Handle arkose outage on sign-up
What does this MR do and why?
- Resolves sub-task 2 of https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/384. This MR only handles arkose outage on sign-up. Follows up from !126933 (merged).
- Arkose is a third-party service we use to display a captcha when a user signs up.
- Previously, if Arkose would fail to load, we would display the error message to the user and prevent sign-up. This was a degraded user-experience since we don't want users to be prevented from signing-up if there is an Arkose outage.
- In this MR:
- If there is an error loading Arkose on the front-end, we will log the error, then check if Arkose's status API shows an outage. If Arkose's status API confirms that there is an outage -> only then we will let the user sign-up. If not, we will display an error message.
- Reference: Arkose's troubleshooting docs
Screenshots or screen recordings
Context | Before | After |
---|---|---|
When there is no outage | ||
When there is an arkose outage |
How to set up and validate locally
Setting-up Arkose
- In rails console, enable the feature flag and configure Arkose (credentials can be found in 1Password)
> Feature.enable(:arkose_labs_signup_challenge)
> ApplicationSetting.first.update(arkose_labs_public_api_key: "X", arkose_labs_private_api_key: "X", require_admin_approval_after_user_signup: false)
Simulate Arkose Error
Since there is no easy way of doing this, we will need to simulate an arkose outage on both the front-end & back-end.
- Go to the
/users/sign_up
page and open your Network tab. - Block the
https://client-api.arkoselabs.com
domain so the arkose JS script doesn't load on the client-side.
- Now, try signing-up. You should see an error message saying
Unable to verify user.
- Simulate an arkose outage by applying the following patch:
diff --git a/ee/app/services/arkose/status_service.rb b/ee/app/services/arkose/status_service.rb
index 33f6e0fdaec6..0d5af086c2f3 100644
--- a/ee/app/services/arkose/status_service.rb
+++ b/ee/app/services/arkose/status_service.rb
@@ -7,7 +7,8 @@ class StatusService
def self.execute
response = Gitlab::HTTP.perform_request(Net::HTTP::Get, ARKOSE_STATUS_URL, {}).parsed_response
- indicator = response.dig('status', 'indicator')
+ # indicator = response.dig('status', 'indicator')
+ indicator = 'critical'
return ServiceResponse.success if indicator == ARKOSE_SUCCESS_INDICATOR
- Now try to sign-up again. Since, arkose's API says that the service is down, it will let you sign-up and won't show you an error message.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Hinam Mehra