govuk_app_config 4.0.0.pre.2 → 4.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +34 -3
- data/README.md +1 -1
- data/govuk_app_config.gemspec +1 -0
- data/lib/govuk_app_config/govuk_content_security_policy.rb +8 -2
- data/lib/govuk_app_config/govuk_error/configuration.rb +68 -10
- data/lib/govuk_app_config/govuk_error.rb +22 -3
- data/lib/govuk_app_config/railtie.rb +4 -0
- data/lib/govuk_app_config/version.rb +1 -1
- data/lib/govuk_app_config.rb +0 -1
- metadata +18 -5
- data/lib/govuk_app_config/govuk_error/configure.rb +0 -62
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: dec546dba47c5e140f91e24295182136a5aeaa7cd48cd9742d1aebfd09210b8a
|
4
|
+
data.tar.gz: 743c630cff5a8e8755864cc937309c3cc88042c9526c6ec21fb8c01497d3fc4f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 42d6afcd7e29cea665780034dca057062c3311e7cea2117c8d6e5e7a17224276d255dc91a7ceb918cc22a782395a63e9c3975bdd5dac9e5566ad735dffc31507
|
7
|
+
data.tar.gz: 8e50c7bdd187c325c76c22b1290938bbdbc84369d65b5f396730b184af5cda1549a623956bf9fa09b7b2d81edad93c60489fbb72546acc656ec265f5b8bac049
|
data/CHANGELOG.md
CHANGED
@@ -1,14 +1,45 @@
|
|
1
|
-
# 4.0.
|
1
|
+
# 4.0.1
|
2
|
+
|
3
|
+
- Update Content Security Policy with new klick2contact.com subdomain ([#213](https://github.com/alphagov/govuk_app_config/pull/213)).
|
4
|
+
|
5
|
+
# 4.0.0
|
6
|
+
|
7
|
+
- BREAKING: replaces deprecated `sentry-raven` with `sentry-ruby` and `sentry-rails`. Follow the **[migration guide](https://docs.sentry.io/platforms/ruby/migration/)** before upgrading to this version of govuk_app_config to ensure full compatibility with the new gems.
|
8
|
+
- BREAKING: `GovukError.configure` can only be called once, and non-Rails apps will have to manually call `GovukError.configure` in order to initialise Sentry.
|
9
|
+
- BREAKING: apps will no longer increment the `error_reports_failed` statsd if events fail to get sent to Sentry.
|
10
|
+
- BREAKING: the behaviour of `before_send` has changed, and the `should_capture` method is deprecated.
|
11
|
+
- See pre-release notes below for details.
|
12
|
+
- PR: [#212](https://github.com/alphagov/govuk_app_config/pull/212)
|
13
|
+
|
14
|
+
# 4.0.0.pre.4
|
15
|
+
|
16
|
+
- Fix Sentry client initialisation ([#205](https://github.com/alphagov/govuk_app_config/pull/205)).
|
17
|
+
- BREAKING: non-Rails apps will need to manually call `GovukError.configure` in order to initialise Sentry.
|
18
|
+
- BREAKING: `GovukError.configure` can only be called once by the downstream application.
|
19
|
+
|
20
|
+
# 4.0.0.pre.3
|
21
|
+
|
22
|
+
- Include [sentry-rails](https://github.com/getsentry/sentry-ruby/tree/master/sentry-rails) by default ([#203](https://github.com/alphagov/govuk_app_config/pull/203)).
|
23
|
+
|
24
|
+
# 4.0.0.pre.2
|
2
25
|
|
3
26
|
- Fix default Sentry configuration ([#202](https://github.com/alphagov/govuk_app_config/pull/202)).
|
4
27
|
- BREAKING: this means no more `silence_ready` or `transport_failure_callback` options.
|
5
28
|
|
6
|
-
# 4.0.0.pre
|
29
|
+
# 4.0.0.pre.1
|
7
30
|
|
8
31
|
- BREAKING: upgrades Sentry gem from `sentry-raven` to `sentry-ruby` ([#199](https://github.com/alphagov/govuk_app_config/pull/199)). There is a **[migration guide](https://docs.sentry.io/platforms/ruby/migration/)** you should follow before upgrading to this version of govuk_app_config.
|
9
|
-
- This release also fixes the `data_sync_excluded_exceptions` behaviour that
|
32
|
+
- This release also fixes the `data_sync_excluded_exceptions` behaviour that was broken in v3.1.0 (later fixed in v3.3.0, which was released after 4.0.0.pre.1).
|
10
33
|
- Released as a pre-release to identify and fix any problems before a wider rollout.
|
11
34
|
|
35
|
+
# 3.3.0
|
36
|
+
|
37
|
+
- Revert the `should_capture`/`before_send` consolidation introduced in 3.1.0. This fixes the `data_sync_excluded_exceptions` behaviour that has been broken since v3.1.0. ([#211](https://github.com/alphagov/govuk_app_config/pull/211))
|
38
|
+
|
39
|
+
# 3.2.0
|
40
|
+
|
41
|
+
- Add Speedcurve's LUX to connect-src policy ([#206](https://github.com/alphagov/govuk_app_config/pull/206))
|
42
|
+
|
12
43
|
# 3.1.1
|
13
44
|
|
14
45
|
- Fix the new before_send behaviour & tests, and add documentation ([#197](https://github.com/alphagov/govuk_app_config/pull/197))
|
data/README.md
CHANGED
@@ -87,7 +87,7 @@ You can add your environment to the list of active Sentry environments like so:
|
|
87
87
|
|
88
88
|
```ruby
|
89
89
|
GovukError.configure do |config|
|
90
|
-
config.
|
90
|
+
config.enabled_environments << "my-test-environment"
|
91
91
|
end
|
92
92
|
```
|
93
93
|
|
data/govuk_app_config.gemspec
CHANGED
@@ -21,6 +21,7 @@ Gem::Specification.new do |spec|
|
|
21
21
|
spec.require_paths = %w[lib]
|
22
22
|
|
23
23
|
spec.add_dependency "logstasher", ">= 1.2.2", "< 2.2.0"
|
24
|
+
spec.add_dependency "sentry-rails", "~> 4.5.0"
|
24
25
|
spec.add_dependency "sentry-ruby", "~> 4.5.0"
|
25
26
|
spec.add_dependency "statsd-ruby", "~> 1.5.0"
|
26
27
|
spec.add_dependency "unicorn", ">= 5.4", "< 5.9"
|
@@ -76,9 +76,15 @@ module GovukContentSecurityPolicy
|
|
76
76
|
# Allow JSON call to Nuance - HMRC web chat provider
|
77
77
|
"hmrc-uk.digital.nuance.com",
|
78
78
|
# Allow JSON call to klick2contact - HMPO web chat provider
|
79
|
-
"
|
79
|
+
"hmpowebchat.klick2contact.com",
|
80
80
|
# Allow connecting to Verify to check whether the user is logged in
|
81
|
-
"www.signin.service.gov.uk"
|
81
|
+
"www.signin.service.gov.uk",
|
82
|
+
# Allow connection to Speedcurve's CDN for LUX - used for
|
83
|
+
# real user metrics on GOV.UK. This loads using an image
|
84
|
+
# (see image policy), but returns a JavaScript file -
|
85
|
+
# which is why this has to be added to the `connect-src`
|
86
|
+
# policy as well.
|
87
|
+
"lux.speedcurve.com"
|
82
88
|
|
83
89
|
# Disallow all <object>, <embed>, and <applet> elements
|
84
90
|
#
|
@@ -3,20 +3,82 @@ require "govuk_app_config/govuk_error/govuk_data_sync"
|
|
3
3
|
|
4
4
|
module GovukError
|
5
5
|
class Configuration < SimpleDelegator
|
6
|
-
attr_reader :data_sync
|
7
|
-
attr_accessor :
|
6
|
+
attr_reader :data_sync
|
7
|
+
attr_accessor :data_sync_excluded_exceptions
|
8
8
|
|
9
9
|
def initialize(_sentry_configuration)
|
10
10
|
super
|
11
|
-
@sentry_environment = ENV["SENTRY_CURRENT_ENV"]
|
12
11
|
@data_sync = GovukDataSync.new(ENV["GOVUK_DATA_SYNC_PERIOD"])
|
13
|
-
|
14
|
-
|
12
|
+
set_up_defaults
|
13
|
+
end
|
14
|
+
|
15
|
+
def set_up_defaults
|
16
|
+
# These are the environments (described by the `SENTRY_CURRENT_ENV`
|
17
|
+
# ENV variable) where we want to capture Sentry errors. If
|
18
|
+
# `SENTRY_CURRENT_ENV` isn't in this list, or isn't defined, then
|
19
|
+
# don't capture the error.
|
20
|
+
self.enabled_environments = %w[
|
21
|
+
integration-blue-aws
|
22
|
+
staging
|
23
|
+
production
|
24
|
+
]
|
25
|
+
|
26
|
+
self.excluded_exceptions = [
|
27
|
+
# Default ActionDispatch rescue responses
|
28
|
+
"ActionController::RoutingError",
|
29
|
+
"AbstractController::ActionNotFound",
|
30
|
+
"ActionController::MethodNotAllowed",
|
31
|
+
"ActionController::UnknownHttpMethod",
|
32
|
+
"ActionController::NotImplemented",
|
33
|
+
"ActionController::UnknownFormat",
|
34
|
+
"Mime::Type::InvalidMimeType",
|
35
|
+
"ActionController::MissingExactTemplate",
|
36
|
+
"ActionController::InvalidAuthenticityToken",
|
37
|
+
"ActionController::InvalidCrossOriginRequest",
|
38
|
+
"ActionDispatch::Http::Parameters::ParseError",
|
39
|
+
"ActionController::BadRequest",
|
40
|
+
"ActionController::ParameterMissing",
|
41
|
+
"Rack::QueryParser::ParameterTypeError",
|
42
|
+
"Rack::QueryParser::InvalidParameterError",
|
43
|
+
# Default ActiveRecord rescue responses
|
44
|
+
"ActiveRecord::RecordNotFound",
|
45
|
+
"ActiveRecord::StaleObjectError",
|
46
|
+
"ActiveRecord::RecordInvalid",
|
47
|
+
"ActiveRecord::RecordNotSaved",
|
48
|
+
# Additional items
|
49
|
+
"ActiveJob::DeserializationError",
|
50
|
+
"CGI::Session::CookieStore::TamperedWithCookie",
|
51
|
+
"GdsApi::HTTPIntermittentServerError",
|
52
|
+
"GdsApi::TimedOutException",
|
53
|
+
"Mongoid::Errors::DocumentNotFound",
|
54
|
+
"Sinatra::NotFound",
|
55
|
+
"Slimmer::IntermittentRetrievalError",
|
56
|
+
]
|
57
|
+
|
58
|
+
# This will exclude exceptions that are triggered by one of the ignored
|
59
|
+
# exceptions. For example, when any exception occurs in a template,
|
60
|
+
# Rails will raise a ActionView::Template::Error, instead of the original error.
|
61
|
+
self.inspect_exception_causes_for_exclusion = true
|
62
|
+
|
63
|
+
# List of exceptions to ignore if they take place during the data sync.
|
64
|
+
# Some errors are transient in nature, e.g. PostgreSQL databases being
|
65
|
+
# unavailable, and add little value. In fact, their presence can greatly
|
66
|
+
# increase the number of errors being sent and risk genuine errors being
|
67
|
+
# rate-limited by Sentry.
|
68
|
+
self.data_sync_excluded_exceptions = [
|
69
|
+
"PG::Error",
|
70
|
+
"GdsApi::ContentStore::ItemNotFound",
|
71
|
+
]
|
72
|
+
|
15
73
|
@before_send_callbacks = [
|
16
|
-
ignore_exceptions_if_not_in_active_sentry_env,
|
17
74
|
ignore_excluded_exceptions_in_data_sync,
|
18
75
|
increment_govuk_statsd_counters,
|
19
76
|
]
|
77
|
+
# Need to invoke an arbitrary `before_send=` in order to trigger the
|
78
|
+
# `before_send_callbacks` behaviour
|
79
|
+
self.before_send = lambda { |error_or_event, _hint|
|
80
|
+
error_or_event
|
81
|
+
}
|
20
82
|
end
|
21
83
|
|
22
84
|
def before_send=(closure)
|
@@ -26,10 +88,6 @@ module GovukError
|
|
26
88
|
|
27
89
|
protected
|
28
90
|
|
29
|
-
def ignore_exceptions_if_not_in_active_sentry_env
|
30
|
-
->(event, _hint) { event if active_sentry_environments.include?(sentry_environment) }
|
31
|
-
end
|
32
|
-
|
33
91
|
def ignore_excluded_exceptions_in_data_sync
|
34
92
|
lambda { |event, hint|
|
35
93
|
data_sync_ignored_error = data_sync_excluded_exceptions.any? do |exception_to_ignore|
|
@@ -1,9 +1,16 @@
|
|
1
1
|
require "sentry-ruby"
|
2
|
+
require "sentry-rails"
|
2
3
|
require "govuk_app_config/govuk_statsd"
|
3
4
|
require "govuk_app_config/govuk_error/configuration"
|
4
5
|
require "govuk_app_config/version"
|
5
6
|
|
6
7
|
module GovukError
|
8
|
+
class AlreadyInitialised < StandardError
|
9
|
+
def initialize(msg = "You can only call GovukError.configure once!")
|
10
|
+
super
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
7
14
|
def self.notify(exception_or_message, args = {})
|
8
15
|
# Allow users to use `parameters` as a key like the Airbrake
|
9
16
|
# client, allowing easy upgrades.
|
@@ -13,11 +20,23 @@ module GovukError
|
|
13
20
|
args[:tags] ||= {}
|
14
21
|
args[:tags][:govuk_app_config_version] = GovukAppConfig::VERSION
|
15
22
|
|
16
|
-
|
23
|
+
if exception_or_message.is_a?(String)
|
24
|
+
Sentry.capture_message(exception_or_message, args)
|
25
|
+
else
|
26
|
+
Sentry.capture_exception(exception_or_message, args)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
def self.is_configured?
|
31
|
+
Sentry.get_current_client != nil
|
17
32
|
end
|
18
33
|
|
19
34
|
def self.configure
|
20
|
-
|
21
|
-
|
35
|
+
raise GovukError::AlreadyInitialised if is_configured?
|
36
|
+
|
37
|
+
Sentry.init do |sentry_config|
|
38
|
+
config = Configuration.new(sentry_config)
|
39
|
+
yield config if block_given?
|
40
|
+
end
|
22
41
|
end
|
23
42
|
end
|
data/lib/govuk_app_config.rb
CHANGED
@@ -1,7 +1,6 @@
|
|
1
1
|
require "govuk_app_config/version"
|
2
2
|
require "govuk_app_config/govuk_statsd"
|
3
3
|
require "govuk_app_config/govuk_error"
|
4
|
-
require "govuk_app_config/govuk_error/configure"
|
5
4
|
require "govuk_app_config/govuk_healthcheck"
|
6
5
|
require "govuk_app_config/govuk_i18n"
|
7
6
|
# This require is deprecated and should be removed on next major version bump
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: govuk_app_config
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.0.
|
4
|
+
version: 4.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- GOV.UK Dev
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-06
|
11
|
+
date: 2021-10-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: logstasher
|
@@ -30,6 +30,20 @@ dependencies:
|
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: 2.2.0
|
33
|
+
- !ruby/object:Gem::Dependency
|
34
|
+
name: sentry-rails
|
35
|
+
requirement: !ruby/object:Gem::Requirement
|
36
|
+
requirements:
|
37
|
+
- - "~>"
|
38
|
+
- !ruby/object:Gem::Version
|
39
|
+
version: 4.5.0
|
40
|
+
type: :runtime
|
41
|
+
prerelease: false
|
42
|
+
version_requirements: !ruby/object:Gem::Requirement
|
43
|
+
requirements:
|
44
|
+
- - "~>"
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: 4.5.0
|
33
47
|
- !ruby/object:Gem::Dependency
|
34
48
|
name: sentry-ruby
|
35
49
|
requirement: !ruby/object:Gem::Requirement
|
@@ -230,7 +244,6 @@ files:
|
|
230
244
|
- lib/govuk_app_config/govuk_content_security_policy.rb
|
231
245
|
- lib/govuk_app_config/govuk_error.rb
|
232
246
|
- lib/govuk_app_config/govuk_error/configuration.rb
|
233
|
-
- lib/govuk_app_config/govuk_error/configure.rb
|
234
247
|
- lib/govuk_app_config/govuk_error/govuk_data_sync.rb
|
235
248
|
- lib/govuk_app_config/govuk_healthcheck.rb
|
236
249
|
- lib/govuk_app_config/govuk_healthcheck/active_record.rb
|
@@ -261,9 +274,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
261
274
|
version: '2.6'
|
262
275
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
263
276
|
requirements:
|
264
|
-
- - "
|
277
|
+
- - ">="
|
265
278
|
- !ruby/object:Gem::Version
|
266
|
-
version:
|
279
|
+
version: '0'
|
267
280
|
requirements: []
|
268
281
|
rubygems_version: 3.0.3
|
269
282
|
signing_key:
|
@@ -1,62 +0,0 @@
|
|
1
|
-
GovukError.configure do |config|
|
2
|
-
# These are the environments (described by the `SENTRY_CURRENT_ENV`
|
3
|
-
# ENV variable) where we want to capture Sentry errors. If
|
4
|
-
# `SENTRY_CURRENT_ENV` isn't in this list, or isn't defined, then
|
5
|
-
# don't capture the error.
|
6
|
-
config.active_sentry_environments = %w[
|
7
|
-
integration-blue-aws
|
8
|
-
staging
|
9
|
-
production
|
10
|
-
]
|
11
|
-
|
12
|
-
config.excluded_exceptions = [
|
13
|
-
# Default ActionDispatch rescue responses
|
14
|
-
"ActionController::RoutingError",
|
15
|
-
"AbstractController::ActionNotFound",
|
16
|
-
"ActionController::MethodNotAllowed",
|
17
|
-
"ActionController::UnknownHttpMethod",
|
18
|
-
"ActionController::NotImplemented",
|
19
|
-
"ActionController::UnknownFormat",
|
20
|
-
"Mime::Type::InvalidMimeType",
|
21
|
-
"ActionController::MissingExactTemplate",
|
22
|
-
"ActionController::InvalidAuthenticityToken",
|
23
|
-
"ActionController::InvalidCrossOriginRequest",
|
24
|
-
"ActionDispatch::Http::Parameters::ParseError",
|
25
|
-
"ActionController::BadRequest",
|
26
|
-
"ActionController::ParameterMissing",
|
27
|
-
"Rack::QueryParser::ParameterTypeError",
|
28
|
-
"Rack::QueryParser::InvalidParameterError",
|
29
|
-
# Default ActiveRecord rescue responses
|
30
|
-
"ActiveRecord::RecordNotFound",
|
31
|
-
"ActiveRecord::StaleObjectError",
|
32
|
-
"ActiveRecord::RecordInvalid",
|
33
|
-
"ActiveRecord::RecordNotSaved",
|
34
|
-
# Additional items
|
35
|
-
"ActiveJob::DeserializationError",
|
36
|
-
"CGI::Session::CookieStore::TamperedWithCookie",
|
37
|
-
"GdsApi::HTTPIntermittentServerError",
|
38
|
-
"GdsApi::TimedOutException",
|
39
|
-
"Mongoid::Errors::DocumentNotFound",
|
40
|
-
"Sinatra::NotFound",
|
41
|
-
"Slimmer::IntermittentRetrievalError",
|
42
|
-
]
|
43
|
-
|
44
|
-
# This will exclude exceptions that are triggered by one of the ignored
|
45
|
-
# exceptions. For example, when any exception occurs in a template,
|
46
|
-
# Rails will raise a ActionView::Template::Error, instead of the original error.
|
47
|
-
config.inspect_exception_causes_for_exclusion = true
|
48
|
-
|
49
|
-
# List of exceptions to ignore if they take place during the data sync.
|
50
|
-
# Some errors are transient in nature, e.g. PostgreSQL databases being
|
51
|
-
# unavailable, and add little value. In fact, their presence can greatly
|
52
|
-
# increase the number of errors being sent and risk genuine errors being
|
53
|
-
# rate-limited by Sentry.
|
54
|
-
config.data_sync_excluded_exceptions = [
|
55
|
-
"PG::Error",
|
56
|
-
"GdsApi::ContentStore::ItemNotFound",
|
57
|
-
]
|
58
|
-
|
59
|
-
config.before_send = lambda { |error_or_event, _hint|
|
60
|
-
error_or_event
|
61
|
-
}
|
62
|
-
end
|