Submitting MR comment through API fails if the comment contains /merge quick action
Summary
API endpoint for creating new MR notes fails with 500
if the note body contains /merge
quick action.
The /merge
quick action works fine when we submit the comment from the GitLab web.
Steps to reproduce
-
create an MR viktomas/test-project!9
-
Submit a note with
/merge
quick action to that MRcurl --request POST -F "body=/merge" -H "PRIVATE-TOKEN: $TOKEN" "https://gitlab.com/api/v4/projects/20486274/merge_requests/9/notes"
-
See that the API returns
500
.
The exact same happens if you try to submit the note through GraphQL:
mutation MergeCommand {
createNote(input: { noteableId: "gid://gitlab/MergeRequest/94104140", body: "/merge" }) {
errors
}
}
Example Project
viktomas/test-project!9 but I think it happens for every MR (originally reported in gitlab-vscode-extension#352 (closed))
What is the current bug behavior?
API returns 500
and merge doesn't happen.
What is the expected correct behavior?
Same as in the web interface: the MR gets merged (and I assume the API endpoint returns 200
)
Relevant logs and/or screenshots
When inspecting the production logs, I see the following error and stack trace:
ActiveModel::UnknownAttributeError
unknown attribute 'merge' for MergeRequest.
Stacktrace
app/services/issuable_base_service.rb:226:in `update', app/services/merge_requests/base_service.rb:78:in `update', lib/gitlab/metrics/instrumentation.rb:160:in `block in update', lib/gitlab/metrics/method_call.rb:27:in `measure', lib/gitlab/metrics/instrumentation.rb:160:in `update', app/services/merge_requests/update_service.rb:25:in `execute', ee/app/services/ee/merge_requests/update_service.rb:19:in `execute', app/services/notes/quick_actions_service.rb:58:in `apply_updates', app/services/notes/create_service.rb:87:in `do_commands', app/services/notes/create_service.rb:54:in `execute_quick_actions', app/services/notes/create_service.rb:23:in `execute', lib/api/helpers/notes_helpers.rb:129:in `create_note', lib/api/notes.rb:89:in `block (3 levels) in <class:Notes>', ee/lib/gitlab/middleware/ip_restrictor.rb:14:in `block in call', ee/lib/gitlab/ip_address_state.rb:10:in `with', ee/lib/gitlab/middleware/ip_restrictor.rb:13:in `call', lib/api/api_guard.rb:213:in `call', ee/lib/omni_auth/strategies/group_saml.rb:41:in `other_phase', lib/gitlab/metrics/elasticsearch_rack_middleware.rb:16:in `call', lib/gitlab/middleware/rails_queue_duration.rb:33:in `call', lib/gitlab/metrics/rack_middleware.rb:16:in `block in call', lib/gitlab/metrics/transaction.rb:56:in `run', lib/gitlab/metrics/rack_middleware.rb:16:in `call', lib/gitlab/request_profiler/middleware.rb:17:in `call', ee/lib/gitlab/database/load_balancing/rack_middleware.rb:39:in `call', lib/gitlab/jira/middleware.rb:19:in `call', lib/gitlab/middleware/go.rb:20:in `call', lib/gitlab/etag_caching/middleware.rb:21:in `call', lib/gitlab/middleware/multipart.rb:172:in `call', lib/gitlab/middleware/read_only/controller.rb:50:in `call', lib/gitlab/middleware/read_only.rb:18:in `call', lib/gitlab/middleware/same_site_cookies.rb:27:in `call', lib/gitlab/middleware/handle_malformed_strings.rb:21:in `call', lib/gitlab/middleware/basic_health_check.rb:25:in `call', lib/gitlab/middleware/handle_ip_spoof_attack_error.rb:25:in `call', lib/gitlab/middleware/request_context.rb:21:in `call', config/initializers/fix_local_cache_middleware.rb:11:in `call', lib/gitlab/metrics/requests_rack_middleware.rb:76:in `call', lib/gitlab/middleware/release_env.rb:12:in `call'
Output of checks
This bug happens on GitLab.com