Skip to content

Getting the push rules via API on an unconfigured project returns invalid JSON

Summary

On some projects where push rules have been deleted (or maybe migrated from a Gitlab CE instance), using the API to get the existing push rules returns invalid JSON in the form of the null string, instead of a 404 Not Found or a mostly empty object.

Steps to reproduce

  1. Fork gitlab-org/gitlab-ce, as it's a project with an EE plan and forking it apparently keeps that status. That might be another bug, actually.

  2. Delete the push rules via the API

    curl -sSL -H 'Private-Token: xxxx' -X DELETE https://gitlab.com/api/v4/projects/12345678/push_rule

  3. Try and get the push rules via the API

    $ curl -sSL -H 'Private-Token: xxxx' https://gitlab.com/api/v4/projects/12345678/push_rule
null

Example Project

fpavageau/gitlab-ce exhibits that behavior. Until I deleted the push rules, getting the push rules would return mostly empty push rules:

$ curl -sSLv -H 'Private-Token: xxxx' https://gitlab.com/api/v4/projects/3840341/push_rule | jq .
[…]
< HTTP/1.1 200 OK
< Server: nginx
< Date: Wed, 12 Dec 2018 16:03:16 GMT
< Content-Type: application/json
< Content-Length: 300
< Cache-Control: max-age=0, private, must-revalidate
< Etag: W/"d2b2c8a530c049585f97a7fdcebea74f"
< Vary: Origin
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< X-Request-Id: FltgXSE3vO3
< X-Runtime: 0.040357
< Strict-Transport-Security: max-age=31536000
< RateLimit-Limit: 600
< RateLimit-Observed: 2
< RateLimit-Remaining: 598
< RateLimit-Reset: 1544630656
< RateLimit-ResetTime: Thu, 12 Dec 2018 16:04:16 GMT
<
{ [300 bytes data]
* Connection #0 to host gitlab.com left intact
{
  "id": 3488494,
  "project_id": 3840341,
  "created_at": "2017-08-02T21:32:43.261Z",
  "commit_message_regex": null,
  "commit_message_negative_regex": null,
  "branch_name_regex": null,
  "deny_delete_tag": null,
  "member_check": false,
  "prevent_secrets": false,
  "author_email_regex": null,
  "file_name_regex": null,
  "max_file_size": 0
}

I then deleted the push rules:

$ curl -sSLv -H 'Private-Token: xxxx' -X DELETE https://gitlab.com/api/v4/projects/3840341/push_rule
[…]
< HTTP/1.1 204 No Content
< Server: nginx
< Date: Wed, 12 Dec 2018 16:03:49 GMT
< Cache-Control: no-cache
< Vary: Origin
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< X-Request-Id: hWrbEjEwIs2
< X-Runtime: 0.069031
< Strict-Transport-Security: max-age=31536000
< RateLimit-Limit: 600
< RateLimit-Observed: 3
< RateLimit-Remaining: 597
< RateLimit-Reset: 1544630689
< RateLimit-ResetTime: Thu, 12 Dec 2018 16:04:49 GMT
<

Now, getting the push rules, instead of returning a 404 Not Found like it does on a project with a free plan, or an empty object, returns

$ curl -sSLv -H 'Private-Token: xxxx' https://gitlab.com/api/v4/projects/3840341/push_rule | jq .
[…]
< HTTP/1.1 200 OK
< Server: nginx
< Date: Wed, 12 Dec 2018 16:03:54 GMT
< Content-Type: application/json
< Content-Length: 4
< Cache-Control: max-age=0, private, must-revalidate
< Etag: W/"74234e98afe7498fb5daf1f36ac2d78a"
< Vary: Origin
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< X-Request-Id: Cc54qGzyAr
< X-Runtime: 0.052126
< Strict-Transport-Security: max-age=31536000
< RateLimit-Limit: 600
< RateLimit-Observed: 1
< RateLimit-Remaining: 599
< RateLimit-Reset: 1544630694
< RateLimit-ResetTime: Thu, 12 Dec 2018 16:04:54 GMT
<
{ [4 bytes data]
* Connection #0 to host gitlab.com left intact
null

despite specifying a Content-Type of application/json.

What is the current bug behavior?

The string null is returned.

What is the expected correct behavior?

A 404 Not Found HTTP status with no body or an error message such as { "message": "404 Not Found" }, or a 200 OK HTTP status with a mostly empty body: {} or { "project_id": 12345678 }.

Output of checks

This bug happens on GitLab.com.

Edited by 🤖 GitLab Bot 🤖