bump sentry, add cron job monitoring (#1233)

* bump sentry, add cron job monitoring * sentry exception only takes one param, Raven->Sentry * handle password set failures differently * remove unecessary sentry capture_message * fix redirect * revert changes to password change * reverse check on mismatched auths * bump puma * more modest puma bump, sentry-rails bump * fix deprecation warnings (until we upgrade faraday) * revert net-http * remove extras * fix extra * errant comma
openstax · Jan 29, 2024 · 4c3cdd0 · 4c3cdd0
1 parent 357546f
commit 4c3cdd0
Show file tree

Hide file tree

Showing 9 changed files with 25 additions and 48 deletions.
diff --git a/Gemfile b/Gemfile
@@ -16,7 +16,7 @@ gem 'bootsnap', require: false
 gem 'dotenv-rails'
 
 # Threaded application server
-gem 'puma'
+gem 'puma', '~> 5.6.0'
 
 # Prevent server memory from growing until OOM
 gem 'puma_worker_killer'
@@ -81,7 +81,8 @@ gem 'openstax_rescue_from'
 
 # Sentry integration
 gem 'sentry-ruby'
-gem "sentry-rails"
+gem 'sentry-rails'
+gem 'sentry-delayed_job'
 
 # Background job status store
 gem 'jobba'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -494,7 +494,7 @@ GEM
       method_source (~> 0.8.1)
       slop (~> 3.4)
     public_suffix (4.0.6)
-    puma (5.6.7)
+    puma (5.6.8)
       nio4r (~> 2.0)
     puma_worker_killer (0.3.1)
       get_process_mem (~> 0.2)
@@ -658,13 +658,13 @@ GEM
       rexml (~> 3.2, >= 3.2.5)
       rubyzip (>= 1.2.2, < 3.0)
       websocket (~> 1.0)
-    sentry-rails (4.4.0)
-      railties (>= 5.0)
+    sentry-delayed_job (4.4.0)
       sentry-ruby-core (~> 4.4.0.pre.beta)
-    sentry-ruby (4.4.2)
+    sentry-rails (5.16.1)
+      railties (>= 5.0)
+      sentry-ruby (~> 5.16.1)
+    sentry-ruby (5.16.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      faraday (>= 1.0)
-      sentry-ruby-core (= 4.4.2)
     sentry-ruby-core (4.4.2)
       concurrent-ruby
       faraday
@@ -816,7 +816,7 @@ DEPENDENCIES
   pattern-library!
   pg
   premailer-rails
-  puma
+  puma (~> 5.6.0)
   puma_worker_killer
   rack-cors
   rails (= 5.2.4.4)
@@ -836,6 +836,7 @@ DEPENDENCIES
   sass-rails (~> 5.0)
   sd_notify
   selenium-webdriver
+  sentry-delayed_job
   sentry-rails
   sentry-ruby
   shoulda-matchers (~> 3.1)

diff --git a/app/controllers/newflow/login_controller.rb b/app/controllers/newflow/login_controller.rb
@@ -18,6 +18,7 @@ def login
         success: lambda {
           clear_signup_state
           user = @handler_result.outputs.user
+          Sentry.set_user(id: user.id) if Rails.env.production?
 
           if user.unverified?
             save_unverified_user(user.id)
@@ -57,6 +58,7 @@ def login
 
     def logout
       sign_out!
+      Sentry.set_user({}) if Rails.env.production?
       redirect_back(fallback_location: newflow_login_path)
     end
 

diff --git a/app/handlers/newflow/educator_signup/complete_profile.rb b/app/handlers/newflow/educator_signup/complete_profile.rb
@@ -81,6 +81,8 @@ def handle
           is_profile_complete: true,
           is_educator_pending_cs_verification: !@did_use_sheerid
         )
+        # If anything happens during lead creation, it's helpful for us to have this on the log.
+        SecurityLog.create!(user: user, event_type: :user_profile_complete, event_data: { books_used_details: books_used_details })
 
         if @is_on_cs_form
           SecurityLog.create!(

diff --git a/app/handlers/oauth_callback.rb b/app/handlers/oauth_callback.rb
@@ -81,12 +81,7 @@ def mismatched_authentication?
     existing_auth_uid = Authentication.where(user_id: existing_email_owner_id, provider: @oauth_provider).pluck(:uid).first
     incoming_auth_uid = Authentication.where(provider: @oauth_provider, uid: @oauth_uid).last&.uid
 
-    if existing_auth_uid != incoming_auth_uid
-      Sentry.capture_message('mismatched authentication', extra: { oauth_response: oauth_response })
-      return true
-    else
-      return false
-    end
+    existing_auth_uid != incoming_auth_uid
   end
 
   def newflow_handle_while_logged_in(logged_in_user_id)

diff --git a/app/routines/update_school_salesforce_info.rb b/app/routines/update_school_salesforce_info.rb
@@ -23,6 +23,7 @@ def log(message, level = :info)
   end
 
   def call
+    check_in_id = Sentry.capture_check_in('update-school-salesforce', :in_progress)
     log('Starting UpdateSchoolSalesforceInfo')
 
     # Check if any Schools that have 0 users have been deleted from Salesforce and remove them
@@ -80,5 +81,6 @@ def call
     end
 
     log("Finished updating #{schools_updated} schools")
+    Sentry.capture_check_in('update-school-salesforce', :ok, check_in_id: check_in_id)
   end
 end
diff --git a/app/routines/update_user_contact_info.rb b/app/routines/update_user_contact_info.rb
@@ -23,6 +23,7 @@ def self.call
   end
 
   def call
+    check_in_id = Sentry.capture_check_in('update-user-contact-info', :in_progress)
     log("Starting sync with Salesforce")
     contacts = salesforce_contacts
     log("#{contacts.count} contacts fetched from Salesforce")
@@ -136,6 +137,7 @@ def call
     log("Completed updating #{users_updated} users.")
     log("#{users_fv_status_changed} users had their faculty status updated.")
     log("#{users_without_cached_school} users had no cached school in accounts. This should update on the next sync (after UpdateSchoolSalesforceInfo runs) or it is missing in Salesforce.")
+    Sentry.capture_check_in('update-user-contact-info', :ok, check_in_id: check_in_id)
   end
 
   def salesforce_contacts

diff --git a/config/initializers/delayed_job_heartbeat.rb b/config/initializers/delayed_job_heartbeat.rb
@@ -2,11 +2,7 @@
   configuration.heartbeat_interval_seconds = 30
   configuration.heartbeat_timeout_seconds = 60
   configuration.on_worker_termination = ->(worker_model, exception) do
-    Raven.capture_exception(
-      exception,
-      logger: 'delayed_job_heartbeat_plugin',
-      extra: { delayed_worker: worker_model.attributes }
-    )
+    Sentry.capture_exception(exception)
   end
   configuration.worker_version = Rails.application.secrets.release_version
 end

diff --git a/config/initializers/rescue_from.rb b/config/initializers/rescue_from.rb
@@ -4,48 +4,24 @@
 exception_secrets = secrets.exception
 OpenStax::RescueFrom.configure do |config|
   # Show the default Rails exception debugging page on dev
-  config.raise_exceptions = EnvUtilities.load_boolean(name: 'RAISE',
-                                                      default: Rails.env.development?)
+  config.raise_exceptions = EnvUtilities.load_boolean(name: 'RAISE', default: Rails.env.development?)
 
   config.app_name = 'Accounts'
   config.contact_name = exception_secrets[:contact_name]&.html_safe
 
   # Notify devs using sentry
   config.notify_proc = ->(proxy, controller) do
-    extra = {
-      error_id: proxy.error_id,
-      class: proxy.name,
-      message: proxy.message,
-      first_line_of_backtrace: proxy.first_backtrace_line,
-      cause: proxy.cause,
-      dns_name: resolve_ip(controller.request.remote_ip)
-    }
-    extra.merge!(proxy.extras) if proxy.extras.is_a? Hash
-
-    Sentry.capture_exception(proxy.exception, extra: extra)
+    Sentry.capture_exception(proxy.exception)
   end
   config.notify_background_proc = ->(proxy) do
-    extra = {
-      error_id: proxy.error_id,
-      class: proxy.name,
-      message: proxy.message,
-      first_line_of_backtrace: proxy.first_backtrace_line,
-      cause: proxy.cause
-    }
-    extra.merge!(proxy.extras) if proxy.extras.is_a? Hash
-
-    Sentry.capture_exception(proxy.exception, extra: extra)
+    Sentry.capture_exception(proxy.exception)
   end
 
   config.html_error_template_path = 'errors/any'
   config.html_error_template_layout_name = 'error'
 end
 
-OpenStax::RescueFrom.register_exception(
-  'Lev::SecurityTransgression',
-  notify: false,
-  status: :forbidden
-)
+OpenStax::RescueFrom.register_exception('Lev::SecurityTransgression', notify: false, status: :forbidden)
 
 # Exceptions in controllers are not automatically reraised in production-like environments
 ActionController::Base.use_openstax_exception_rescue