govuk_app_config 2.9.1 → 4.0.0.pre.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6d09073bb18f9c4e5a0ed20ba834f1ea47be67990e987e6a80cf9da330fd2248
-  data.tar.gz: 112569bb62b19b56432c3d8b716eca4861d000ed40ea6bd39e076ad2b0101405
+  metadata.gz: 2b08ba5468f1f0639c3dab2c7067d7a3acff2169ce85a246ceb2a976b04686a7
+  data.tar.gz: ce9d8876d37175726d4aa81633e4b11232975dd3d65d24bca6ac58b219248b09
 SHA512:
-  metadata.gz: b08e5e7a43f9371715da678d5a0f3c39b1ec3a40698d4742ae76b0317a08d762e8b1ad918ff9894ca88d7d15eea85acafb50e1e5dea86ef9e713f76372234c77
-  data.tar.gz: 2f8853b9d47afb13f368ac6ca7ab9bf90f0377d35452d4c450c91ef25393771467e9c9cee91778a071cc6adcd205fad35c8ccd6c17c1ad6417b99b9173a929bb
+  metadata.gz: a0eb71467c7fa26805e5606bec9f96312c6bb5e0f0d0ef3b93e1a8cfa5d556164f5ac537c9606416724eb93acbef298f57163a16876ddb5ba48b5dea05c94227
+  data.tar.gz: cae07877f651a180c2c62a7fd32a15714421e2dfee5c7fda5957d7601d5cd99c57e110c3b2071d7d5a4dac62c924e662c1dc70379f206b5de849ac373999d3e4

data/.github/dependabot.yml

@@ -0,0 +1,12 @@
+version: 2
+updates:
+- package-ecosystem: bundler
+  directory: "/"
+  schedule:
+    interval: daily
+    time: "03:00"
+  open-pull-requests-limit: 10
+  ignore:
+  - dependency-name: aws-xray-sdk
+    versions:
+    - "> 0.10.0"

data/CHANGELOG.md

@@ -1,10 +1,31 @@
+# 4.0.0.pre-1
+
+- BREAKING: upgrades Sentry gem from `sentry-raven` to `sentry-ruby` ([#199](https://github.com/alphagov/govuk_app_config/pull/199)). There is a **[migration guide](https://docs.sentry.io/platforms/ruby/migration/)** you should follow before upgrading to this version of govuk_app_config.
+- This release also fixes the `data_sync_excluded_exceptions` behaviour that has been broken since v3.1.0.
+- Released as a pre-release to identify and fix any problems before a wider rollout.
+
+# 3.1.1
+
+- Fix the new before_send behaviour & tests, and add documentation ([#197](https://github.com/alphagov/govuk_app_config/pull/197))
+
+# 3.1.0
+
+- Remove support for `should_capture` callbacks in favour of `before_send` ([#196](https://github.com/alphagov/govuk_app_config/pull/196))
+
+# 3.0.0
+
+* BREAKING: Implement RFC 141 - remove unsuitable healthchecks and return a 500 on healthcheck failure ([#193](https://github.com/alphagov/govuk_app_config/pull/193))
+
+# 2.10.0
+* Allow LUX domain on img-src policy ([#191](https://github.com/alphagov/govuk_app_config/pull/191))
+
 # 2.9.1
 
-* Fixes bug in GovukI18n introduced in the last version ([##189](https://github.com/alphagov/govuk_app_config/pull/189))
+* Fixes bug in GovukI18n introduced in the last version ([#189](https://github.com/alphagov/govuk_app_config/pull/189))
 
 # 2.9.0
 
-* Add GovukI18n module with custom plural rules ([##187](https://github.com/alphagov/govuk_app_config/pull/187))
+* Add GovukI18n module with custom plural rules ([#187](https://github.com/alphagov/govuk_app_config/pull/187))
 
 # 2.8.4
 

data/README.md

@@ -112,12 +112,12 @@ end
 Finally, you can pass your own callback to evaluate whether or not to capture the exception.
 Note that if an exception is on the `excluded_exceptions` list, or on the `data_sync_excluded_exceptions`
 and occurs at the time of a data sync, then it will be excluded even if the custom
-`should_capture` callback returns `true`.
+`before_send` callback doesn't return `nil`.
 
 ```ruby
 GovukError.configure do |config|
-  config.should_capture = lambda do |error_or_event|
-    error_or_event == "do capture"
+  config.before_send = lambda do |event, hint|
+    hint[:exception].is_a?(ErrorWeWantToIgnore) ? nil : event
   end
 end
 ```

data/govuk_app_config.gemspec

@@ -13,15 +13,15 @@ Gem::Specification.new do |spec|
   spec.homepage      = "https://github.com/alphagov/govuk_app_config"
   spec.license       = "MIT"
 
-  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
-    f.match(%r{^(test|spec|features)/})
-  end
+  spec.required_ruby_version = ">= 2.6"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   spec.bindir        = "exe"
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = %w[lib]
 
   spec.add_dependency "logstasher", ">= 1.2.2", "< 2.2.0"
-  spec.add_dependency "sentry-raven", "~> 3.1.1"
+  spec.add_dependency "sentry-ruby", "~> 4.5.0"
   spec.add_dependency "statsd-ruby", "~> 1.5.0"
   spec.add_dependency "unicorn", ">= 5.4", "< 5.9"
 

data/lib/govuk_app_config/govuk_content_security_policy.rb

@@ -32,7 +32,10 @@ module GovukContentSecurityPolicy
                    *GOVUK_DOMAINS,
                    *GOOGLE_ANALYTICS_DOMAINS, # Tracking pixels
                    # Some content still links to an old domain we used to use
-                   "assets.digital.cabinet-office.gov.uk"
+                   "assets.digital.cabinet-office.gov.uk",
+                   # Allow images to be loaded for Speedcurve's LUX - used for
+                   # getting real user metrics on GOV.UK
+                   "lux.speedcurve.com"
 
     # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src
     policy.script_src :self,

data/lib/govuk_app_config/govuk_error.rb

@@ -1,4 +1,4 @@
-require "sentry-raven"
+require "sentry-ruby"
 require "govuk_app_config/govuk_statsd"
 require "govuk_app_config/govuk_error/configuration"
 require "govuk_app_config/version"
@@ -13,11 +13,11 @@ module GovukError
     args[:tags] ||= {}
     args[:tags][:govuk_app_config_version] = GovukAppConfig::VERSION
 
-    Raven.capture_exception(exception_or_message, args)
+    Sentry.capture_exception(exception_or_message, args)
   end
 
   def self.configure
-    @configuration ||= Configuration.new(Raven.configuration)
+    @configuration ||= Configuration.new(Sentry::Configuration.new)
     yield @configuration
   end
 end

data/lib/govuk_app_config/govuk_error/configuration.rb

@@ -6,41 +6,35 @@ module GovukError
     attr_reader :data_sync, :sentry_environment
     attr_accessor :active_sentry_environments, :data_sync_excluded_exceptions
 
-    def initialize(_raven_configuration)
+    def initialize(_sentry_configuration)
       super
       @sentry_environment = ENV["SENTRY_CURRENT_ENV"]
       @data_sync = GovukDataSync.new(ENV["GOVUK_DATA_SYNC_PERIOD"])
       self.active_sentry_environments = []
       self.data_sync_excluded_exceptions = []
-      self.should_capture = ignore_exceptions_based_on_env_and_data_sync
+      @before_send_callbacks = [
+        ignore_exceptions_if_not_in_active_sentry_env,
+        ignore_excluded_exceptions_in_data_sync,
+        increment_govuk_statsd_counters,
+      ]
     end
 
-    def should_capture=(closure)
-      combined = lambda do |error_or_event|
-        (ignore_exceptions_based_on_env_and_data_sync.call(error_or_event) && closure.call(error_or_event))
-      end
-
-      super(combined)
+    def before_send=(closure)
+      @before_send_callbacks.insert(-2, closure)
+      super(run_before_send_callbacks)
     end
 
   protected
 
-    def ignore_exceptions_based_on_env_and_data_sync
-      lambda do |error_or_event|
-        ignore_exceptions_if_not_in_active_sentry_env.call(error_or_event) &&
-          ignore_excluded_exceptions_in_data_sync.call(error_or_event)
-      end
-    end
-
     def ignore_exceptions_if_not_in_active_sentry_env
-      ->(_error_or_event) { active_sentry_environments.include?(sentry_environment) }
+      ->(event, _hint) { event if active_sentry_environments.include?(sentry_environment) }
     end
 
     def ignore_excluded_exceptions_in_data_sync
-      lambda { |error_or_event|
+      lambda { |event, hint|
         data_sync_ignored_error = data_sync_excluded_exceptions.any? do |exception_to_ignore|
           exception_to_ignore = Object.const_get(exception_to_ignore) unless exception_to_ignore.is_a?(Module)
-          exception_chain = Raven::Utils::ExceptionCauseChain.exception_to_array(error_or_event)
+          exception_chain = Sentry::Utils::ExceptionCauseChain.exception_to_array(hint[:exception])
           exception_chain.any? { |exception| exception.is_a?(exception_to_ignore) }
         rescue NameError
           # the exception type represented by the exception_to_ignore string
@@ -48,8 +42,29 @@ module GovukError
           false
         end
 
-        !(data_sync.in_progress? && data_sync_ignored_error)
+        event unless data_sync.in_progress? && data_sync_ignored_error
       }
     end
+
+    def increment_govuk_statsd_counters
+      lambda { |event, hint|
+        if hint[:exception]
+          GovukStatsd.increment("errors_occurred")
+          GovukStatsd.increment("error_types.#{hint[:exception].class.name.split('::').last.underscore}")
+        end
+        event
+      }
+    end
+
+    def run_before_send_callbacks
+      lambda do |event, hint|
+        result = event
+        @before_send_callbacks.each do |callback|
+          result = callback.call(event, hint)
+          break if result.nil?
+        end
+        result
+      end
+    end
   end
 end

data/lib/govuk_app_config/govuk_error/configure.rb

@@ -1,10 +1,4 @@
 GovukError.configure do |config|
-  config.before_send = proc { |e|
-    GovukStatsd.increment("errors_occurred")
-    GovukStatsd.increment("error_types.#{e.class.name.demodulize.underscore}")
-    e
-  }
-
   config.silence_ready = !Rails.env.production? if defined?(Rails)
 
   # These are the environments (described by the `SENTRY_CURRENT_ENV`
@@ -64,6 +58,10 @@ GovukError.configure do |config|
     "GdsApi::ContentStore::ItemNotFound",
   ]
 
+  config.before_send = lambda { |error_or_event, _hint|
+    error_or_event
+  }
+
   config.transport_failure_callback = proc {
     GovukStatsd.increment("error_reports_failed")
   }

data/lib/govuk_app_config/govuk_error/govuk_data_sync.rb

@@ -3,14 +3,8 @@ require "time"
 module GovukError
   class GovukDataSync
     class MalformedDataSyncPeriod < RuntimeError
-      attr_reader :invalid_value
-
       def initialize(invalid_value)
-        @invalid_value = invalid_value
-      end
-
-      def message
-        "\"#{invalid_value}\" is not a valid value (should be of form '22:00-03:00')."
+        super("\"#{invalid_value}\" is not a valid value (should be of form '22:00-03:00').")
       end
     end
 

data/lib/govuk_app_config/govuk_healthcheck.rb

@@ -4,19 +4,16 @@ require "govuk_app_config/govuk_healthcheck/mongoid"
 require "govuk_app_config/govuk_healthcheck/rails_cache"
 require "govuk_app_config/govuk_healthcheck/redis"
 require "govuk_app_config/govuk_healthcheck/sidekiq_redis"
-require "govuk_app_config/govuk_healthcheck/threshold_check"
-require "govuk_app_config/govuk_healthcheck/sidekiq_queue_check"
-require "govuk_app_config/govuk_healthcheck/sidekiq_queue_latency_check"
-require "govuk_app_config/govuk_healthcheck/sidekiq_retry_size_check"
 require "json"
 
 module GovukHealthcheck
   def self.rack_response(*checks)
     proc do
+      checkup = healthcheck(checks)
       [
-        200,
+        checkup[:status] == :ok ? 200 : 500,
         { "Content-Type" => "application/json" },
-        [JSON.dump(healthcheck(checks))],
+        [JSON.dump(checkup)],
       ]
     end
   end

data/lib/govuk_app_config/version.rb

@@ -1,3 +1,3 @@
 module GovukAppConfig
-  VERSION = "2.9.1".freeze
+  VERSION = "4.0.0.pre.1".freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: govuk_app_config
 version: !ruby/object:Gem::Version
-  version: 2.9.1
+  version: 4.0.0.pre.1
 platform: ruby
 authors:
 - GOV.UK Dev
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-03-18 00:00:00.000000000 Z
+date: 2021-06-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: logstasher
@@ -31,19 +31,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 2.2.0
 - !ruby/object:Gem::Dependency
-  name: sentry-raven
+  name: sentry-ruby
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.1.1
+        version: 4.5.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.1.1
+        version: 4.5.0
 - !ruby/object:Gem::Dependency
   name: statsd-ruby
   requirement: !ruby/object:Gem::Requirement
@@ -211,6 +211,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/dependabot.yml"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
@@ -237,11 +238,7 @@ files:
 - lib/govuk_app_config/govuk_healthcheck/mongoid.rb
 - lib/govuk_app_config/govuk_healthcheck/rails_cache.rb
 - lib/govuk_app_config/govuk_healthcheck/redis.rb
-- lib/govuk_app_config/govuk_healthcheck/sidekiq_queue_check.rb
-- lib/govuk_app_config/govuk_healthcheck/sidekiq_queue_latency_check.rb
 - lib/govuk_app_config/govuk_healthcheck/sidekiq_redis.rb
-- lib/govuk_app_config/govuk_healthcheck/sidekiq_retry_size_check.rb
-- lib/govuk_app_config/govuk_healthcheck/threshold_check.rb
 - lib/govuk_app_config/govuk_i18n.rb
 - lib/govuk_app_config/govuk_logging.rb
 - lib/govuk_app_config/govuk_statsd.rb
@@ -261,14 +258,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.6'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Base configuration for GOV.UK applications

data/lib/govuk_app_config/govuk_healthcheck/sidekiq_queue_check.rb

@@ -1,62 +0,0 @@
-module GovukHealthcheck
-  class SidekiqQueueCheck
-    def status
-      queues.each do |name, value|
-        if value >= critical_threshold(queue: name)
-          return :critical
-        elsif value >= warning_threshold(queue: name)
-          return :warning
-        end
-      end
-
-      :ok
-    end
-
-    def message
-      messages = queues.map do |name, value|
-        critical = critical_threshold(queue: name)
-        warning = warning_threshold(queue: name)
-
-        if value >= critical
-          "#{name} (#{value}) is above the critical threshold (#{critical})"
-        elsif value >= warning
-          "#{name} (#{value}) is above the warning threshold (#{warning})"
-        end
-      end
-
-      messages = messages.compact
-
-      if messages.empty?
-        "all queues are below the critical and warning thresholds"
-      else
-        messages.join("\n")
-      end
-    end
-
-    def details
-      {
-        queues: queues.each_with_object({}) do |(name, value), hash|
-          hash[name] = {
-            value: value,
-            thresholds: {
-              critical: critical_threshold(queue: name),
-              warning: warning_threshold(queue: name),
-            }.reject { |_, val| val.to_f.infinite? || val.to_f.nan? },
-          }
-        end,
-      }
-    end
-
-    def queues
-      raise "This method must be overriden to be a hash of queue names and data."
-    end
-
-    def critical_threshold(queue:) # rubocop:disable Lint/UnusedMethodArgument
-      raise "This method must be overriden to be the critical threshold."
-    end
-
-    def warning_threshold(queue:) # rubocop:disable Lint/UnusedMethodArgument
-      raise "This method must be overriden to be the warning threshold."
-    end
-  end
-end

data/lib/govuk_app_config/govuk_healthcheck/sidekiq_queue_latency_check.rb

@@ -1,13 +0,0 @@
-module GovukHealthcheck
-  class SidekiqQueueLatencyCheck < SidekiqQueueCheck
-    def name
-      :sidekiq_queue_latency
-    end
-
-    def queues
-      @queues ||= Sidekiq::Stats.new.queues.keys.each_with_object({}) do |name, hash|
-        hash[name] = Sidekiq::Queue.new(name).latency
-      end
-    end
-  end
-end

data/lib/govuk_app_config/govuk_healthcheck/sidekiq_retry_size_check.rb

@@ -1,11 +0,0 @@
-module GovukHealthcheck
-  class SidekiqRetrySizeCheck < ThresholdCheck
-    def name
-      :sidekiq_retry_size
-    end
-
-    def value
-      Sidekiq::Stats.new.retry_size
-    end
-  end
-end

data/lib/govuk_app_config/govuk_healthcheck/threshold_check.rb

@@ -1,50 +0,0 @@
-module GovukHealthcheck
-  class ThresholdCheck
-    def status
-      if value >= critical_threshold
-        :critical
-      elsif value >= warning_threshold
-        :warning
-      else
-        :ok
-      end
-    end
-
-    def message
-      if value >= critical_threshold
-        "#{value} is above the critical threshold (#{critical_threshold})"
-      elsif value >= warning_threshold
-        "#{value} is above the warning threshold (#{warning_threshold})"
-      else
-        "#{value} is below the critical and warning thresholds"
-      end
-    end
-
-    def details
-      {
-        value: value,
-        total: total,
-        thresholds: {
-          critical: critical_threshold,
-          warning: warning_threshold,
-        },
-      }
-    end
-
-    def value
-      raise "This method must be overridden to be the check value."
-    end
-
-    def total
-      nil # This method can be overriden to provide the total for the check.
-    end
-
-    def critical_threshold
-      raise "This method must be overriden to be the critical threshold."
-    end
-
-    def warning_threshold
-      raise "This method must be overriden to be the warning threshold."
-    end
-  end
-end