rails_pulse 0.1.0

data/config/initializers/rails_charts_csp_patch.rb

@@ -0,0 +1,83 @@
+# Monkey patch for RailsCharts CSP compliance
+# This adds nonce attributes to script tags generated by the RailsCharts gem
+
+if defined?(RailsCharts)
+  module RailsCharts
+    module CspPatch
+      def line_chart(data_source, options = {})
+        # Get the original chart HTML
+        chart_html = super(data_source, options)
+
+        # Try to get CSP nonce from various sources
+        nonce = get_csp_nonce
+
+        if nonce.present? && chart_html.present?
+          # Add nonce to all script tags in the chart HTML
+          chart_html = add_nonce_to_scripts(chart_html.to_s, nonce)
+          # Ensure the HTML is marked as safe for Rails to render
+          chart_html = chart_html.html_safe if chart_html.respond_to?(:html_safe)
+        end
+
+        chart_html
+      end
+
+      private
+
+      def get_csp_nonce
+        # Try various methods to get the CSP nonce
+        nonce = nil
+
+        # Method 1: Check for Rails 6+ CSP nonce helper
+        if respond_to?(:content_security_policy_nonce)
+          nonce = content_security_policy_nonce
+        end
+
+        # Method 2: Check for custom csp_nonce helper
+        if nonce.blank? && respond_to?(:csp_nonce)
+          nonce = csp_nonce
+        end
+
+        # Method 3: Check request environment
+        if nonce.blank? && defined?(request) && request
+          nonce = request.env["action_dispatch.content_security_policy_nonce"] ||
+                  request.env["secure_headers.content_security_policy_nonce"] ||
+                  request.env["csp_nonce"]
+        end
+
+        # Method 4: Check thread/request store
+        if nonce.blank?
+          nonce = Thread.current[:rails_pulse_csp_nonce] ||
+                  (defined?(RequestStore) && RequestStore.store[:rails_pulse_csp_nonce])
+        end
+
+        nonce.presence
+      end
+
+      def add_nonce_to_scripts(html, nonce)
+        # Use regex to add nonce to script tags that don't already have one
+        html.gsub(/<script(?![^>]*\snonce=)([^>]*)>/i) do |match|
+          # Insert nonce attribute before the closing >
+          attributes = $1
+          if attributes.strip.empty?
+            "<script nonce=\"#{nonce}\">"
+          else
+            "<script#{attributes} nonce=\"#{nonce}\">"
+          end
+        end
+      end
+    end
+  end
+end
+
+# Apply the patch to ApplicationHelper and any modules that include chart helpers
+Rails.application.config.to_prepare do
+  if defined?(RailsCharts)
+    # Patch ActionView::Base to include our CSP patch for line_chart
+    ActionView::Base.prepend(RailsCharts::CspPatch)
+
+    # Also patch any Rails Pulse helpers that might use charts
+    if defined?(RailsPulse::ApplicationHelper)
+      RailsPulse::ApplicationHelper.prepend(RailsCharts::CspPatch)
+    end
+  end
+end

data/config/initializers/rails_pulse.rb

@@ -0,0 +1,198 @@
+RailsPulse.configure do |config|
+  # ====================================================================================================
+  #                                         GLOBAL CONFIGURATION
+  # ====================================================================================================
+
+  # Enable or disable Rails Pulse
+  config.enabled = true
+
+  # ====================================================================================================
+  #                                               THRESHOLDS
+  # ====================================================================================================
+  # These thresholds are used to determine if a route, request, or query is slow, very slow, or critical.
+  # Values are in milliseconds (ms). Adjust these based on your application's performance requirements.
+
+  # Thresholds for an individual route
+  config.route_thresholds = {
+    slow:      500,
+    very_slow: 1500,
+    critical:  3000
+  }
+
+  # Thresholds for an individual request
+  config.request_thresholds = {
+    slow:      700,
+    very_slow: 2000,
+    critical:  4000
+  }
+
+  # Thresholds for an individual database query
+  config.query_thresholds = {
+    slow:      100,
+    very_slow: 500,
+    critical:  1000
+  }
+
+  # ====================================================================================================
+  #                                               FILTERING
+  # ====================================================================================================
+
+  # Asset Tracking Configuration
+  # By default, Rails Pulse ignores asset requests (images, CSS, JS files) to focus on application performance.
+  # Set track_assets to true if you want to monitor asset delivery performance.
+  config.track_assets = false
+
+  # Custom asset patterns to ignore (in addition to the built-in defaults)
+  # Only applies when track_assets is false. Add patterns for app-specific asset paths.
+  config.custom_asset_patterns = [
+    # Example: ignore specific asset directories
+    # %r{^/uploads/},
+    # %r{^/media/},
+    # "/special-assets/"
+  ]
+
+  # Rails Pulse Mount Path (optional)
+  # If Rails Pulse is mounted at a custom path, specify it here to prevent
+  # Rails Pulse from tracking its own requests. Leave as nil for default '/rails_pulse'.
+  # Examples:
+  #   config.mount_path = "/admin/monitoring"
+  config.mount_path = nil
+
+  # Manual route filtering
+  # Specify additional routes, requests, or queries to ignore from performance tracking.
+  # Each array can include strings (exact matches) or regular expressions.
+  #
+  # Examples:
+  #   config.ignored_routes   = ["/health_check", %r{^/admin}]
+  #   config.ignored_requests = ["GET /status", %r{POST /api/v1/.*}]
+  #   config.ignored_queries  = ["SELECT 1", %r{FROM \"schema_migrations\"}]
+
+  config.ignored_routes   = []
+  config.ignored_requests = []
+  config.ignored_queries  = []
+
+  # ====================================================================================================
+  #                                               CACHING
+  # ====================================================================================================
+  # Configure metric card caching to improve performance of the Rails Pulse dashboard.
+  # Caching reduces database load for expensive metric calculations.
+
+  # Enable/disable metric card caching
+  config.component_cache_enabled = true
+
+  # How long to cache metric card results
+  config.component_cache_duration = 1.hour
+
+  # ====================================================================================================
+  #                                            DATABASE CONFIGURATION
+  # ====================================================================================================
+  # Configure Rails Pulse to use a separate database for performance monitoring data.
+  # This is optional but recommended for production applications to isolate performance
+  # data from your main application database.
+  #
+  # Uncomment and configure one of the following patterns:
+
+  # Option 1: Separate single database for Rails Pulse
+  # config.connects_to = {
+  #   database: { writing: :rails_pulse, reading: :rails_pulse }
+  # }
+
+  # Option 2: Primary/replica configuration for Rails Pulse
+  # config.connects_to = {
+  #   database: { writing: :rails_pulse_primary, reading: :rails_pulse_replica }
+  # }
+
+  # Don't forget to add the database configuration to config/database.yml:
+  #
+  # production:
+  #   # ... your main database config ...
+  #   rails_pulse:
+  #     adapter: postgresql  # or mysql2, sqlite3
+  #     database: myapp_rails_pulse_production
+  #     username: rails_pulse_user
+  #     password: <%= Rails.application.credentials.dig(:rails_pulse, :database_password) %>
+  #     host: localhost
+  #     pool: 5
+
+  # ====================================================================================================
+  #                                            AUTHENTICATION
+  # ====================================================================================================
+  # Configure authentication to secure access to the Rails Pulse dashboard.
+  # Authentication is ENABLED BY DEFAULT in production environments for security.
+  #
+  # If no authentication method is configured, Rails Pulse will use HTTP Basic Auth
+  # with credentials from RAILS_PULSE_USERNAME (default: 'admin') and RAILS_PULSE_PASSWORD
+  # environment variables. Set RAILS_PULSE_PASSWORD to enable this fallback.
+  #
+  # Uncomment and configure one of the following patterns based on your authentication system:
+
+  # Enable/disable authentication (enabled by default in production)
+  # config.authentication_enabled = Rails.env.production?
+
+  # Where to redirect unauthorized users
+  # config.authentication_redirect_path = "/"
+
+  # Custom authentication method - choose one of the examples below:
+
+  # Example 1: Devise with admin role check
+  # config.authentication_method = proc {
+  #   unless user_signed_in? && current_user.admin?
+  #     redirect_to main_app.root_path, alert: "Access denied"
+  #   end
+  # }
+
+  # Example 2: Custom session-based authentication
+  # config.authentication_method = proc {
+  #   unless session[:user_id] && User.find_by(id: session[:user_id])&.admin?
+  #     redirect_to main_app.login_path, alert: "Please log in as an admin"
+  #   end
+  # }
+
+  # Example 3: Warden authentication
+  # config.authentication_method = proc {
+  #   warden.authenticate!(:scope => :admin)
+  # }
+
+  # Example 4: Basic HTTP authentication
+  # config.authentication_method = proc {
+  #   authenticate_or_request_with_http_basic do |username, password|
+  #     username == ENV['RAILS_PULSE_USERNAME'] && password == ENV['RAILS_PULSE_PASSWORD']
+  #   end
+  # }
+
+  # Example 5: Custom authorization check
+  # config.authentication_method = proc {
+  #   current_user = User.find_by(id: session[:user_id])
+  #   unless current_user&.can_access_rails_pulse?
+  #     render plain: "Forbidden", status: :forbidden
+  #   end
+  # }
+
+  # ====================================================================================================
+  #                                               DATA CLEANUP
+  # ====================================================================================================
+  # Configure automatic cleanup of old performance data to manage database size.
+  # Rails Pulse provides two cleanup mechanisms that work together:
+  #
+  # 1. Time-based cleanup: Delete records older than the retention period
+  # 2. Count-based cleanup: Keep only the specified number of records per table
+  #
+  # Cleanup order respects foreign key constraints:
+  # operations → requests → queries/routes
+
+  # Enable or disable automatic data cleanup
+  config.archiving_enabled = true
+
+  # Time-based retention - delete records older than this period
+  config.full_retention_period = 2.weeks
+
+  # Count-based retention - maximum records to keep per table
+  # After time-based cleanup, if tables still exceed these limits,
+  # the oldest remaining records will be deleted to stay under the limit
+  config.max_table_records = {
+    rails_pulse_requests: 10000,    # HTTP requests (moderate volume)
+    rails_pulse_operations: 50000,  # Operations within requests (high volume)
+    rails_pulse_routes: 1000,       # Unique routes (low volume)
+    rails_pulse_queries: 500        # Normalized SQL queries (low volume)
+  }
+end

data/config/routes.rb

@@ -0,0 +1,16 @@
+RailsPulse::Engine.routes.draw do
+  root to: "dashboard#index"
+
+  resources :routes, only: %i[index show]
+  resources :requests, only: %i[index show]
+  resources :queries, only: %i[index show]
+  resources :operations, only: %i[show]
+  resources :caches, only: %i[show], as: :cache
+  patch "pagination/limit", to: "application#set_pagination_limit"
+
+  # CSP compliance testing
+  get "csp_test", to: "csp_test#show", as: :csp_test
+
+  # Asset serving fallback
+  get "rails-pulse-assets/:asset_name", to: "assets#show", as: :asset, constraints: { asset_name: /.*/ }
+end

data/db/migrate/20250227235904_create_routes.rb

@@ -0,0 +1,12 @@
+class CreateRoutes < RailsPulse::Migration
+  def change
+    create_table :rails_pulse_routes do |t|
+      t.string :method, null: false, comment: "HTTP method (e.g., GET, POST)"
+      t.string :path, null: false, comment: "Request path (e.g., /posts/index)"
+
+      t.timestamps
+    end
+
+    add_index :rails_pulse_routes, [ :method, :path ], unique: true, name: 'index_rails_pulse_routes_on_method_and_path'
+  end
+end

data/db/migrate/20250227235915_create_requests.rb

@@ -0,0 +1,19 @@
+class CreateRequests < RailsPulse::Migration
+  def change
+    create_table :rails_pulse_requests do |t|
+      t.references :route, null: false, foreign_key: { to_table: :rails_pulse_routes }, comment: "Link to the route"
+      t.decimal :duration, precision: 15, scale: 6, null: false, comment: "Total request duration in milliseconds"
+      t.integer :status, null: false, comment: "HTTP status code (e.g., 200, 500)"
+      t.boolean :is_error, null: false, default: false, comment: "True if status >= 500"
+      t.string :request_uuid, null: false, comment: "Unique identifier for the request (e.g., UUID)"
+      t.string :controller_action, comment: "Controller and action handling the request (e.g., PostsController#show)"
+      t.timestamp :occurred_at, null: false, comment: "When the request started"
+
+      t.timestamps
+    end
+
+    add_index :rails_pulse_requests, :occurred_at, name: 'index_rails_pulse_requests_on_occurred_at'
+    add_index :rails_pulse_requests, :request_uuid, unique: true, name: 'index_rails_pulse_requests_on_request_uuid'
+    add_index :rails_pulse_requests, [ :route_id, :occurred_at ], name: 'index_rails_pulse_requests_on_route_id_and_occurred_at'
+  end
+end

data/db/migrate/20250228000000_create_queries.rb

@@ -0,0 +1,14 @@
+class CreateQueries < RailsPulse::Migration
+  def change
+    create_table :rails_pulse_queries do |t|
+      # Use string with reasonable limit instead of text to avoid MySQL index length issues
+      # 1000 characters should be sufficient for most normalized SQL queries
+      t.string :normalized_sql, limit: 1000, null: false, comment: "Normalized SQL query string (e.g., SELECT * FROM users WHERE id = ?)"
+
+      t.timestamps
+    end
+
+    # Now using string instead of text, no need for database-specific logic
+    add_index :rails_pulse_queries, :normalized_sql, unique: true, name: "index_rails_pulse_queries_on_normalized_sql", length: 191
+  end
+end

data/db/migrate/20250228000056_create_operations.rb

@@ -0,0 +1,24 @@
+class CreateOperations < RailsPulse::Migration
+  def change
+    create_table :rails_pulse_operations do |t|
+      t.references :request, null: false, foreign_key: { to_table: :rails_pulse_requests }, comment: "Link to the request"
+      t.references :query, foreign_key: { to_table: :rails_pulse_queries }, index: true, comment: "Link to the normalized SQL query"
+      t.string :operation_type, null: false, comment: "Type of operation (e.g., database, view, gem_call)"
+      t.string :label, null: false, comment: "Descriptive name (e.g., SELECT FROM users WHERE id = 1, render layout)"
+      t.decimal :duration, precision: 15, scale: 6, null: false, comment: "Operation duration in milliseconds"
+      t.string :codebase_location, comment: "File and line number (e.g., app/models/user.rb:25)"
+      t.float :start_time, null: false, default: 0.0, comment: "Operation start time in milliseconds"
+      t.timestamp :occurred_at, null: false, comment: "When the request started"
+
+      t.timestamps
+    end
+
+    add_index :rails_pulse_operations, :operation_type, name: 'index_rails_pulse_operations_on_operation_type'
+    add_index :rails_pulse_operations, :occurred_at, name: 'index_rails_pulse_operations_on_occurred_at'
+
+    # Performance indexes for queries page optimization
+    add_index :rails_pulse_operations, [ :query_id, :occurred_at ], name: 'index_rails_pulse_operations_on_query_and_time'
+    add_index :rails_pulse_operations, [ :query_id, :duration, :occurred_at ], name: 'index_rails_pulse_operations_query_performance'
+    add_index :rails_pulse_operations, [ :occurred_at, :duration, :operation_type ], name: 'index_rails_pulse_operations_on_time_duration_type'
+  end
+end

data/lib/generators/rails_pulse/install_generator.rb

@@ -0,0 +1,17 @@
+module RailsPulse
+  module Generators
+    class InstallGenerator < Rails::Generators::Base
+      source_root File.expand_path("templates", __dir__)
+
+      desc "Copies Rails Pulse migrations to the application."
+      def copy_migrations
+        rake "rails_pulse:install:migrations"
+      end
+
+      desc "Copies Rails Pulse example configuration file to the application."
+      def copy_initializer
+        copy_file "rails_pulse.rb", "config/initializers/rails_pulse.rb"
+      end
+    end
+  end
+end

data/lib/generators/rails_pulse/templates/rails_pulse.rb

@@ -0,0 +1,198 @@
+RailsPulse.configure do |config|
+  # ====================================================================================================
+  #                                         GLOBAL CONFIGURATION
+  # ====================================================================================================
+
+  # Enable or disable Rails Pulse
+  config.enabled = true
+
+  # ====================================================================================================
+  #                                               THRESHOLDS
+  # ====================================================================================================
+  # These thresholds are used to determine if a route, request, or query is slow, very slow, or critical.
+  # Values are in milliseconds (ms). Adjust these based on your application's performance requirements.
+
+  # Thresholds for an individual route
+  config.route_thresholds = {
+    slow:      500,
+    very_slow: 1500,
+    critical:  3000
+  }
+
+  # Thresholds for an individual request
+  config.request_thresholds = {
+    slow:      700,
+    very_slow: 2000,
+    critical:  4000
+  }
+
+  # Thresholds for an individual database query
+  config.query_thresholds = {
+    slow:      100,
+    very_slow: 500,
+    critical:  1000
+  }
+
+  # ====================================================================================================
+  #                                               FILTERING
+  # ====================================================================================================
+
+  # Asset Tracking Configuration
+  # By default, Rails Pulse ignores asset requests (images, CSS, JS files) to focus on application performance.
+  # Set track_assets to true if you want to monitor asset delivery performance.
+  config.track_assets = false
+
+  # Custom asset patterns to ignore (in addition to the built-in defaults)
+  # Only applies when track_assets is false. Add patterns for app-specific asset paths.
+  config.custom_asset_patterns = [
+    # Example: ignore specific asset directories
+    # %r{^/uploads/},
+    # %r{^/media/},
+    # "/special-assets/"
+  ]
+
+  # Rails Pulse Mount Path (optional)
+  # If Rails Pulse is mounted at a custom path, specify it here to prevent
+  # Rails Pulse from tracking its own requests. Leave as nil for default '/rails_pulse'.
+  # Examples:
+  #   config.mount_path = "/admin/monitoring"
+  config.mount_path = nil
+
+  # Manual route filtering
+  # Specify additional routes, requests, or queries to ignore from performance tracking.
+  # Each array can include strings (exact matches) or regular expressions.
+  #
+  # Examples:
+  #   config.ignored_routes   = ["/health_check", %r{^/admin}]
+  #   config.ignored_requests = ["GET /status", %r{POST /api/v1/.*}]
+  #   config.ignored_queries  = ["SELECT 1", %r{FROM \"schema_migrations\"}]
+
+  config.ignored_routes   = []
+  config.ignored_requests = []
+  config.ignored_queries  = []
+
+  # ====================================================================================================
+  #                                               CACHING
+  # ====================================================================================================
+  # Configure metric card caching to improve performance of the Rails Pulse dashboard.
+  # Caching reduces database load for expensive metric calculations.
+
+  # Enable/disable metric card caching
+  config.component_cache_enabled = true
+
+  # How long to cache metric card results
+  config.component_cache_duration = 1.hour
+
+  # ====================================================================================================
+  #                                            DATABASE CONFIGURATION
+  # ====================================================================================================
+  # Configure Rails Pulse to use a separate database for performance monitoring data.
+  # This is optional but recommended for production applications to isolate performance
+  # data from your main application database.
+  #
+  # Uncomment and configure one of the following patterns:
+
+  # Option 1: Separate single database for Rails Pulse
+  # config.connects_to = {
+  #   database: { writing: :rails_pulse, reading: :rails_pulse }
+  # }
+
+  # Option 2: Primary/replica configuration for Rails Pulse
+  # config.connects_to = {
+  #   database: { writing: :rails_pulse_primary, reading: :rails_pulse_replica }
+  # }
+
+  # Don't forget to add the database configuration to config/database.yml:
+  #
+  # production:
+  #   # ... your main database config ...
+  #   rails_pulse:
+  #     adapter: postgresql  # or mysql2, sqlite3
+  #     database: myapp_rails_pulse_production
+  #     username: rails_pulse_user
+  #     password: <%= Rails.application.credentials.dig(:rails_pulse, :database_password) %>
+  #     host: localhost
+  #     pool: 5
+
+  # ====================================================================================================
+  #                                            AUTHENTICATION
+  # ====================================================================================================
+  # Configure authentication to secure access to the Rails Pulse dashboard.
+  # Authentication is ENABLED BY DEFAULT in production environments for security.
+  #
+  # If no authentication method is configured, Rails Pulse will use HTTP Basic Auth
+  # with credentials from RAILS_PULSE_USERNAME (default: 'admin') and RAILS_PULSE_PASSWORD
+  # environment variables. Set RAILS_PULSE_PASSWORD to enable this fallback.
+  #
+  # Uncomment and configure one of the following patterns based on your authentication system:
+
+  # Enable/disable authentication (enabled by default in production)
+  # config.authentication_enabled = Rails.env.production?
+
+  # Where to redirect unauthorized users
+  # config.authentication_redirect_path = "/"
+
+  # Custom authentication method - choose one of the examples below:
+
+  # Example 1: Devise with admin role check
+  # config.authentication_method = proc {
+  #   unless user_signed_in? && current_user.admin?
+  #     redirect_to main_app.root_path, alert: "Access denied"
+  #   end
+  # }
+
+  # Example 2: Custom session-based authentication
+  # config.authentication_method = proc {
+  #   unless session[:user_id] && User.find_by(id: session[:user_id])&.admin?
+  #     redirect_to main_app.login_path, alert: "Please log in as an admin"
+  #   end
+  # }
+
+  # Example 3: Warden authentication
+  # config.authentication_method = proc {
+  #   warden.authenticate!(:scope => :admin)
+  # }
+
+  # Example 4: Basic HTTP authentication
+  # config.authentication_method = proc {
+  #   authenticate_or_request_with_http_basic do |username, password|
+  #     username == ENV['RAILS_PULSE_USERNAME'] && password == ENV['RAILS_PULSE_PASSWORD']
+  #   end
+  # }
+
+  # Example 5: Custom authorization check
+  # config.authentication_method = proc {
+  #   current_user = User.find_by(id: session[:user_id])
+  #   unless current_user&.can_access_rails_pulse?
+  #     render plain: "Forbidden", status: :forbidden
+  #   end
+  # }
+
+  # ====================================================================================================
+  #                                               DATA CLEANUP
+  # ====================================================================================================
+  # Configure automatic cleanup of old performance data to manage database size.
+  # Rails Pulse provides two cleanup mechanisms that work together:
+  #
+  # 1. Time-based cleanup: Delete records older than the retention period
+  # 2. Count-based cleanup: Keep only the specified number of records per table
+  #
+  # Cleanup order respects foreign key constraints:
+  # operations → requests → queries/routes
+
+  # Enable or disable automatic data cleanup
+  config.archiving_enabled = true
+
+  # Time-based retention - delete records older than this period
+  config.full_retention_period = 2.weeks
+
+  # Count-based retention - maximum records to keep per table
+  # After time-based cleanup, if tables still exceed these limits,
+  # the oldest remaining records will be deleted to stay under the limit
+  config.max_table_records = {
+    rails_pulse_requests: 10000,    # HTTP requests (moderate volume)
+    rails_pulse_operations: 50000,  # Operations within requests (high volume)
+    rails_pulse_routes: 1000,       # Unique routes (low volume)
+    rails_pulse_queries: 500        # Normalized SQL queries (low volume)
+  }
+end