Skip to content

Core - Event Triggers: Cannot associate trigger with Custom Attribute condition to "Certificate uploaded" event — backend rejects with 422 "invalid field source" #1705

Description

@rud3ka

Description

In Settings → Events → Configure Event Triggers, when the operator tries to associate a trigger with the Certificate uploaded event, the backend rejects the association with HTTP 422 if the trigger's rule contains a condition on a Custom Attribute field source:

[
  "Trigger <trigger_name> cannot be associated with event 'Certificate uploaded' as it contains rule with invalid field source, which is not allowed for this event."
]

This restriction is inconsistent with how Certificate uploads actually work. Custom attributes are part of the certificate upload payload — the operator can set them at the moment of upload. Filtering by these values is a valid and expected use case (e.g. auto-reject uploads whose custom attribute Criticality = Low, or apply categorization based on custom attribute values — which is directly in line with the intent of Epic #115 "Categorization of uploaded certificates").

Blocking Custom Attribute conditions for this event undermines the entire "categorize / reject based on the uploaded cert's properties" scenario that the platform advertises.

Steps to Reproduce

  1. Create a Condition with Resource = Certificate, Filter Field Source = Custom Attribute, any field / operator / value
  2. Wrap it in a Rule and attach the rule to a Trigger (e.g. an ignore trigger or a regular trigger with an action)
  3. Navigate to Settings → Events → Certificate uploaded → Configure Event Triggers
  4. In the trigger dropdown select the trigger from step 2
  5. Click Add / Save

Expected Behavior

  • Backend accepts the association
  • The trigger fires on Certificate uploaded events and evaluates the Custom Attribute condition against the uploaded certificate's custom attributes (which were sent as part of the upload payload)
  • Categorization / rejection based on Custom Attribute values works end-to-end

Actual Behavior

  • Backend returns HTTP 422:
    ["Trigger <trigger_name> cannot be associated with event 'Certificate uploaded' as it contains rule with invalid field source, which is not allowed for this event."]
    
  • Association is refused
  • Operator cannot express a valid business rule based on custom attributes provided at upload time

Severity

Major

Module

Core

Attachments

Image Image Image

Logs

No response

Environment

ILM Core: 2.18.1-SNAPSHOT (2 Jul 2026, 09:00)
Commit: 633d1f0
Branch: main
Build time: 2026-07-02T07:00:20Z
ILM Frontend: 2.18.0 (1 Jul 2026, 18:28)
PostgreSQL: 15.6 (Debian 15.6-0+deb12u1)
Client:

  • macOS Tahoe 26.5.1
  • Chrome 149.0.7827.103 (arm64)

Metadata

Metadata

Assignees

Labels

bugBug fix

Type

Fields

No fields configured for Bug.

Projects

Status
Analysis

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions