govuk_app_config 9.5.0 → 9.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +10 -0
- data/CHANGELOG.md +8 -0
- data/README.md +14 -0
- data/govuk_app_config.gemspec +1 -1
- data/lib/govuk_app_config/govuk_content_security_policy.rb +2 -1
- data/lib/govuk_app_config/govuk_json_logging.rb +19 -1
- data/lib/govuk_app_config/version.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 87265c446c96df0dfc6e7ce62e6e7f645c76af7b335426adc7db55bb5426ef5d
|
|
4
|
+
data.tar.gz: a78f518813885bf16b6e78c9351102c6b2dc5eb896c23a0913bb870a05bc2118
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2ca052131a146360a268ccc50762f8482342df275e0540b42b36eae8f5a87c9e4daaa403e24b4258bd2a67104b5426af29f0d5b1ec7213bec1c43518a802d068
|
|
7
|
+
data.tar.gz: b9301f60612daed32d37c6ed82d7f20250dacb9de5e68a270c9c9b1834801ffaf739f5c84219debd016728f9e78882494853e914abcb1556dd32491793d06041
|
data/.github/workflows/ci.yml
CHANGED
|
@@ -11,6 +11,16 @@ on:
|
|
|
11
11
|
type: string
|
|
12
12
|
|
|
13
13
|
jobs:
|
|
14
|
+
codeql-sast:
|
|
15
|
+
name: CodeQL SAST scan
|
|
16
|
+
uses: alphagov/govuk-infrastructure/.github/workflows/codeql-analysis.yml@main
|
|
17
|
+
permissions:
|
|
18
|
+
security-events: write
|
|
19
|
+
|
|
20
|
+
dependency-review:
|
|
21
|
+
name: Dependency Review scan
|
|
22
|
+
uses: alphagov/govuk-infrastructure/.github/workflows/dependency-review.yml@main
|
|
23
|
+
|
|
14
24
|
# Run the test suite against multiple Ruby and Rails versions
|
|
15
25
|
test_matrix:
|
|
16
26
|
strategy:
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,11 @@
|
|
|
1
|
+
# 9.7.0
|
|
2
|
+
|
|
3
|
+
* Enable adding custom LogStasher fields from apps ([#327](https://github.com/alphagov/govuk_app_config/pull/327))
|
|
4
|
+
|
|
5
|
+
# 9.6.0
|
|
6
|
+
|
|
7
|
+
* Allow YouTube thumbnails from https://i.ytimg.com in the global Content Security Policy ([#328](https://github.com/alphagov/govuk_app_config/pull/328))
|
|
8
|
+
|
|
1
9
|
# 9.5.0
|
|
2
10
|
|
|
3
11
|
* Allow gov.uk domains to embed pages in the global Content Security Policy ([#325](https://github.com/alphagov/govuk_app_config/pull/325))
|
data/README.md
CHANGED
|
@@ -149,6 +149,20 @@ allow JSON format logs and `Govuk-Request-Id` to be visible.
|
|
|
149
149
|
For development logs, in order to see the production style logs, developers should
|
|
150
150
|
set `GOVUK_RAILS_JSON_LOGGING`in `govuk-docker` -> `docker-compose` files.
|
|
151
151
|
|
|
152
|
+
### Logger configuration
|
|
153
|
+
|
|
154
|
+
To include additional custom fields in your Rails logs, you can declare them
|
|
155
|
+
within a `GovukJsonLogging.configure` block in a `config/initializers/` file.
|
|
156
|
+
|
|
157
|
+
Example of adding a key/value to log entries based on a request header:
|
|
158
|
+
|
|
159
|
+
```ruby
|
|
160
|
+
GovukJsonLogging.configure do
|
|
161
|
+
add_custom_fields do |fields|
|
|
162
|
+
fields[:govuk_custom_field] = request.headers["GOVUK-Custom-Header"]
|
|
163
|
+
end
|
|
164
|
+
end
|
|
165
|
+
```
|
|
152
166
|
|
|
153
167
|
## Content Security Policy generation
|
|
154
168
|
|
data/govuk_app_config.gemspec
CHANGED
|
@@ -22,7 +22,7 @@ Gem::Specification.new do |spec|
|
|
|
22
22
|
|
|
23
23
|
spec.add_dependency "logstasher", "~> 2.1"
|
|
24
24
|
spec.add_dependency "opentelemetry-exporter-otlp", ">= 0.25", "< 0.27"
|
|
25
|
-
spec.add_dependency "opentelemetry-instrumentation-all", ">= 0.39.1", "< 0.
|
|
25
|
+
spec.add_dependency "opentelemetry-instrumentation-all", ">= 0.39.1", "< 0.52.0"
|
|
26
26
|
spec.add_dependency "opentelemetry-sdk", "~> 1.2"
|
|
27
27
|
spec.add_dependency "plek", ">= 4", "< 6"
|
|
28
28
|
spec.add_dependency "prometheus_exporter", "~> 2.0"
|
|
@@ -41,7 +41,8 @@ module GovukContentSecurityPolicy
|
|
|
41
41
|
# Some content still links to an old domain we used to use
|
|
42
42
|
"assets.digital.cabinet-office.gov.uk",
|
|
43
43
|
# Allow YouTube thumbnails
|
|
44
|
-
"https://img.youtube.com"
|
|
44
|
+
"https://img.youtube.com",
|
|
45
|
+
"https://i.ytimg.com"
|
|
45
46
|
|
|
46
47
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src
|
|
47
48
|
# Note: we purposely don't include `data:`, `unsafe-inline` or `unsafe-eval` because
|
|
@@ -3,7 +3,23 @@ require "logstasher"
|
|
|
3
3
|
require "action_controller"
|
|
4
4
|
|
|
5
5
|
module GovukJsonLogging
|
|
6
|
-
|
|
6
|
+
class Configuration
|
|
7
|
+
def initialize
|
|
8
|
+
@custom_fields_block = proc {}
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
attr_reader :custom_fields_block
|
|
12
|
+
|
|
13
|
+
def add_custom_fields(&block)
|
|
14
|
+
@custom_fields_block = block if block_given?
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def self.configure(&block)
|
|
19
|
+
configuration = Configuration.new
|
|
20
|
+
|
|
21
|
+
configuration.instance_eval(&block) if block_given?
|
|
22
|
+
|
|
7
23
|
# We disable buffering, so that logs aren't lost on crash or delayed
|
|
8
24
|
# indefinitely while troubleshooting.
|
|
9
25
|
$stdout.sync = true
|
|
@@ -31,6 +47,8 @@ module GovukJsonLogging
|
|
|
31
47
|
fields[:govuk_request_id] = request.headers["GOVUK-Request-Id"]
|
|
32
48
|
fields[:varnish_id] = request.headers["X-Varnish"]
|
|
33
49
|
fields[:govuk_app_config] = GovukAppConfig::VERSION
|
|
50
|
+
|
|
51
|
+
instance_exec(fields, &configuration.custom_fields_block) if block_given?
|
|
34
52
|
end
|
|
35
53
|
|
|
36
54
|
Rails.application.config.logstasher.enabled = true
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: govuk_app_config
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 9.
|
|
4
|
+
version: 9.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- GOV.UK Dev
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-11-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: logstasher
|
|
@@ -53,7 +53,7 @@ dependencies:
|
|
|
53
53
|
version: 0.39.1
|
|
54
54
|
- - "<"
|
|
55
55
|
- !ruby/object:Gem::Version
|
|
56
|
-
version: 0.
|
|
56
|
+
version: 0.52.0
|
|
57
57
|
type: :runtime
|
|
58
58
|
prerelease: false
|
|
59
59
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -63,7 +63,7 @@ dependencies:
|
|
|
63
63
|
version: 0.39.1
|
|
64
64
|
- - "<"
|
|
65
65
|
- !ruby/object:Gem::Version
|
|
66
|
-
version: 0.
|
|
66
|
+
version: 0.52.0
|
|
67
67
|
- !ruby/object:Gem::Dependency
|
|
68
68
|
name: opentelemetry-sdk
|
|
69
69
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -375,7 +375,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
375
375
|
- !ruby/object:Gem::Version
|
|
376
376
|
version: '0'
|
|
377
377
|
requirements: []
|
|
378
|
-
rubygems_version: 3.4.
|
|
378
|
+
rubygems_version: 3.4.22
|
|
379
379
|
signing_key:
|
|
380
380
|
specification_version: 4
|
|
381
381
|
summary: Base configuration for GOV.UK applications
|