govuk_app_config 4.0.0.pre.1 → 4.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2b08ba5468f1f0639c3dab2c7067d7a3acff2169ce85a246ceb2a976b04686a7
-  data.tar.gz: ce9d8876d37175726d4aa81633e4b11232975dd3d65d24bca6ac58b219248b09
+  metadata.gz: f8077ef6fb7147f51cfa723573145d8552deccc046e51fb7fa5870517b44c404
+  data.tar.gz: f172b22ff57d9a7c86a2a6cd9d25b5f27a5f207e714e82f40e031d3ba979aadf
 SHA512:
-  metadata.gz: a0eb71467c7fa26805e5606bec9f96312c6bb5e0f0d0ef3b93e1a8cfa5d556164f5ac537c9606416724eb93acbef298f57163a16876ddb5ba48b5dea05c94227
-  data.tar.gz: cae07877f651a180c2c62a7fd32a15714421e2dfee5c7fda5957d7601d5cd99c57e110c3b2071d7d5a4dac62c924e662c1dc70379f206b5de849ac373999d3e4
+  metadata.gz: 59bf46da65446015dd8521f505f01af02f04149490f8d653e6e3436fe9512a920637211054a3e6cfc75cc66f15e81036631a9921410b2226f3d5489cf6e65182
+  data.tar.gz: f70c89f913ead21b565f92a6150958b88469da6585166077c3e112cd60444377e5593d56f8d9881379e24e859406741668aad545a046c4d48744f6bbc08d6820

data/CHANGELOG.md

@@ -1,9 +1,41 @@
-# 4.0.0.pre-1
+# 4.0.0
+
+- BREAKING: replaces deprecated `sentry-raven` with `sentry-ruby` and `sentry-rails`. Follow the **[migration guide](https://docs.sentry.io/platforms/ruby/migration/)** before upgrading to this version of govuk_app_config to ensure full compatibility with the new gems.
+- BREAKING: `GovukError.configure` can only be called once, and non-Rails apps will have to manually call `GovukError.configure` in order to initialise Sentry.
+- BREAKING: apps will no longer increment the `error_reports_failed` statsd if events fail to get sent to Sentry.
+- BREAKING: the behaviour of `before_send` has changed, and the `should_capture` method is deprecated.
+- See pre-release notes below for details.
+- PR: [#212](https://github.com/alphagov/govuk_app_config/pull/212)
+
+# 4.0.0.pre.4
+
+- Fix Sentry client initialisation ([#205](https://github.com/alphagov/govuk_app_config/pull/205)).
+- BREAKING: non-Rails apps will need to manually call `GovukError.configure` in order to initialise Sentry.
+- BREAKING: `GovukError.configure` can only be called once by the downstream application.
+
+# 4.0.0.pre.3
+
+- Include [sentry-rails](https://github.com/getsentry/sentry-ruby/tree/master/sentry-rails) by default ([#203](https://github.com/alphagov/govuk_app_config/pull/203)).
+
+# 4.0.0.pre.2
+
+- Fix default Sentry configuration ([#202](https://github.com/alphagov/govuk_app_config/pull/202)).
+- BREAKING: this means no more `silence_ready` or `transport_failure_callback` options.
+
+# 4.0.0.pre.1
 
 - BREAKING: upgrades Sentry gem from `sentry-raven` to `sentry-ruby` ([#199](https://github.com/alphagov/govuk_app_config/pull/199)). There is a **[migration guide](https://docs.sentry.io/platforms/ruby/migration/)** you should follow before upgrading to this version of govuk_app_config.
-- This release also fixes the `data_sync_excluded_exceptions` behaviour that has been broken since v3.1.0.
+- This release also fixes the `data_sync_excluded_exceptions` behaviour that was broken in v3.1.0 (later fixed in v3.3.0, which was released after 4.0.0.pre.1).
 - Released as a pre-release to identify and fix any problems before a wider rollout.
 
+# 3.3.0
+
+- Revert the `should_capture`/`before_send` consolidation introduced in 3.1.0. This fixes the `data_sync_excluded_exceptions` behaviour that has been broken since v3.1.0. ([#211](https://github.com/alphagov/govuk_app_config/pull/211))
+
+# 3.2.0
+
+- Add Speedcurve's LUX to connect-src policy ([#206](https://github.com/alphagov/govuk_app_config/pull/206))
+
 # 3.1.1
 
 - Fix the new before_send behaviour & tests, and add documentation ([#197](https://github.com/alphagov/govuk_app_config/pull/197))

data/README.md

@@ -87,7 +87,7 @@ You can add your environment to the list of active Sentry environments like so:
 
 ```ruby
 GovukError.configure do |config|
-  config.active_sentry_environments << "my-test-environment"
+  config.enabled_environments << "my-test-environment"
 end
 ```
 

data/govuk_app_config.gemspec

@@ -21,6 +21,7 @@ Gem::Specification.new do |spec|
   spec.require_paths = %w[lib]
 
   spec.add_dependency "logstasher", ">= 1.2.2", "< 2.2.0"
+  spec.add_dependency "sentry-rails", "~> 4.5.0"
   spec.add_dependency "sentry-ruby", "~> 4.5.0"
   spec.add_dependency "statsd-ruby", "~> 1.5.0"
   spec.add_dependency "unicorn", ">= 5.4", "< 5.9"

data/lib/govuk_app_config.rb

@@ -1,7 +1,6 @@
 require "govuk_app_config/version"
 require "govuk_app_config/govuk_statsd"
 require "govuk_app_config/govuk_error"
-require "govuk_app_config/govuk_error/configure"
 require "govuk_app_config/govuk_healthcheck"
 require "govuk_app_config/govuk_i18n"
 # This require is deprecated and should be removed on next major version bump

data/lib/govuk_app_config/govuk_content_security_policy.rb

@@ -78,7 +78,13 @@ module GovukContentSecurityPolicy
                        # Allow JSON call to klick2contact - HMPO web chat provider
                        "gov.klick2contact.com",
                        # Allow connecting to Verify to check whether the user is logged in
-                       "www.signin.service.gov.uk"
+                       "www.signin.service.gov.uk",
+                       # Allow connection to Speedcurve's CDN for LUX - used for
+                       # real user metrics on GOV.UK. This loads using an image
+                       # (see image policy), but returns a JavaScript file -
+                       # which is why this has to be added to the `connect-src`
+                       # policy as well.
+                       "lux.speedcurve.com"
 
     # Disallow all <object>, <embed>, and <applet> elements
     #

data/lib/govuk_app_config/govuk_error.rb

@@ -1,9 +1,16 @@
 require "sentry-ruby"
+require "sentry-rails"
 require "govuk_app_config/govuk_statsd"
 require "govuk_app_config/govuk_error/configuration"
 require "govuk_app_config/version"
 
 module GovukError
+  class AlreadyInitialised < StandardError
+    def initialize(msg = "You can only call GovukError.configure once!")
+      super
+    end
+  end
+
   def self.notify(exception_or_message, args = {})
     # Allow users to use `parameters` as a key like the Airbrake
     # client, allowing easy upgrades.
@@ -13,11 +20,23 @@ module GovukError
     args[:tags] ||= {}
     args[:tags][:govuk_app_config_version] = GovukAppConfig::VERSION
 
-    Sentry.capture_exception(exception_or_message, args)
+    if exception_or_message.is_a?(String)
+      Sentry.capture_message(exception_or_message, args)
+    else
+      Sentry.capture_exception(exception_or_message, args)
+    end
+  end
+
+  def self.is_configured?
+    Sentry.get_current_client != nil
   end
 
   def self.configure
-    @configuration ||= Configuration.new(Sentry::Configuration.new)
-    yield @configuration
+    raise GovukError::AlreadyInitialised if is_configured?
+
+    Sentry.init do |sentry_config|
+      config = Configuration.new(sentry_config)
+      yield config if block_given?
+    end
   end
 end

data/lib/govuk_app_config/govuk_error/configuration.rb

@@ -3,20 +3,82 @@ require "govuk_app_config/govuk_error/govuk_data_sync"
 
 module GovukError
   class Configuration < SimpleDelegator
-    attr_reader :data_sync, :sentry_environment
-    attr_accessor :active_sentry_environments, :data_sync_excluded_exceptions
+    attr_reader :data_sync
+    attr_accessor :data_sync_excluded_exceptions
 
     def initialize(_sentry_configuration)
       super
-      @sentry_environment = ENV["SENTRY_CURRENT_ENV"]
       @data_sync = GovukDataSync.new(ENV["GOVUK_DATA_SYNC_PERIOD"])
-      self.active_sentry_environments = []
-      self.data_sync_excluded_exceptions = []
+      set_up_defaults
+    end
+
+    def set_up_defaults
+      # These are the environments (described by the `SENTRY_CURRENT_ENV`
+      # ENV variable) where we want to capture Sentry errors. If
+      # `SENTRY_CURRENT_ENV` isn't in this list, or isn't defined, then
+      # don't capture the error.
+      self.enabled_environments = %w[
+        integration-blue-aws
+        staging
+        production
+      ]
+
+      self.excluded_exceptions = [
+        # Default ActionDispatch rescue responses
+        "ActionController::RoutingError",
+        "AbstractController::ActionNotFound",
+        "ActionController::MethodNotAllowed",
+        "ActionController::UnknownHttpMethod",
+        "ActionController::NotImplemented",
+        "ActionController::UnknownFormat",
+        "Mime::Type::InvalidMimeType",
+        "ActionController::MissingExactTemplate",
+        "ActionController::InvalidAuthenticityToken",
+        "ActionController::InvalidCrossOriginRequest",
+        "ActionDispatch::Http::Parameters::ParseError",
+        "ActionController::BadRequest",
+        "ActionController::ParameterMissing",
+        "Rack::QueryParser::ParameterTypeError",
+        "Rack::QueryParser::InvalidParameterError",
+        # Default ActiveRecord rescue responses
+        "ActiveRecord::RecordNotFound",
+        "ActiveRecord::StaleObjectError",
+        "ActiveRecord::RecordInvalid",
+        "ActiveRecord::RecordNotSaved",
+        # Additional items
+        "ActiveJob::DeserializationError",
+        "CGI::Session::CookieStore::TamperedWithCookie",
+        "GdsApi::HTTPIntermittentServerError",
+        "GdsApi::TimedOutException",
+        "Mongoid::Errors::DocumentNotFound",
+        "Sinatra::NotFound",
+        "Slimmer::IntermittentRetrievalError",
+      ]
+
+      # This will exclude exceptions that are triggered by one of the ignored
+      # exceptions. For example, when any exception occurs in a template,
+      # Rails will raise a ActionView::Template::Error, instead of the original error.
+      self.inspect_exception_causes_for_exclusion = true
+
+      # List of exceptions to ignore if they take place during the data sync.
+      # Some errors are transient in nature, e.g. PostgreSQL databases being
+      # unavailable, and add little value. In fact, their presence can greatly
+      # increase the number of errors being sent and risk genuine errors being
+      # rate-limited by Sentry.
+      self.data_sync_excluded_exceptions = [
+        "PG::Error",
+        "GdsApi::ContentStore::ItemNotFound",
+      ]
+
       @before_send_callbacks = [
-        ignore_exceptions_if_not_in_active_sentry_env,
         ignore_excluded_exceptions_in_data_sync,
         increment_govuk_statsd_counters,
       ]
+      # Need to invoke an arbitrary `before_send=` in order to trigger the
+      # `before_send_callbacks` behaviour
+      self.before_send = lambda { |error_or_event, _hint|
+        error_or_event
+      }
     end
 
     def before_send=(closure)
@@ -26,10 +88,6 @@ module GovukError
 
   protected
 
-    def ignore_exceptions_if_not_in_active_sentry_env
-      ->(event, _hint) { event if active_sentry_environments.include?(sentry_environment) }
-    end
-
     def ignore_excluded_exceptions_in_data_sync
       lambda { |event, hint|
         data_sync_ignored_error = data_sync_excluded_exceptions.any? do |exception_to_ignore|

data/lib/govuk_app_config/railtie.rb

@@ -3,5 +3,9 @@ module GovukAppConfig
     config.before_initialize do
       GovukLogging.configure if Rails.env.production?
     end
+
+    config.after_initialize do
+      GovukError.configure unless GovukError.is_configured?
+    end
   end
 end

data/lib/govuk_app_config/version.rb

@@ -1,3 +1,3 @@
 module GovukAppConfig
-  VERSION = "4.0.0.pre.1".freeze
+  VERSION = "4.0.0".freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: govuk_app_config
 version: !ruby/object:Gem::Version
-  version: 4.0.0.pre.1
+  version: 4.0.0
 platform: ruby
 authors:
 - GOV.UK Dev
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-06-04 00:00:00.000000000 Z
+date: 2021-07-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: logstasher
@@ -30,6 +30,20 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.2.0
+- !ruby/object:Gem::Dependency
+  name: sentry-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 4.5.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 4.5.0
 - !ruby/object:Gem::Dependency
   name: sentry-ruby
   requirement: !ruby/object:Gem::Requirement
@@ -230,7 +244,6 @@ files:
 - lib/govuk_app_config/govuk_content_security_policy.rb
 - lib/govuk_app_config/govuk_error.rb
 - lib/govuk_app_config/govuk_error/configuration.rb
-- lib/govuk_app_config/govuk_error/configure.rb
 - lib/govuk_app_config/govuk_error/govuk_data_sync.rb
 - lib/govuk_app_config/govuk_healthcheck.rb
 - lib/govuk_app_config/govuk_healthcheck/active_record.rb
@@ -261,9 +274,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '2.6'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.0.3
 signing_key: 

data/lib/govuk_app_config/govuk_error/configure.rb

@@ -1,68 +0,0 @@
-GovukError.configure do |config|
-  config.silence_ready = !Rails.env.production? if defined?(Rails)
-
-  # These are the environments (described by the `SENTRY_CURRENT_ENV`
-  # ENV variable) where we want to capture Sentry errors. If
-  # `SENTRY_CURRENT_ENV` isn't in this list, or isn't defined, then
-  # don't capture the error.
-  config.active_sentry_environments = %w[
-    integration-blue-aws
-    staging
-    production
-  ]
-
-  config.excluded_exceptions = [
-    # Default ActionDispatch rescue responses
-    "ActionController::RoutingError",
-    "AbstractController::ActionNotFound",
-    "ActionController::MethodNotAllowed",
-    "ActionController::UnknownHttpMethod",
-    "ActionController::NotImplemented",
-    "ActionController::UnknownFormat",
-    "Mime::Type::InvalidMimeType",
-    "ActionController::MissingExactTemplate",
-    "ActionController::InvalidAuthenticityToken",
-    "ActionController::InvalidCrossOriginRequest",
-    "ActionDispatch::Http::Parameters::ParseError",
-    "ActionController::BadRequest",
-    "ActionController::ParameterMissing",
-    "Rack::QueryParser::ParameterTypeError",
-    "Rack::QueryParser::InvalidParameterError",
-    # Default ActiveRecord rescue responses
-    "ActiveRecord::RecordNotFound",
-    "ActiveRecord::StaleObjectError",
-    "ActiveRecord::RecordInvalid",
-    "ActiveRecord::RecordNotSaved",
-    # Additional items
-    "ActiveJob::DeserializationError",
-    "CGI::Session::CookieStore::TamperedWithCookie",
-    "GdsApi::HTTPIntermittentServerError",
-    "GdsApi::TimedOutException",
-    "Mongoid::Errors::DocumentNotFound",
-    "Sinatra::NotFound",
-    "Slimmer::IntermittentRetrievalError",
-  ]
-
-  # This will exclude exceptions that are triggered by one of the ignored
-  # exceptions. For example, when any exception occurs in a template,
-  # Rails will raise a ActionView::Template::Error, instead of the original error.
-  config.inspect_exception_causes_for_exclusion = true
-
-  # List of exceptions to ignore if they take place during the data sync.
-  # Some errors are transient in nature, e.g. PostgreSQL databases being
-  # unavailable, and add little value. In fact, their presence can greatly
-  # increase the number of errors being sent and risk genuine errors being
-  # rate-limited by Sentry.
-  config.data_sync_excluded_exceptions = [
-    "PG::Error",
-    "GdsApi::ContentStore::ItemNotFound",
-  ]
-
-  config.before_send = lambda { |error_or_event, _hint|
-    error_or_event
-  }
-
-  config.transport_failure_callback = proc {
-    GovukStatsd.increment("error_reports_failed")
-  }
-end