diff --git a/authentik/api/v3/config.py b/authentik/api/v3/config.py index 9e6bec395..c93fff5c9 100644 --- a/authentik/api/v3/config.py +++ b/authentik/api/v3/config.py @@ -5,7 +5,7 @@ from django.conf import settings from django.db import models from drf_spectacular.utils import extend_schema from kubernetes.config.incluster_config import SERVICE_HOST_ENV_NAME -from rest_framework.fields import BooleanField, CharField, ChoiceField, IntegerField, ListField +from rest_framework.fields import BooleanField, CharField, ChoiceField, FloatField, IntegerField, ListField from rest_framework.permissions import AllowAny from rest_framework.request import Request from rest_framework.response import Response @@ -23,14 +23,20 @@ class Capabilities(models.TextChoices): CAN_GEO_IP = "can_geo_ip" CAN_BACKUP = "can_backup" +class ErrorReportingConfigSerializer(PassiveSerializer): + """Config for error reporting""" + + enabled = BooleanField(read_only=True) + environment = CharField(read_only=True) + send_pii = BooleanField(read_only=True) + traces_sample_rate=FloatField(read_only=True) + + class ConfigSerializer(PassiveSerializer): """Serialize authentik Config into DRF Object""" - error_reporting_enabled = BooleanField(read_only=True) - error_reporting_environment = CharField(read_only=True) - error_reporting_send_pii = BooleanField(read_only=True) - + error_reporting = ErrorReportingConfigSerializer(required=True) capabilities = ListField(child=ChoiceField(choices=Capabilities.choices)) cache_timeout = IntegerField(required=True) @@ -66,9 +72,12 @@ class ConfigView(APIView): """Retrieve public configuration options""" config = ConfigSerializer( { - "error_reporting_enabled": CONFIG.y("error_reporting.enabled"), - "error_reporting_environment": CONFIG.y("error_reporting.environment"), - "error_reporting_send_pii": CONFIG.y("error_reporting.send_pii"), + "error_reporting": { + "enabled": CONFIG.y("error_reporting.enabled"), + "environment": CONFIG.y("error_reporting.environment"), + "send_pii": CONFIG.y("error_reporting.send_pii"), + "traces_sample_rate": float(CONFIG.y("error_reporting.sample_rate", 0.4)), + }, "capabilities": self.get_capabilities(), "cache_timeout": int(CONFIG.y("redis.cache_timeout")), "cache_timeout_flows": int(CONFIG.y("redis.cache_timeout_flows")), diff --git a/authentik/root/settings.py b/authentik/root/settings.py index 3d015824a..4099cc757 100644 --- a/authentik/root/settings.py +++ b/authentik/root/settings.py @@ -424,7 +424,7 @@ if _ERROR_REPORTING: ], before_send=before_send, release=f"authentik@{__version__}", - traces_sample_rate=0.6, + traces_sample_rate=float(CONFIG.y("error_reporting.sample_rate", 0.4)), environment=CONFIG.y("error_reporting.environment", "customer"), send_default_pii=CONFIG.y_bool("error_reporting.send_pii", False), ) diff --git a/schema.yml b/schema.yml index 912b45766..0077029a1 100644 --- a/schema.yml +++ b/schema.yml @@ -20206,15 +20206,8 @@ components: type: object description: Serialize authentik Config into DRF Object properties: - error_reporting_enabled: - type: boolean - readOnly: true - error_reporting_environment: - type: string - readOnly: true - error_reporting_send_pii: - type: boolean - readOnly: true + error_reporting: + $ref: '#/components/schemas/ErrorReportingConfig' capabilities: type: array items: @@ -20233,9 +20226,7 @@ components: - cache_timeout_policies - cache_timeout_reputation - capabilities - - error_reporting_enabled - - error_reporting_environment - - error_reporting_send_pii + - error_reporting ConsentChallenge: type: object description: Challenge info for consent screens @@ -20949,6 +20940,28 @@ components: required: - code - string + ErrorReportingConfig: + type: object + description: Config for error reporting + properties: + enabled: + type: boolean + readOnly: true + environment: + type: string + readOnly: true + send_pii: + type: boolean + readOnly: true + traces_sample_rate: + type: number + format: float + readOnly: true + required: + - enabled + - environment + - send_pii + - traces_sample_rate Event: type: object description: Event Serializer