Prevent errors saving alerts with non-string inputs for string fields
What does this MR do and why?
Context
Alert integrations
can accept HTTP requests from 3rd party tools containing details about problems in a user's application. GitLab maps the content of fields from the request payload to various alert attributes. As best as we can, we want to make sure to save an alert for any payload, if it's possible to interpret the provided content sensibly.
This MR
For the alert attributes which are expected to be strings, we currently assume that any provided value will be a string. And we truncate the string to the max length. However, if an Array
or Hash
are provided, the truncation attempt raises NoMethodError
.
This MR casts the values for relevant attributes to strings, so that we can create the alert for the payload & not effectively swallow the request.
How to set up and validate locally
- In a project with maintainer+ permissions, nav to
Settings > Monitor > Alerts
- Create an alert integration or open an existing one
- easiest values to select for the form:
HTTP
, any name,active
, skip the optional mapping fields, Save!
- easiest values to select for the form:
- Open the
Send test alert
tab for the integration - Send a payload like
{ "title": ["New alert"] }
& see the success toast message
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.