govuk_app_config 2.1.0 → 2.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 11deec0d472bf1602ab757e77ec8d84ac51b6c5ea656b0f5ee566a2c30e53001
-  data.tar.gz: 3c8b333046cc448c7100392138fcb1804b84f3b0f02d319e4dc5274266db5a92
+  metadata.gz: c5f678cf6bda651a47bdef20c6797c07dd441d65e32cab0f19f95ce4041aa3ea
+  data.tar.gz: bf3c17de28c3c7ca1499af447635f7a43047e05208d24be705796f7a4e5a92d6
 SHA512:
-  metadata.gz: e66e03d60d51b38fe1d0c9205ce6b2d063d492241274a41856bd540f1dbf61aebc42bc99aa2b95968241419f48fe607de0e88d091513c0009869a1705559d245
-  data.tar.gz: dcb5537f539f72f8495da6c7269ef5d45c4b696221fb3302aff5f8ba02600b26e5a2a8cd81025ea3ca607524762bb28217b64a6bc3e1181f349a251a0039be58
+  metadata.gz: 1849ad797e75cea6e7524d56ae97330ac6803725b28324c32f398679d270bf7f8e2f2f1badd9defdc362be68869b5cb8187521a55bac21e53c71fb79d023e4db
+  data.tar.gz: 153f6f67e25d21d098bf86495a353c75189b895a1f8cfff2cc756f42269d6698cea6da7a40fcbb69d7a685e6d2157856c19487d00e4fb4fde3561e400dcc8089

data/.rubocop.yml

@@ -0,0 +1,3 @@
+inherit_gem:
+  rubocop-govuk:
+    - config/default.yml

data/CHANGELOG.md

@@ -1,3 +1,23 @@
+# 2.2.2
+
+* Add www.googletagmanager.com and www.gstatic.com to Content Security Policy (https://github.com/alphagov/govuk_app_config/pull/153)
+
+# 2.2.1
+
+* Fix linting issues (https://github.com/alphagov/govuk_app_config/pull/149)
+
+# 2.2.0
+
+* Monkey patch `ActionDispatch::DebugExceptions#log_error` so it logs errors on a single line (https://github.com/alphagov/govuk_app_config/pull/147)
+
+# 2.1.2
+
+* Add missing ActiveRecord rescue_responses (https://github.com/alphagov/govuk_app_config/pull/142)
+
+# 2.1.1
+
+* Revert using sentry option of rails_report_rescued_exceptions (https://github.com/alphagov/govuk_app_config/pull/140)
+
 # 2.1.0
 
 * Stop exceptions rescued by rails from appearing in Sentry (https://github.com/alphagov/govuk_app_config/pull/138)

data/Rakefile

@@ -3,4 +3,9 @@ require "rspec/core/rake_task"
 
 RSpec::Core::RakeTask.new(:spec)
 
-task :default => :spec
+desc "Lint Ruby"
+task :lint do
+  sh "bundle exec rubocop --format clang"
+end
+
+task default: %i[spec lint]

data/govuk_app_config.gemspec

@@ -1,5 +1,3 @@
-# coding: utf-8
-
 lib = File.expand_path("lib", __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require "govuk_app_config/version"
@@ -23,15 +21,17 @@ Gem::Specification.new do |spec|
   spec.require_paths = %w[lib]
 
   spec.add_dependency "logstasher", ">= 1.2.2", "< 1.4.0"
-  spec.add_dependency "sentry-raven", ">= 2.7.1", "< 2.14.0"
+  spec.add_dependency "sentry-raven", ">= 2.7.1", "< 3.1.0"
   spec.add_dependency "statsd-ruby", "~> 1.4.0"
-  spec.add_dependency "unicorn", ">= 5.4", "< 5.6"
+  spec.add_dependency "unicorn", ">= 5.4", "< 5.7"
 
   spec.add_development_dependency "bundler", "~> 1.15"
   spec.add_development_dependency "climate_control"
+  spec.add_development_dependency "rack-test", "~> 1.1.0"
   spec.add_development_dependency "rails", "~> 6"
   spec.add_development_dependency "rake", "~> 13.0"
   spec.add_development_dependency "rspec", "~> 3.9.0"
   spec.add_development_dependency "rspec-its", "~> 1.3.0"
+  spec.add_development_dependency "rubocop-govuk"
   spec.add_development_dependency "webmock"
 end

data/lib/govuk_app_config/configure.rb

@@ -1,5 +1,5 @@
 GovukError.configure do |config|
-  config.before_send = Proc.new { |e|
+  config.before_send = proc { |e|
     GovukStatsd.increment("errors_occurred")
     GovukStatsd.increment("error_types.#{e.class.name.demodulize.underscore}")
     e
@@ -8,14 +8,34 @@ GovukError.configure do |config|
   config.silence_ready = !Rails.env.production? if defined?(Rails)
 
   config.excluded_exceptions = [
-    'ActionController::UnknownAction',
-    'ActionDispatch::RemoteIp::IpSpoofAttackError',
-    'ActiveJob::DeserializationError',
-    'CGI::Session::CookieStore::TamperedWithCookie',
-    'GdsApi::HTTPIntermittentServerError',
-    'GdsApi::TimedOutException',
-    'Mongoid::Errors::DocumentNotFound',
-    'Sinatra::NotFound',
+    # Default ActionDispatch rescue responses
+    "ActionController::RoutingError",
+    "AbstractController::ActionNotFound",
+    "ActionController::MethodNotAllowed",
+    "ActionController::UnknownHttpMethod",
+    "ActionController::NotImplemented",
+    "ActionController::UnknownFormat",
+    "Mime::Type::InvalidMimeType",
+    "ActionController::MissingExactTemplate",
+    "ActionController::InvalidAuthenticityToken",
+    "ActionController::InvalidCrossOriginRequest",
+    "ActionDispatch::Http::Parameters::ParseError",
+    "ActionController::BadRequest",
+    "ActionController::ParameterMissing",
+    "Rack::QueryParser::ParameterTypeError",
+    "Rack::QueryParser::InvalidParameterError",
+    # Default ActiveRecord rescue responses
+    "ActiveRecord::RecordNotFound",
+    "ActiveRecord::StaleObjectError",
+    "ActiveRecord::RecordInvalid",
+    "ActiveRecord::RecordNotSaved",
+    # Additional items
+    "ActiveJob::DeserializationError",
+    "CGI::Session::CookieStore::TamperedWithCookie",
+    "GdsApi::HTTPIntermittentServerError",
+    "GdsApi::TimedOutException",
+    "Mongoid::Errors::DocumentNotFound",
+    "Sinatra::NotFound",
   ]
 
   # This will exclude exceptions that are triggered by one of the ignored
@@ -23,11 +43,7 @@ GovukError.configure do |config|
   # Rails will raise a ActionView::Template::Error, instead of the original error.
   config.inspect_exception_causes_for_exclusion = true
 
-  config.transport_failure_callback = Proc.new {
+  config.transport_failure_callback = proc {
     GovukStatsd.increment("error_reports_failed")
   }
-
-  # This stops exceptions rescued by rails from appearing in Sentry.
-  # See https://www.rubydoc.info/gems/sentry-raven/1.2.2/Raven%2FConfiguration:rails_report_rescued_exceptions
-  config.rails_report_rescued_exceptions = false
 end

data/lib/govuk_app_config/govuk_content_security_policy.rb

@@ -9,15 +9,18 @@ module GovukContentSecurityPolicy
   # - https://cspvalidator.org
 
   GOVUK_DOMAINS = [
-    '*.publishing.service.gov.uk',
+    "*.publishing.service.gov.uk",
     "*.#{ENV['GOVUK_APP_DOMAIN_EXTERNAL'] || ENV['GOVUK_APP_DOMAIN'] || 'dev.gov.uk'}",
     "www.gov.uk",
-    "*.dev.gov.uk"
+    "*.dev.gov.uk",
   ].uniq.freeze
 
-  GOOGLE_ANALYTICS_DOMAINS = %w(www.google-analytics.com
+  GOOGLE_ANALYTICS_DOMAINS = %w[www.google-analytics.com
                                 ssl.google-analytics.com
-                                stats.g.doubleclick.net).freeze
+                                stats.g.doubleclick.net
+                                www.googletagmanager.com].freeze
+
+  GOOGLE_STATIC_DOMAINS = %w[www.gstatic.com].freeze
 
   def self.build_policy(policy)
     # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src
@@ -35,6 +38,7 @@ module GovukContentSecurityPolicy
     policy.script_src :self,
                       *GOVUK_DOMAINS,
                       *GOOGLE_ANALYTICS_DOMAINS,
+                      *GOOGLE_STATIC_DOMAINS,
                       # Allow JSONP call to Verify to check whether the user is logged in
                       "www.signin.service.gov.uk",
                       # Allow YouTube Embeds (Govspeak turns YouTube links into embeds)
@@ -51,6 +55,7 @@ module GovukContentSecurityPolicy
     # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src
     policy.style_src :self,
                      *GOVUK_DOMAINS,
+                     *GOOGLE_STATIC_DOMAINS,
                      # We use the `style=""` attribute on some HTML elements
                      :unsafe_inline
 

data/lib/govuk_app_config/govuk_healthcheck.rb

@@ -13,8 +13,8 @@ module GovukHealthcheck
     proc do
       [
         200,
-        {"Content-Type" => "application/json"},
-        [JSON.dump(healthcheck(checks))]
+        { "Content-Type" => "application/json" },
+        [JSON.dump(healthcheck(checks))],
       ]
     end
   end

data/lib/govuk_app_config/govuk_healthcheck/active_record.rb

@@ -7,7 +7,7 @@ module GovukHealthcheck
     def status
       ::ActiveRecord::Base.connection
       OK
-    rescue StandardError => e
+    rescue StandardError
       CRITICAL
     end
   end

data/lib/govuk_app_config/govuk_healthcheck/checkup.rb

@@ -43,7 +43,7 @@ module GovukHealthcheck
     end
 
     def status?(status)
-      component_statuses.values.any? {|s| s[:status] == status }
+      component_statuses.values.any? { |s| s[:status] == status }
     end
 
     def build_component_status(check)

data/lib/govuk_app_config/govuk_healthcheck/sidekiq_queue_check.rb

@@ -41,7 +41,7 @@ module GovukHealthcheck
             thresholds: {
               critical: critical_threshold(queue: name),
               warning: warning_threshold(queue: name),
-            }.select { |_, val| !(val.to_f.infinite? || val.to_f.nan?) },
+            }.reject { |_, val| val.to_f.infinite? || val.to_f.nan? },
           }
         end,
       }
@@ -51,11 +51,11 @@ module GovukHealthcheck
       raise "This method must be overriden to be a hash of queue names and data."
     end
 
-    def critical_threshold(queue:)
+    def critical_threshold(queue:) # rubocop:disable Lint/UnusedMethodArgument
       raise "This method must be overriden to be the critical threshold."
     end
 
-    def warning_threshold(queue:)
+    def warning_threshold(queue:) # rubocop:disable Lint/UnusedMethodArgument
       raise "This method must be overriden to be the warning threshold."
     end
   end

data/lib/govuk_app_config/govuk_healthcheck/sidekiq_redis.rb

@@ -6,7 +6,6 @@ module GovukHealthcheck
 
     def status
       Sidekiq.redis_info ? OK : CRITICAL
-
     rescue StandardError
       # One would expect a Redis::BaseConnectionError, but this should be
       # critical if any exception is raised when making a call to redis.

data/lib/govuk_app_config/govuk_logging.rb

@@ -1,5 +1,6 @@
-require 'logstasher'
-require 'action_controller'
+require "logstasher"
+require "action_controller"
+require_relative "rails_ext/action_dispatch/debug_exceptions"
 
 module GovukLogging
   def self.configure
@@ -13,8 +14,11 @@ module GovukLogging
     #
     # To resolve this we've directed stdout to stderr, to cover any Rails
     # writing. This frees up the normal stdout for the logstasher logs.
+
+    # rubocop:disable Style/GlobalVars
     $real_stdout = $stdout.clone
     $stdout.reopen($stderr)
+    # rubocop:enable Style/GlobalVars
 
     # Send Rails' logs to STDERR because they're not JSON formatted.
     Rails.logger = ActiveSupport::TaggedLogging.new(Logger.new($stderr, level: Rails.logger.level))
@@ -22,7 +26,7 @@ module GovukLogging
     # Custom that will be added to the Rails request logs
     LogStasher.add_custom_fields do |fields|
       # Mirrors Nginx request logging, e.g GET /path/here HTTP/1.1
-      fields[:request] = "#{request.request_method} #{request.fullpath} #{request.headers["SERVER_PROTOCOL"]}"
+      fields[:request] = "#{request.request_method} #{request.fullpath} #{request.headers['SERVER_PROTOCOL']}"
 
       # Pass request Id to logging
       fields[:govuk_request_id] = request.headers["GOVUK-Request-Id"]
@@ -44,13 +48,13 @@ module GovukLogging
     Rails.application.config.logstasher.job_enabled = false
 
     Rails.application.config.logstasher.logger = Logger.new(
-      $real_stdout,
+      $real_stdout, # rubocop:disable Style/GlobalVars
       level: Rails.logger.level,
       formatter: proc { |_severity, _datetime, _progname, msg|
-        "#{String === msg ? msg : msg.inspect}\n"
-      }
+        "#{msg.is_a?(String) ? msg : msg.inspect}\n"
+      },
     )
-    Rails.application.config.logstasher.supress_app_log = true
+    Rails.application.config.logstasher.suppress_app_log = true
 
     if defined?(GdsApi::Base)
       GdsApi::Base.default_options ||= {}
@@ -61,5 +65,7 @@ module GovukLogging
       GdsApi::Base.default_options[:logger] =
         Rails.application.config.logstasher.logger
     end
+
+    RailsExt::ActionDispatch.monkey_patch_log_error if RailsExt::ActionDispatch.should_monkey_patch_log_error?
   end
 end

data/lib/govuk_app_config/govuk_statsd.rb

@@ -4,10 +4,10 @@ require "forwardable"
 module GovukStatsd
   extend SingleForwardable
   def_delegators :client, :increment, :decrement, :count, :time, :timing,
-    :gauge, :set, :batch
+                 :gauge, :set, :batch
 
   def self.client
-    @statsd_client ||= begin
+    @client ||= begin
       statsd_client = ::Statsd.new("localhost")
       statsd_client.namespace = ENV["GOVUK_STATSD_PREFIX"].to_s
       statsd_client

data/lib/govuk_app_config/govuk_unicorn.rb

@@ -9,8 +9,9 @@ module GovukUnicorn
       config.stderr_path "#{ENV['GOVUK_APP_LOGROOT']}/app.err.log"
     end
 
-    config.before_exec do |server|
+    config.before_exec do |_server|
       next unless ENV["GOVUK_APP_ROOT"]
+
       ENV["BUNDLE_GEMFILE"] = "#{ENV['GOVUK_APP_ROOT']}/Gemfile"
     end
 

data/lib/govuk_app_config/rails_ext/action_dispatch/debug_exceptions.rb

@@ -0,0 +1,52 @@
+require "action_dispatch/middleware/debug_exceptions"
+
+module GovukLogging
+  module RailsExt
+    module ActionDispatch
+      def self.should_monkey_patch_log_error?(clazz = ::ActionDispatch::DebugExceptions)
+        empty_instance = clazz.new nil
+        target_method = empty_instance.method :log_error
+
+        expected_parameters = [%i[req request], %i[req wrapper]]
+        actual_parameters = target_method.parameters
+
+        should_monkey_patch = actual_parameters == expected_parameters
+
+        unless should_monkey_patch
+          Rails.logger.warn "Refused to monkey patch ::ActionDispatch::DebugExceptions#log_error - " \
+            "signatures do not match. " \
+            "Expected #{expected_parameters}, but got #{actual_parameters}"
+        end
+
+        should_monkey_patch
+      rescue StandardError => e
+        Rails.logger.warn "Failed to detect whether to monkey patch " \
+          "::ActionDispatch::DebugExceptions#log_error - #{e.inspect}"
+        false
+      end
+
+      def self.monkey_patch_log_error(clazz = ::ActionDispatch::DebugExceptions)
+        clazz.class_eval do
+        private
+
+          def log_error(request, wrapper)
+            logger = logger(request)
+
+            return unless logger
+
+            exception = wrapper.exception
+
+            trace = wrapper.application_trace
+            trace = wrapper.framework_trace if trace.empty?
+
+            logger.fatal({
+              exception_class: exception.class.to_s,
+              exception_message: exception.message,
+              stacktrace: trace,
+            }.to_json)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/govuk_app_config/version.rb

@@ -1,3 +1,3 @@
 module GovukAppConfig
-  VERSION = "2.1.0"
+  VERSION = "2.2.2".freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: govuk_app_config
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.2.2
 platform: ruby
 authors:
 - GOV.UK Dev
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-03-09 00:00:00.000000000 Z
+date: 2020-09-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: logstasher
@@ -39,7 +39,7 @@ dependencies:
         version: 2.7.1
     - - "<"
       - !ruby/object:Gem::Version
-        version: 2.14.0
+        version: 3.1.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -49,7 +49,7 @@ dependencies:
         version: 2.7.1
     - - "<"
       - !ruby/object:Gem::Version
-        version: 2.14.0
+        version: 3.1.0
 - !ruby/object:Gem::Dependency
   name: statsd-ruby
   requirement: !ruby/object:Gem::Requirement
@@ -73,7 +73,7 @@ dependencies:
         version: '5.4'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5.6'
+        version: '5.7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -83,7 +83,7 @@ dependencies:
         version: '5.4'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5.6'
+        version: '5.7'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -112,6 +112,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.1.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.1.0
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
@@ -168,6 +182,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 1.3.0
+- !ruby/object:Gem::Dependency
+  name: rubocop-govuk
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: webmock
   requirement: !ruby/object:Gem::Requirement
@@ -191,6 +219,7 @@ extra_rdoc_files: []
 files:
 - ".gitignore"
 - ".rspec"
+- ".rubocop.yml"
 - ".ruby-version"
 - CHANGELOG.md
 - Gemfile
@@ -218,6 +247,7 @@ files:
 - lib/govuk_app_config/govuk_logging.rb
 - lib/govuk_app_config/govuk_statsd.rb
 - lib/govuk_app_config/govuk_unicorn.rb
+- lib/govuk_app_config/rails_ext/action_dispatch/debug_exceptions.rb
 - lib/govuk_app_config/railtie.rb
 - lib/govuk_app_config/version.rb
 homepage: https://github.com/alphagov/govuk_app_config