: 'A task is already running.',
         })
       end
+
+      def abort
+        if task.active?
+          task.abort!(aborted_by: current_user)
+          head(:accepted)
+        else
+          render(status: :method_not_allowed, json: {
+            message: "This task is not currently running.",
+          })
+        end
+      end
+
+      private
+
+      def task
+        stack.tasks.find(params[:id])
+      end
     end
   end
 end

data/app/helpers/shipit/stacks_helper.rb

@@ -36,6 +36,17 @@ module Shipit
       link_to(t("deploy_button.caption.#{deploy_state}"), url, class: classes, data: data)
     end
 
+    def rollback_button(deploy)
+      if deploy.stack.active_task?
+        link_to('Deploy in progress...', '#', class: 'btn disabled deploy-action')
+      else
+        url = rollback_stack_deploy_path(deploy.stack, deploy)
+        classes = %w(btn btn--delete deploy-action rollback-action)
+
+        link_to('Rollback to this deploy...', url, class: classes)
+      end
+    end
+
     def github_change_url(commit)
       if commit.pull_request?
         github_pull_request_url(commit)

data/app/models/concerns/shipit/deferred_touch.rb

@@ -49,9 +49,9 @@ module Shipit
       end
 
       def fetch_members
-        Shipit.redis.multi do
-          Shipit.redis.sunionstore(TMP_KEY, SET_KEY)
-          Shipit.redis.del(SET_KEY)
+        Shipit.redis.multi do |transaction|
+          transaction.sunionstore(TMP_KEY, SET_KEY)
+          transaction.del(SET_KEY)
         end
 
         yield Shipit.redis.smembers(TMP_KEY).map { |r| r.split('|') }

data/app/models/shipit/anonymous_user.rb

@@ -31,6 +31,10 @@ module Shipit
       false
     end
 
+    def requires_fresh_login?
+      false
+    end
+
     def authorized?
       Shipit.authentication_disabled?
     end

data/app/models/shipit/commit_checks.rb

@@ -44,9 +44,9 @@ module Shipit
     end
 
     def write(output)
-      Shipit.redis.pipelined do
-        Shipit.redis.append(key('output'), output)
-        Shipit.redis.expire(key('output'), OUTPUT_TTL)
+      Shipit.redis.pipelined do |pipeline|
+        pipeline.append(key('output'), output)
+        pipeline.expire(key('output'), OUTPUT_TTL)
       end
     end
 

data/app/models/shipit/task.rb

@@ -313,9 +313,9 @@ module Shipit
     end
 
     def request_abort
-      Shipit.redis.pipelined do
-        Shipit.redis.incr(abort_key)
-        Shipit.redis.expire(abort_key, 1.month.to_i)
+      Shipit.redis.pipelined do |pipeline|
+        pipeline.incr(abort_key)
+        pipeline.expire(abort_key, 1.month.to_i)
       end
     end
 

data/app/models/shipit/user.rb

@@ -3,6 +3,8 @@ module Shipit
   class User < Record
     DEFAULT_AVATAR = URI.parse('https://avatars.githubusercontent.com/u/583231?')
 
+    self.ignored_columns = %w(encrypted_github_access_token_iv)
+
     has_many :memberships
     has_many :teams, through: :memberships
     has_many :authored_commits, class_name: :Commit, foreign_key: :author_id, inverse_of: :author
@@ -11,7 +13,10 @@ module Shipit
 
     validates :name, presence: true
 
-    attr_encrypted :github_access_token, key: Shipit.user_access_tokens_key
+    encrypts :encrypted_github_access_token
+    alias_attribute :github_access_token, :encrypted_github_access_token
+
+    after_find :discard_outdated_credentials!
 
     def self.find_or_create_by_login!(login)
       find_or_create_by!(login: login) do |user|
@@ -56,14 +61,6 @@ module Shipit
       end
     end
 
-    alias_method :original_github_access_token, :github_access_token
-    def github_access_token
-      original_github_access_token
-    rescue OpenSSL::Cipher::CipherError
-      update_columns(encrypted_github_access_token: nil, encrypted_github_access_token_iv: nil)
-      nil
-    end
-
     def github_api
       return Shipit.github.api unless github_access_token
 
@@ -123,8 +120,25 @@ module Shipit
       DEFAULT_AVATAR.dup
     end
 
+    # https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats
+    GITHUB_TOKEN_FORMAT = /^gh[a-z]_/
+
+    def requires_fresh_login?
+      github_access_token.present? && !github_access_token.match(GITHUB_TOKEN_FORMAT)
+    end
+
     private
 
+    def discard_outdated_credentials!
+      if encrypted_github_access_token_before_type_cast.present?
+        begin
+          encrypted_github_access_token
+        rescue ActiveRecord::Encryption::Errors::Decryption
+          update_column(:encrypted_github_access_token, nil)
+        end
+      end
+    end
+
     def identify_renamed_user!
       last_commit = commits.last
       return unless last_commit

data/app/serializers/shipit/stack_serializer.rb

@@ -8,7 +8,7 @@ module Shipit
     attributes :id, :repo_owner, :repo_name, :environment, :html_url, :url, :tasks_url, :deploy_url,
       :merge_requests_url, :deploy_spec, :undeployed_commits_count, :is_locked, :lock_reason, :continuous_deployment,
       :created_at, :updated_at, :locked_since, :last_deployed_at, :branch, :merge_queue_enabled, :is_archived,
-      :archived_since
+      :archived_since, :ignore_ci
 
     def url
       api_stack_url(object)

data/app/views/shipit/deploys/_deploy.html.erb

@@ -55,11 +55,7 @@
   <% unless read_only %>
     <div class="deploy-actions">
       <% if deploy.rollbackable? %>
-        <% if deploy.stack.active_task? %>
-          <%= link_to 'Deploy in progress...', '#', class: 'btn disabled deploy-action' %>
-        <% else %>
-          <%= link_to 'Rollback to this deploy...', rollback_stack_deploy_path(@stack, deploy), class: 'btn btn--delete deploy-action rollback-action' %>
-        <% end %>
+        <%= rollback_button(deploy) %>
       <% elsif deploy.currently_deployed? && !deploy.stack.active_task? %>
         <%= redeploy_button(deploy.until_commit) %>
       <% end %>

data/app/views/shipit/stacks/_banners.html.erb

@@ -23,7 +23,7 @@
           <%= link_to stack.github_repo_name, github_repo_url(stack.repo_owner, stack.repo_name) %>
           has been inaccessible for <%= time_ago_in_words(stack.inaccessible_since) %>.
 
-          This could be a permission issue, or the repository have been deleted on GitHub.
+          This could be a permission issue, or the repo could have changed on GitHub.
         </p>
       </div>
     </div>

data/app/views/shipit/stacks/_settings_form.erb

@@ -0,0 +1,55 @@
+<div class="setting-section">
+	<%= form_with scope: :stack, url: stack_path(stack), method: :patch do |f| %>
+		<div class="field-wrapper">
+			<%= f.label :environment %>
+			<%= f.text_field :environment, placeholder: 'production' %>
+		</div>
+
+		<div class="field-wrapper">
+			<span>Branch: <%= stack.branch %></span>
+		</div>
+
+		<div class="field-wrapper">
+			<%= f.label :deploy_url, 'Deploy URL (Where is this stack deployed to?)' %>
+			<%= f.text_field :deploy_url, placeholder: 'https://' %>
+		</div>
+
+		<div class="field-wrapper">
+			<%= f.check_box :continuous_deployment %>
+			<%= f.label :continuous_deployment, 'Enable continuous deployment' %>
+		</div>
+
+		<div class="field-wrapper">
+			<%= f.check_box :merge_queue_enabled %>
+			<%= f.label :merge_queue_enabled, 'Enable merge queue' %>
+		</div>
+
+		<div class="field-wrapper">
+			<%= f.check_box :ignore_ci %>
+			<%= f.label :ignore_ci, "Don't require CI to deploy" %>
+		</div>
+
+		<%= f.submit class: "btn", value: "Save" %>
+	<% end %>
+</div>
+
+<div class="setting-section">
+	<h5>Lock deploys</h5>
+	<%= form_with scope: :stack, url: stack_path(@stack), method: :patch do |f| %>
+		<div class="field-wrapper">
+			<%= f.label :lock_reason, 'Reason for lock' %>
+			<%= f.text_area :lock_reason %>
+		</div>
+		<% if @stack.locked? %>
+			<%= f.submit class: "btn", value: "Update Reason" %>
+		<% else %>
+				<%= f.submit class: "btn", value: "Lock" %>
+		<% end %>
+	<% end %>
+	<% if @stack.locked? %>
+		<%= form_with scope: :stack, url: stack_path(@stack), method: :patch do |f| %>
+			<%= f.hidden_field :lock_reason, value: nil %>
+			<%= f.submit class: "btn btn--primary", value: "Unlock" %>
+		<%- end -%>
+	<% end %>
+</div>

data/app/views/shipit/stacks/settings.html.erb

@@ -6,61 +6,7 @@
       <h2>Settings (Stack #<%= @stack.id %>)</h2>
     </header>
 
-    <div class="setting-section">
-      <%= form_with scope: :stack, url: stack_path(@stack), method: :patch do |f| %>
-        <div class="field-wrapper">
-          <%= f.label :environment %>
-          <%= f.text_field :environment, placeholder: 'production' %>
-        </div>
-
-        <div class="field-wrapper">
-          <span>Branch: <%= @stack.branch %></span>
-        </div>
-
-        <div class="field-wrapper">
-          <%= f.label :deploy_url, 'Deploy URL (Where is this stack deployed to?)' %>
-          <%= f.text_field :deploy_url, placeholder: 'https://' %>
-        </div>
-
-        <div class="field-wrapper">
-          <%= f.check_box :continuous_deployment %>
-          <%= f.label :continuous_deployment, 'Enable continuous deployment' %>
-        </div>
-
-        <div class="field-wrapper">
-          <%= f.check_box :merge_queue_enabled %>
-          <%= f.label :merge_queue_enabled, 'Enable merge queue' %>
-        </div>
-
-        <div class="field-wrapper">
-          <%= f.check_box :ignore_ci %>
-          <%= f.label :ignore_ci, "Don't require CI to deploy" %>
-        </div>
-
-        <%= f.submit class: "btn", value: "Save" %>
-      <% end %>
-    </div>
-
-    <div class="setting-section">
-      <h5>Lock deploys</h5>
-      <%= form_with scope: :stack, url: stack_path(@stack), method: :patch do |f| %>
-        <div class="field-wrapper">
-          <%= f.label :lock_reason, 'Reason for lock' %>
-          <%= f.text_area :lock_reason %>
-        </div>
-        <% if @stack.locked? %>
-          <%= f.submit class: "btn", value: "Update Reason" %>
-        <% else %>
-            <%= f.submit class: "btn", value: "Lock" %>
-        <% end %>
-      <% end %>
-      <% if @stack.locked? %>
-        <%= form_with scope: :stack, url: stack_path(@stack), method: :patch do |f| %>
-          <%= f.hidden_field :lock_reason, value: nil %>
-          <%= f.submit class: "btn btn--primary", value: "Unlock" %>
-        <%- end -%>
-      <% end %>
-    </div>
+    <%= render partial: 'shipit/stacks/settings_form', locals: { stack: @stack } %>
 
     <div class="setting-section">
       <h5>Resynchronize this stack</h5>

data/app/views/shipit/stacks/show.html.erb

@@ -30,7 +30,7 @@
     </ul>
   </section>
 
-  <% cache @stack do %>
+  <% cache [@stack, params[:force]] do %>
     <section>
       <header class="section-header">
         <h2>Previous Deploys</h2>

data/config/locales/en.yml

@@ -41,7 +41,7 @@ en:
     reject: Mark the release as faulty
   deploy_button:
     hint:
-      max_commits: It is recommended not to deploy more than %{maximum} commits at once.
+      max_commits: Use caution when deploying more than %{maximum} commits at once.
       blocked: This commit range includes a commit that can't be deployed.
     caption:
       pending: Pending CI

data/config/routes.rb

@@ -20,6 +20,7 @@ Shipit::Engine.routes.draw do
       get '/' => 'stacks#show'
       delete '/' => 'stacks#destroy'
       patch '/' => 'stacks#update'
+      post '/refresh' => 'stacks#refresh'
     end
 
     scope '/stacks/*stack_id', stack_id: stack_id_format, as: :stack do
@@ -27,6 +28,9 @@ Shipit::Engine.routes.draw do
       resource :lock, only: %i(create update destroy)
       resources :tasks, only: %i(index show) do
         resource :output, only: :show
+        member do
+          put :abort
+        end
       end
       resources :deploys, only: %i(index create) do
         resources :release_statuses, only: %i(create)

data/db/migrate/20211103154121_increase_github_team_slug_size.rb

@@ -0,0 +1,5 @@
+class IncreaseGithubTeamSlugSize < ActiveRecord::Migration[6.1]
+  def change
+    change_column :teams, :slug, :string, limit: 255, null: true
+  end
+end

data/lib/shipit/engine.rb

@@ -5,7 +5,7 @@ module Shipit
 
     paths['app/models'] << 'app/serializers' << 'app/serializers/concerns'
 
-    initializer 'shipit.config' do |app|
+    initializer 'shipit.config', before: 'active_record_encryption.configuration' do |app|
       Rails.application.routes.default_url_options[:host] = Shipit.host
       Shipit::Engine.routes.default_url_options[:host] = Shipit.host
       Pubsubstub.redis_url = Shipit.redis_url.to_s
@@ -28,8 +28,6 @@ module Shipit
         path.end_with?('.svg') || (path.start_with?('emoji/') && path.end_with?('.png'))
       end
 
-      ActionDispatch::ExceptionWrapper.rescue_responses[Shipit::TaskDefinition::NotFound.name] = :not_found
-
       ActiveModel::Serializer._root = false
       ActiveModel::ArraySerializer._root = false
       ActiveModel::Serializer.include(Engine.routes.url_helpers)
@@ -45,9 +43,19 @@ module Shipit
         app.config.middleware.insert_after(::Rack::Runtime, Shipit::SameSiteCookieMiddleware)
       end
 
-      app.config.after_initialize do
-        ActionController::Base.include(Shipit::ActiveModelSerializersPatch)
+      if app.credentials.active_record_encryption.blank? && Shipit.user_access_tokens_key.present?
+        # For ease of upgrade, we derive an Active Record encryption config automatically.
+        # But if AR Encryption is already configured, we just use that
+        app.credentials[:active_record_encryption] = {
+          primary_key: Shipit.user_access_tokens_key,
+          key_derivation_salt: Digest::SHA256.digest("salt:".b + Shipit.user_access_tokens_key),
+        }
       end
     end
+
+    config.after_initialize do
+      ActionDispatch::ExceptionWrapper.rescue_responses[Shipit::TaskDefinition::NotFound.name] = :not_found
+      ActionController::Base.include(Shipit::ActiveModelSerializersPatch)
+    end
   end
 end

data/lib/shipit/stack_commands.rb

@@ -16,7 +16,7 @@ module Shipit
     def fetch
       create_directories
       if valid_git_repository?(@stack.git_path)
-        git('fetch', 'origin', '--tags', @stack.branch, env: env, chdir: @stack.git_path)
+        git('fetch', 'origin', '--quiet', '--tags', @stack.branch, env: env, chdir: @stack.git_path)
       else
         @stack.clear_git_cache!
         git_clone(@stack.repo_git_url, @stack.git_path, branch: @stack.branch, env: env, chdir: @stack.deploys_path)

data/lib/shipit/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module Shipit
-  VERSION = '0.35.1'
+  VERSION = '0.36.0'
 end

data/lib/shipit.rb

@@ -5,7 +5,6 @@ require 'state_machines-activerecord'
 require 'validate_url'
 require 'responders'
 require 'explicit-parameters'
-require 'attr_encrypted'
 
 require 'sass-rails'
 require 'coffee-rails'
@@ -153,7 +152,11 @@ module Shipit
   end
 
   def user_access_tokens_key
-    (secrets.user_access_tokens_key.presence || secrets.secret_key_base).byteslice(0, 32)
+    if secrets.user_access_tokens_key.present?
+      secrets.user_access_tokens_key
+    elsif secrets.secret_key_base
+      Digest::SHA256.digest("user_access_tokens_key" + secrets.secret_key_base)
+    end
   end
 
   def host

data/test/controllers/api/hooks_controller_test.rb

@@ -61,7 +61,7 @@ module Shipit
         post :create, params: {
           delivery_url: 'https://example.com/hook',
           events: %w(deploy rollback),
-          created_at: 2.months.ago.to_s(:db),
+          created_at: 2.months.ago.to_formatted_s(:db),
         }
         Hook.last.created_at > 2.seconds.ago
       end

data/test/controllers/api/rollback_controller_test.rb

@@ -107,6 +107,7 @@ module Shipit
         assert_response :accepted
         refute_predicate last_deploy, :active?
         assert_json 'rollback_once_aborted_to.revision.sha', @commit.sha
+        assert last_deploy.rollback_once_aborted?
       end
     end
   end