Skip to content

Handle arkose outage on sign-up

What does this MR do and why?

  • Resolves sub-task 2 of https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/384. This MR only handles arkose outage on sign-up. Follows up from !126933 (merged).
  • Arkose is a third-party service we use to display a captcha when a user signs up.
  • Previously, if Arkose would fail to load, we would display the error message to the user and prevent sign-up. This was a degraded user-experience since we don't want users to be prevented from signing-up if there is an Arkose outage.
  • In this MR:
    • If there is an error loading Arkose on the front-end, we will log the error, then check if Arkose's status API shows an outage. If Arkose's status API confirms that there is an outage -> only then we will let the user sign-up. If not, we will display an error message.
    • Reference: Arkose's troubleshooting docs

Screenshots or screen recordings

Context Before After
When there is no outage before after
When there is an arkose outage before after

How to set up and validate locally

Setting-up Arkose

  1. In rails console, enable the feature flag and configure Arkose (credentials can be found in 1Password)
> Feature.enable(:arkose_labs_signup_challenge)
> ApplicationSetting.first.update(arkose_labs_public_api_key: "X", arkose_labs_private_api_key: "X", require_admin_approval_after_user_signup: false)

Simulate Arkose Error

Since there is no easy way of doing this, we will need to simulate an arkose outage on both the front-end & back-end.

  1. Go to the /users/sign_up page and open your Network tab.
  2. Block the https://client-api.arkoselabs.com domain so the arkose JS script doesn't load on the client-side.
📷

Screenshot_2023-10-10_at_3.08.35_pm

  1. Now, try signing-up. You should see an error message saying Unable to verify user.
  2. Simulate an arkose outage by applying the following patch:
diff --git a/ee/app/services/arkose/status_service.rb b/ee/app/services/arkose/status_service.rb
index 33f6e0fdaec6..0d5af086c2f3 100644
--- a/ee/app/services/arkose/status_service.rb
+++ b/ee/app/services/arkose/status_service.rb
@@ -7,7 +7,8 @@ class StatusService
 
     def self.execute
       response = Gitlab::HTTP.perform_request(Net::HTTP::Get, ARKOSE_STATUS_URL, {}).parsed_response
-      indicator = response.dig('status', 'indicator')
+      # indicator = response.dig('status', 'indicator')
+      indicator = 'critical'
 
       return ServiceResponse.success if indicator == ARKOSE_SUCCESS_INDICATOR
  1. Now try to sign-up again. Since, arkose's API says that the service is down, it will let you sign-up and won't show you an error message.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Hinam Mehra

Merge request reports

Loading