fix(http-hooks): apply url encoding for ERROR_* env vars

[zumm]

Resolves #534

ERROR, ERROR_COMMANDLINE and ERROR_STDERR are encoded (url.QueryEscape).
ERROR_EXIT_CODE and PROFILE_COMMAND don't need to be encoded.

I'm not sure about PROFILE_NAME tho.

[coderabbitai]

"""

Walkthrough

The changes introduce URL encoding for error-related environment variables when used in HTTP hook URLs, ensuring proper query escaping for fields such as error messages, command lines, and stderr output. Documentation is updated to clarify this behaviour, and new tests are added to verify correct URL encoding in hook requests.

Changes

Cohort / File(s)	Change Summary
Documentation update docs/content/configuration/http_hooks.md	Clarified that ERROR, ERROR_COMMANDLINE, and ERROR_STDERR variables are URL encoded for send-after-fail hooks.
URL encoding logic and refactor monitor/hook/sender.go	Introduced resolveURL for URL-specific expansion with URL encoding of error fields. Refactored resolve to resolveBody for body content.
Unit test for URL encoding monitor/hook/sender_test.go	Added TestURLEncoding to verify correct URL encoding and substitution of error context fields in HTTP hook URLs.

Sequence Diagram(s)

sequenceDiagram
    participant Caller
    participant Sender
    participant HTTPServer

    Caller->>Sender: Send(ctx)
    Sender->>Sender: resolveURL(cfg.URL, ctx)
    Sender->>Sender: resolveBody(cfg.Body, ctx)
    Sender->>HTTPServer: HTTP request with URL-encoded error fields
    HTTPServer-->>Sender: Response
    Sender-->>Caller: Result

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Assessment against linked issues

Objective	Addressed	Explanation
Apply URL encoding for error-related variables in send-* hooks (#534)	✅
Ensure error message, command line, and stderr are URL encoded in HTTP hook URLs (#534)	✅
Update documentation to clarify URL encoding of error variables for hooks (#534)	✅
Add tests to verify correct URL encoding in hook requests (#534)	✅

Assessment against linked issues: Out-of-scope changes

No out-of-scope changes detected.
"""

Note

⚡️ Unit Test Generation is now available in beta!

Learn more here, or try it out under "Finishing Touches" below.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e38fab1 and 61c6cc6.

📒 Files selected for processing (1)

• monitor/hook/sender_test.go (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• monitor/hook/sender_test.go

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

monitor/hook/sender_test.go (1)

277-277: Address the TODO comment.

The TODO suggests checking if environment variables have changed. Consider implementing this check or creating a separate issue to track it.

Would you like me to help implement the environment variable change detection or create an issue to track this improvement?

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between adf90cb and 7e23b7a.

📒 Files selected for processing (3)

• docs/content/configuration/http_hooks.md (1 hunks)
• monitor/hook/sender.go (5 hunks)
• monitor/hook/sender_test.go (2 hunks)

🧰 Additional context used

🧠 Learnings (1)

monitor/hook/sender_test.go (1)

Learnt from: creativeprojects
PR: #425
File: schedule/handler_windows.go:97-118
Timestamp: 2025-02-04T14:38:07.701Z
Learning: The shell.SplitArguments function in the resticprofile project returns only []string and does not return any error.

🧬 Code Graph Analysis (2)

monitor/hook/sender.go (2)

monitor/hook/context.go (1)

• Context (5-11)

constants/env.go (6)

• EnvProfileName (4-4)
• EnvProfileCommand (5-5)
• EnvError (6-6)
• EnvErrorCommandLine (8-8)
• EnvErrorExitCode (9-9)
• EnvErrorStderr (10-10)

monitor/hook/sender_test.go (5)

monitor/hook/context.go (2)

• Context (5-11)
• ErrorContext (13-18)

context.go (1)

• Request (11-17)

constants/env.go (4)

• EnvError (6-6)
• EnvErrorCommandLine (8-8)
• EnvErrorExitCode (9-9)
• EnvErrorStderr (10-10)

config/send.go (1)

• SendMonitoringSection (31-38)

config/confidential.go (1)

• NewConfidentialValue (81-83)

🔇 Additional comments (8)

docs/content/configuration/http_hooks.md (1)

298-301: Documentation accurately reflects URL encoding implementation.

The updates correctly specify which environment variables are URL encoded. The distinction between text fields (ERROR, ERROR_COMMANDLINE, ERROR_STDERR) being encoded and numeric fields (ERROR_EXIT_CODE) remaining unencoded is appropriate and matches the implementation.

monitor/hook/sender_test.go (2)

21-21: Import addition looks good.

The constants package import is necessary for accessing environment variable names used in the test.

---

278-319: Excellent test coverage for URL encoding.

The test effectively verifies the URL encoding behaviour:

• Uses realistic error data with special characters and multiline content
• Properly constructs URLs with environment variable placeholders
• Verifies server receives correctly decoded values (not encoded values)
• Tests the complete flow through the Send method

The test data includes various edge cases like shell operators (<, ||, &) and multiline strings with special characters, which thoroughly exercises the URL encoding logic.

monitor/hook/sender.go (5)

12-12: Appropriate import alias for URL package.

Using urlpkg alias avoids naming conflicts with the url variable used in the code.

---

78-79: Correct usage of resolveURL for URL fields.

Both the private URL value and public URL string are properly resolved using the new URL-specific function that applies appropriate encoding.

---

97-97: Correct usage of resolveBody for body content.

Body content uses the renamed resolveBody function which doesn't apply URL encoding, appropriate for request body data.

---

206-234: Well-implemented resolveBody function.

The function correctly handles all environment variables without URL encoding, which is appropriate for body content. The simplification from the original resolve function (removing intermediate variable) improves readability.

---

236-264: Excellent implementation of URL-specific resolution.

The resolveURL function correctly applies URL encoding to error-related fields that may contain special characters:

• ERROR, ERROR_COMMANDLINE, and ERROR_STDERR are URL encoded
• ERROR_EXIT_CODE remains unencoded (appropriate for numeric values)
• PROFILE_NAME and PROFILE_COMMAND remain unencoded (aligns with documentation and PR objectives)

This addresses the core issue where error messages with special characters cause invalid URLs when used as query parameters.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 79.36%. Comparing base (f265fa2) to head (ae570fd).
⚠️ Report is 2 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #538      +/-   ##
==========================================
+ Coverage   79.33%   79.36%   +0.03%     
==========================================
  Files         136      136              
  Lines       13305    13323      +18     
==========================================
+ Hits        10555    10573      +18     
  Misses       2332     2332              
  Partials      418      418              

Flag	Coverage Δ
unittests	79.36% <100.00%> (+0.03%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[zumm]

Actually i messed up docs a bit. It needs clarification about url encoding applying only if env vars used in url.

[zumm]

Should i care about SonarCloud Trigger check? It looks like this check misconfigured:

Warning: Running this GitHub Action without SONAR_TOKEN is not recommended
...
08:59:28.641 ERROR Failed to query JRE metadata: GET https://api.sonarcloud.io/analysis/jres?os=linux&arch=x86_64 failed with HTTP 401. Please check the property sonar.token or the environment variable SONAR_TOKEN.

[creativeprojects]

It's fine, don't worry about it.

The issue here is that secret variables in the pipeline configuration are not available to a pull request pipeline (other than created by the owner or maintainer of the repository).
It's a Github security thing 👍🏻

[creativeprojects]

That should fix it 🤞🏻 #542

[zumm]

Seems like it fixed! Anything else i can do here?

[creativeprojects]

Looks good to me! thanks for this PR 👍🏻