Hello all, I am trying out this nirvana pipeline approach, and trying to figure out how to implement the 'wait for results' for the can-i-deploy stage. Please provider your insights.

#588 Can I deploy json output should return provider version in the matrix when verification did not happen yet Issue created by uittorio Pre issue-raising checklist I have already ☑︎ Upgraded to the latest Pact Broker OR ☑︎ Checked the CHANGELOG to see if the issue I am about to raise has been fixed ☐ Created an executable example that demonstrates the issue using either a: • Dockerfile • Git repository with a Travis or Appveyor (or similar) build Software versions • OS: e.g. Any • pact broker client details:** pact-ruby-standalone CLI v 1.91.0 • pact gem 1.62.0 • pact-mock_service gem 3.9.0 • pact-support gem 1.18.1 • pact-provider-verifier gem 1.36.1 • pact_broker-client gem 1.65.0 • pact-message gem 0.11.1 Expected behaviour When checking if a Consumer with a specified version can be deployed in an environment for a specific Provider And the pact is not verified yet Then the JSON output includes the version of the Provider Actual behaviour When checking if a Consumer with a specified version can be deployed in an environment for a specific Provider And the pact is not verified yet Then the JSON output does not include the version of the Provider Step to reproduce • Publish a pact that changes the content (a new pact) • Do not verify the pact • run the pact broker can-i-deploy command I was expecting this command to return the version of the provider in prod but instead it returns null!

pact-broker can-i-deploy --pacticipant {Consumer} --version {consumerVersion}  --pacticipant {Provider} -l --in_environment {environment} --broker-base-url {broker.base.url} -k {token} -o json

Actual Response. I've only included the relevant part in the json output example!

{
  "summary": {
    "deployable": null,
    "reason": "There is no verified pact between version s712-consumerVersion-g1723 of AConsumer and the latest version of AProvider (b123-providerVersion-901)",
    "success": 0,
    "failed": 0,
    "unknown": 1
  },
  "notices": [
    {
      "type": "error",
      "text": "There is no verified pact between version s712-consumerVersion-g1723 of AConsumer and the latest version of AProvider (b123-providerVersion-901)"
    }
  ],
  "matrix": [
    {
      "consumer": {
        "name": "AConsumer",
        "version": {
          "number": "s712-consumerVersion-g1723"
        }
      },
      "provider": {
        "name": "AProvider",
        "version": null
      },
      "verificationResult": null
    }
  ]
}

Expected Response. I was hoping to receive a json that contains the provider version. Example

{
  "summary": {
    "deployable": null,
    "reason": "There is no verified pact between version s712-consumerVersion-g1723 of AConsumer and the latest version of AProvider (b123-providerVersion-901)",
    "success": 0,
    "failed": 0,
    "unknown": 1
  },
  "notices": [
    {
      "type": "error",
      "text": "There is no verified pact between version s712-consumerVersion-g1723 of AConsumer and the latest version of AProvider (b123-providerVersion-901)"
    }
  ],
  "matrix": [
    {
      "consumer": {
        "name": "AConsumer",
        "version": {
          "number": "s712-consumerVersion-g1723"
        }
      },
      "provider": {
        "name": "AProvider",
        "version": "b123-providerVersion-901"
      },
      "verificationResult": null
    }
  ]
}

Why this would be useful We would like to use the ouput of this command to determine the version of the Provider in a specific environment. It's probably not the best place to look at but it feels correct to return the version of the provider deployed in that environment considering that is part of the error message. Let me know if you need anything else, I am happy to open a Pull request if this makes sense! pact-foundation/pact_broker

#589 chore: Add a page section to the pagination links Pull request opened by Inksprout This PR adds a page section to the pagination links. Paginated resources will now include these page details when a paginated response is returned. pact-foundation/pact_broker ✅ All checks have passed 9/9 successful checks

Hi All 👋 I have been working on creating and debugging some webhooks and in the process of that I have deleted a few of the webhooks! I have noticed that there seems to be some left over

triggeredWebhooks

embedded resources from some failed triggeres which leaves the webhook status as red on the Broker homepage even though they are now successfully being triggered. Is there an easy way to clean up these old logs?

hi! in broker there are 2 labels for same

env:live1

🙂 should

released

and

deployed

be a bit different ( in color ? ) broker 2.105

#95 chore(deps): bump sinatra from 2.2.2 to 2.2.4 in /pact_broker Pull request opened by dependabot[bot] Bumps sinatra from 2.2.2 to 2.2.4. Changelog Sourced from sinatra's changelog.

Unreleased

• Your new feature here.

3.0.5 / 2022-12-16

• Fix: Add Zeitwerk compatibility. #1831 by Dawid Janczak

• Fix: Allow CALLERS_TO_IGNORE to be overridden

3.0.4 / 2022-11-25

• Fix: Escape filename in the Content-Disposition header. #1841 by Kunpei Sakai

3.0.3 / 2022-11-11

• Fix: fixed ReDoS for Rack:Protection:IPSpoofing. #1823 by `@​ooooooo-q`

3.0.2 / 2022-10-01

• New: Add Haml 6 support. #1820 by Jordan Owens

3.0.1 / 2022-09-26

• Fix: Revert removal of rack-protection.rb. #1814 by Olle Jonsson

• Fix: Revert change to server start and stop messaging by using Kernel#warn. Renamed internal warn method warn_for_deprecation. #1818 by Jordan Owens

3.0.0 / 2022-09-26

• New: Add Falcon support. #1794 by Samuel Williams and `@​horaciob`

• New: Add AES GCM encryption support for session cookies. #1324 (sinatra/sinatra#1324) by Michael Coyne

• Deprecated: Sinatra Reloader will be removed in the next major release.

• Fix: Internal Sinatra errors now extend

Sinatra::Error

. This fixes #1204 and #1518. bda8c29d by Jordan Owens

• Fix: Preserve query param value if named route param nil. #1676 by Jordan Owens

• Require Ruby 2.6 as minimum Ruby version. #1699 by Eloy Pérez

• Breaking change: Remove support for the Stylus template engine. #1697 by Eloy Pérez

• Breaking change: Remove support for the erubis template engine. #1761 by Eloy Pérez

• Breaking change: Remove support for the textile template engine. #1766 by Eloy Pérez

• Breaking change: Remove support for SASS as a template engine. #1768 by Eloy Pérez

... (truncated) Commits • `7c88c7c` 2.2.4 release • `4f9a883` Install

libyaml-dev

in CI • `5788f46` Allow CALLERS_TO_IGNORE to be overridden • `c135ceb` Remove hamlit-block to fix spec failure • `de0b6ab` 2.2.3 release • `0bdb254` 2.2.3 release • `43df742` Remove rdoc • `580b271` fix ReDoS • `9031a44` Pin haml to v5 • `0455c8e` Pin Puma to v5 • Additional commits viewable in compare view Dependabot compatibility score Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page. pact-foundation/pact-broker-docker GitHub Actions: test GitHub Actions: test ✅ 1 other check has passed 1/3 successful checks

#90 chore(deps): bump sinatra from 2.2.2 to 2.2.3 in /pact_broker Pull request opened by dependabot[bot] Bumps sinatra from 2.2.2 to 2.2.3. Changelog Sourced from sinatra's changelog.

2.2.3 / 2022-11-25

• Fix: Escape filename in the Content-Disposition header. #1841 by Kunpei Sakai

• Fix: fixed ReDoS for Rack:Protection:IPSpoofing. #1823 by `@​ooooooo-q`

Commits • `0bdb254` 2.2.3 release • `43df742` Remove rdoc • `580b271` fix ReDoS • `9031a44` Pin haml to v5 • `0455c8e` Pin Puma to v5 • `1808bcd` escape filename in the Content-Disposition header • `ee12b18` Note potential breaking change in 2.2.0 release • `9c1ed08` Update CHANGELOG.md • See full diff in compare view Dependabot compatibility score Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page. pact-foundation/pact-broker-docker GitHub Actions: test GitHub Actions: test ✅ 2 other checks have passed 2/4 successful checks

#590 Add CLI command to identify version(s) in an environment Issue created by bethesque pact-foundation/pact_broker

Hey there! Hopefully this is the right channel. I'm piecing together my consumer/provider workflow, and I'm at a tricky intersection with

create-version-tag

for my pacticipant version. For reference, we're using GitHub Actions. I'm using the commit short SHA for my versioning, and the environment name as the tag. Our general development flow is: 1. Commit PR and run tests 2. Squash and merge 3. Deploy (This is handled in a separate GitHub Action file) My question is: When we squash and merge the PR into the target branch, the only commit reference for that branch is then the merge commit SHA, which doesn't align with the commit SHA that the contract was verified for. So what is the appropriate way to then run the

create-version-tag

command and reference the correct version for that particular environment?

I'm a little unclear on the order by which pacticipants should be publishing their results when first setting up new consumers/providers. Say I have a new consumer and provider and I set up my CI process to do the following: Consumer PR: 1. Run consumer test a. New contract should kick off the provider new contract verification task 2. Run

pact-can-i-deploy

Provider PR: 1. Run provider verification test 2. Run

pact-can-i-deploy

If I start the consumer test flow first, the provider new contract verification test will fail with

TypeError: providerVersion

because my provider is new and has not yet run. If I start the provider test flow first, the provider verification will still fail because I have no consumer contracts to verify. How do we avoid these types of race conditions? And will this be something to consider when we have multiple environments (dev, qa, prod, etc.) that the tests are running for the first time?

#96 chore(deps): bump rack from 2.2.4 to 2.2.6.2 in /pact_broker Pull request opened by dependabot[bot] Bumps rack from 2.2.4 to 2.2.6.2. Changelog Sourced from rack's changelog.

Changelog

All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference Keep A Changelog.

[3.0.3] - 2022-12-07

Fixed

•

Rack::URLMap

uses non-deprecated form of

Regexp.new

. (#1998, `@​weizheheng`)

[3.0.2] -2022-12-05

Fixed

•

Utils.build_nested_query

URL-encodes nested field names including the square brackets.

• Allow

Rack::Response

to pass through streaming bodies. (#1993, [`@​ioquatix`])

[3.0.1] - 2022-11-18

Fixed

•

MethodOverride

does not look for an override if a request does not include form/parseable data.

•

Rack::Lint::Wrapper

correctly handles

respond_to?

with

to_ary

,

each

,

call

and

to_path

, forwarding to the body. (#1981, [`@​ioquatix`])

[3.0.0] - 2022-09-06

• No changes

[3.0.0.rc1] - 2022-09-04

SPEC Changes

• Stream argument must implement

<<

rack/rack#1959

•

close

may be called on

rack.input

rack/rack#1956

•

rack.response_finished

may be used for executing code after the response has been finished rack/rack#1952

[3.0.0.beta1] - 2022-08-08

Security

• Do not use semicolon as GET parameter separator. (#1733, [`@​jeremyevans`])

SPEC Changes

• Response array must now be non-frozen.

• Response

status

must now be an integer greater than or equal to 100.

• Response

headers

must now be an unfrozen hash.

• Response header keys can no longer include uppercase characters.

• Response header values can be an

Array

to handle multiple values (and no longer supports

\n

encoded headers).

• Response body can now respond to

#call

(streaming body) instead of

#each

(enumerable body), for the equivalent of response hijacking in previous versions.

... (truncated) Commits • `2606ac5` bumping version • `f6d4f52` Fix ReDoS in Rack::Utils.get_byte_ranges • `20bc90c` bump version • `3677f17` Update changelog • `ee25ab9` Fix ReDoS vulnerability in multipart parser • `19e49f0` Forbid control characters in attributes • `ea39e49` Bump patch version. • `c0f9de4` Rack::MethodOverride handle QueryParser::ParamsTooDeepError (#2011) • `8312a2f` Remove leading dot to fix compatibility with latest cgi gem. (#1988) • `2a82c88` Update tests to work on latest Rubies. (#1999) • Additional commits viewable in compare view Dependabot compatibility score Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page. pact-foundation/pact-broker-docker GitHub Actions: test GitHub Actions: test ✅ 1 other check has passed 1/3 successful checks

Hi, For example I have App1 and App2. My App1 is the consumer and App2 is the provider. Now we are also having contracts the other way around where the App2 is the consumer and App1 is the provider. Keeping the same names, will it cause issues to the pact-broker? Thank you

Hi there, we very occasionally (like 5% of the time or less) get this error during our

pactPublish

step in CI (which uses the pact broker CLI) and im unsure what is causing it or how to solve, hoping someone could give me some ideas / lead me in the right direction please… please see thread for the error output

#591 [UI] Create a page to get the list of interactions in which a pacticipant is involved Issue created by gaeljw Pre issue-raising checklist I have already (please mark the applicable with an

x

): ☐ Upgraded to the latest Pact Broker OR ☐ Checked the CHANGELOG to see if the issue I am about to raise has been fixed ☐ Created an executable example that demonstrates the issue using either a: • Dockerfile • Git repository with a Travis or Appveyor (or similar) build Software versions N/A Expected behaviour It would be really nice if there was a page in the Pact Broker to display all the interactions in which a pacticipant is involved. AFAIK, you can only view interactions for a given consumer+provider couple. I'd like to view all the consumers of a provider for instance. Actual behaviour N/A Steps to reproduce N/A Relevant log files N/A pact-foundation/pact_broker

Hello, Would someone with admin credentials to the

pact-foundation

be able to help me with regards to dependabots? I'm currently the maintainer for https://github.com/pact-foundation/pact-broker-chart and as an advocate of securing software supply chains, I wanted to do a couple of things over the next week or so around achieving this in mainly 2 areas. 1. Enable dependabot version and security updates https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates - I can't enable it on the helm chart project itself, so this is why I might need someone with organisation priviledges to look into it - unless of course this would cause problems elsewhere 2. I want to push the OCI Helm Artifacts to the container registry that would come with github. So if folks wanted to install the Pact Broker onto Kubernetes using the Helm Chart, they can do so by using the new OCI format that is offered by

ghcr

(I can also sign these OCI artifacts using

cosign

which will give people the peace of mind that it's coming from the right place). Both of the above queries I believe needs running by an admin to do, so thought I'd float it in this channel to get some traction.

#203 Allow pact broker data to be cleaned up to increase performance Issue created by bethesque pact-foundation/pact_broker

#528 Disable ALLOW_DANGEROUS_CONTRACT_MODIFICATION by default. Issue created by bethesque pact-foundation/pact_broker

#487 Verifications query extremely inefficient Issue created by mkielar Pre issue-raising checklist I have already (please mark the applicable with an

x

): ☑︎ Upgraded to the latest Pact Broker OR ☑︎ Checked the CHANGELOG to see if the issue I am about to raise has been fixed ☐ Created an executable example that demonstrates the issue using either a: • Dockerfile • Git repository with a Travis or Appveyor (or similar) build Software versions • pact-broker gem version: ??? • pact-broker docker version:

2.81.0.1

• OS: We're using the docker version on ECS Fargate platform 1.4 with RDS Aurora Postgres running

r5.large

• pact broker client details:

pact-python 1.4.0

Expected behaviour SQL queries to be written in a more optimized way. See below. Actual behaviour We have an RDS Aurora Postgres cluster running a single

r5.large

instance of Postgres 12.4. We also have several microservices that are bound with API contracts which we use PACT for to verify. The verification process is scheduled - each PACT Provider has a scheduled Gitlab Pipeline that runs every 15 minutes and verifies the contracts. We have recently started to observe queries on

verifications

table start to take very long (over 15s per query) - so long, that our Nginx / ALBs / Clients are starting to timeout and our application deployment pipelines started failing. Inspecting PACT Broker database showed the follownig: • There are ~20 entries in

pact_versions

table • There are ~96000 entries in

verifications

table, and that table size is currently ~72MB in size The long query in question is:

SELECT "verifications".* 
  FROM "verifications" 
  LEFT JOIN (SELECT "verifications"."id", 
                    "verifications"."pact_version_id" 
               FROM "verifications" 
              WHERE ("verifications"."pact_version_id" = 7)) AS "v2" 
         ON (("verifications"."pact_version_id" = "v2"."pact_version_id") 
        AND  ("v2"."id" > "verifications"."id")) 
 WHERE (("verifications"."pact_version_id" = 7) 
   AND ("v2"."id" IS NULL))

and - as mentioned already - takes over 15s to complete. While I'm not sure in which context this query is being used, I can see it tries to select the

latest

verification for given

pact_version_id

. If I understand this correctly, this query does the following: 1. For each row in

verifications

table, that matches

pact_version_id=7

.... 2. ...check if there are any other

verifications

rows that match

pact_version_id=7

, but with a newer

id

... 3. ...and if so, skip this row. This produces a "Hash Anti Join" rule in execution plan, which is extremely costly. Then, if I undersand the intention correctly - it merely selects the latest verification for given

pact_version_id

. Thus, this query, could be rewritten into this:

SELECT "verifications".*
  FROM "verifications" 
 WHERE "verifications"."id" = (SELECT MAX(id) FROM "verifications" v2 WHERE "v2"."pact_version_id" = 7)

This new query returns the same results on our database, and is several orders of magnitude faster (on given 96k-of-records, it executed in ~500ms instead of over 15s). Steps to reproduce See actual behaviour. Relevant log files N/A Summary We're going to enable maintenance jobs as mentioned in https://docs.pact.io/pact_broker/administration/maintenance/ and https://docs.pact.io/pact_broker/docker_images/pactfoundation/#automatic-data-clean-up, and hope this will clean up unnecessary duplicates in

verifications

table, eventually decreasing execution times of this query. However, please consider optimizing it for better performance. pact-foundation/pact_broker

#158 Add stage and branch attributes to version resource Issue created by bethesque A pacticipant version can only have one branch, but can belong to many stages. Resources:

PUT /pacticipant/PACTICIPANT/version/VERSION/branch/BRANCH
PUT /pacticipant/PACTICIPANT/version/VERSION/stages/STAGE
GET /pacts/provider/PROVIDER/consumer/CONSUMER/latest/branch/BRANCH
GET /pacts/provider/PROVIDER/consumer/CONSUMER/latest/stage/STAGE

The list of valid stages should be restricted and configurable, but the branches can be free text. pact-foundation/pact_broker

#592 When no rows are found for a provider selector, the matrix should not return any rows Issue created by bethesque Because of the left outer join, if a selector does not match on the consumer side, no rows are returned, but if there is no match on the provider side, rows are still returned. They shouldn't be. pact-foundation/pact_broker

#593 chore: /s/Pactflow/PactFlow Pull request opened by YOU54F pact-foundation/pact_broker ✅ All checks have passed 17/17 successful checks

#97 chore: /s/Pactflow/PactFlow Pull request opened by YOU54F pact-foundation/pact-broker-docker ✅ All checks have passed 3/3 successful checks

#594 chore: Make developer doc more readable and add details Pull request opened by Inksprout This PR is a small update to the developer docs, making them more readable and adding some additional notes to the add new resource section pact-foundation/pact_broker ✅ All checks have passed 9/9 successful checks

Hi, First time interacting here, so please forgive me if I'm in the wrong place and please point me to any documentation my question indicates I might have missed. Since I'm really interested in issues #88, #92, #93 of the pact-broker-docker repo I've done the upgrades locally in any places of the repo where I could find the version numbers. I've also run the build and test commands described in this page. And I've tried to poke around a bit in the GUI after starting the Pact-Broker up. To me, it seems to work just fine, but since I'm totally new to the product that might not mean a whole lot. The reason I want these issues fixed (and ideally also #94, which I still haven't had a look at) is that I need the security issues out of the way to be able to bring the Pact-Broker into my organisation for further testing and evaluation. Now for my questions: • Is there any other documentation to follow on how to contribute to the pact-broker-docker repo that I might have missed? • Are there any other test suites that should/could be run against an upgraded docker image? • Would it be helpful to you if I packaged my changes up into three pull-requests, one for each issue? • The issues got comments about a Jira-ticket being created. However, I haven't been able to find any link or hint to where that Jira-instance might be located, hence not been able to read up on any ongoing discussions or work on the issues. Any hints on this would be appreciated. Best Regards Jörgen

#595 Use Sequel pg gem Issue created by bethesque pact-foundation/pact_broker

#98 Issue #92: Upgrade base image to ruby:2.7.6-alpine3.16 … Pull request opened by jorander …to fix security issues described in issue #92. pact-foundation/pact-broker-docker GitHub Actions: test ✅ 1 other check has passed 1/2 successful checks

#99 Issue #88: Upgrade Supercronic to version 0.2.1 to fix security issues. Pull request opened by jorander Fix security issues described in issue #88. pact-foundation/pact-broker-docker GitHub Actions: test ✅ 1 other check has passed 1/2 successful checks

#100 Issue #93: Upgrade Bundler to version 2.2.33 to fix security issues. Pull request opened by jorander Fix security issues described in issue #93. pact-foundation/pact-broker-docker GitHub Actions: test ✅ 1 other check has passed 1/2 successful checks

Hi.. Is it possible to host pact broker centrally without using pactflow ? If yes can someone please help me with the steps .

#596 PactBroker::App -- attack prevented by Rack::Protection::IPSpoofing Issue created by yhimg Pre issue-raising checklist I have already (please mark the applicable with an

x

): • [ x ] Upgraded to the latest Pact Broker OR • [ x] Checked the CHANGELOG to see if the issue I am about to raise has been fixed • [ x] Created an executable example that demonstrates the issue using either a: • Dockerfile • Git repository with a Travis or Appveyor (or similar) build Software versions • pact-broker docker version: pact-broker-2.105.0.1 Expected behaviour Able to access the Pact Broker successfully Actual behaviour Getting Forbidden while accessing Pact Broker with specified warning Steps to reproduce I have used the local docker image of pact-broker and configured it at port 80 and everything is working fine. But now When I deployed the same image on org hosted staging environment I am getting an IPSpoofing warning and every pact-broker URL is throwing Forbidden even with GET requests. Even heartbeat URL is sending Forbidden. ERROR: W [18:puma srv tp 001] PactBroker::App -- attack prevented by Rack:Protection:IPSpoofing nginx config: PACT_BROKER_BASE_URL: https://org-env-stage-url/cdc-pactbroker/ PACT_BROKER_PORT: 80 PACT_BROKER_PUBLIC_HEARTBEAT : true targetPort: 80 port: 80 In logs I can see that Pact broker is successfully deployed and connected to DB. But due to this error I am getting Forbidden for all URLs Relevant log files PactBroker::App -- Configuring Rack::Protection -- {:logger=>#<SemanticLogger:Logger0x00007faf1530a220 @filter=nil, @name="PactBroker::App", @level_index=nil, @Level=nil>, except=&gt;[path_traversal, :remote_token, :session_hijacking, :http_origin]} PactBroker::App -- Mounting HAL browser PactBroker::App -- Mounting UI PactBroker::App -- Configuring Rack::Protection -- {:logger=>#<SemanticLogger:Logger0x00007faf1530a220 @filter=nil, @name="PactBroker::App", @level_index=nil, @Level=nil>, except=&gt;[path_traversal, :remote_token, :session_hijacking, :http_origin]} PactBroker::App -- Mounting HAL browser PactBroker::App -- Mounting UI PactBroker::App -- Configuring Rack::Protection -- {:logger=>#<SemanticLogger:Logger0x00007faf1530a220 @filter=nil, @name="PactBroker::App", @level_index=nil, @Level=nil>, except=&gt;[path_traversal, :remote_token, :session_hijacking, :http_origin]} PactBroker::App -- Mounting HAL browser PactBroker::App -- Mounting UI PactBroker::App -- Mounting PactBroker::API PactBroker::App -- Mounting PactBroker::API PactBroker::App -- Mounting PactBroker::API PactBroker::App -- Configuring Rack::Protection -- {:logger=>#<SemanticLogger:Logger0x00007faf1530a220 @filter=nil, @name="PactBroker::App", @level_index=nil, @Level=nil>, except=&gt;[path_traversal, :remote_token, :session_hijacking, :http_origin]} PactBroker::App -- Mounting HAL browser PactBroker::App -- Mounting UI PactBroker::App -- Mounting PactBroker::API PactBroker::App -- attack prevented by Rack:Protection:IPSpoofing PactBroker::App -- attack prevented by Rack:Protection:IPSpoofing PactBroker::App -- attack prevented by Rack:Protection:IPSpoofing PactBroker::App -- attack prevented by Rack:Protection:IPSpoofing PactBroker::App -- attack prevented by Rack:Protection:IPSpoofing Please ensure you set logging to

DEBUG

and attach any relevant log files here (or link from a gist). pact-foundation/pact_broker