Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Closes request #31580: Filter outbound HTTP requests

Download Browse

Outbound HTTP requests now go through Smokescreen when another proxy is not defined. To test, you need to build and deploy on your dev instance the new package `tuleap-smokescreen` then restart the `tuleap` service. You can see the requests going through the proxy by looking at the logs of the unit (`journalctl -u tuleap-smokescreen -f`). The logger and metric collector have been adjusted a bit to make sure we do not falsely flag a request as a SSRF filtered request when something else than Smokescreen has returned a response with a 407 HTTP status code. Change-Id: I9b90719e7d01c44b530cf26db1f64ca27175c701

+571 −22
Thomas Gerbet (tgerbet) 2023-04-20 10:23
Thomas Gerbet (tgerbet) 2023-04-25 11:22
b6dadb88db20e5209a19962334b6e367cdd415ca
dd0813e6e773c72ef0f31edd7f99684f7aa60938
git #tuleap/stable/b6dadb88db20e5209a19962334b6e367cdd415ca

Modified Files

Side by side diff
Inline diff
Name
A src/additional-packages/tuleap-smokescreen.nix +68 −0 Go to diff View file
A src/additional-packages/tuleap-smokescreen/tuleap-smokescreen.service +25 −0 Go to diff View file
A src/additional-packages/tuleap-smokescreen/tuleap-smokescreen.spec +63 −0 Go to diff View file
M src/common/Http/Client/FilteredOutboundHTTPResponseAlerter.php +24 −7 Go to diff View file
A src/common/Http/Client/FilteredOutboundRequestJustification.php +55 −0 Go to diff View file
M src/common/Http/Client/HTTPOutboundResponseMetricCollector.php +28 −8 Go to diff View file
M src/common/Http/Client/OutboundHTTPRequestProxy.php +7 −2 Go to diff View file
A src/common/Http/Client/SmokescreenConfiguration.php +58 −0 Go to diff View file
A src/common/Http/Client/SmokescreenDumpConfigurationCommand.php +53 −0 Go to diff View file
M src/tuleap-cfg/Command/Docker/Supervisord.php +2 −0 Go to diff View file
M src/utils/tuleap.php +7 −0 Go to diff View file
M tests/unit/common/Http/Client/FilteredOutboundHTTPResponseAlerterTest.php +6 −2 Go to diff View file
A tests/unit/common/Http/Client/FilteredOutboundRequestJustificationTest.php +49 −0 Go to diff View file
M tests/unit/common/Http/Client/HTTPOutboundResponseMetricCollectorTest.php +9 −1 Go to diff View file
M tests/unit/common/Http/Client/OutboundHTTPRequestProxyTest.php +8 −0 Go to diff View file
A tests/unit/common/Http/Client/SmokescreenConfigurationTest.php +43 −0 Go to diff View file
A tests/unit/common/Http/Client/SmokescreenDumpConfigurationCommandTest.php +47 −0 Go to diff View file
A tools/docker/tuleap-aio-c7/supervisor.d/smokescreen.ini +5 −0 Go to diff View file
A tools/docker/tuleap-aio-c7/supervisor.d/start-tuleap-smokescreen.sh +10 −0 Go to diff View file
M tools/docker/tuleap-aio-dev/run.sh +3 −2 Go to diff View file
M tools/rpm/tuleap.rhel7.spec +1 −0 Go to diff View file