From ec81410b03fb7f4bcdbfe55001e0e830b937444e Mon Sep 17 00:00:00 2001 From: Eeshan Garg Date: Tue, 19 Feb 2019 15:47:40 -0330 Subject: [PATCH] webhooks/github: Ignore repository_vulnerability_alert event. This event isn't incredibly common/useful and errors for this event were cluttering up our webhook logs. --- .../repository_vulnerability_alert.json | 33 +++++++++++++++++++ zerver/webhooks/github/tests.py | 11 +++++++ zerver/webhooks/github/view.py | 6 ++++ 3 files changed, 50 insertions(+) create mode 100644 zerver/webhooks/github/fixtures/repository_vulnerability_alert.json diff --git a/zerver/webhooks/github/fixtures/repository_vulnerability_alert.json b/zerver/webhooks/github/fixtures/repository_vulnerability_alert.json new file mode 100644 index 0000000000..6f47df008a --- /dev/null +++ b/zerver/webhooks/github/fixtures/repository_vulnerability_alert.json @@ -0,0 +1,33 @@ +{ + "action": "dismiss", + "alert": { + "id": 7649605, + "affected_range": "0.2.0", + "affected_package_name": "many_versioned_gem", + "external_reference": "https://nvd.nist.gov/vuln/detail/CVE-2018-3728", + "external_identifier": "CVE-2018-3728", + "fixed_in": "0.2.5", + "dismisser": { + "login":"octocat", + "id":1, + "node_id": "MDQ6VXNlcjIxMDMxMDY3", + "avatar_url":"https://github.com/images/error/octocat_happy.gif", + "gravatar_id":"", + "url":"https://api.github.com/users/octocat", + "html_url":"https://github.com/octocat", + "followers_url":"https://api.github.com/users/octocat/followers", + "following_url":"https://api.github.com/users/octocat/following{/other_user}", + "gists_url":"https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url":"https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url":"https://api.github.com/users/octocat/subscriptions", + "organizations_url":"https://api.github.com/users/octocat/orgs", + "repos_url":"https://api.github.com/users/octocat/repos", + "events_url":"https://api.github.com/users/octocat/events{/privacy}", + "received_events_url":"https://api.github.com/users/octocat/received_events", + "type":"User", + "site_admin":true + }, + "dismiss_reason": "No bandwidth to fix this", + "dismissed_at": "2017-10-25T00:00:00+00:00" + } +} diff --git a/zerver/webhooks/github/tests.py b/zerver/webhooks/github/tests.py index 8606a2c4dd..e7bd82942e 100644 --- a/zerver/webhooks/github/tests.py +++ b/zerver/webhooks/github/tests.py @@ -362,3 +362,14 @@ class GithubWebhookTest(WebhookTestCase): result = self.client_post(self.url, payload, HTTP_X_GITHUB_EVENT='push', content_type="application/json") self.assertFalse(check_send_webhook_message_mock.called) self.assert_json_success(result) + + @patch('zerver.webhooks.github.view.check_send_webhook_message') + def test_repository_vulnerability_alert_ignore( + self, check_send_webhook_message_mock: MagicMock) -> None: + self.url = self.build_webhook_url() + payload = self.get_body('repository_vulnerability_alert') + result = self.client_post(self.url, payload, + HTTP_X_GITHUB_EVENT='repository_vulnerability_alert', + content_type="application/json") + self.assertFalse(check_send_webhook_message_mock.called) + self.assert_json_success(result) diff --git a/zerver/webhooks/github/view.py b/zerver/webhooks/github/view.py index a5d31a3cd7..28f8aa3748 100644 --- a/zerver/webhooks/github/view.py +++ b/zerver/webhooks/github/view.py @@ -423,6 +423,10 @@ EVENT_FUNCTION_MAPPER = { 'watch': get_watch_body, } +IGNORED_EVENTS = [ + 'repository_vulnerability_alert' +] + @api_key_only_webhook_view('GitHub', notify_bot_owner_on_invalid_json=True) @has_request_variables def api_github_webhook( @@ -470,6 +474,8 @@ def get_event(request: HttpRequest, payload: Dict[str, Any], branches: str) -> O return "push_tags" elif event in list(EVENT_FUNCTION_MAPPER.keys()) or event == 'ping': return event + elif event in IGNORED_EVENTS: + return None raise UnexpectedWebhookEventType('GitHub', event)