scout_apm 2.6.5 → 2.6.10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 41f15f4e7f91d0274a280b34d03697ff422963a39bcadc9f9056f6380b949603
-  data.tar.gz: c76090db49ba3f24ea685ccf61c0fbe17555affe556d947990cb584bb8f56bb5
+  metadata.gz: 503d33cb7c689cb239c328bee4ba2a1df380df703f3e3a6f5f843676b9bff0e4
+  data.tar.gz: 444e240dc8c4922ee932684c1c10b3fb5d658e96228c901b33a9a5ca3cb1e469
 SHA512:
-  metadata.gz: b33379d021bbb49e1c2c60ca0c1a72f4603539142830b92f3846e87fdf9c9d2244e73dd0be5a84fc567945ca028b62450f48dbfd6fdc0fcab81eb6d44f82bab9
-  data.tar.gz: 35183553754b6a56397ff10579f014abf168c1b3ef83c22318c691ba6ab2798d6a4264e7d17270b318fe43c0ea5a61ab75c025b974354b10f4f5b1395ad77bb5
+  metadata.gz: 715c6a3f044d2091207667fc6a9857573da528cf03ee5d64ccb758c10ec387b49829a891ae43bb51b444077c898f57fc73257f2d963407820ed7114fdedb52c4
+  data.tar.gz: 373b60dc42e0417e6003698c143138ff50024802285ff3754cc706efc1bc305a941fddbe27e6a471d8f09b3ffc84b5a3cfb43e57a1715968d7cac47ee069f5b3

data/CHANGELOG.markdown

@@ -1,3 +1,31 @@
+# 2.6.10
+
+* Fix an edge case in JSON serialization (#360)
+
+# 2.6.9
+
+* Add `ssl_cert_file` config option (#352)
+* Improve sanitization of Postgres UPDATE SQL (#351)
+* Allow custom URL sanitization (#341)
+
+# 2.6.8
+
+* Lock rake version for 1.8.7 to older version (#329)
+* Delete unneeded .DS_Store file that snuck in (#334)
+* Fix typo in "queue_time_ms"
+* Fix Rails 6 deprecation warning at boot time (#337)
+* Fix partial naming on Rails 6.0 (#339)
+* Support Sidekiq 6.1 instrumentation (#340)
+
+# 2.6.7
+
+* Remove accidental call to `as_json`
+
+# 2.6.6
+
+* Add basic support for parsing Microsoft SQLServer queries (#317)
+* Refine Postgresql Sanitization with subqueries and JSON operations (#262)
+
 # 2.6.5
 
 * Add a tag to any requests that reach maximum number of spans (#316)

data/Gemfile

@@ -10,4 +10,8 @@ if RUBY_VERSION <= "1.8.7"
   gem "pry", "~> 0.9.12"
   gem "rake", "~> 10.5"
   gem "minitest", "~> 5.11.3"
+elsif RUBY_VERSION <= "1.9.3"
+  gem "rake", "~> 10.5"
+else
+  gem "rake", ">= 12.3.3"
 end

data/lib/scout_apm.rb

@@ -186,6 +186,16 @@ require 'scout_apm/tasks/support'
 require 'scout_apm/extensions/config'
 require 'scout_apm/extensions/transaction_callback_payload'
 
+require 'scout_apm/error_service'
+require 'scout_apm/error_service/middleware'
+require 'scout_apm/error_service/notifier'
+require 'scout_apm/error_service/sidekiq'
+require 'scout_apm/error_service/ignored_exceptions'
+require 'scout_apm/error_service/error_buffer'
+require 'scout_apm/error_service/error_record'
+require 'scout_apm/error_service/periodic_work'
+require 'scout_apm/error_service/payload'
+
 if defined?(Rails) && defined?(Rails::VERSION) && defined?(Rails::VERSION::MAJOR) && Rails::VERSION::MAJOR >= 3 && defined?(Rails::Railtie)
   module ScoutApm
     class Railtie < Rails::Railtie
@@ -205,6 +215,11 @@ if defined?(Rails) && defined?(Rails::VERSION) && defined?(Rails::VERSION::MAJOR
           ScoutApm::Agent.instance.context.logger.debug("AutoInstruments is disabled.")
         end
 
+        if ScoutApm::Agent.instance.context.config.value("errors_enabled")
+          app.config.middleware.insert_after ActionDispatch::DebugExceptions, ScoutApm::ErrorService::Middleware
+          ScoutApm::ErrorService::Sidekiq.new.install
+        end
+
         # Install the middleware every time in development mode.
         # The middleware is a noop if dev_trace is not enabled in config
         if Rails.env.development?

data/lib/scout_apm/agent.rb

@@ -66,6 +66,7 @@ module ScoutApm
 
       if context.started?
         start_background_worker unless background_worker_running?
+        start_error_service_background_worker unless error_service_background_worker_running?
         return
       end
 
@@ -81,6 +82,7 @@ module ScoutApm
       @app_server_load ||= AppServerLoad.new(context).run
 
       start_background_worker
+      start_error_service_background_worker
     end
 
     def instrument_manager
@@ -198,5 +200,25 @@ module ScoutApm
         @background_worker               &&
         @background_worker.running?
     end
+
+    # seconds to batch error reports
+    ERROR_SEND_FREQUENCY = 5
+    def start_error_service_background_worker
+      periodic_work = ScoutApm::ErrorService::PeriodicWork.new(context)
+
+      @error_service_background_worker = ScoutApm::BackgroundWorker.new(context, ERROR_SEND_FREQUENCY)
+      @error_service_background_worker_thread = Thread.new do
+        @error_service_background_worker.start { 
+          periodic_work.run
+        }
+      end
+    end
+
+    def error_service_background_worker_running?
+      @error_service_background_worker_thread          &&
+        @error_service_background_worker_thread.alive? &&
+        @error_service_background_worker               &&
+        @error_service_background_worker.running?
+    end
   end
 end

data/lib/scout_apm/agent_context.rb

@@ -142,6 +142,18 @@ module ScoutApm
       config.value('dev_trace') && environment.env == "development"
     end
 
+    ###################
+    #  Error Service  #
+    ###################
+
+    def error_buffer
+      @error_buffer ||= ScoutApm::ErrorService::ErrorBuffer.new(self)
+    end
+
+    def ignored_exceptions
+      @ignored_exceptions ||= ScoutApm::ErrorService::IgnoredExceptions.new(self, config.value('errors_ignored_exceptions'))
+    end
+
     #############
     #  Setters  #
     #############

data/lib/scout_apm/background_job_integrations/sidekiq.rb

@@ -40,10 +40,10 @@ module ScoutApm
         require 'sidekiq/processor' # sidekiq v4 has not loaded this file by this point
 
         ::Sidekiq::Processor.class_eval do
-          def initialize_with_scout(boss)
+          def initialize_with_scout(*args)
             agent = ::ScoutApm::Agent.instance
             agent.start
-            initialize_without_scout(boss)
+            initialize_without_scout(*args)
           end
 
           alias_method :initialize_without_scout, :initialize

data/lib/scout_apm/config.rb

@@ -75,11 +75,18 @@ module ScoutApm
         'revision_sha',
         'scm_subdirectory',
         'start_resque_server_instrument',
+        'ssl_cert_file',
         'uri_reporting',
         'instrument_http_url_length',
         'timeline_traces',
         'auto_instruments',
-        'auto_instruments_ignore'
+        'auto_instruments_ignore',
+
+        # Error Service Related Configuration
+        'errors_enabled',
+        'errors_ignored_exceptions',
+        'errors_filtered_params',
+        'errors_host',
     ]
 
     ################################################################################
@@ -175,6 +182,9 @@ module ScoutApm
       'timeline_traces' => BooleanCoercion.new,
       'auto_instruments' => BooleanCoercion.new,
       'auto_instruments_ignore' => JsonCoercion.new,
+      'errors_enabled' => BooleanCoercion.new,
+      'errors_ignored_exceptions' => JsonCoercion.new,
+      'errors_filtered_params' => JsonCoercion.new,
     }
 
 
@@ -284,7 +294,12 @@ module ScoutApm
         'collect_remote_ip' => true,
         'timeline_traces' => true,
         'auto_instruments' => false,
-        'auto_instruments_ignore' => []
+        'auto_instruments_ignore' => [],
+        'ssl_cert_file' => File.join( File.dirname(__FILE__), *%w[.. .. data cacert.pem] ),
+        'errors_enabled' => false,
+        'errors_ignored_exceptions' => %w(ActiveRecord::RecordNotFound ActionController::RoutingError),
+        'errors_filtered_params' => %w(password s3-key),
+        'errors_host' => 'https://errors.scoutapm.com',
       }.freeze
 
       def value(key)

data/lib/scout_apm/detailed_trace.rb

@@ -200,8 +200,9 @@ class DetailedTraceTags
     @tags = hash
   end
 
+  # @tags is already a hash, so no conversion needed
   def as_json(*)
-    @tags.as_json
+    @tags
   end
 end
 

data/lib/scout_apm/error.rb

@@ -0,0 +1,27 @@
+# Public API for the Scout Error Monitoring service
+#
+# See-Also ScoutApm::Transaction and ScoutApm::Tracing for APM related APIs
+module ScoutApm
+  module Error
+    # Capture an exception, optionally with an environment hash. This may be a
+    # Rack environment, but is not required.
+    def self.capture(exception, env={})
+      context = ScoutApm::Agent.instance.context
+
+      # Skip if error monitoring isn't enabled at all
+      if ! context.config.value("errors_enabled")
+        return false
+      end
+
+      # Skip if this one error is ignored
+      if context.ignored_exceptions.ignored?(exception)
+        return false
+      end
+
+      # Capture the error for further processing and shipping
+      context.error_buffer.capture(exception, env)
+
+      return true
+    end
+  end
+end

data/lib/scout_apm/error_service.rb

@@ -0,0 +1,32 @@
+require "net/http"
+require "net/https"
+require "uri"
+
+module ScoutApm
+  module ErrorService
+    API_VERSION = "1"
+
+    HEADERS = {
+      "Content-type" => "application/json",
+      "Accept" => "application/json"
+    }
+
+    # Public API to force a given exception to be captured.
+    # Still obeys the ignore list
+    # Used internally by SidekiqException
+    def self.capture(exception, params = {})
+      return if disabled?
+      return if ScoutApm::Agent.instance.context.ignored_exceptions.ignore?(exception)
+
+      context.errors_buffer.capture(exception, env)
+    end
+
+    def self.enabled?
+      ScoutApm::Agent.instance.context.config.value("errors_enabled")
+    end
+
+    def self.disabled?
+      !enabled?
+    end
+  end
+end

data/lib/scout_apm/error_service/error_buffer.rb

@@ -0,0 +1,39 @@
+# Holds onto exceptions, and moves them forward to shipping when appropriate
+module ScoutApm
+  module ErrorService
+    class ErrorBuffer
+      include Enumerable
+
+      attr_reader :agent_context
+
+      def initialize(agent_context)
+        @agent_context = agent_context
+        @error_records = []
+        @mutex = Monitor.new
+      end
+
+      def capture(exception, env)
+        context = ScoutApm::Context.current
+
+        @mutex.synchronize {
+          @error_records << ErrorRecord.new(agent_context, exception, env, context)
+        }
+      end
+
+      def get_and_reset_error_records
+        @mutex.synchronize {
+          ret = @error_records
+          @error_records = []
+          ret
+        }
+      end
+
+      # Enables enumerable - for count and each and similar methods
+      def each
+        @error_records.each do |error_record|
+          yield error_record
+        end
+      end
+    end
+  end
+end

data/lib/scout_apm/error_service/error_record.rb

@@ -0,0 +1,211 @@
+module ScoutApm
+  module ErrorService
+    # Converts the raw error data captured into the captured data, and holds it
+    # until it's ready to be reported.
+    class ErrorRecord
+      attr_reader :exception_class
+      attr_reader :message
+      attr_reader :request_uri
+      attr_reader :request_params
+      attr_reader :request_session
+      attr_reader :environment
+      attr_reader :trace
+      attr_reader :request_components
+      attr_reader :context
+
+      def initialize(agent_context, exception, env, context=nil)
+        @agent_context = agent_context
+
+        @context = if context
+          context.to_hash
+        else
+          {}
+        end
+
+        @exception_class = LengthLimit.new(exception.class.name).to_s
+        @message = LengthLimit.new(exception.message, 100).to_s
+        @request_uri = LengthLimit.new(rack_request_url(env), 200).to_s
+        @request_params = clean_params(env["action_dispatch.request.parameters"])
+        @request_session = clean_params(session_data(env))
+        @environment = clean_params(strip_env(env))
+        @trace = clean_backtrace(exception.backtrace)
+        @request_components = components(env)
+      end
+
+      # TODO: This is rails specific
+      def components(env)
+        components = {}
+        unless env["action_dispatch.request.parameters"].nil?
+          components[:controller] = env["action_dispatch.request.parameters"][:controller] || nil
+          components[:action] = env["action_dispatch.request.parameters"][:action] || nil
+          components[:module] = env["action_dispatch.request.parameters"][:module] || nil
+        end
+
+        # For background workers like sidekiq
+        # TODO: extract data creation for background jobs
+        components[:controller] ||= env[:custom_controller]
+
+        components
+      end
+
+      # TODO: Can I use the same thing we use in traces?
+      def rack_request_url(env)
+        protocol = rack_scheme(env)
+        protocol = protocol.nil? ? "" : "#{protocol}://"
+
+        host = env["SERVER_NAME"] || ""
+        path = env["REQUEST_URI"] || ""
+        port = env["SERVER_PORT"] || "80"
+        port = ["80", "443"].include?(port.to_s) ? "" : ":#{port}"
+
+        protocol.to_s + host.to_s + port.to_s + path.to_s
+      end
+
+      def rack_scheme(env)
+        if env["HTTPS"] == "on"
+          "https"
+        elsif env["HTTP_X_FORWARDED_PROTO"]
+          env["HTTP_X_FORWARDED_PROTO"].split(",")[0]
+        else
+          env["rack.url_scheme"]
+        end
+      end
+
+      # TODO: This name is too vague
+      def clean_params(params)
+        return if params.nil?
+
+        normalized = normalize_data(params)
+        filter_params(normalized)
+      end
+
+      # TODO: When was backtrace_cleaner introduced?
+      def clean_backtrace(backtrace)
+        if defined?(Rails) && Rails.respond_to?(:backtrace_cleaner)
+          Rails.backtrace_cleaner.send(:filter, backtrace)
+        else
+          backtrace
+        end
+      end
+
+      # Deletes params from env
+      #
+      # These are not configurable, and will leak PII info up to Scout if
+      # allowed through. Things like specific parameters can be exposed with
+      # the ScoutApm::Context interface.
+      KEYS_TO_REMOVE = [
+        "rack.request.form_hash",
+        "rack.request.form_vars",
+        "async.callback",
+
+        # Security related items
+        "action_dispatch.secret_key_base",
+        "action_dispatch.http_auth_salt",
+        "action_dispatch.signed_cookie_salt",
+        "action_dispatch.encrypted_cookie_salt",
+        "action_dispatch.encrypted_signed_cookie_salt",
+        "action_dispatch.authenticated_encrypted_cookie_salt",
+
+        # Raw data from the URL & parameters. Would bypass our normal params filtering
+        "QUERY_STRING",
+        "REQUEST_URI",
+        "REQUEST_PATH",
+        "ORIGINAL_FULLPATH",
+        "action_dispatch.request.query_parameters",
+        "action_dispatch.request.parameters",
+        "rack.request.query_string",
+        "rack.request.query_hash",
+      ]
+      def strip_env(env)
+        env.reject { |k, v| KEYS_TO_REMOVE.include?(k) }
+      end
+
+      def session_data(env)
+        session = env["action_dispatch.request.session"]
+        return if session.nil?
+
+        if session.respond_to?(:to_hash)
+          session.to_hash
+        else
+          session.data
+        end
+      end
+
+      # TODO: Rename and make this clearer. I think it maps over the whole tree of a hash, and to_s each leaf node?
+      def normalize_data(hash)
+        new_hash = {}
+
+        hash.each do |key, value|
+          if value.respond_to?(:to_hash)
+            begin
+              new_hash[key] = normalize_data(value.to_hash)
+            rescue
+              new_hash[key] = LengthLimit.new(value.to_s).to_s
+            end
+          else
+            new_hash[key] = LengthLimit.new(value.to_s).to_s
+          end
+        end
+
+        new_hash
+      end
+
+      ###################
+      # Filtering Params
+      ###################
+
+      # Replaces parameter values with a string / set in config file
+      def filter_params(params)
+        return params unless filtered_params_config
+
+        params.each do |k, v|
+          if filter_key?(k)
+            params[k] = "[FILTERED]"
+          elsif v.respond_to?(:to_hash)
+            filter_params(params[k])
+          end
+        end
+
+        params
+      end
+
+      # Check, if a key should be filtered
+      def filter_key?(key)
+        params_to_filter.any? do |filter|
+          key.to_s == filter.to_s # key.to_s.include?(filter.to_s)
+        end
+      end
+
+      def params_to_filter
+        @params_to_filter ||= filtered_params_config + rails_filtered_params
+      end
+
+      # Accessor for the filtered params config value. Will be removed as we refactor and clean up this code.
+      # TODO: Flip this over to use a new class like filtered exceptions?
+      def filtered_params_config
+        @agent_context.config.value("errors_filtered_params")
+      end
+
+      def rails_filtered_params
+        return [] unless defined?(Rails)
+        Rails.configuration.filter_parameters
+      rescue 
+        []
+      end
+
+      class LengthLimit
+        attr_reader :text
+        attr_reader :char_limit
+
+        def initialize(text, char_limit=100)
+          @text = text
+          @char_limit = char_limit
+        end
+
+        def to_s
+          text[0..char_limit]
+        end
+      end
+    end
+  end
+end