diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 5aacf8ef6..400300236 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -35,6 +35,7 @@ updates: sentry: patterns: - "@sentry/*" + - "@spotlightjs/*" babel: patterns: - "@babel/*" @@ -66,6 +67,7 @@ updates: sentry: patterns: - "@sentry/*" + - "@spotlightjs/*" babel: patterns: - "@babel/*" diff --git a/authentik/events/middleware.py b/authentik/events/middleware.py index ea7e6001f..9843402ab 100644 --- a/authentik/events/middleware.py +++ b/authentik/events/middleware.py @@ -61,9 +61,6 @@ IGNORED_MODELS = ( def should_log_model(model: Model) -> bool: """Return true if operation on `model` should be logged""" - # Check for silk by string so this comparison doesn't fail when silk isn't installed - if model.__module__.startswith("silk"): - return False return model.__class__ not in IGNORED_MODELS diff --git a/authentik/lib/logging.py b/authentik/lib/logging.py index bc6e5b755..5205c568c 100644 --- a/authentik/lib/logging.py +++ b/authentik/lib/logging.py @@ -96,7 +96,6 @@ def get_logger_config(): "kubernetes": "INFO", "asyncio": "WARNING", "redis": "WARNING", - "silk": "INFO", "fsevents": "WARNING", "uvicorn": "WARNING", "gunicorn": "INFO", diff --git a/authentik/lib/sentry.py b/authentik/lib/sentry.py index 6ea34625e..e760173ce 100644 --- a/authentik/lib/sentry.py +++ b/authentik/lib/sentry.py @@ -60,6 +60,8 @@ def sentry_init(**sentry_init_kwargs): }, } kwargs.update(**sentry_init_kwargs) + if settings.DEBUG: + kwargs["spotlight"] = True # pylint: disable=abstract-class-instantiated sentry_sdk_init( dsn=CONFIG.get("error_reporting.sentry_dsn"), diff --git a/authentik/root/settings.py b/authentik/root/settings.py index c71ae37b6..2a5d1f617 100644 --- a/authentik/root/settings.py +++ b/authentik/root/settings.py @@ -480,8 +480,6 @@ _update_settings("data.user_settings") if DEBUG: CELERY["task_always_eager"] = True os.environ[ENV_GIT_HASH_KEY] = "dev" - SHARED_APPS.append("silk") - MIDDLEWARE = ["silk.middleware.SilkyMiddleware"] + MIDDLEWARE REST_FRAMEWORK["DEFAULT_RENDERER_CLASSES"].append( "rest_framework.renderers.BrowsableAPIRenderer" ) diff --git a/authentik/root/urls.py b/authentik/root/urls.py index e1874a041..b3913090a 100644 --- a/authentik/root/urls.py +++ b/authentik/root/urls.py @@ -1,5 +1,4 @@ """authentik URL Configuration""" -from django.conf import settings from django.urls import include, path from structlog.stdlib import get_logger @@ -48,8 +47,3 @@ urlpatterns += [ path("-/health/live/", LiveView.as_view(), name="health-live"), path("-/health/ready/", ReadyView.as_view(), name="health-ready"), ] - -if settings.DEBUG: - urlpatterns += [ - path("debug/silk/", include("silk.urls", namespace="silk")), - ] diff --git a/go.mod b/go.mod index d6caaad34..85015c845 100644 --- a/go.mod +++ b/go.mod @@ -4,9 +4,8 @@ go 1.21 require ( beryju.io/ldap v0.1.0 - github.com/Netflix/go-env v0.0.0-20210215222557-e437a7e7f9fb github.com/coreos/go-oidc v2.2.1+incompatible - github.com/getsentry/sentry-go v0.25.0 + github.com/getsentry/sentry-go v0.26.0 github.com/go-http-utils/etag v0.0.0-20161124023236-513ea8f21eb1 github.com/go-ldap/ldap/v3 v3.4.6 github.com/go-openapi/runtime v0.26.2 @@ -24,6 +23,7 @@ require ( github.com/pires/go-proxyproto v0.7.0 github.com/prometheus/client_golang v1.18.0 github.com/redis/go-redis/v9 v9.4.0 + github.com/sethvargo/go-envconfig v1.0.0 github.com/sirupsen/logrus v1.9.3 github.com/spf13/cobra v1.8.0 github.com/stretchr/testify v1.8.4 diff --git a/go.sum b/go.sum index 75c2a077e..560fa2ce7 100644 --- a/go.sum +++ b/go.sum @@ -37,8 +37,6 @@ github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+ github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/Netflix/go-env v0.0.0-20210215222557-e437a7e7f9fb h1:w9IDEB7P1VzNcBpOG7kMpFkZp2DkyJIUt0gDx5MBhRU= -github.com/Netflix/go-env v0.0.0-20210215222557-e437a7e7f9fb/go.mod h1:9XMFaCeRyW7fC9XJOWQ+NdAv8VLG7ys7l3x4ozEGLUQ= github.com/alexbrainman/sspi v0.0.0-20210105120005-909beea2cc74 h1:Kk6a4nehpJ3UuJRqlA3JxYxBZEqCeOmATOvrbT4p9RA= github.com/alexbrainman/sspi v0.0.0-20210105120005-909beea2cc74/go.mod h1:cEWa1LVoE5KvSD9ONXsZrj0z6KqySlCCNKHlLzbqAt4= github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= @@ -73,8 +71,8 @@ github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1m github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/getsentry/sentry-go v0.25.0 h1:q6Eo+hS+yoJlTO3uu/azhQadsD8V+jQn2D8VvX1eOyI= -github.com/getsentry/sentry-go v0.25.0/go.mod h1:lc76E2QywIyW8WuBnwl8Lc4bkmQH4+w1gwTf25trprY= +github.com/getsentry/sentry-go v0.26.0 h1:IX3++sF6/4B5JcevhdZfdKIHfyvMmAq/UnqcyT2H6mA= +github.com/getsentry/sentry-go v0.26.0/go.mod h1:lc76E2QywIyW8WuBnwl8Lc4bkmQH4+w1gwTf25trprY= github.com/go-asn1-ber/asn1-ber v1.5.5 h1:MNHlNMBDgEKD4TcKr36vQN68BA00aDfjIt3/bD50WnA= github.com/go-asn1-ber/asn1-ber v1.5.5/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= @@ -167,8 +165,8 @@ github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= @@ -264,6 +262,8 @@ github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFR github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/sethvargo/go-envconfig v1.0.0 h1:1C66wzy4QrROf5ew4KdVw942CQDa55qmlYmw9FZxZdU= +github.com/sethvargo/go-envconfig v1.0.0/go.mod h1:Lzc75ghUn5ucmcRGIdGQ33DKJrcjk4kihFYgSTBmjIc= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= diff --git a/internal/config/config.go b/internal/config/config.go index ac37d277e..a7d3eeb5d 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -1,6 +1,7 @@ package config import ( + "context" _ "embed" "errors" "fmt" @@ -10,10 +11,11 @@ import ( "reflect" "strings" - env "github.com/Netflix/go-env" + env "github.com/sethvargo/go-envconfig" log "github.com/sirupsen/logrus" - "goauthentik.io/authentik/lib" "gopkg.in/yaml.v2" + + "goauthentik.io/authentik/lib" ) var cfg *Config @@ -113,7 +115,8 @@ func (c *Config) LoadConfigFromFile(path string) error { } func (c *Config) fromEnv() error { - _, err := env.UnmarshalFromEnviron(c) + ctx := context.Background() + err := env.Process(ctx, c) if err != nil { return fmt.Errorf("failed to load environment variables: %w", err) } diff --git a/internal/config/struct.go b/internal/config/struct.go index 2931c7a7a..0964d7583 100644 --- a/internal/config/struct.go +++ b/internal/config/struct.go @@ -3,17 +3,17 @@ package config type Config struct { // Core specific config Storage StorageConfig `yaml:"storage"` - LogLevel string `yaml:"log_level" env:"AUTHENTIK_LOG_LEVEL"` - ErrorReporting ErrorReportingConfig `yaml:"error_reporting"` - Redis RedisConfig `yaml:"redis"` - Outposts OutpostConfig `yaml:"outposts"` + LogLevel string `yaml:"log_level" env:"AUTHENTIK_LOG_LEVEL, overwrite"` + ErrorReporting ErrorReportingConfig `yaml:"error_reporting" env:", prefix=AUTHENTIK_ERROR_REPORTING__"` + Redis RedisConfig `yaml:"redis" env:", prefix=AUTHENTIK_REDIS__"` + Outposts OutpostConfig `yaml:"outposts" env:", prefix=AUTHENTIK_OUTPOSTS__"` // Config for core and embedded outpost - SecretKey string `yaml:"secret_key" env:"AUTHENTIK_SECRET_KEY"` + SecretKey string `yaml:"secret_key" env:"AUTHENTIK_SECRET_KEY, overwrite"` // Config for both core and outposts - Debug bool `yaml:"debug" env:"AUTHENTIK_DEBUG"` - Listen ListenConfig `yaml:"listen"` + Debug bool `yaml:"debug" env:"AUTHENTIK_DEBUG, overwrite"` + Listen ListenConfig `yaml:"listen" env:", prefix=AUTHENTIK_LISTEN__"` // Outpost specific config // These are only relevant for proxy/ldap outposts, and cannot be set via YAML @@ -25,24 +25,24 @@ type Config struct { } type RedisConfig struct { - Host string `yaml:"host" env:"AUTHENTIK_REDIS__HOST"` - Port int `yaml:"port" env:"AUTHENTIK_REDIS__PORT"` - DB int `yaml:"db" env:"AUTHENTIK_REDIS__DB"` - Username string `yaml:"username" env:"AUTHENTIK_REDIS__USERNAME"` - Password string `yaml:"password" env:"AUTHENTIK_REDIS__PASSWORD"` - TLS bool `yaml:"tls" env:"AUTHENTIK_REDIS__TLS"` - TLSReqs string `yaml:"tls_reqs" env:"AUTHENTIK_REDIS__TLS_REQS"` + Host string `yaml:"host" env:"HOST, overwrite"` + Port int `yaml:"port" env:"PORT, overwrite"` + DB int `yaml:"db" env:"DB, overwrite"` + Username string `yaml:"username" env:"USERNAME, overwrite"` + Password string `yaml:"password" env:"PASSWORD, overwrite"` + TLS bool `yaml:"tls" env:"TLS, overwrite"` + TLSReqs string `yaml:"tls_reqs" env:"TLS_REQS, overwrite"` } type ListenConfig struct { - HTTP string `yaml:"listen_http" env:"AUTHENTIK_LISTEN__HTTP"` - HTTPS string `yaml:"listen_https" env:"AUTHENTIK_LISTEN__HTTPS"` - LDAP string `yaml:"listen_ldap" env:"AUTHENTIK_LISTEN__LDAP"` - LDAPS string `yaml:"listen_ldaps" env:"AUTHENTIK_LISTEN__LDAPS"` - Radius string `yaml:"listen_radius" env:"AUTHENTIK_LISTEN__RADIUS"` - Metrics string `yaml:"listen_metrics" env:"AUTHENTIK_LISTEN__METRICS"` - Debug string `yaml:"listen_debug" env:"AUTHENTIK_LISTEN__DEBUG"` - TrustedProxyCIDRs []string `yaml:"trusted_proxy_cidrs" env:"AUTHENTIK_LISTEN__TRUSTED_PROXY_CIDRS"` + HTTP string `yaml:"listen_http" env:"HTTP, overwrite"` + HTTPS string `yaml:"listen_https" env:"HTTPS, overwrite"` + LDAP string `yaml:"listen_ldap" env:"LDAP, overwrite"` + LDAPS string `yaml:"listen_ldaps" env:"LDAPS, overwrite"` + Radius string `yaml:"listen_radius" env:"RADIUS, overwrite"` + Metrics string `yaml:"listen_metrics" env:"METRICS, overwrite"` + Debug string `yaml:"listen_debug" env:"DEBUG, overwrite"` + TrustedProxyCIDRs []string `yaml:"trusted_proxy_cidrs" env:"TRUSTED_PROXY_CIDRS, overwrite"` } type StorageConfig struct { @@ -59,15 +59,15 @@ type StorageFileConfig struct { } type ErrorReportingConfig struct { - Enabled bool `yaml:"enabled" env:"AUTHENTIK_ERROR_REPORTING__ENABLED"` - SentryDSN string `yaml:"sentry_dsn" env:"AUTHENTIK_ERROR_REPORTING__SENTRY_DSN"` - Environment string `yaml:"environment" env:"AUTHENTIK_ERROR_REPORTING__ENVIRONMENT"` - SendPII bool `yaml:"send_pii" env:"AUTHENTIK_ERROR_REPORTING__SEND_PII"` - SampleRate float64 `yaml:"sample_rate" env:"AUTHENTIK_ERROR_REPORTING__SAMPLE_RATE"` + Enabled bool `yaml:"enabled" env:"ENABLED, overwrite"` + SentryDSN string `yaml:"sentry_dsn" env:"SENTRY_DSN, overwrite"` + Environment string `yaml:"environment" env:"ENVIRONMENT, overwrite"` + SendPII bool `yaml:"send_pii" env:"SEND_PII, overwrite"` + SampleRate float64 `yaml:"sample_rate" env:"SAMPLE_RATE, overwrite"` } type OutpostConfig struct { - ContainerImageBase string `yaml:"container_image_base" env:"AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE"` - Discover bool `yaml:"discover" env:"AUTHENTIK_OUTPOSTS__DISCOVER"` - DisableEmbeddedOutpost bool `yaml:"disable_embedded_outpost" env:"AUTHENTIK_OUTPOSTS__DISABLE_EMBEDDED_OUTPOST"` + ContainerImageBase string `yaml:"container_image_base" env:"CONTAINER_IMAGE_BASE, overwrite"` + Discover bool `yaml:"discover" env:"DISCOVER, overwrite"` + DisableEmbeddedOutpost bool `yaml:"disable_embedded_outpost" env:"DISABLE_EMBEDDED_OUTPOST, overwrite"` } diff --git a/poetry.lock b/poetry.lock index 9d5b2548a..6516c777a 100644 --- a/poetry.lock +++ b/poetry.lock @@ -326,20 +326,6 @@ six = "*" [package.extras] visualize = ["Twisted (>=16.1.1)", "graphviz (>0.5.1)"] -[[package]] -name = "autopep8" -version = "2.0.4" -description = "A tool that automatically formats Python code to conform to the PEP 8 style guide" -optional = false -python-versions = ">=3.6" -files = [ - {file = "autopep8-2.0.4-py2.py3-none-any.whl", hash = "sha256:067959ca4a07b24dbd5345efa8325f5f58da4298dab0dde0443d5ed765de80cb"}, - {file = "autopep8-2.0.4.tar.gz", hash = "sha256:2913064abd97b3419d1cc83ea71f042cb821f87e45b9c88cad5ad3c4ea87fe0c"}, -] - -[package.dependencies] -pycodestyle = ">=2.10.0" - [[package]] name = "bandit" version = "1.7.6" @@ -1239,23 +1225,6 @@ redis = ">=3,<4.0.0 || >4.0.0,<4.0.1 || >4.0.1" [package.extras] hiredis = ["redis[hiredis] (>=3,!=4.0.0,!=4.0.1)"] -[[package]] -name = "django-silk" -version = "5.0.4" -description = "Silky smooth profiling for the Django Framework" -optional = false -python-versions = ">=3.8" -files = [ - {file = "django-silk-5.0.4.tar.gz", hash = "sha256:8cbfbc647d182527726d8d52d3fcfa193f4d250f21406c3fb1062efa6fb95c63"}, - {file = "django_silk-5.0.4-py3-none-any.whl", hash = "sha256:b345d3973d1d382e09735eb525eaf3eebd3edee9a69d1003eb9b01badb2438db"}, -] - -[package.dependencies] -autopep8 = "*" -Django = ">=3.2" -gprof2dot = ">=2017.09.19" -sqlparse = "*" - [[package]] name = "django-storages" version = "1.14.2" @@ -1665,17 +1634,6 @@ pyopenssl = ["cryptography (>=38.0.3)", "pyopenssl (>=20.0.0)"] reauth = ["pyu2f (>=0.1.5)"] requests = ["requests (>=2.20.0,<3.0.0.dev0)"] -[[package]] -name = "gprof2dot" -version = "2022.7.29" -description = "Generate a dot graph from the output of several profilers." -optional = false -python-versions = ">=2.7" -files = [ - {file = "gprof2dot-2022.7.29-py2.py3-none-any.whl", hash = "sha256:f165b3851d3c52ee4915eb1bd6cca571e5759823c2cd0f71a79bda93c2dc85d6"}, - {file = "gprof2dot-2022.7.29.tar.gz", hash = "sha256:45b4d298bd36608fccf9511c3fd88a773f7a1abc04d6cd39445b11ba43133ec5"}, -] - [[package]] name = "gunicorn" version = "21.2.0" @@ -2903,17 +2861,6 @@ files = [ [package.dependencies] pyasn1 = ">=0.4.6,<0.6.0" -[[package]] -name = "pycodestyle" -version = "2.11.1" -description = "Python style guide checker" -optional = false -python-versions = ">=3.8" -files = [ - {file = "pycodestyle-2.11.1-py2.py3-none-any.whl", hash = "sha256:44fe31000b2d866f2e41841b18528a505fbd7fef9017b04eff4e2648a0fadc67"}, - {file = "pycodestyle-2.11.1.tar.gz", hash = "sha256:41ba0e7afc9752dfb53ced5489e89f8186be00e599e712660695b7a75ff2663f"}, -] - [[package]] name = "pycparser" version = "2.21" @@ -4772,4 +4719,4 @@ files = [ [metadata] lock-version = "2.0" python-versions = "~3.12" -content-hash = "35d3da5f6f7d4e7bc12fc0eca5de73a722cd409fcbec5332b4a96e3f2e0e4e9b" +content-hash = "872b759c19aa026742ef493c1b13a5f01dc5baab84efe7385163c4bf428b8f8f" diff --git a/pyproject.toml b/pyproject.toml index 7b4315980..7e71a90b9 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -190,7 +190,6 @@ bump2version = "*" colorama = "*" coverage = { extras = ["toml"], version = "*" } debugpy = "*" -django-silk = "*" drf-jsonschema-serializer = "*" freezegun = "*" importlib-metadata = "*" diff --git a/scripts/docker-compose.yml b/scripts/docker-compose.yml index 77495ce08..f783e615b 100644 --- a/scripts/docker-compose.yml +++ b/scripts/docker-compose.yml @@ -31,6 +31,11 @@ services: - s3-data:/usr/src/app/localData - s3-metadata:/usr/scr/app/localMetadata restart: always + spotlight: + image: ghcr.io/getsentry/spotlight + ports: + - 127.0.0.1:8969:8969 + restart: always volumes: db-data: diff --git a/web/package-lock.json b/web/package-lock.json index e7d914895..0129f0b05 100644 --- a/web/package-lock.json +++ b/web/package-lock.json @@ -24,8 +24,8 @@ "@open-wc/lit-helpers": "^0.6.0", "@patternfly/elements": "^2.4.0", "@patternfly/patternfly": "^4.224.2", - "@sentry/browser": "^7.92.0", - "@sentry/tracing": "^7.92.0", + "@sentry/browser": "^7.93.0", + "@sentry/tracing": "^7.93.0", "@webcomponents/webcomponentsjs": "^2.8.0", "base64-js": "^1.5.1", "chart.js": "^4.4.1", @@ -62,6 +62,7 @@ "@rollup/plugin-replace": "^5.0.5", "@rollup/plugin-terser": "^0.4.4", "@rollup/plugin-typescript": "^11.1.6", + "@spotlightjs/spotlight": "^1.2.6", "@storybook/addon-essentials": "^7.6.7", "@storybook/addon-links": "^7.6.7", "@storybook/api": "^7.6.7", @@ -4750,98 +4751,98 @@ ] }, "node_modules/@sentry-internal/feedback": { - "version": "7.92.0", - "resolved": "https://registry.npmjs.org/@sentry-internal/feedback/-/feedback-7.92.0.tgz", - "integrity": "sha512-/jEALRtVqboxB9kcK2tag8QCO6XANTlGBb9RV3oeGXJe0DDNJXRq6wVZbfgztXJRrfgx4XVDcNt1pRVoGGG++g==", + "version": "7.93.0", + "resolved": "https://registry.npmjs.org/@sentry-internal/feedback/-/feedback-7.93.0.tgz", + "integrity": "sha512-4G7rMeQbYGfCHxEoFroABX+UREYc2BSbFqjLmLbIcWowSpgzcwweLLphWHKOciqK6f7DnNDK0jZzx3u7NrkWHw==", "dependencies": { - "@sentry/core": "7.92.0", - "@sentry/types": "7.92.0", - "@sentry/utils": "7.92.0" + "@sentry/core": "7.93.0", + "@sentry/types": "7.93.0", + "@sentry/utils": "7.93.0" }, "engines": { "node": ">=12" } }, "node_modules/@sentry-internal/tracing": { - "version": "7.92.0", - "resolved": "https://registry.npmjs.org/@sentry-internal/tracing/-/tracing-7.92.0.tgz", - "integrity": "sha512-ur55vPcUUUWFUX4eVLNP71ohswK7ZZpleNZw9Y1GfLqyI+0ILQUwjtzqItJrdClvVsdRZJMRmDV40Hp9Lbb9mA==", + "version": "7.93.0", + "resolved": "https://registry.npmjs.org/@sentry-internal/tracing/-/tracing-7.93.0.tgz", + "integrity": "sha512-DjuhmQNywPp+8fxC9dvhGrqgsUb6wI/HQp25lS2Re7VxL1swCasvpkg8EOYP4iBniVQ86QK0uITkOIRc5tdY1w==", "dependencies": { - "@sentry/core": "7.92.0", - "@sentry/types": "7.92.0", - "@sentry/utils": "7.92.0" + "@sentry/core": "7.93.0", + "@sentry/types": "7.93.0", + "@sentry/utils": "7.93.0" }, "engines": { "node": ">=8" } }, "node_modules/@sentry/browser": { - "version": "7.92.0", - "resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.92.0.tgz", - "integrity": "sha512-loMr02/zQ38u8aQhYLtIBg0i5n3ps2e3GUXrt3CdsJQdkRYfa62gcrE7SzvoEpMVHTk7VOI4fWGht8cWw/1k3A==", + "version": "7.93.0", + "resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.93.0.tgz", + "integrity": "sha512-MtLTcQ7y3rfk+aIvnnwCfSJvYhTJnIJi+Mf6y/ap6SKObdlsKMbQoJLlRViglGLq+nKxHLAvU0fONiCEmKfV6A==", "dependencies": { - "@sentry-internal/feedback": "7.92.0", - "@sentry-internal/tracing": "7.92.0", - "@sentry/core": "7.92.0", - "@sentry/replay": "7.92.0", - "@sentry/types": "7.92.0", - "@sentry/utils": "7.92.0" + "@sentry-internal/feedback": "7.93.0", + "@sentry-internal/tracing": "7.93.0", + "@sentry/core": "7.93.0", + "@sentry/replay": "7.93.0", + "@sentry/types": "7.93.0", + "@sentry/utils": "7.93.0" }, "engines": { "node": ">=8" } }, "node_modules/@sentry/core": { - "version": "7.92.0", - "resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.92.0.tgz", - "integrity": "sha512-1Tly7YB2I1byI5xb0Cwrxs56Rhww+6mQ7m9P7rTmdC3/ijOzbEoohtYIUPwcooCEarpbEJe/tAayRx6BrH2UbQ==", + "version": "7.93.0", + "resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.93.0.tgz", + "integrity": "sha512-vZQSUiDn73n+yu2fEcH+Wpm4GbRmtxmnXnYCPgM6IjnXqkVm3awWAkzrheADblx3kmxrRiOlTXYHw9NTWs56fg==", "dependencies": { - "@sentry/types": "7.92.0", - "@sentry/utils": "7.92.0" + "@sentry/types": "7.93.0", + "@sentry/utils": "7.93.0" }, "engines": { "node": ">=8" } }, "node_modules/@sentry/replay": { - "version": "7.92.0", - "resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.92.0.tgz", - "integrity": "sha512-G1t9Uvc9cR8VpNkElwvHIMGzykjIKikb10n0tfVd3e+rBPMCCjCPWOduwG6jZYxcvCjTpqmJh6NSLXxL/Mt4JA==", + "version": "7.93.0", + "resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.93.0.tgz", + "integrity": "sha512-dMlLU8v+OkUeGCrPvTu5NriH7BGj3el4rGHWWAYicfJ2QXqTTq50vfasQBP1JeVNcFqnf1y653TdEIvo4RH4tw==", "dependencies": { - "@sentry-internal/tracing": "7.92.0", - "@sentry/core": "7.92.0", - "@sentry/types": "7.92.0", - "@sentry/utils": "7.92.0" + "@sentry-internal/tracing": "7.93.0", + "@sentry/core": "7.93.0", + "@sentry/types": "7.93.0", + "@sentry/utils": "7.93.0" }, "engines": { "node": ">=12" } }, "node_modules/@sentry/tracing": { - "version": "7.92.0", - "resolved": "https://registry.npmjs.org/@sentry/tracing/-/tracing-7.92.0.tgz", - "integrity": "sha512-1+TFFPVEdax4dNi68gin6MENiyGe9mOuNXfjulrP5eCzUEByus5HAxeDI/LLQ1hArfn048AzwSwKUsS2fO5sbg==", + "version": "7.93.0", + "resolved": "https://registry.npmjs.org/@sentry/tracing/-/tracing-7.93.0.tgz", + "integrity": "sha512-n4XbAQ7e098Jzv4ZvpXAsFgM+XFfjhKci18r7s3UfDMnrB4FTCwhHZoeiygO8PZhB944mEFbNXNFhHkb8nTDbA==", "dependencies": { - "@sentry-internal/tracing": "7.92.0" + "@sentry-internal/tracing": "7.93.0" }, "engines": { "node": ">=8" } }, "node_modules/@sentry/types": { - "version": "7.92.0", - "resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.92.0.tgz", - "integrity": "sha512-APmSOuZuoRGpbPpPeYIbMSplPjiWNLZRQa73QiXuTflW4Tu/ItDlU8hOa2+A6JKVkJCuD2EN6yUrxDGSMyNXeg==", + "version": "7.93.0", + "resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.93.0.tgz", + "integrity": "sha512-UnzUccNakhFRA/esWBWP+0v7cjNg+RilFBQC03Mv9OEMaZaS29zSbcOGtRzuFOXXLBdbr44BWADqpz3VW0XaNw==", "engines": { "node": ">=8" } }, "node_modules/@sentry/utils": { - "version": "7.92.0", - "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.92.0.tgz", - "integrity": "sha512-3nEfrQ1z28b/2zgFGANPh5yMVtgwXmrasZxTvKbrAj+KWJpjrJHrIR84r9W277J44NMeZ5RhRW2uoDmuBslPnA==", + "version": "7.93.0", + "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.93.0.tgz", + "integrity": "sha512-Iovj7tUnbgSkh/WrAaMrd5UuYjW7AzyzZlFDIUrwidsyIdUficjCG2OIxYzh76H6nYIx9SxewW0R54Q6XoB4uA==", "dependencies": { - "@sentry/types": "7.92.0" + "@sentry/types": "7.93.0" }, "engines": { "node": ">=8" @@ -4853,6 +4854,34 @@ "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", "dev": true }, + "node_modules/@spotlightjs/overlay": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/@spotlightjs/overlay/-/overlay-1.2.3.tgz", + "integrity": "sha512-JypKrZCXGYp7PbLRTi6phBeMXvHP3ulaZVC829rpg+69tcaUXoGmgkjXDNxgrCfFE+xvi73fZk+bbus45b3C/w==", + "dev": true + }, + "node_modules/@spotlightjs/sidecar": { + "version": "1.3.3", + "resolved": "https://registry.npmjs.org/@spotlightjs/sidecar/-/sidecar-1.3.3.tgz", + "integrity": "sha512-bRxizHcAUQS8H2f2jD/qbCTZA9ftjkCC9mMRwG6YRIkAi/3VRxB6hnhYkP1LnkZK8BQC0YtHmnlr8N2GJfwLhA==", + "dev": true, + "bin": { + "spotlight-sidecar": "server.js" + } + }, + "node_modules/@spotlightjs/spotlight": { + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/@spotlightjs/spotlight/-/spotlight-1.2.6.tgz", + "integrity": "sha512-MjRnzRFk5IZOAUDlkR/ENiB9uAbDlLAgLt4lIrCX0/v8WHwuS1zHMf65G3PjSYWYgjJ14cT98gMJErFVpCWx4g==", + "dev": true, + "dependencies": { + "@spotlightjs/overlay": "1.2.3", + "@spotlightjs/sidecar": "1.3.3" + }, + "bin": { + "spotlight-sidecar": "bin/run.js" + } + }, "node_modules/@storybook/addon-actions": { "version": "7.6.7", "resolved": "https://registry.npmjs.org/@storybook/addon-actions/-/addon-actions-7.6.7.tgz", diff --git a/web/package.json b/web/package.json index e5faff451..fc0e9fbfc 100644 --- a/web/package.json +++ b/web/package.json @@ -49,8 +49,8 @@ "@open-wc/lit-helpers": "^0.6.0", "@patternfly/elements": "^2.4.0", "@patternfly/patternfly": "^4.224.2", - "@sentry/browser": "^7.92.0", - "@sentry/tracing": "^7.92.0", + "@sentry/browser": "^7.93.0", + "@sentry/tracing": "^7.93.0", "@webcomponents/webcomponentsjs": "^2.8.0", "base64-js": "^1.5.1", "chart.js": "^4.4.1", @@ -87,13 +87,14 @@ "@rollup/plugin-replace": "^5.0.5", "@rollup/plugin-terser": "^0.4.4", "@rollup/plugin-typescript": "^11.1.6", + "@spotlightjs/spotlight": "^1.2.6", "@storybook/addon-essentials": "^7.6.7", "@storybook/addon-links": "^7.6.7", "@storybook/api": "^7.6.7", "@storybook/blocks": "^7.6.4", "@storybook/manager-api": "^7.6.7", - "@storybook/web-components": "^7.6.7", "@storybook/web-components-vite": "^7.6.7", + "@storybook/web-components": "^7.6.7", "@trivago/prettier-plugin-sort-imports": "^4.3.0", "@types/chart.js": "^2.9.41", "@types/codemirror": "5.60.15", @@ -104,12 +105,12 @@ "babel-plugin-macros": "^3.1.0", "babel-plugin-tsconfig-paths": "^1.0.3", "cross-env": "^7.0.3", - "eslint": "^8.56.0", "eslint-config-google": "^0.14.0", "eslint-plugin-custom-elements": "0.0.8", "eslint-plugin-lit": "^1.11.0", "eslint-plugin-sonarjs": "^0.23.0", "eslint-plugin-storybook": "^0.6.15", + "eslint": "^8.56.0", "lit-analyzer": "^2.0.3", "npm-run-all": "^4.1.5", "prettier": "^3.1.1", diff --git a/web/src/common/sentry.ts b/web/src/common/sentry.ts index f89a35f13..e3dfe3c2f 100644 --- a/web/src/common/sentry.ts +++ b/web/src/common/sentry.ts @@ -5,7 +5,7 @@ import { me } from "@goauthentik/common/users"; import * as Sentry from "@sentry/browser"; import { Integrations } from "@sentry/tracing"; -import { Config, ResponseError } from "@goauthentik/api"; +import { CapabilitiesEnum, Config, ResponseError } from "@goauthentik/api"; export const TAG_SENTRY_COMPONENT = "authentik.component"; export const TAG_SENTRY_CAPABILITIES = "authentik.capabilities"; @@ -60,6 +60,11 @@ export async function configureSentry(canDoPpi = false): Promise { scope.setTransactionName(`authentik.web.if.${currentInterface()}`), ); } + if (cfg.capabilities.includes(CapabilitiesEnum.CanDebug)) { + const Spotlight = await import("@spotlightjs/spotlight"); + + Spotlight.init({ injectImmediately: true }); + } if (cfg.errorReporting.sendPii && canDoPpi) { me().then((user) => { Sentry.setUser({ email: user.user.email }); diff --git a/website/docs/installation/configuration.mdx b/website/docs/installation/configuration.mdx index 034776ec5..13646e92a 100644 --- a/website/docs/installation/configuration.mdx +++ b/website/docs/installation/configuration.mdx @@ -124,7 +124,7 @@ To check if your config has been applied correctly, you can run the following co - `AUTHENTIK_LISTEN__LDAPS`: Listening address:port (e.g. `0.0.0.0:6636`) for LDAPS (Applies to LDAP outpost) - `AUTHENTIK_LISTEN__METRICS`: Listening address:port (e.g. `0.0.0.0:9300`) for Prometheus metrics (Applies to All) - `AUTHENTIK_LISTEN__DEBUG`: Listening address:port (e.g. `0.0.0.0:9900`) for Go Debugging metrics (Applies to All) -- `AUTHENTIK_LISTEN__TRUSTED_PROXY_CIDRS`: List of CIDRs that proxy headers should be accepted from (Applies to Server) +- `AUTHENTIK_LISTEN__TRUSTED_PROXY_CIDRS`: List of comma-separated CIDRs that proxy headers should be accepted from (Applies to Server) Defaults to `127.0.0.0/8`, `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`, `fe80::/10`, `::1/128`.