celerbrake-ruby 0.1.0

data/lib/celerbrake-ruby/filters/git_last_checkout_filter.rb

@@ -0,0 +1,92 @@
+require 'date'
+
+module Celerbrake
+  module Filters
+    # Attaches git checkout info to `context`. The info includes:
+    #   * username
+    #   * email
+    #   * revision
+    #   * time
+    #
+    # This information is used to track deploys automatically.
+    #
+    # @api private
+    # @since v2.12.0
+    class GitLastCheckoutFilter
+      # @return [Integer]
+      attr_reader :weight
+
+      # @return [Integer] least possible amount of columns in git's `logs/HEAD`
+      #   file (checkout information is omitted)
+      MIN_HEAD_COLS = 6
+
+      include Loggable
+
+      # @param [String] root_directory
+      def initialize(root_directory)
+        @git_path = File.join(root_directory, '.git')
+        @weight = 116
+        @last_checkout = nil
+        @deploy_username = ENV.fetch('CELERBRAKE_DEPLOY_USERNAME', nil)
+      end
+
+      # @macro call_filter
+      def call(notice)
+        return if notice[:context].key?(:lastCheckout)
+
+        if @last_checkout
+          notice[:context][:lastCheckout] = @last_checkout
+          return
+        end
+
+        return unless File.exist?(@git_path)
+        return unless (checkout = last_checkout)
+
+        notice[:context][:lastCheckout] = checkout
+      end
+
+      private
+
+      def last_checkout
+        return unless (line = last_checkout_line)
+
+        parts = line.chomp.split("\t").first.split
+        if parts.size < MIN_HEAD_COLS
+          logger.error(
+            "#{LOG_LABEL} Celerbrake::#{self.class.name}: can't parse line: #{line}",
+          )
+          return
+        end
+
+        author = parts[2..-4]
+        @last_checkout = {
+          username: @deploy_username || author[0..1].join(' '),
+          email: parts[-3][1..-2],
+          revision: parts[1],
+          time: timestamp(parts[-2].to_i),
+        }
+      end
+
+      def last_checkout_line
+        head_path = File.join(@git_path, 'logs', 'HEAD')
+        return unless File.exist?(head_path)
+
+        last_line = nil
+        File.foreach(head_path) do |line|
+          last_line = line if checkout_line?(line)
+        end
+        last_line
+      end
+
+      def checkout_line?(line)
+        line.include?("\tclone:") ||
+          line.include?("\tpull:") ||
+          line.include?("\tcheckout:")
+      end
+
+      def timestamp(utime)
+        Time.at(utime).to_datetime.rfc3339
+      end
+    end
+  end
+end

data/lib/celerbrake-ruby/filters/git_repository_filter.rb

@@ -0,0 +1,73 @@
+module Celerbrake
+  module Filters
+    # Attaches git repository URL to `context`.
+    # @api private
+    # @since v2.12.0
+    class GitRepositoryFilter
+      # @return [Integer]
+      attr_reader :weight
+
+      # @param [String] root_directory
+      def initialize(root_directory)
+        @git_path = File.join(root_directory, '.git')
+        @repository = nil
+        @git_version = detect_git_version
+        @weight = 116
+      end
+
+      # @macro call_filter
+      def call(notice)
+        return if notice[:context].key?(:repository)
+
+        attach_repository(notice)
+      end
+
+      def attach_repository(notice)
+        if @repository
+          notice[:context][:repository] = @repository
+          return
+        end
+
+        return unless File.exist?(@git_path)
+        return unless @git_version
+
+        @repository =
+          if @git_version >= Gem::Version.new('2.7.0')
+            `cd #{@git_path} && git config --get remote.origin.url`.chomp
+          else
+            "`git remote get-url` is unsupported in git #{@git_version}. " \
+              'Consider an upgrade to 2.7+'
+          end
+
+        return unless @repository
+
+        notice[:context][:repository] = @repository
+      end
+
+      private
+
+      def detect_git_version
+        return unless which('git')
+
+        begin
+          Gem::Version.new(`git --version`.split[2])
+        rescue Errno::EAGAIN
+          # Bugfix for the case when the system cannot allocate memory for
+          # a fork() call: https://github.com/celerbrake/celerbrake-ruby/issues/680
+          nil
+        end
+      end
+
+      # Cross-platform way to tell if an executable is accessible.
+      def which(cmd)
+        exts = ENV['PATHEXT'] ? ENV['PATHEXT'].split(';') : ['']
+        ENV['PATH'].split(File::PATH_SEPARATOR).find do |path|
+          exts.find do |ext|
+            exe = File.join(path, "#{cmd}#{ext}")
+            File.executable?(exe) && !File.directory?(exe)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/celerbrake-ruby/filters/git_revision_filter.rb

@@ -0,0 +1,68 @@
+module Celerbrake
+  module Filters
+    # Attaches current git revision to `context`.
+    # @api private
+    # @since v2.11.0
+    class GitRevisionFilter
+      # @return [Integer]
+      attr_reader :weight
+
+      # @return [String]
+      PREFIX = 'ref: '.freeze
+
+      # @param [String] root_directory
+      def initialize(root_directory)
+        @git_path = File.join(root_directory, '.git')
+        @revision = nil
+        @weight = 116
+      end
+
+      # @macro call_filter
+      def call(notice)
+        return if notice[:context].key?(:revision)
+
+        if @revision
+          notice[:context][:revision] = @revision
+          return
+        end
+
+        return unless File.exist?(@git_path)
+
+        @revision = find_revision
+        return unless @revision
+
+        notice[:context][:revision] = @revision
+      end
+
+      private
+
+      def find_revision
+        head_path = File.join(@git_path, 'HEAD')
+        return unless File.exist?(head_path)
+
+        head = File.read(head_path)
+        return head unless head.start_with?(PREFIX)
+
+        head = head.chomp[PREFIX.size..-1]
+
+        ref_path = File.join(@git_path, head)
+        return File.read(ref_path).chomp if File.exist?(ref_path)
+
+        find_from_packed_refs(head)
+      end
+
+      def find_from_packed_refs(head)
+        packed_refs_path = File.join(@git_path, 'packed-refs')
+        return head unless File.exist?(packed_refs_path)
+
+        File.readlines(packed_refs_path).each do |line|
+          next if %w[# ^].include?(line[0])
+          next unless (parts = line.split).size == 2
+          return parts.first if parts.last == head
+        end
+
+        nil
+      end
+    end
+  end
+end

data/lib/celerbrake-ruby/filters/keys_allowlist.rb

@@ -0,0 +1,48 @@
+module Celerbrake
+  module Filters
+    # A default Celerbrake notice filter. Filters everything in the payload of a
+    # notice, but specified keys.
+    #
+    # @example
+    #   filter = Celerbrake::Filters::KeysAllowlist.new(
+    #     [:email, /credit/i, 'password']
+    #   )
+    #   celerbrake.add_filter(filter)
+    #   celerbrake.notify(StandardError.new('App crashed!'), {
+    #     user: 'John',
+    #     password: 's3kr3t',
+    #     email: 'john@example.com',
+    #     account_id: 42
+    #   })
+    #
+    #   # The dashboard will display this parameters as filtered, but other
+    #   # values won't be affected:
+    #   #   { user: 'John',
+    #   #     password: '[Filtered]',
+    #   #     email: 'john@example.com',
+    #   #     account_id: 42 }
+    #
+    # @see KeysBlocklist
+    # @see KeysFilter
+    class KeysAllowlist
+      include KeysFilter
+
+      def initialize(*)
+        super
+        @weight = -100
+      end
+
+      # @return [Boolean] true if the key doesn't match any pattern, false
+      #   otherwise.
+      def should_filter?(key)
+        @patterns.none? do |pattern|
+          if pattern.is_a?(Regexp)
+            key.match(pattern)
+          else
+            key.to_s == pattern.to_s
+          end
+        end
+      end
+    end
+  end
+end

data/lib/celerbrake-ruby/filters/keys_blocklist.rb

@@ -0,0 +1,49 @@
+module Celerbrake
+  module Filters
+    # A default Celerbrake notice filter. Filters only specific keys listed in the
+    # list of parameters in the payload of a notice.
+    #
+    # @example
+    #   filter = Celerbrake::Filters::KeysBlocklist.new(
+    #     [:email, /credit/i, 'password']
+    #   )
+    #   celerbrake.add_filter(filter)
+    #   celerbrake.notify(StandardError.new('App crashed!'), {
+    #     user: 'John'
+    #     password: 's3kr3t',
+    #     email: 'john@example.com',
+    #     credit_card: '5555555555554444'
+    #   })
+    #
+    #   # The dashboard will display this parameter as is, but all other
+    #   # values will be filtered:
+    #   #   { user: 'John',
+    #   #     password: '[Filtered]',
+    #   #     email: '[Filtered]',
+    #   #     credit_card: '[Filtered]' }
+    #
+    # @see KeysAllowlist
+    # @see KeysFilter
+    # @api private
+    class KeysBlocklist
+      include KeysFilter
+
+      def initialize(*)
+        super
+        @weight = -110
+      end
+
+      # @return [Boolean] true if the key matches at least one pattern, false
+      #   otherwise
+      def should_filter?(key)
+        @patterns.any? do |pattern|
+          if pattern.is_a?(Regexp)
+            key.match(pattern)
+          else
+            key.to_s == pattern.to_s
+          end
+        end
+      end
+    end
+  end
+end

data/lib/celerbrake-ruby/filters/keys_filter.rb

@@ -0,0 +1,159 @@
+module Celerbrake
+  # Namespace for all standard filters. Custom filters can also go under this
+  # namespace.
+  module Filters
+    # This is a filter helper that endows a class ability to filter notices'
+    # payload based on the return value of the +should_filter?+ method that a
+    # class that includes this module must implement.
+    #
+    # @see Notice
+    # @see KeysAllowlist
+    # @see KeysBlocklist
+    # @api private
+    module KeysFilter
+      # @return [String] The label to replace real values of filtered payload
+      FILTERED = '[Filtered]'.freeze
+
+      # @return [Array<String,Symbol,Regexp>] the array of classes instances of
+      #   which can compared with payload keys
+      VALID_PATTERN_CLASSES = [String, Symbol, Regexp].freeze
+
+      # @return [Array<Symbol>] parts of a Notice's payload that can be modified
+      #   by blocklist/allowlist filters
+      FILTERABLE_KEYS = %i[environment session params].freeze
+
+      # @return [Array<Symbol>] parts of a Notice's *context* payload that can
+      #   be modified by blocklist/allowlist filters
+      FILTERABLE_CONTEXT_KEYS = %i[
+        user
+
+        # Provided by Celerbrake::Rack::HttpHeadersFilter
+        headers
+        referer
+        httpMethod
+
+        # Provided by Celerbrake::Rack::ContextFilter
+        userAddr
+        userAgent
+      ].freeze
+
+      include Loggable
+
+      # @return [Integer]
+      attr_reader :weight
+
+      # Creates a new KeysBlocklist or KeysAllowlist filter that uses the given
+      # +patterns+ for filtering a notice's payload.
+      #
+      # @param [Array<String,Regexp,Symbol>] patterns
+      def initialize(patterns)
+        @patterns = patterns
+        @valid_patterns = false
+      end
+
+      # @!macro call_filter
+      #   This is a mandatory method required by any filter integrated with
+      #   FilterChain.
+      #
+      #   @param [Notice] notice the notice to be filtered
+      #   @return [void]
+      #   @see FilterChain
+      def call(notice)
+        unless @valid_patterns
+          eval_proc_patterns!
+          validate_patterns
+        end
+
+        FILTERABLE_KEYS.each do |key|
+          notice[key] = filter_hash(notice[key])
+        end
+
+        FILTERABLE_CONTEXT_KEYS.each { |key| filter_context_key(notice, key) }
+
+        return unless notice[:context][:url]
+
+        filter_url(notice)
+      end
+
+      # @raise [NotImplementedError] if called directly
+      def should_filter?(_key)
+        raise NotImplementedError, 'method must be implemented in the included class'
+      end
+
+      private
+
+      def filter_hash(hash) # rubocop:disable Metrics/AbcSize
+        return hash unless hash.is_a?(Hash)
+
+        hash_copy = hash.dup
+
+        hash.each_key do |key|
+          if should_filter?(key.to_s)
+            hash_copy[key] = FILTERED
+          elsif hash_copy[key].is_a?(Hash)
+            hash_copy[key] = filter_hash(hash_copy[key])
+          elsif hash[key].is_a?(Array)
+            hash_copy[key].each_with_index do |h, i|
+              hash_copy[key][i] = filter_hash(h)
+            end
+          end
+        end
+
+        hash_copy
+      end
+
+      def filter_url_params(url)
+        url.query = URI.decode_www_form(url.query).to_h.map do |key, val|
+          should_filter?(key) ? "#{key}=[Filtered]" : "#{key}=#{val}"
+        end.join('&')
+
+        url.to_s
+      end
+
+      def filter_url(notice)
+        begin
+          url = URI(notice[:context][:url])
+        rescue URI::InvalidURIError
+          return
+        end
+
+        return unless url.query
+
+        notice[:context][:url] = filter_url_params(url)
+      end
+
+      def eval_proc_patterns!
+        return unless @patterns.any? { |pattern| pattern.is_a?(Proc) }
+
+        @patterns = @patterns.flat_map do |pattern|
+          next(pattern) unless pattern.respond_to?(:call)
+
+          pattern.call
+        end
+      end
+
+      def validate_patterns
+        @valid_patterns = @patterns.all? do |pattern|
+          VALID_PATTERN_CLASSES.any? { |c| pattern.is_a?(c) }
+        end
+
+        return if @valid_patterns
+
+        logger.error(
+          "#{LOG_LABEL} one of the patterns in #{self.class} is invalid. " \
+          "Known patterns: #{@patterns}",
+        )
+      end
+
+      def filter_context_key(notice, key)
+        return unless notice[:context][key]
+        return if notice[:context][key] == FILTERED
+        unless should_filter?(key)
+          return notice[:context][key] = filter_hash(notice[:context][key])
+        end
+
+        notice[:context][key] = FILTERED
+      end
+    end
+  end
+end

data/lib/celerbrake-ruby/filters/root_directory_filter.rb

@@ -0,0 +1,29 @@
+module Celerbrake
+  module Filters
+    # Replaces root directory with a label.
+    # @api private
+    class RootDirectoryFilter
+      # @return [String]
+      PROJECT_ROOT_LABEL = '/PROJECT_ROOT'.freeze
+
+      # @return [Integer]
+      attr_reader :weight
+
+      def initialize(root_directory)
+        @root_directory = root_directory
+        @weight = 100
+      end
+
+      # @macro call_filter
+      def call(notice)
+        notice[:errors].each do |error|
+          error[:backtrace].each do |frame|
+            next unless (file = frame[:file])
+
+            file.sub!(/\A#{@root_directory}/, PROJECT_ROOT_LABEL)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/celerbrake-ruby/filters/sql_filter.rb

@@ -0,0 +1,128 @@
+module Celerbrake
+  module Filters
+    # SqlFilter filters out sensitive data from {Celerbrake::Query}. Sensitive
+    # data is everything that is not table names or fields (e.g. column values
+    # and such).
+    #
+    # Supports the following SQL dialects:
+    # * PostgreSQL
+    # * MySQL
+    # * SQLite
+    # * Cassandra
+    # * Oracle
+    #
+    # @api private
+    # @since v3.2.0
+    class SqlFilter
+      # @return [String] the label to replace real values of filtered query
+      FILTERED = '?'.freeze
+
+      # @return [String] the string that will replace the query in case we
+      #   cannot filter it
+      ERROR_MSG = 'Error: Celerbrake::Query was not filtered'.freeze
+
+      # @return [Hash{Symbol=>Regexp}] matchers for certain features of SQL
+      ALL_FEATURES = {
+        # rubocop:disable Layout/LineLength
+        single_quotes: /'(?:[^']|'')*?(?:\\'.*|'(?!'))/,
+        double_quotes: /"(?:[^"]|"")*?(?:\\".*|"(?!"))/,
+        dollar_quotes: /(\$(?!\d)[^$]*?\$).*?(?:\1|$)/,
+        uuids: /\{?(?:[0-9a-fA-F]-*){32}\}?/,
+        numeric_literals: /\b-?(?:[0-9]+\.)?[0-9]+([eE][+-]?[0-9]+)?\b/,
+        boolean_literals: /\b(?:true|false|null)\b/i,
+        hexadecimal_literals: /0x[0-9a-fA-F]+/,
+        comments: /(?:#|--).*?(?=\r|\n|$)/i,
+        multi_line_comments: %r{/\*(?:[^/]|/[^*])*?(?:\*/|/\*.*)},
+        oracle_quoted_strings: /q'\[.*?(?:\]'|$)|q'\{.*?(?:\}'|$)|q'<.*?(?:>'|$)|q'\(.*?(?:\)'|$)/,
+        # rubocop:enable Layout/LineLength
+      }.freeze
+
+      # @return [Regexp] the regexp that is applied after the feature regexps
+      #   were used
+      POST_FILTER = /(?<=[values|in ]\().+(?=\))/i.freeze
+
+      # @return [Hash{Symbol=>Array<Symbol>}] a set of features that corresponds
+      #   to a certain dialect
+      DIALECT_FEATURES = {
+        default: ALL_FEATURES.keys,
+        mysql: %i[
+          single_quotes double_quotes numeric_literals boolean_literals
+          hexadecimal_literals comments multi_line_comments
+        ].freeze,
+        postgres: %i[
+          single_quotes dollar_quotes uuids numeric_literals boolean_literals
+          comments multi_line_comments
+        ].freeze,
+        sqlite: %i[
+          single_quotes numeric_literals boolean_literals hexadecimal_literals
+          comments multi_line_comments
+        ].freeze,
+        oracle: %i[
+          single_quotes oracle_quoted_strings numeric_literals comments
+          multi_line_comments
+        ].freeze,
+        cassandra: %i[
+          single_quotes uuids numeric_literals boolean_literals
+          hexadecimal_literals comments multi_line_comments
+        ].freeze,
+      }.freeze
+
+      # @return [Hash{Symbol=>Regexp}] a set of regexps to check for unmatches
+      #   quotes after filtering (should be none)
+      UNMATCHED_PAIR = {
+        mysql: %r{'|"|/\*|\*/},
+        mysql2: %r{'|"|/\*|\*/},
+        postgres: %r{'|/\*|\*/|\$(?!\?)},
+        sqlite: %r{'|/\*|\*/},
+        cassandra: %r{'|/\*|\*/},
+        oracle: %r{'|/\*|\*/},
+        oracle_enhanced: %r{'|/\*|\*/},
+      }.freeze
+
+      # @return [Array<Regexp>] the list of queries to be ignored
+      IGNORED_QUERIES = [
+        /\ACOMMIT/i,
+        /\ABEGIN/i,
+        /\ASET/i,
+        /\ASHOW/i,
+        /\AWITH/i,
+        /FROM pg_attribute/i,
+        /FROM pg_index/i,
+        /FROM pg_class/i,
+        /FROM pg_type/i,
+      ].freeze
+
+      def initialize(dialect)
+        @dialect =
+          case dialect
+          when /mysql/i then :mysql
+          when /postgres/i then :postgres
+          when /sqlite/i then :sqlite
+          when /oracle/i then :oracle
+          when /cassandra/i then :cassandra
+          else
+            :default
+          end
+
+        features = DIALECT_FEATURES[@dialect].map { |f| ALL_FEATURES[f] }
+        @regexp = Regexp.union(features)
+      end
+
+      # @param [Celerbrake::Query] metric
+      def call(metric)
+        return unless metric.respond_to?(:query)
+
+        query = metric.query
+        if IGNORED_QUERIES.any? { |q| q =~ query }
+          metric.ignore!
+          return
+        end
+
+        q = query.gsub(@regexp, FILTERED)
+        q.gsub!(POST_FILTER, FILTERED) if q =~ POST_FILTER
+        q = ERROR_MSG if UNMATCHED_PAIR[@dialect] =~ q
+        metric.query = q
+      end
+    end
+  end
+end

data/lib/celerbrake-ruby/filters/system_exit_filter.rb

@@ -0,0 +1,24 @@
+module Celerbrake
+  module Filters
+    # Skip over SystemExit exceptions, because they're just noise.
+    # @api private
+    class SystemExitFilter
+      # @return [String]
+      SYSTEM_EXIT_TYPE = 'SystemExit'.freeze
+
+      # @return [Integer]
+      attr_reader :weight
+
+      def initialize
+        @weight = 130
+      end
+
+      # @macro call_filter
+      def call(notice)
+        return if notice[:errors].none? { |error| error[:type] == SYSTEM_EXIT_TYPE }
+
+        notice.ignore!
+      end
+    end
+  end
+end