Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[DEV, TEST] Sentry error appears in consle.log #291

Closed
3 tasks
pmbinapps opened this issue Feb 23, 2024 · 4 comments · Fixed by #292
Closed
3 tasks

[DEV, TEST] Sentry error appears in consle.log #291

pmbinapps opened this issue Feb 23, 2024 · 4 comments · Fixed by #292
Assignees
@placek
Labels
🐛 Bug Something isn't working 🏗 Infrastructure
Milestone
Infrastructure ma...

Comments

@pmbinapps
Copy link
Contributor

pmbinapps commented Feb 23, 2024
edited by placek
Loading

Image

As a DevOps Engineer,

I want to adjust the Content Security Policy settings in the Traefik configuration within our Docker compose file,

so that Sentry can properly report errors without being blocked by the CSP.

Summary:

  1. Identify the incorrect CSP setting for the Sentry service in the dev, test, and staging environments.
  2. Update the Traefik configuration in the Docker compose file to include the correct scripts locations for Sentry.
  3. Ensure that the CSP settings allow Sentry to function correctly without compromising security.

This change enables Sentry to accurately report errors and issues, improving our ability to monitor and debug the application in development, testing, and staging phases.

Acceptance Criteria

  • The CSP setting in the Traefik configuration allows Sentry scripts to execute in the dev, test, and staging environments without being blocked.
  • The updated CSP settings do not allow any scripts from unauthorized sources to execute, maintaining the security of the web application.
  • Error reporting and logging through Sentry are verified to work correctly in all specified environments after the CSP adjustments.
placek added a commit that referenced this issue Feb 26, 2024
@placek
[#291] Allow Sentry error reporting in CSP settings across environments
056b410 
Updated CSP settings in Traefik configuration for beta, dev, staging,
and test environments to include Sentry's domain without the ingest
subdomain. This change permits Sentry error logging and reporting to
function correctly without being blocked by the CSP. The adjustment
ensures Sentry can capture and report runtime errors, facilitating
better monitoring and debugging capabilities across our development,
testing, and staging phases.

- Modified CSP `connect-src` directive to add
  `https://sentry.io/api/4506156032196608/envelope/` alongside existing
  sources.
- Ensured that the updated settings adhere to our security policies by
  only allowing necessary and trusted sources.

This update addresses the need for comprehensive error reporting through
Sentry, enhancing our ability to quickly identify and resolve issues in
our application's environments.
placek added a commit that referenced this issue Feb 26, 2024
@placek
[#291] Allow Sentry error reporting in CSP settings across environments
47a25ca 
Updated CSP settings in Traefik configuration for beta, dev, staging,
and test environments to include Sentry's domain without the ingest
subdomain. This change permits Sentry error logging and reporting to
function correctly without being blocked by the CSP. The adjustment
ensures Sentry can capture and report runtime errors, facilitating
better monitoring and debugging capabilities across our development,
testing, and staging phases.

- Modified CSP `connect-src` directive to add
  `https://sentry.io/api/4506156032196608/envelope/` alongside existing
  sources.
- Ensured that the updated settings adhere to our security policies by
  only allowing necessary and trusted sources.

This update addresses the need for comprehensive error reporting through
Sentry, enhancing our ability to quickly identify and resolve issues in
our application's environments.
placek added a commit that referenced this issue Feb 26, 2024
@placek
Updated CHANGELOG.md to include recent enhancements
5f33d20 
- Integrated OAuth for secure Slack deployment notifications #194.
- Streamlined build and deployment process for faster CD and reduced
  resource use #246.
- Allow Sentry error reporting in CSP settings across environments #291.
@placek placek linked a pull request Feb 26, 2024 that will close this issue
[#291] Apply simple sentry DNS to CSP in order to allow error reporting #292
Merged
@Thomas-Upfield
Copy link

@placek what can we do on the Intersect side to unblock you? How can we assist?

@placek
Copy link
Contributor

placek commented Feb 26, 2024
edited
Loading

Thank you @Thomas-Upfield, at this point there is no such need to bother your team.

I'm collecting information from team at the moment, since I have no access to sentry yet, and I want to verify whether my PR (#292) can be applied.

As far as I know team members who has access to sentry will grant me access soon.

placek added a commit that referenced this issue Feb 27, 2024
@placek
[#291] Allow Sentry error reporting in CSP settings across environments
566bbe9 
Updated CSP settings in Traefik configuration for beta, dev, staging,
and test environments to include Sentry's domain without the ingest
subdomain. This change permits Sentry error logging and reporting to
function correctly without being blocked by the CSP. The adjustment
ensures Sentry can capture and report runtime errors, facilitating
better monitoring and debugging capabilities across our development,
testing, and staging phases.

- Modified CSP `connect-src` directive to set
  `o4506155985141760.ingest.sentry.io` replacing old Sentry
  sources.
- Ensured that the updated settings adhere to our security policies by
  only allowing necessary and trusted sources.

This update addresses the need for comprehensive error reporting through
Sentry, enhancing our ability to quickly identify and resolve issues in
our application's environments.
placek added a commit that referenced this issue Feb 27, 2024
@placek
Updated CHANGELOG.md to include recent enhancements
ca27ef6 
- Integrated OAuth for secure Slack deployment notifications #194.
- Streamlined build and deployment process for faster CD and reduced
  resource use #246.
- Allow Sentry error reporting in CSP settings across environments #291.
placek added a commit that referenced this issue Feb 27, 2024
@placek
[#291] Allow Sentry error reporting in CSP settings across environments
66d60af 
Updated CSP settings in Traefik configuration for beta, dev, staging,
and test environments to include Sentry's domain without the ingest
subdomain. This change permits Sentry error logging and reporting to
function correctly without being blocked by the CSP. The adjustment
ensures Sentry can capture and report runtime errors, facilitating
better monitoring and debugging capabilities across our development,
testing, and staging phases.

- Modified CSP `connect-src` directive to set
  `o4506155985141760.ingest.sentry.io` replacing old Sentry
  sources.
- Ensured that the updated settings adhere to our security policies by
  only allowing necessary and trusted sources.

This update addresses the need for comprehensive error reporting through
Sentry, enhancing our ability to quickly identify and resolve issues in
our application's environments.
placek added a commit that referenced this issue Feb 27, 2024
@placek
Updated CHANGELOG.md to include recent enhancements
7304dfa 
- Integrated OAuth for secure Slack deployment notifications #194.
- Streamlined build and deployment process for faster CD and reduced
  resource use #246.
- Allow Sentry error reporting in CSP settings across environments #291.
@MSzalowski MSzalowski mentioned this issue Feb 28, 2024
Merged
MSzalowski pushed a commit that referenced this issue Feb 28, 2024
@placek @MSzalowski
[#291] Allow Sentry error reporting in CSP settings across environments
52f4c88 
Updated CSP settings in Traefik configuration for beta, dev, staging,
and test environments to include Sentry's domain without the ingest
subdomain. This change permits Sentry error logging and reporting to
function correctly without being blocked by the CSP. The adjustment
ensures Sentry can capture and report runtime errors, facilitating
better monitoring and debugging capabilities across our development,
testing, and staging phases.

- Modified CSP `connect-src` directive to set
  `o4506155985141760.ingest.sentry.io` replacing old Sentry
  sources.
- Ensured that the updated settings adhere to our security policies by
  only allowing necessary and trusted sources.

This update addresses the need for comprehensive error reporting through
Sentry, enhancing our ability to quickly identify and resolve issues in
our application's environments.
MSzalowski pushed a commit that referenced this issue Feb 28, 2024
@placek @MSzalowski
Updated CHANGELOG.md to include recent enhancements
e57a18b 
- Integrated OAuth for secure Slack deployment notifications #194.
- Streamlined build and deployment process for faster CD and reduced
  resource use #246.
- Allow Sentry error reporting in CSP settings across environments #291.
MSzalowski pushed a commit that referenced this issue Feb 28, 2024
@placek @MSzalowski
[#291] Allow Sentry error reporting in CSP settings across environments
39318e6 
Updated CSP settings in Traefik configuration for beta, dev, staging,
and test environments to include Sentry's domain without the ingest
subdomain. This change permits Sentry error logging and reporting to
function correctly without being blocked by the CSP. The adjustment
ensures Sentry can capture and report runtime errors, facilitating
better monitoring and debugging capabilities across our development,
testing, and staging phases.

- Modified CSP `connect-src` directive to set
  `o4506155985141760.ingest.sentry.io` replacing old Sentry
  sources.
- Ensured that the updated settings adhere to our security policies by
  only allowing necessary and trusted sources.

This update addresses the need for comprehensive error reporting through
Sentry, enhancing our ability to quickly identify and resolve issues in
our application's environments.
MSzalowski pushed a commit that referenced this issue Feb 28, 2024
@placek @MSzalowski
Updated CHANGELOG.md to include recent enhancements
83145c6 
- Integrated OAuth for secure Slack deployment notifications #194.
- Streamlined build and deployment process for faster CD and reduced
  resource use #246.
- Allow Sentry error reporting in CSP settings across environments #291.
MSzalowski added a commit that referenced this issue Feb 28, 2024
@MSzalowski
Post sync test with develop
21b5a78 
test: #161, #301, #291, #198, #143, #121, #119, #210, #246, #214, #141, #144, #212, #316
@SandraRodziewicz SandraRodziewicz mentioned this issue Mar 1, 2024
Merged
MSzalowski pushed a commit that referenced this issue Mar 1, 2024
@placek @MSzalowski
[#291] Allow Sentry error reporting in CSP settings across environments
faca151 
Updated CSP settings in Traefik configuration for beta, dev, staging,
and test environments to include Sentry's domain without the ingest
subdomain. This change permits Sentry error logging and reporting to
function correctly without being blocked by the CSP. The adjustment
ensures Sentry can capture and report runtime errors, facilitating
better monitoring and debugging capabilities across our development,
testing, and staging phases.

- Modified CSP `connect-src` directive to set
  `o4506155985141760.ingest.sentry.io` replacing old Sentry
  sources.
- Ensured that the updated settings adhere to our security policies by
  only allowing necessary and trusted sources.

This update addresses the need for comprehensive error reporting through
Sentry, enhancing our ability to quickly identify and resolve issues in
our application's environments.
MSzalowski pushed a commit that referenced this issue Mar 1, 2024
@placek @MSzalowski
Updated CHANGELOG.md to include recent enhancements
179d381 
- Integrated OAuth for secure Slack deployment notifications #194.
- Streamlined build and deployment process for faster CD and reduced
  resource use #246.
- Allow Sentry error reporting in CSP settings across environments #291.
@MSzalowski MSzalowski mentioned this issue Mar 1, 2024
Merged
MSzalowski added a commit that referenced this issue Mar 1, 2024
@MSzalowski
Merge pull request #356 from IntersectMBO/test
d5cb3bc 
Staging: #161 #349 #301 #291 #198 #143 #240 #121 #119 #210 #152 #246 #214 #141 #144 #212 #239 #316 #338
@l-br1 l-br1 added this to Govtool all Apr 2, 2024
@pmbinapps pmbinapps added the 🐛 Bug Something isn't working label Apr 4, 2024
@MSzalowski MSzalowski moved this to In staging in Govtool all Apr 8, 2024
@MSzalowski MSzalowski moved this from In staging to Blocked in Govtool all Apr 8, 2024
@bosko-m
Copy link
Contributor

bosko-m commented May 22, 2024

@MSzalowski Is this still an issue?

@MSzalowski
Copy link
Contributor

Not blocked anymore

@MSzalowski MSzalowski moved this from Blocked to In staging in Govtool all May 27, 2024
@bosko-m bosko-m moved this from In staging to Done in Govtool all Aug 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@placek placek

Labels
🐛 Bug Something isn't working 🏗 Infrastructure
Projects
Govtool all
Archived in project
Milestone
Infrastructure management (DevOps)
Development

Successfully merging a pull request may close this issue.

[#291] Apply simple sentry DNS to CSP in order to allow error reporting IntersectMBO/govtool
5 participants
@placek @MSzalowski @pmbinapps @bosko-m @Thomas-Upfield