(feat): implements sentry for php

3f2c0632 · Mark Harding · 646eb771 · 3f2c0632 · 3f2c0632 · 3f2c0632
Commit 3f2c0632 authored 4 hours ago by Mark Harding
10 changed files
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -40,7 +40,13 @@ prepare:fpm:
 image: minds/ci:latest 
 script: 
 - docker login -u gitlab-ci-token -p ${CI_BUILD_TOKEN} ${CI_REGISTRY}  
- - docker build -t $CI_REGISTRY_IMAGE/fpm:$CI_BUILD_REF -f containers/php-fpm/Dockerfile . 
+ - | 
+ docker build \ 
+ -t $CI_REGISTRY_IMAGE/fpm:$CI_BUILD_REF \ 
+ -f containers/php-fpm/Dockerfile \ 
+ --build-arg MINDS_VERSION=$CI_BUILD_REF \ 
+ --build-arg SENTRY_DSN=$SENTRY_DSN \ 
+ . 
 - docker push $CI_REGISTRY_IMAGE/fpm:$CI_BUILD_REF 
 
 prepare:runners: 
@@ -48,9 +54,25 @@ prepare:runners:
 image: minds/ci:latest 
 script: 
 - docker login -u gitlab-ci-token -p ${CI_BUILD_TOKEN} ${CI_REGISTRY} 
- - docker build -t $CI_REGISTRY_IMAGE/runners:$CI_BUILD_REF -f containers/php-runners/Dockerfile . 
+ - | 
+ docker build \ 
+ -t $CI_REGISTRY_IMAGE/runners:$CI_BUILD_REF \ 
+ -f containers/php-runners/Dockerfile \ 
+ --build-arg MINDS_VERSION=$CI_BUILD_REF \ 
+ --build-arg SENTRY_DSN=$SENTRY_DSN \ 
+ . 
 - docker push $CI_REGISTRY_IMAGE/runners:$CI_BUILD_REF 
 
+prepare:all:sentry: 
+ stage: prepare 
+ image: getsentry/sentry-cli 
+ script: 
+ - echo "Create a new release $CI_COMMIT_SHA" 
+ - sentry-cli releases new $CI_COMMIT_SHA 
+ - sentry-cli releases set-commits --auto $CI_COMMIT_SHA 
+ - sentry-cli releases finalize $CI_COMMIT_SHA 
+ - echo "Finalized release for $CI_COMMIT_SHA" 
+ 
 review:start: 
 stage: review 
 image: minds/helm-eks:latest 
@@ -69,6 +91,7 @@ review:start:
 --wait \ 
 $CI_BUILD_REF_SLUG \ 
 ./helm-charts/minds" 
+ - sentry-cli releases deploys $CI_COMMIT_SHA new -e review-$CI_COMMIT_REF_SLUG 
 environment: 
 name: review/$CI_COMMIT_REF_NAME 
 url: https://$CI_BUILD_REF_SLUG.$KUBE_INGRESS_BASE_DOMAIN 
@@ -112,6 +135,8 @@ staging:fpm:
 - docker push $CI_REGISTRY_IMAGE/fpm:$IMAGE_LABEL 
 # Deploy to staging 
 - aws ecs update-service --service=$ECS_APP_STAGING_SERVICE --force-new-deployment --region us-east-1 --cluster=$ECS_CLUSTER 
+ # Update sentry 
+ - sentry-cli releases deploys $CI_COMMIT_SHA new -e $IMAGE_LABEL 
 environment: 
 name: staging 
 url: https://www.minds.com/?staging=1 
@@ -136,6 +161,8 @@ canary:fpm:
 - docker push $CI_REGISTRY_IMAGE/fpm:$IMAGE_LABEL 
 # Deploy to ECS 
 - aws ecs update-service --service=$ECS_APP_CANARY_SERVICE --force-new-deployment --region us-east-1 --cluster=$ECS_CLUSTER 
+ # Update sentry 
+ - sentry-cli releases deploys $CI_COMMIT_SHA new -e $IMAGE_LABEL 
 only: 
 refs: 
 - master 
@@ -162,6 +189,8 @@ production:fpm:
 - docker push $CI_REGISTRY_IMAGE/fpm:$IMAGE_LABEL 
 # Delpoy to ECS 
 - aws ecs update-service --service=$ECS_APP_PRODUCTION_SERVICE --force-new-deployment --region us-east-1 --cluster=$ECS_CLUSTER 
+ # Update sentry 
+ - sentry-cli releases deploys $CI_COMMIT_SHA new -e $IMAGE_LABEL 
 only: 
 refs: 
 - master 

--- a/Core/Sessions/Delegates/SentryScopeDelegate.php
+++ b/Core/Sessions/Delegates/SentryScopeDelegate.php
+<?php 
+namespace Minds\Core\Sessions\Delegates; 
+ 
+use Sentry; 
+use Minds\Core\Sessions\Session; 
+ 
+class SentryScopeDelegate 
+{ 
+ 
+ /** 
+ * Pass through a user guid to sentry 
+ * @param Session $session 
+ * @return void 
+ */ 
+ public function onSession(Session $session): void 
+ { 
+ Sentry\configureScope(function (Sentry\State\Scope $scope) use ($session): void { 
+ $scope->setUser([ 
+ 'id' => (string) $session->getUserGuid(), 
+ ]); 
+ }); 
+ } 
+ 
+} 
+
--- a/Core/Sessions/Manager.php
+++ b/Core/Sessions/Manager.php
@@ -23,6 +23,9 @@ class Manager
 /** @var Cookie $cookie */ 
 private $cookie; 
 
+ /** @var SentryScopeDelegate $sentryScopeDelegate */ 
+ private $sentryScopeDelegate; 
+ 
 /** @var Session $session */ 
 private $session; 
 
@@ -34,7 +37,8 @@ class Manager
 $config = null, 
 $cookie = null, 
 $jwtBuilder = null, 
- $jwtParser = null 
+ $jwtParser = null, 
+ $sentryScopeDelegate = null 
 ) 
 { 
 $this->repository = $repository ?: new Repository; 
@@ -42,6 +46,7 @@ class Manager
 $this->cookie = $cookie ?: new Cookie; 
 $this->jwtBuilder = $jwtBuilder ?: new JWT\Builder; 
 $this->jwtParser = $jwtParser ?: new JWT\Parser; 
+ $this->sentryScopeDelegate = $sentryScopeDelegate ?? new Delegates\SentryScopeDelegate; 
 } 
 
 /** 
@@ -124,6 +129,9 @@ class Manager
 // Hack, needs refactoring 
 Core\Session::generateJWTCookie($session); 
 
+ // Allow Sentry to attach user metadata 
+ $this->sentryScopeDelegate->onSession($session); 
+ 
 return $this; 
 } 
 

--- a/composer.json
+++ b/composer.json
@@ -32,7 +32,8 @@
 "erusev/parsedown": "^1.7", 
 "zendframework/zend-diactoros": "1.8.6", 
 "league/oauth2-server": "7.2.0", 
- "lcobucci/jwt": "3.2.4" 
+ "lcobucci/jwt": "3.2.4", 
+ "sentry/sdk": "2.0.3" 
 }, 
 "repositories": [ 
 { 
@@ -64,7 +65,6 @@
 "phpspec/phpspec": "~3.4", 
 "leanphp/phpspec-code-coverage": "~3.1", 
 "friendsofphp/php-cs-fixer": "*", 
- "bossa/phpspec2-expect": "*", 
- "apigen/apigen": "*" 
+ "bossa/phpspec2-expect": "*" 
 } 
 }
--- a/composer.lock
+++ b/composer.lock
--- a/containers/php-fpm/Dockerfile
+++ b/containers/php-fpm/Dockerfile
@@ -25,4 +25,12 @@ COPY containers/php-fpm/pull-secrets.sh pull-secrets.sh
 COPY containers/php-fpm/php.ini /usr/local/etc/php/ 
 COPY containers/php-fpm/opcache.ini /usr/local/etc/php/conf.d/opcache-recommended.ini 
 COPY containers/php-fpm/apcu.ini /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini 
-COPY containers/php-fpm/php-fpm.conf /usr/local/etc/php-fpm.d/www.conf
\ No newline at end of file
+COPY containers/php-fpm/php-fpm.conf /usr/local/etc/php-fpm.d/www.conf 
+ 
+# Specify the build args 
+ 
+ARG MINDS_VERSION="Unknown"  
+ENV MINDS_VERSION=${MINDS_VERSION} 
+ 
+ARG SENTRY_DSN="" 
+ENV SENTRY_DSN=${SENTRY_DSN}
--- a/containers/php-fpm/php-fpm.conf
+++ b/containers/php-fpm/php-fpm.conf
@@ -21,4 +21,9 @@ catch_workers_output = yes
 
 request_terminate_timeout = 120s 
 
-rlimit_files = 65535
\ No newline at end of file
+rlimit_files = 65535 
+ 
+clear_env = no 
+env[MINDS_VERSION] = $MINDS_VERSION 
+env[MINDS_ENV] = $MINDS_ENV 
+env[SENTRY_DSN] = $SENTRY_DSN
--- a/containers/php-runners/Dockerfile
+++ b/containers/php-runners/Dockerfile
@@ -22,4 +22,12 @@ COPY containers/php-runners/pull-secrets.sh pull-secrets.sh
 COPY ./containers/php-runners/supervisord.conf /etc 
 COPY ./containers/php-runners/minds.conf /etc/supervisor/conf.d 
 
-ENTRYPOINT ["supervisord", "--nodaemon", "--configuration", "/etc/supervisord.conf"]
\ No newline at end of file
+# Specify the build args 
+ 
+ARG MINDS_VERSION="Unknown" 
+ENV MINDS_VERSION=${MINDS_VERSION} 
+ 
+ARG SENTRY_DSN="" 
+ENV SENTRY_DSN=${SENTRY_DSN} 
+ 
+ENTRYPOINT ["supervisord", "--nodaemon", "--configuration", "/etc/supervisord.conf"]
--- a/lib/elgglib.php
+++ b/lib/elgglib.php
@@ -849,7 +849,9 @@ function _elgg_php_exception_handler($exception) {
 	// make sure the error isn't cached 
 	header("Cache-Control: no-cache, must-revalidate", true); 
 	header('Expires: Fri, 05 Feb 1982 00:00:00 -0500', true); 
-	// @note Do not send a 500 header because it is not a server error 
+ // @note Do not send a 500 header because it is not a server error 
+  
+ Sentry\captureException($exception); 
 } 
 
 /** 
@@ -940,7 +942,9 @@ function fatalErrorShutdownHandler(){
 		header('Fatal error', true, 500); 
 
 		echo file_get_contents(dirname(dirname(dirname(__FILE__))) . '/errors/500.html'); 
-	} 
+ } 
+ 
+ \Sentry\captureLastError(); 
 } 
 
 /** 

--- a/start.php
+++ b/start.php
@@ -19,5 +19,13 @@ define('__MINDS_ROOT__', dirname(__FILE__));
 */ 
 require_once(__MINDS_ROOT__ . '/vendor/autoload.php'); 
 
+// Sentry 
+Sentry\init([ 
+ 'dsn' => getenv('SENTRY_DSN'), 
+ 'release' => getenv('MINDS_VERSION') ?: 'Unknown', 
+ 'environment' => getenv('MINDS_ENV') ?: 'development', 
+ 'send_default_pii' => false, 
+]); 
+ 
 $minds = new Minds\Core\Minds(); 
 $minds->start();