-
Bug
-
Resolution: Fixed
-
High (View bug fix roadmap)
-
7.13.5, 8.5.0, 8.5.3
-
7.13
-
16
-
Severity 2 - Major
-
116
-
Issue Summary
Webhooks creating from the Jira integration with GitHub Enterprise are created with an incorrect URL.
Previously, Push and Pull webhooks were created using the same URL
- Push: JIRA_BASE_URL/rest/bitbucket/1.0/repository/XXXXXXX/sync
- Pull request: JIRA_BASE_URL/rest/bitbucket/1.0/repository/XXXXXXX/sync
But in 7.13.8 and 8.5.x, the push webhook is being created as an incorrect payload JIRA_BASE_URL/rest/bitbucket/1.0/repository/XXXXXXX/repo/sync resulting in Invalid HTTP response: 415.
IMPACT ON YOUR INSTANCE
This bug specifically affects webhook operation (eg. smart commit). DVCS can fallback to the hourly sync to fetch changes from GH/E. However, it means changes can delay up to 1 hour before they got across in Jira.
Steps to Reproduce
- Install Jira 7.13.8
- Connect Jira to Github Enterprise
Expected Results
Webhook created with the correct payload URL
<BASE_URL>/rest/bitbucket/1.0/repository/<repository-id>/sync
Actual Results
Webhook created with incorrect payload URL resulting in 415
<BASE_URL>/rest/bitbucket/1.0/repository/<repository-id>/repo/sync
Notes
This issue affects Jira version released after July 2019
Workaround
Remove "/repo" from the payload URL manually, webhook work properly, or by rest API directly to Github:
- Grab all webhooks from each repo:
curl --location --request GET 'https://api.github.com/repos/<user>/<repo name>/hooks' \ --header 'Authorization: Basic xxxxxxxxx' \
This will return the following, we are looking for any webhook IDs that have the offending url pattern (/repo) in this case it would be "id": 252018187:
{ "type": "Repository", "id": 252018187, "name": "web", "active": true, "events": [ "push" ], "config": { "content_type": "form", "insecure_ssl": "0", "url": "https://BASEURL/rest/bitbucket/1.0/repository/1/repo/sync" }, "updated_at": "2020-09-28T18:48:55Z", "created_at": "2020-09-28T18:46:41Z", "url": "https://api.github.com/repos/volktronz/TEST/hooks/252018187", "test_url": "https://api.github.com/repos/volktronz/TEST/hooks/252018187/test", "ping_url": "https://api.github.com/repos/volktronz/TEST/hooks/252018187/pings", "last_response": { "code": 200, "status": "active", "message": "OK" } } - Then we'd make another call to each webhook ID identified with the right URL pattern:
curl --location --request PATCH 'https://api.github.com/repos/volktronz/test/hooks/252018187' \ --header 'Authorization: Basic xxxxxxxx' \ --header 'Content-Type: application/json' \ --data-raw ' { "config": { "url": "https:BASEURL/rest/bitbucket/1.0/repository/1/sync" } } '
| Form Name | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
[JSWSERVER-20298] DVCS create incorrect webhook payload URL resulting 415 error
And I have a question
If we upgrade to fix version, Do we have to resynchronize all existing dvcs connections from the beginning?
(We are using thousands of dvcs connections)
Hello Atlassian Development Team
There seems to be a fix version released for the issue today. (8.5.4, 8.6.2, 7.13.13, 8.8.0, 8.7.2)
Is there any fix version plans for 8.3.x?
Hi sujeong
Yes. It removes repo from the Webhook URL and then does a test.
It scans all of the repos in a GitHub organization, looking for any that have "repo/sync" in the webhook. Then we modify the webhooks (or patch as GitHub puts it) to remove "repo/".
It is a shell script run from a Git Bash environment. I didn't want to have to install lots of add ons etc. Plus wanted to keep it relatively simple.
It uses lots of temp files and api calls. You could probably improve it and reduce the lines of code, but this was a first attempt.
I have uploaded a copy to https://github.com/mzzmjd/GHE-JIRA-INTEGRATION-FIX
Hopefully, it makes sense.
Please check the code to make sure that it does not cause issues with your instances.
Feel free to raise issues / questions on GitHub repo.
Pete
Hello Pete Grantham
Can you ask me for details on what kind of script it is?
Is it a script that simply removes the "repo" context?
As a temporary workaround, it is possible to write a script to correct the wrong hooks in GitHub Enterprise by using the GitHub API.
Hi,
We too are affected by this bug and would appreciate if this can be resolved on priority. Ref PS-53046
Hello there
Can you tell me when it's going to be a bug fix?
My client is having a hard time with this issue
Please resolve it as soon as possible
Investigation Done
According to following code, pushCallbackUrl change to "/repo/sync" when customer connect with GitHub Enterprise. I assume that this is the cause of this problem.
@Override
public Set<HookConfiguration> getHookConfiguration(Repository repository) {
String baseUrl = applicationProperties.getBaseUrl(CANONICAL) + POST_HOOK_SUFFIX + repository.getId();
if (GithubCommunicator.GITHUB.equals(repository.getDvcsType())) {
String callbackUrl = baseUrl + "/sync";
return ImmutableSet.of(new HookConfiguration(REPO_PUSH, callbackUrl), new HookConfiguration(PULL_REQUEST, callbackUrl));
} else {
String repoPushCallbackUrl = baseUrl + "/repo/sync";
String pullRequestCallbackUrl = baseUrl + "/sync";
return ImmutableSet.of(new HookConfiguration(REPO_PUSH, repoPushCallbackUrl), new HookConfiguration(PULL_REQUEST, pullRequestCallbackUrl));
}
}
Could you please advise when is v8.5.4 set to be released?