Simplify SystemHookUrlValidator to inherit from PublicUrlValidator
Refactor specs to move out shared examples to be used in both
system hooks and public url validators.
This MR adds new application setting to network section
`allow_local_requests_from_system_hooks`. Prior to this change
system hooks were allowed to do local network requests by default
and we are adding an ability for admins to control it.
Gitlab::HTTP now resolves the hostname only once, verifies the IP is not
blocked, and then uses the same IP to perform the actual request, while
passing the original hostname in the `Host` header and SSL SNI field.
Ruby 2.6 changed Net::ReadTimeout#message to include the reason for the
socket error (https://bugs.ruby-lang.org/issues/14832). However,
WebHookService was failing in Ruby 2.6 because it expected
Exception#message to match Exception#to_s, which isn't always the
case. Fix this by just checking Exception#to_s.
If a web hook HTTP request is sent but no response comes
within a certain time (10s by default), the hook execution fails
and will be retried. This commit makes such timeouts visible
in the web hook log, like connection timeouts already are.
Also log "no route to host" errors.
* implemented logging of project and system web hooks
* implemented UI for user area (project hooks)
* implemented UI for admin area (system hooks)
* implemented retry of logged webhook
* NOT imeplemented log remover