*: add versioned user agent to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
1f190a9255
commit
b6267fdf28
|
@ -1,5 +1,5 @@
|
|||
"""authentik sentry integration"""
|
||||
from typing import Optional
|
||||
from typing import Any, Optional
|
||||
|
||||
from aioredis.errors import ConnectionClosedError, ReplyError
|
||||
from billiard.exceptions import SoftTimeLimitExceeded, WorkerLostError
|
||||
|
@ -17,7 +17,7 @@ from ldap3.core.exceptions import LDAPException
|
|||
from redis.exceptions import ConnectionError as RedisConnectionError
|
||||
from redis.exceptions import RedisError, ResponseError
|
||||
from rest_framework.exceptions import APIException
|
||||
from sentry_sdk import Hub
|
||||
from sentry_sdk import HttpTransport, Hub
|
||||
from sentry_sdk import init as sentry_sdk_init
|
||||
from sentry_sdk.api import set_tag
|
||||
from sentry_sdk.integrations.celery import CeleryIntegration
|
||||
|
@ -30,6 +30,7 @@ from websockets.exceptions import WebSocketException
|
|||
|
||||
from authentik import __version__, get_build_hash
|
||||
from authentik.lib.config import CONFIG
|
||||
from authentik.lib.utils.http import authentik_user_agent
|
||||
from authentik.lib.utils.reflection import class_to_path, get_env
|
||||
|
||||
LOGGER = get_logger()
|
||||
|
@ -52,6 +53,14 @@ class SentryIgnoredException(Exception):
|
|||
"""Base Class for all errors that are suppressed, and not sent to sentry."""
|
||||
|
||||
|
||||
class SentryTransport(HttpTransport):
|
||||
"""Custom sentry transport with custom user-agent"""
|
||||
|
||||
def __init__(self, options: dict[str, Any]) -> None:
|
||||
super().__init__(options)
|
||||
self._auth = self.parsed_dsn.to_auth(authentik_user_agent())
|
||||
|
||||
|
||||
def sentry_init(**sentry_init_kwargs):
|
||||
"""Configure sentry SDK"""
|
||||
sentry_env = CONFIG.y("error_reporting.environment", "customer")
|
||||
|
@ -72,6 +81,7 @@ def sentry_init(**sentry_init_kwargs):
|
|||
before_send=before_send,
|
||||
traces_sampler=traces_sampler,
|
||||
release=f"authentik@{__version__}",
|
||||
transport=SentryTransport,
|
||||
**kwargs,
|
||||
)
|
||||
set_tag("authentik.build_hash", get_build_hash("tagged"))
|
||||
|
|
|
@ -16,6 +16,7 @@ import (
|
|||
"goauthentik.io/internal/outpost/ak"
|
||||
"goauthentik.io/internal/outpost/proxyv2"
|
||||
sentryutils "goauthentik.io/internal/utils/sentry"
|
||||
webutils "goauthentik.io/internal/utils/web"
|
||||
"goauthentik.io/internal/web"
|
||||
"goauthentik.io/internal/web/tenant_tls"
|
||||
)
|
||||
|
@ -55,6 +56,7 @@ func main() {
|
|||
TracesSampler: sentryutils.SamplerFunc(config.G.ErrorReporting.SampleRate),
|
||||
Release: fmt.Sprintf("authentik@%s", constants.VERSION),
|
||||
Environment: config.G.ErrorReporting.Environment,
|
||||
HTTPTransport: webutils.NewUserAgentTransport(constants.UserAgent(), http.DefaultTransport),
|
||||
IgnoreErrors: []string{
|
||||
http.ErrAbortHandler.Error(),
|
||||
},
|
||||
|
|
|
@ -25,4 +25,8 @@ func OutpostUserAgent() string {
|
|||
return fmt.Sprintf("goauthentik.io/outpost/%s", FullVersion())
|
||||
}
|
||||
|
||||
func UserAgent() string {
|
||||
return fmt.Sprintf("authentik@%s", FullVersion())
|
||||
}
|
||||
|
||||
const VERSION = "2022.6.3"
|
||||
|
|
|
@ -10,7 +10,7 @@ import (
|
|||
|
||||
log "github.com/sirupsen/logrus"
|
||||
"goauthentik.io/internal/config"
|
||||
"goauthentik.io/internal/outpost/ak"
|
||||
"goauthentik.io/internal/utils/web"
|
||||
)
|
||||
|
||||
type GoUnicorn struct {
|
||||
|
@ -70,7 +70,7 @@ func (g *GoUnicorn) Start() error {
|
|||
func (g *GoUnicorn) healthcheck() {
|
||||
g.log.Debug("starting healthcheck")
|
||||
h := &http.Client{
|
||||
Transport: ak.NewUserAgentTransport("goauthentik.io/proxy/healthcheck", http.DefaultTransport),
|
||||
Transport: web.NewUserAgentTransport("goauthentik.io/proxy/healthcheck", http.DefaultTransport),
|
||||
}
|
||||
check := func() bool {
|
||||
res, err := h.Get("http://localhost:8000/-/health/live/")
|
||||
|
|
|
@ -17,6 +17,7 @@ import (
|
|||
"github.com/prometheus/client_golang/prometheus"
|
||||
"goauthentik.io/api/v3"
|
||||
"goauthentik.io/internal/constants"
|
||||
"goauthentik.io/internal/utils/web"
|
||||
|
||||
log "github.com/sirupsen/logrus"
|
||||
)
|
||||
|
@ -54,7 +55,7 @@ func NewAPIController(akURL url.URL, token string) *APIController {
|
|||
config.Host = akURL.Host
|
||||
config.Scheme = akURL.Scheme
|
||||
config.HTTPClient = &http.Client{
|
||||
Transport: NewUserAgentTransport(constants.OutpostUserAgent(), NewTracingTransport(rsp.Context(), GetTLSTransport())),
|
||||
Transport: web.NewUserAgentTransport(constants.OutpostUserAgent(), web.NewTracingTransport(rsp.Context(), GetTLSTransport())),
|
||||
}
|
||||
config.AddDefaultHeader("Authorization", fmt.Sprintf("Bearer %s", token))
|
||||
|
||||
|
|
|
@ -12,6 +12,7 @@ import (
|
|||
"goauthentik.io/api/v3"
|
||||
"goauthentik.io/internal/constants"
|
||||
sentryutils "goauthentik.io/internal/utils/sentry"
|
||||
webutils "goauthentik.io/internal/utils/web"
|
||||
)
|
||||
|
||||
var initialSetup = false
|
||||
|
@ -52,6 +53,7 @@ func doGlobalSetup(outpost api.Outpost, globalConfig *api.Config) {
|
|||
Environment: globalConfig.ErrorReporting.Environment,
|
||||
TracesSampler: sentryutils.SamplerFunc(float64(globalConfig.ErrorReporting.TracesSampleRate)),
|
||||
Release: fmt.Sprintf("authentik@%s", constants.VERSION),
|
||||
HTTPTransport: webutils.NewUserAgentTransport(constants.OutpostUserAgent(), http.DefaultTransport),
|
||||
IgnoreErrors: []string{
|
||||
http.ErrAbortHandler.Error(),
|
||||
},
|
||||
|
|
|
@ -17,6 +17,7 @@ import (
|
|||
"goauthentik.io/api/v3"
|
||||
"goauthentik.io/internal/constants"
|
||||
"goauthentik.io/internal/outpost/ak"
|
||||
"goauthentik.io/internal/utils/web"
|
||||
)
|
||||
|
||||
var (
|
||||
|
@ -56,7 +57,7 @@ func NewFlowExecutor(ctx context.Context, flowSlug string, refConfig *api.Config
|
|||
l.WithError(err).Warning("Failed to create cookiejar")
|
||||
panic(err)
|
||||
}
|
||||
transport := ak.NewUserAgentTransport(constants.OutpostUserAgent(), ak.NewTracingTransport(rsp.Context(), ak.GetTLSTransport()))
|
||||
transport := web.NewUserAgentTransport(constants.OutpostUserAgent(), web.NewTracingTransport(rsp.Context(), ak.GetTLSTransport()))
|
||||
fe := &FlowExecutor{
|
||||
Params: url.Values{},
|
||||
Answers: make(map[StageComponent]string),
|
||||
|
|
|
@ -11,7 +11,6 @@ import (
|
|||
"github.com/getsentry/sentry-go"
|
||||
"github.com/prometheus/client_golang/prometheus"
|
||||
log "github.com/sirupsen/logrus"
|
||||
"goauthentik.io/internal/outpost/ak"
|
||||
"goauthentik.io/internal/outpost/proxyv2/metrics"
|
||||
"goauthentik.io/internal/utils/web"
|
||||
)
|
||||
|
@ -30,7 +29,7 @@ func (a *Application) configureProxy() error {
|
|||
}
|
||||
rp := &httputil.ReverseProxy{Director: a.proxyModifyRequest(u)}
|
||||
rsp := sentry.StartSpan(context.TODO(), "authentik.outposts.proxy.application_transport")
|
||||
rp.Transport = ak.NewTracingTransport(rsp.Context(), a.getUpstreamTransport())
|
||||
rp.Transport = web.NewTracingTransport(rsp.Context(), a.getUpstreamTransport())
|
||||
rp.ErrorHandler = a.newProxyErrorHandler()
|
||||
rp.ModifyResponse = a.proxyModifyResponse
|
||||
a.mux.PathPrefix("/").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
|
||||
|
|
|
@ -9,6 +9,7 @@ import (
|
|||
"goauthentik.io/internal/constants"
|
||||
"goauthentik.io/internal/outpost/ak"
|
||||
"goauthentik.io/internal/outpost/proxyv2/application"
|
||||
"goauthentik.io/internal/utils/web"
|
||||
)
|
||||
|
||||
func (ps *ProxyServer) Refresh() error {
|
||||
|
@ -24,7 +25,7 @@ func (ps *ProxyServer) Refresh() error {
|
|||
rsp := sentry.StartSpan(context.Background(), "authentik.outposts.proxy.application_ss")
|
||||
ua := fmt.Sprintf(" (provider=%s)", provider.Name)
|
||||
hc := &http.Client{
|
||||
Transport: ak.NewUserAgentTransport(constants.OutpostUserAgent()+ua, ak.NewTracingTransport(rsp.Context(), ak.GetTLSTransport())),
|
||||
Transport: web.NewUserAgentTransport(constants.OutpostUserAgent()+ua, web.NewTracingTransport(rsp.Context(), ak.GetTLSTransport())),
|
||||
}
|
||||
a, err := application.NewApplication(provider, hc, ps.cryptoStore, ps.akAPI)
|
||||
if err != nil {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
package ak
|
||||
package web
|
||||
|
||||
import (
|
||||
"context"
|
|
@ -1,4 +1,4 @@
|
|||
package ak
|
||||
package web
|
||||
|
||||
import (
|
||||
"net/http"
|
|
@ -78,7 +78,7 @@ slug: "2022.6"
|
|||
- web/elements: add spinner when loading dynamic routes
|
||||
- web/flows: add divider to identification stage for security key
|
||||
- web/flows: fix error when webauthn operations failed and user retries
|
||||
- web/flows: remove autofocus from password field of identifications tage
|
||||
- web/flows: remove autofocus from password field of identifications stage
|
||||
|
||||
## Upgrading
|
||||
|
||||
|
|
Reference in New Issue