*: add versioned user agent to sentry

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-20 11:54:10 +02:00 · 2022-06-20 11:54:10 +02:00 · b6267fdf28
parent 1f190a9255
commit b6267fdf28
12 changed files with 32 additions and 12 deletions
--- a/authentik/lib/sentry.py
+++ b/authentik/lib/sentry.py
@ -1,5 +1,5 @@
 """authentik sentry integration"""
-from typing import Optional
+from typing import Any, Optional

 from aioredis.errors import ConnectionClosedError, ReplyError
 from billiard.exceptions import SoftTimeLimitExceeded, WorkerLostError
@ -17,7 +17,7 @@ from ldap3.core.exceptions import LDAPException
 from redis.exceptions import ConnectionError as RedisConnectionError
 from redis.exceptions import RedisError, ResponseError
 from rest_framework.exceptions import APIException
-from sentry_sdk import Hub
+from sentry_sdk import HttpTransport, Hub
 from sentry_sdk import init as sentry_sdk_init
 from sentry_sdk.api import set_tag
 from sentry_sdk.integrations.celery import CeleryIntegration
@ -30,6 +30,7 @@ from websockets.exceptions import WebSocketException

 from authentik import __version__, get_build_hash
 from authentik.lib.config import CONFIG
+from authentik.lib.utils.http import authentik_user_agent
 from authentik.lib.utils.reflection import class_to_path, get_env

 LOGGER = get_logger()
@ -52,6 +53,14 @@ class SentryIgnoredException(Exception):
    """Base Class for all errors that are suppressed, and not sent to sentry."""


+class SentryTransport(HttpTransport):
+    """Custom sentry transport with custom user-agent"""
+
+    def __init__(self, options: dict[str, Any]) -> None:
+        super().__init__(options)
+        self._auth = self.parsed_dsn.to_auth(authentik_user_agent())
+
+
 def sentry_init(**sentry_init_kwargs):
    """Configure sentry SDK"""
    sentry_env = CONFIG.y("error_reporting.environment", "customer")
@ -72,6 +81,7 @@ def sentry_init(**sentry_init_kwargs):
        before_send=before_send,
        traces_sampler=traces_sampler,
        release=f"authentik@{__version__}",
+        transport=SentryTransport,
        **kwargs,
    )
    set_tag("authentik.build_hash", get_build_hash("tagged"))
--- a/cmd/server/main.go
+++ b/cmd/server/main.go
@ -16,6 +16,7 @@ import (
 	"goauthentik.io/internal/outpost/ak"
 	"goauthentik.io/internal/outpost/proxyv2"
 	sentryutils "goauthentik.io/internal/utils/sentry"
+	webutils "goauthentik.io/internal/utils/web"
 	"goauthentik.io/internal/web"
 	"goauthentik.io/internal/web/tenant_tls"
 )
@ -55,6 +56,7 @@ func main() {
 			TracesSampler:    sentryutils.SamplerFunc(config.G.ErrorReporting.SampleRate),
 			Release:          fmt.Sprintf("authentik@%s", constants.VERSION),
 			Environment:      config.G.ErrorReporting.Environment,
+			HTTPTransport:    webutils.NewUserAgentTransport(constants.UserAgent(), http.DefaultTransport),
 			IgnoreErrors: []string{
 				http.ErrAbortHandler.Error(),
 			},
--- a/internal/constants/constants.go
+++ b/internal/constants/constants.go
@ -25,4 +25,8 @@ func OutpostUserAgent() string {
 	return fmt.Sprintf("goauthentik.io/outpost/%s", FullVersion())
 }

+func UserAgent() string {
+	return fmt.Sprintf("authentik@%s", FullVersion())
+}
+
 const VERSION = "2022.6.3"
--- a/internal/gounicorn/gounicorn.go
+++ b/internal/gounicorn/gounicorn.go
@ -10,7 +10,7 @@ import (

 	log "github.com/sirupsen/logrus"
 	"goauthentik.io/internal/config"
-	"goauthentik.io/internal/outpost/ak"
+	"goauthentik.io/internal/utils/web"
 )

 type GoUnicorn struct {
@ -70,7 +70,7 @@ func (g *GoUnicorn) Start() error {
 func (g *GoUnicorn) healthcheck() {
 	g.log.Debug("starting healthcheck")
 	h := &http.Client{
-		Transport: ak.NewUserAgentTransport("goauthentik.io/proxy/healthcheck", http.DefaultTransport),
+		Transport: web.NewUserAgentTransport("goauthentik.io/proxy/healthcheck", http.DefaultTransport),
 	}
 	check := func() bool {
 		res, err := h.Get("http://localhost:8000/-/health/live/")
--- a/internal/outpost/ak/api.go
+++ b/internal/outpost/ak/api.go
@ -17,6 +17,7 @@ import (
 	"github.com/prometheus/client_golang/prometheus"
 	"goauthentik.io/api/v3"
 	"goauthentik.io/internal/constants"
+	"goauthentik.io/internal/utils/web"

 	log "github.com/sirupsen/logrus"
 )
@ -54,7 +55,7 @@ func NewAPIController(akURL url.URL, token string) *APIController {
 	config.Host = akURL.Host
 	config.Scheme = akURL.Scheme
 	config.HTTPClient = &http.Client{
-		Transport: NewUserAgentTransport(constants.OutpostUserAgent(), NewTracingTransport(rsp.Context(), GetTLSTransport())),
+		Transport: web.NewUserAgentTransport(constants.OutpostUserAgent(), web.NewTracingTransport(rsp.Context(), GetTLSTransport())),
 	}
 	config.AddDefaultHeader("Authorization", fmt.Sprintf("Bearer %s", token))

--- a/internal/outpost/ak/global.go
+++ b/internal/outpost/ak/global.go
@ -12,6 +12,7 @@ import (
 	"goauthentik.io/api/v3"
 	"goauthentik.io/internal/constants"
 	sentryutils "goauthentik.io/internal/utils/sentry"
+	webutils "goauthentik.io/internal/utils/web"
 )

 var initialSetup = false
@ -52,6 +53,7 @@ func doGlobalSetup(outpost api.Outpost, globalConfig *api.Config) {
 			Environment:   globalConfig.ErrorReporting.Environment,
 			TracesSampler: sentryutils.SamplerFunc(float64(globalConfig.ErrorReporting.TracesSampleRate)),
 			Release:       fmt.Sprintf("authentik@%s", constants.VERSION),
+			HTTPTransport: webutils.NewUserAgentTransport(constants.OutpostUserAgent(), http.DefaultTransport),
 			IgnoreErrors: []string{
 				http.ErrAbortHandler.Error(),
 			},
--- a/internal/outpost/flow/executor.go
+++ b/internal/outpost/flow/executor.go
@ -17,6 +17,7 @@ import (
 	"goauthentik.io/api/v3"
 	"goauthentik.io/internal/constants"
 	"goauthentik.io/internal/outpost/ak"
+	"goauthentik.io/internal/utils/web"
 )

 var (
@ -56,7 +57,7 @@ func NewFlowExecutor(ctx context.Context, flowSlug string, refConfig *api.Config
 		l.WithError(err).Warning("Failed to create cookiejar")
 		panic(err)
 	}
-	transport := ak.NewUserAgentTransport(constants.OutpostUserAgent(), ak.NewTracingTransport(rsp.Context(), ak.GetTLSTransport()))
+	transport := web.NewUserAgentTransport(constants.OutpostUserAgent(), web.NewTracingTransport(rsp.Context(), ak.GetTLSTransport()))
 	fe := &FlowExecutor{
 		Params:    url.Values{},
 		Answers:   make(map[StageComponent]string),
--- a/internal/outpost/proxyv2/application/mode_proxy.go
+++ b/internal/outpost/proxyv2/application/mode_proxy.go
@ -11,7 +11,6 @@ import (
 	"github.com/getsentry/sentry-go"
 	"github.com/prometheus/client_golang/prometheus"
 	log "github.com/sirupsen/logrus"
-	"goauthentik.io/internal/outpost/ak"
 	"goauthentik.io/internal/outpost/proxyv2/metrics"
 	"goauthentik.io/internal/utils/web"
 )
@ -30,7 +29,7 @@ func (a *Application) configureProxy() error {
 	}
 	rp := &httputil.ReverseProxy{Director: a.proxyModifyRequest(u)}
 	rsp := sentry.StartSpan(context.TODO(), "authentik.outposts.proxy.application_transport")
-	rp.Transport = ak.NewTracingTransport(rsp.Context(), a.getUpstreamTransport())
+	rp.Transport = web.NewTracingTransport(rsp.Context(), a.getUpstreamTransport())
 	rp.ErrorHandler = a.newProxyErrorHandler()
 	rp.ModifyResponse = a.proxyModifyResponse
 	a.mux.PathPrefix("/").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
--- a/internal/outpost/proxyv2/refresh.go
+++ b/internal/outpost/proxyv2/refresh.go
@ -9,6 +9,7 @@ import (
 	"goauthentik.io/internal/constants"
 	"goauthentik.io/internal/outpost/ak"
 	"goauthentik.io/internal/outpost/proxyv2/application"
+	"goauthentik.io/internal/utils/web"
 )

 func (ps *ProxyServer) Refresh() error {
@ -24,7 +25,7 @@ func (ps *ProxyServer) Refresh() error {
 		rsp := sentry.StartSpan(context.Background(), "authentik.outposts.proxy.application_ss")
 		ua := fmt.Sprintf(" (provider=%s)", provider.Name)
 		hc := &http.Client{
-			Transport: ak.NewUserAgentTransport(constants.OutpostUserAgent()+ua, ak.NewTracingTransport(rsp.Context(), ak.GetTLSTransport())),
+			Transport: web.NewUserAgentTransport(constants.OutpostUserAgent()+ua, web.NewTracingTransport(rsp.Context(), ak.GetTLSTransport())),
 		}
 		a, err := application.NewApplication(provider, hc, ps.cryptoStore, ps.akAPI)
 		if err != nil {
--- a/internal/outpost/ak/http_tracing.go
+++ b/internal/outpost/ak/http_tracing.go
@ -1,4 +1,4 @@
-package ak
+package web

 import (
 	"context"
--- a/internal/outpost/ak/http_user_agent.go
+++ b/internal/outpost/ak/http_user_agent.go
@ -1,4 +1,4 @@
-package ak
+package web

 import (
 	"net/http"
--- a/website/docs/releases/v2022.6.md
+++ b/website/docs/releases/v2022.6.md
@ -78,7 +78,7 @@ slug: "2022.6"
 -   web/elements: add spinner when loading dynamic routes
 -   web/flows: add divider to identification stage for security key
 -   web/flows: fix error when webauthn operations failed and user retries
-   web/flows: remove autofocus from password field of identifications tage
+-   web/flows: remove autofocus from password field of identifications stage

 ## Upgrading