Skip to content
Snippets Groups Projects

Fix timestamp values in Arkose Data Exchange payload

What does this MR do and why?

Resolves https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/831+

This MR is an outcome of the recent 2024-07-30: Users cannot complete OAuth sign up (gitlab-com/gl-infra/production#18341 - closed) incident.

It fixes $.timestamp and $.api_source_validation.timestamp values in the Arkose Data Exchange payload which contained incorrect values as reported by Arkose

Screenshot_2024-08-02_at_4.05.51_PM

$.timestamp and $.api_source_validation.timestamp should be a string and an integer, respectively, specifying the milliseconds (currently seconds) elapsed since the UNIX epoch as documented in https://support.arkoselabs.com/hc/en-us/articles/4410529474323-Data-Exchange-Enhanced-Detection-and-API-Source-Validation#DataExchange:EnhancedDetectionandAPISourceValidation-APISourceValidation.

This MR also adds a new ops type feature flag (named arkose_labs_data_exchange) that is enabled by default to provide a way to disable the Arkose Data Exchange feature in case something goes wrong.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

Edited by Eugie Limpin

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Ghost User
  • Reviewer roulette

    Category Reviewer Maintainer
    backend @olaoluro profile link current availability (UTC+1, 7 hours behind author) @proglottis profile link current availability (UTC+12, 4 hours ahead of author)

    Please refer to documentation page for guidance on how you can benefit from the Reviewer Roulette, or use the GitLab Review Workload Dashboard to find other available reviewers.

    If needed, you can retry the :repeat: danger-review job that generated this comment.

    Generated by :no_entry_sign: Danger

  • Eugie Limpin added 1 commit

    added 1 commit

    • da272e6d - Add ops-type feature flag to control Arkose Data Exchange feature

    Compare with previous version

  • Eugie Limpin changed the description

    changed the description

  • Ian Anderson
  • Ian Anderson
  • Ian Anderson
  • Ian Anderson requested review from @imand3r

    requested review from @imand3r

  • Eugie Limpin requested review from @imand3r

    requested review from @imand3r

  • Eugie Limpin added 1 commit

    added 1 commit

    Compare with previous version

  • Ian Anderson approved this merge request

    approved this merge request

  • added pipelinetier-2 label and removed pipelinetier-1 label

  • Before you set this MR to auto-merge

    This merge request will progress on pipeline tiers until it reaches the last tier: pipelinetier-3. We will trigger a new pipeline for each transition to a higher tier.

    Before you set this MR to auto-merge, please check the following:

    • You are the last maintainer of this merge request
    • The latest pipeline for this merge request is pipelinetier-3 (You can find which tier it is in the pipeline name)
    • This pipeline is recent enough (created in the last 8 hours)

    If all the criteria above apply, please set auto-merge for this merge request.

    See pipeline tiers and merging a merge request for more details.

  • E2E Test Result Summary

    allure-report-publisher generated test report!

    e2e-test-on-gdk: :white_check_mark: test report for aa6768c8

    expand test summary
    +------------------------------------------------------------------+
    |                          suites summary                          |
    +-------------+--------+--------+---------+-------+-------+--------+
    |             | passed | failed | skipped | flaky | total | result |
    +-------------+--------+--------+---------+-------+-------+--------+
    | Govern      | 142    | 0      | 0       | 0     | 142   | ✅     |
    | Data Stores | 31     | 0      | 1       | 0     | 32    | ✅     |
    | Monitor     | 8      | 0      | 0       | 0     | 8     | ✅     |
    | Plan        | 70     | 0      | 0       | 0     | 70    | ✅     |
    | Create      | 127    | 0      | 12      | 0     | 139   | ✅     |
    | Package     | 16     | 0      | 15      | 0     | 31    | ✅     |
    | Verify      | 43     | 0      | 2       | 0     | 45    | ✅     |
    | Analytics   | 2      | 0      | 0       | 0     | 2     | ✅     |
    | Release     | 5      | 0      | 0       | 0     | 5     | ✅     |
    | Manage      | 0      | 0      | 1       | 0     | 1     | ➖     |
    | Secure      | 2      | 0      | 0       | 0     | 2     | ✅     |
    | Fulfillment | 1      | 0      | 0       | 0     | 1     | ✅     |
    +-------------+--------+--------+---------+-------+-------+--------+
    | Total       | 447    | 0      | 31      | 0     | 478   | ✅     |
    +-------------+--------+--------+---------+-------+-------+--------+

    e2e-package-and-test: :white_check_mark: test report for aa6768c8

    expand test summary
    +-------------------------------------------------------------+
    |                       suites summary                        |
    +--------+--------+--------+---------+-------+-------+--------+
    |        | passed | failed | skipped | flaky | total | result |
    +--------+--------+--------+---------+-------+-------+--------+
    | Govern | 158    | 0      | 14      | 4     | 172   | ✅     |
    +--------+--------+--------+---------+-------+-------+--------+
    | Total  | 158    | 0      | 14      | 4     | 172   | ✅     |
    +--------+--------+--------+---------+-------+-------+--------+
  • Eugie Limpin requested review from @maddievn and removed review request for @imand3r

    requested review from @maddievn and removed review request for @imand3r

  • Eugie Limpin added 1 commit

    added 1 commit

    • f2c61b92 - Update feature flag default_enabled to false

    Compare with previous version

  • Eugie Limpin
  • Madelein van Niekerk approved this merge request

    approved this merge request

  • added pipelinetier-3 label and removed pipelinetier-2 label

  • Eugie Limpin added 1 commit

    added 1 commit

    • aa6768c8 - Add rollout issue URL to FF definition file

    Compare with previous version

  • Eugie Limpin reset approvals from @maddievn by pushing to the branch

    reset approvals from @maddievn by pushing to the branch

  • Eugie Limpin requested review from @maddievn

    requested review from @maddievn

  • Madelein van Niekerk approved this merge request

    approved this merge request

  • Madelein van Niekerk resolved all threads

    resolved all threads

  • Madelein van Niekerk enabled automatic add to merge train when checks pass

    enabled automatic add to merge train when checks pass

  • mentioned in commit fded1ec7

  • added workflowstaging label and removed workflowcanary label

  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Please register or sign in to reply
    Loading