Add Webhook GUID for Downstream Validation Checks

Problem to solve

As a developer writing an application that receives webhooks from GitLab, there is no unique identifier that is captured to help debug and correlate downstream actions that ought to be performed based on a given webhook.

Intended users

Devon (DevOps Engineer)

User experience goal

For every webhook event that comes from GitLab, there ought to be a unique identification of that webhook to help correlate what events have been processed or not processed to aid in the troubleshooting and debugging of webhooks.

Proposal

Very similar to a competing product, we ought to introduce a simple GUID as a header in the form of X-GitLab-Delivery or something like this that provides downstream services relying on webhooks to help troubleshoot.

Documentation

Add the Request Header to the webhook documentation

Availability & Testing

What does success look like, and how can we measure that?

What is the type of buyer?

Is this a cross-stage feature?

Links / references

Implementation guide

Recommended, the patch below plus updating specs in spec/services/web_hook_service_spec.rb, and update https://docs.gitlab.com/ee/user/project/integrations/webhooks.html#delivery-headers.

diff --git a/app/services/web_hook_service.rb b/app/services/web_hook_service.rb
index 9ab6fcc98321..78ccae1d45e8 100644
--- a/app/services/web_hook_service.rb
+++ b/app/services/web_hook_service.rb
@@ -189,7 +189,8 @@ def build_headers
         'Content-Type' => 'application/json',
         'User-Agent' => "GitLab/#{Gitlab::VERSION}",
         Gitlab::WebHooks::GITLAB_EVENT_HEADER => self.class.hook_to_event(hook_name),
-        Gitlab::WebHooks::GITLAB_INSTANCE_HEADER => Gitlab.config.gitlab.base_url
+        Gitlab::WebHooks::GITLAB_INSTANCE_HEADER => Gitlab.config.gitlab.base_url,
+        Gitlab::WebHooks::GITLAB_GUID_HEADER => SecureRandom.uuid
       }

       headers['X-Gitlab-Token'] = Gitlab::Utils.remove_line_breaks(hook.token) if hook.token.present?
diff --git a/lib/gitlab/web_hooks.rb b/lib/gitlab/web_hooks.rb
index 8c6de56292a0..e8f4ea0c9e1c 100644
--- a/lib/gitlab/web_hooks.rb
+++ b/lib/gitlab/web_hooks.rb
@@ -4,5 +4,6 @@ module Gitlab
   module WebHooks
     GITLAB_EVENT_HEADER = 'X-Gitlab-Event'
     GITLAB_INSTANCE_HEADER = 'X-Gitlab-Instance'
+    GITLAB_GUID_HEADER = 'X-GitLab-Webhook-UUID'
   end
 end

Edited Jul 05, 2023 by Luke Duncalfe