From 50591efc75e465c1b626c1bb2d4d65447ee9a726 Mon Sep 17 00:00:00 2001
From: Reuben Pereira <rpereira@gitlab.com>
Date: Mon, 4 Mar 2019 18:36:43 +0000
Subject: Check validity of prometheus_service before query

Check validity before querying so that if the dns entry for the api_url
has been changed to something invalid after the model was saved and
checked for validity, it will not query. This is to solve a toctou
(time of check to time of use) issue.
---
 app/models/project_services/prometheus_service.rb | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'app/models/project_services')

diff --git a/app/models/project_services/prometheus_service.rb b/app/models/project_services/prometheus_service.rb
index 60cb2d380d5..c68a9d923c8 100644
--- a/app/models/project_services/prometheus_service.rb
+++ b/app/models/project_services/prometheus_service.rb
@@ -71,7 +71,7 @@ class PrometheusService < MonitoringService
   end
 
   def prometheus_client
-    RestClient::Resource.new(api_url, max_redirects: 0) if api_url && manual_configuration? && active?
+    RestClient::Resource.new(api_url, max_redirects: 0) if should_return_client?
   end
 
   def prometheus_available?
@@ -83,6 +83,10 @@ class PrometheusService < MonitoringService
 
   private
 
+  def should_return_client?
+    api_url && manual_configuration? && active? && valid?
+  end
+
   def synchronize_service_state
     self.active = prometheus_available? || manual_configuration?
 
-- 
cgit v1.2.3