Jerome St-Louis opened 1 year ago
|
|||||||
When you delete the reviewer, the UI will be refreshed via websocket. Seems to me that websocket has some issues posting changes to your browser. Is OneDev running behind a reverse proxy? If so, make sure to configure the proxy to forward websocket connections: https://docs.onedev.io/administration-guide/reverse-proxy-setup Also when you added someone as reviewer, merge button will only appear after the user approves the pull request. The assignee is the one designated to merge the pull request, same as GitHub concept. |
|||||||
Thank you very much @robin for the explanations.
Yes it is running behind an Apache proxy since native HTTPS support is no longer available.
I was missing loading the "GET /wicket/websocket?pageId=163&wicket-ajax-baseurl=project%2F~builds%3Fquery%3D%2522Status%2522%2Bis%2B%2522Failed%2522&wicket-app-name=DefaultWicketServlet%24%24EnhancerByGuice%24%24160417877 HTTP/1.0" 404 3508 I spent a lot of time to try to find out why it's not working but to no avail.
In this case, the Pull Request was in "Request for Changes" mode after being in Review mode. After clicking that button, the Approve button disappears, and the only way to move it away from that "Request for Changes" mode is to remove the reviewer, but this not straightforward at all. This is a confusing bug / severe limitation in my opinion. The "approve" button should probably remain, or a "cancel request for changes" button could appear.
On GitHub, anyone with write access to the repo can merge the pull request, regardless of who it is assigned to (I just verified that this is the case). It is confusing because we may want to use the assignees as the person in charge of moving this PR forward i.e., to make the requested changes. I assume it is intended to be the person who originally submitted the pull request, but sometimes we may want to re-assign the PR to someone else to make those requested changes. NOTE: I still think those 500 server errors should not occur for clients with broken WebSockets using an outdated status if the lack of update is the source of that problem. They should be caught as a 4xx client error if the client is submitting an invalid request. Technically, I guess it could still happen with working websockets if the user clicks again on a button before the page is updated and it disappears. |
|||||||
Let's get the websocket working before talking about other topics. The 404 error should not occur. Seems that there is something wrong with your front end proxy. Or to narrow down the issue, you may try with other options such as Nginx or Caddy server. |
|||||||
@robin I tried to investigate this more. Even with a trace2 LogLevel, everything in the onedev-error_log seems to indicate that the WebSocket proxying is working properly, and that it is really OneDev returning a 404. Also it was pointed out to me that the access control directives from the Apache proxying guide are outdated 2.2 directives. I have the same result with or without them though.
Yet the onedev-access_log will get a:
|
|||||||
@robin I managed to set up nginx with the same config but enabling SSL on a different port, and I have the exact same 404 WebSocket problem. My config says:
With both Apache and nginx, the browser will report:
and the access log will report:
Is there anyway to increase the verbosity of these OneDev logs to debug this better? Note that I am proxying through https (which is the whole point of the proxy). |
|||||||
Seems that these proxy entries are not taking effect for some reason. I just set up a EC2 instance to run Apache httpd with OneDev, and websocket works without any issues. To narrow down the issue, can you please turn off SSL for the host to see if it works? |
|||||||
The WebSocket seems to be working correctly if interacting directly with the host at port 6610, and also if doing the proxy without SSL. But that defeats the purpose of the proxy ;) Not sure what is going on with that SSL... Possibly related: https://stackoverflow.com/questions/31211828/apache-proxy-websocket-wss-to-ws |
|||||||
@robin Apache/2.4.55 which is just one version behind and nginx/1.22.1 . The normal HTTP stuff is poxying just fine, only having issues with this 404 on the wss:// requests. But as I mentioned, from the trace2 logs it "looks" like it is being proxied properly. I will try even higher log levels, since they seem to report more SSL information. |
|||||||
I made another test on a new RHEL instance with Apache 2.4.53, enabled SSL and also websocket works fine. You may test the setup on a new EC2 instance, and compare with your SSL setting to see if there is any obivous difference. |
|||||||
@robin So I investigated this a lot more, and it really seems like it does get to OneDev, but for some reason OneDev perhaps is confused and does not treat it like a WebSocket, or doesn't like something about the request, when it originated from a proxied wss:// request? OneDev returns a panda "I didn't eat it. I swear!" message and a
This is with both nginx and Apache2. I am testing with curl:
|
|||||||
Update: digging into this deeper, for the Apache proxy, I realized that for HTTPS (which does not work) I have the following header:
whereas for HTTP I have:
|
|||||||
I know what's going on. It's my first level proxy that already lost those headers. |
|||||||
I think I finally got this working with Apache... On top of having to fix both proxies to proxy WebSockets properly, I had to set
It seems that this HTTP fallback does not work with SSL. Essentially, in Apache 2.4.47 and later, the ws tunnel module is disabled without this option set. Looks like there may be a newer way to do this without the rules rewriting:
So here are two configurations that do work with Apache 2.4.47+:
or
I thought the following could work instead using the new way, but i get Error during WebSocket handshake: Invalid status line errors with this:
It would be good to update the reverse proxy guide with this missing information.
I wonder why it worked for you, possibly EDIT: I just found another reason why things may not have been working. In my first proxy I had:
and as I learned from https://bz.apache.org/bugzilla/show_bug.cgi?id=65294 WebSocket upgrades should be ignored with HTTP 1.0. |
|||||||
Glad to see it is working for you now. The default setting works on EC2 Ubuntu, RHEL and My Mac as well. I will experiment with options you suggested and improve the manual as necessary. Thanks again for the detailed feedback. |
|||||||
Thank you for improving the manual and your help investigating this. |
|||||||
Now let's talk about the pull request workflow confusing you. I guess you are stumbled upon below screen: You were welcomed with this screen because one of the reviewer ( |
|||||||
@robin Yes except I was the reviewer (robin) who asked for changes. What I would like to see is a way to either "Cancel request for changes", or keep seeing the "Approve" button even though I asked for changes. I am not sure what is the view of the person who opened the pull request, but it seems off that the only way to be able to Approve it is to remove myself as the reviewer and add myself again to approve it. So much so, that I was wondering whether I should try clicking "Discard" to unstuck this PR from that request for changes. And I was not the assignee, but as admin of the repo I would like to always see the "Merge" button, regardless of who is assigned. |
|||||||
You may click the And you can then approve the pull request to make it mergeable. However you still need to be pull request assignee to merge the pull request. It is designed to be so as at each phase, it is clear who is responsible for the pull request, for instance there is no excuse for assignee to not merge pull request as no other person can merge it once assigned. If you as repository owner want to merge the pull request, just add yourselve as one of the assignee and proceed. |
|||||||
Also the |
|||||||
@robin OK. That refresh button is what I was essentially looking for, but in my opinion, it is extremely confusing because:
I mostly understood Discard as what it is, except for the fact that it is under that Orange notification that I want to "Discard" and that I could not find any other way to cancel the request for changes. |
|||||||
Request review means to request particular user to re-review the pull request. It is necessary but not very frequently used in normal workflow. I admit that for current user, it is a bit confusing. Will think more about this... |
|||||||
Robin Shen changed fields 1 year ago
|
|||||||
Thanks @robin . So you mean the refresh button is also used to send a notification to that particular reviewer? The "refresh" icon makes more sense in that way. But that seems a different functionality than this "cancel request for change". So perhaps a separate "Cancel request for change" button could be added to the current reviewer where the Approve / Request changes buttons are located. The main reason I filed this issue though was because the server returned an "Oops!" error (I believe it was a 500 error), which really should never happen except for uncaught bugs (an IndexOutOfBoundsException error in this case). 5xx HTTP code means "I (the server) messed up", and it's normally (my take is always, but opinions may vary) a bug that needs to be reported / fixed. Since it is the client that sent a wrong request, this should probably have been caught earlier on the server side as a 4xx client error. I am not sure if there is anything that needs to be fixed on the client side e.g., if it's still possible to trigger that error when WebSockets are working by clicking delete twice quickly before the UI refreshes (I tried but was not able to reproduce it after fixing the WebSockets). |
|||||||
Yes, it will notify user (send email) to re-review the pull request. The "cancel request for changes" also fits in this logic: you request yourself to re-review the pull request in order to cancel previous review results (request for changes). As to the 500 error, OneDev uses websocket to update UI in many places. This simplies UI refreshing a lot, and yet proves to be pretty reliable as long as websocket works. I admit that there is a chance to click twice to cause this error before UI is refreshed. But in practice this rarelly happens. I will see if this problem is reported frequently (for now, only once), and decide if necessary to improve the UI rendering logic. |
|||||||
As exemplified by me filing this issue, my brain did not come to that conclusion on its own, despite staring at the interface for several minutes explicitly looking for it.
Regardless of the UI though, from a systems engineering perspective, the Client and the Server should independently work reliably and not possibly do something as terrible as indexing out of bounds if one goes rogue :) It's a security thing as well. So this 500 error results from a lack of validation that should be fixed on the server side and return a client 4xx error, regardless of whether the client-side UI is improved for the refreshing or not. Here is another example of something that should not be a 500: https://code.onedev.io/projects/onedev-manual/issues/2/activities ( linked from https://code.onedev.io/onedev/server/~issues/151 ) If this resource no longer exists, this should be a 404, not a 500. A 500 is an unexpected situation that needs to be fixed. (Ideally, that one should be a 301 redirect to https://code.onedev.io/onedev/manual/~issues/2/activities so we can keep finding those linked resources) |
|||||||
Will investigate to see if there is better approaches playing well with current concept...
For the obsolete url you mentioned, I did not make them auto redirected for code brevity as there are not many old OneDev instances in the wild. |
|||||||
Either Wicket offers a way to validate the requests and return the appropriate HTTP status, or it (and OneDev using it) goes against the HTTP protocol standard. https://www.w3.org/Protocols/rfc2616/rfc2616-sec6.html#sec6.1.1
Possibly this is an issue we need to file with Wicket to make it easier to not return IndexOutOfBoundsException and NullPointerException but instead return a validated, more obvious explanation of what triggered an error (which should make it much easier to investigate as well). As a C developer, seeing a NullPointerException or IndexOutOfBoundsException in what should be a stable production environment scares the $&!^ out of me ;)
Even if no re-direction are implemented, returning a 404 would be a lot better than a 500. |
|||||||
Not a wicket problem. I mean OneDev does not have back end service intended to be used by others, and I am a bit lazy on differenticating different cases to return different http status codes for these rare cases. |
|||||||
Robin Shen changed state to 'Closed' 1 year ago
|
Type |
Question
|
Priority |
Normal
|
Assignee |
I am struggling to understand the Pull Request system. I was set as reviewer, and I think I added some comments to a Pull Request and it was automatically marked a "Pull request can not be merged now as it was requested for changes". Yet I was seeing no button to either mark the PR as "Changes applied", or to "Approve it", or to "Merge It". The PR had both an Assignee and a Reviewer. I would expect at least one of these buttons to always be present and be a full size button like "Discard". I was also confused by what the "Discard" button is -- does it discard the request for changes, or does it discard the whole PR? "Discard this PR" might be clearer, or perhaps not showing it immediately next to those messages would avoid the confusion.
I am also confused by "Assignees are expected to merge the pull request". In a "Changes requested mode", I would expect the assignee to be the person from whom changes were requested (that would not be the reviewer), but not necessarily the person merging it (they might not have permission to merge into the target branch, which is why they are submitting a PR in the first place).
After removing the Assignee and the Reviewer, I saw the "Merge" button apear again, but not before discovering two problems, which may be somewhat related: