fix(jira): prevent hostname corruption in Cloud API URL replacement#4892
Merged
SuperQ merged 1 commit intoprometheus:mainfrom Jan 28, 2026
Merged
Conversation
The previous implementation used strings.Replace to change '/2' to '/3' in the API URL path, but this incorrectly matched and replaced the '2' in hostnames containing that character (e.g., 'example2.atlassian.net'), resulting in malformed URLs like 'https://example3.atlassian.net/...'. This fix makes the replacement more specific by targeting the full '/rest/api/2/' path instead of just '/2', ensuring only the API version in the path is modified, not characters in the hostname. Signed-off-by: alex-deploys <alex-deploys@users.noreply.github.com>
Contributor
Author
|
Pinging @SoloJacobs @holger-waschke @tjhop because they were active on this file. Can you please check this? |
Contributor
|
seems like a reasonable fix to me |
Contributor
Author
|
@holger-waschke thank you I’m also linking this issue that I had when receiving the 404 errors and didn’t know why it was |
Contributor
|
I think this warrants some tests. |
SoloJacobs
reviewed
Jan 18, 2026
Contributor
SoloJacobs
left a comment
SoloJacobs
left a comment
There was a problem hiding this comment.
Hi @alex-deploys ,
this was already mentioned, but could you add a test for your fix. Thank you !
Moreover, I'm wondering whether the string replace method was the correct approach in the first place. Did you consider whether the code here could simplified?
Kind regards
ultrotter
approved these changes
Jan 28, 2026
Member
|
Still seems fragile that it doesn't act only on the non-hostname part. But it's an improvement. |
Merged
SuperQ
added a commit
that referenced
this pull request
Feb 2, 2026
* [ENHANCEMENT] docs(opsgenie): Fix description of `api_url` field. #4908 * [ENHANCEMENT] docs(slack): Document missing app configs. #4871 * [ENHANCEMENT] docs: Fix `max-silence-size-bytes`. #4805 * [ENHANCEMENT] docs: Update expr for `AlertmanagerClusterFailedToSendAlerts` to exclude value 0. #4872 * [ENHANCEMENT] docs: Use matchers for inhibit rules examples. #4131 * [ENHANCEMENT] docs: add notification integrations. #4901 * [ENHANCEMENT] docs: update `slack_config` attachments documentation links. #4802 * [ENHANCEMENT] docs: update description of filter query params in openapi doc. #4810 * [ENHANCEMENT] provider: Reduce lock contention. #4809 * [FEATURE] slack: Add support for top-level text field in slack notification. #4867 * [FEATURE] smtp: Add support for authsecret from file. #3087 * [FEATURE] smtp: Customize the ssl/tls port support (#4757). #4818 * [FEATURE] smtp: Enhance email notifier configuration validation. #4826 * [FEATURE] telegram: Add `chat_id_file` configuration parameter. #4909 * [FEATURE] telegram: Support global bot token. #4823 * [FEATURE] webhook: Support templating in url fields. #4798 * [FEATURE] wechat: Add config directive to pass api secret via file. #4734 * [FEATURE] provider: Implement per alert limits. #4819 * [BUGFIX] Allow empty `group_by` to override parent route. #4825 * [BUGFIX] Set `spellcheck=false` attribute on silence filter input. #4811 * [BUGFIX] jira: Fix for handling api v3 with ADF. #4756 * [BUGFIX] jira: Prevent hostname corruption in cloud api url replacement. #4892 --------- Signed-off-by: Solomon Jacobs <solomonjacobs@protonmail.com> Signed-off-by: Ben Kochie <superq@gmail.com> Co-authored-by: Ben Kochie <superq@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This PR fixes a bug in the Jira Cloud integration where hostnames containing the digit '2' were incorrectly modified during API version replacement, resulting in 404 errors when attempting to create or search for issues.
Problem
The current implementation uses
strings.Replace(url, "/2", "/3", 1)to upgrade the API version from v2 to v3. However, this replaces the first occurrence of/2in the entire URL string.When a Jira Cloud instance has a hostname containing the digit '2' (e.g.,
example2.atlassian.net), the replacement incorrectly modifies the hostname toexample3.atlassian.net, causing 404 errors.Example:
https://example2.atlassian.net/rest/api/2/search/jqlhttps://example3.atlassian.net/rest/api/2/search/jql❌https://example2.atlassian.net/rest/api/3/search/jql✅Solution
Changed the replacement pattern from
/2to the more specific/rest/api/2/, ensuring only the API version in the path is modified and not characters in the hostname.Testing
acme2corp.atlassian.netRelated
This addresses the Jira Cloud endpoint migration mentioned in the code comments, where
/rest/api/2/searchwas deprecated in favor of/rest/api/3/search/jql(see https://developer.atlassian.com/changelog/#CHANGE-2046).