feat: add more sentry tracing

hm-edu · Nov 16, 2024 · 32cb9c3 · 32cb9c3
1 parent d0f4df4
commit 32cb9c3
Show file tree

Hide file tree

Showing 4 changed files with 91 additions and 19 deletions.
diff --git a/backend/common/auth/oauth2.go b/backend/common/auth/oauth2.go
@@ -26,7 +26,11 @@ func SubFromRequest(token interface{}) (string, error) {
 func UserFromRequest(c echo.Context) (string, error) {
 	if token, ok := c.Get("user").(*jwt.Token); ok {
 		if user, ok := token.Claims.(jwt.MapClaims); ok {
-			return user["email"].(string), nil
+			if token, ok := user["email"]; !ok {
+				return "", errors.New("email not found in token")
+			} else {
+				return token.(string), nil
+			}
 		}
 	}
 

diff --git a/backend/domain-rest-interface/pkg/api/domains/domains.go b/backend/domain-rest-interface/pkg/api/domains/domains.go
@@ -34,24 +34,9 @@ import (
 func (h *Handler) ListDomains(c echo.Context) error {
 	logger := c.Request().Context().Value(logging.LoggingContextKey).(*zap.Logger)
 	ctx, span := h.tracer.Start(c.Request().Context(), "list")
-	hub := sentry.GetHubFromContext(ctx)
-	if hub == nil {
-		// Check the concurrency guide for more details: https://docs.sentry.io/platforms/go/concurrency/
-		hub = sentry.CurrentHub().Clone()
-		ctx = sentry.SetHubOnContext(ctx, hub)
-	}
-
-	options := []sentry.SpanOption{
-		// Set the OP based on values from https://develop.sentry.dev/sdk/performance/span-operations/
-		sentry.WithOpName("http.server"),
-		sentry.ContinueFromRequest(c.Request()),
-		sentry.WithTransactionSource(sentry.SourceURL),
-	}
-
-	transaction := sentry.StartTransaction(ctx,
-		fmt.Sprintf("%s %s", c.Request().Method, c.Request().URL.Path),
-		options...,
-	)
+	// Check the concurrency guide for more details: https://docs.sentry.io/platforms/go/concurrency/
+	// Set the OP based on values from https://develop.sentry.dev/sdk/performance/span-operations/
+	ctx, transaction := sentryTrace(ctx, c)
 	defer transaction.Finish()
 	defer span.End()
 
@@ -72,6 +57,28 @@ func (h *Handler) ListDomains(c echo.Context) error {
 	return c.JSON(http.StatusOK, domains)
 }
 
+func sentryTrace(ctx context.Context, c echo.Context) (context.Context, *sentry.Span) {
+	hub := sentry.GetHubFromContext(ctx)
+	if hub == nil {
+
+		hub = sentry.CurrentHub().Clone()
+		ctx = sentry.SetHubOnContext(ctx, hub)
+	}
+
+	options := []sentry.SpanOption{
+
+		sentry.WithOpName("http.server"),
+		sentry.ContinueFromRequest(c.Request()),
+		sentry.WithTransactionSource(sentry.SourceURL),
+	}
+
+	transaction := sentry.StartTransaction(ctx,
+		fmt.Sprintf("%s %s", c.Request().Method, c.Request().URL.Path),
+		options...,
+	)
+	return ctx, transaction
+}
+
 func (h *Handler) enumerateDomains(ctx context.Context, user string, logger *zap.Logger) ([]*model.Domain, error) {
 
 	ctx, span := h.tracer.Start(ctx, "enumerating")
@@ -177,6 +184,8 @@ func (h *Handler) enumerateDomains(ctx context.Context, user string, logger *zap
 func (h *Handler) CreateDomain(c echo.Context) error {
 	logger := c.Request().Context().Value(logging.LoggingContextKey).(*zap.Logger)
 	ctx, span := h.tracer.Start(c.Request().Context(), "create")
+	ctx, transaction := sentryTrace(ctx, c)
+	defer transaction.Finish()
 	defer span.End()
 
 	user, err := auth.UserFromRequest(c)
@@ -244,6 +253,8 @@ func (h *Handler) CreateDomain(c echo.Context) error {
 func (h *Handler) DeleteDomain(c echo.Context) error {
 	logger := c.Request().Context().Value(logging.LoggingContextKey).(*zap.Logger)
 	ctx, span := h.tracer.Start(c.Request().Context(), "delete")
+	ctx, transaction := sentryTrace(ctx, c)
+	defer transaction.Finish()
 	defer span.End()
 
 	item, err := h.evaluatePermission(ctx, c, logger, func(d *model.Domain) bool { return d.Permissions.CanDelete })
@@ -308,6 +319,8 @@ func (h *Handler) evaluatePermission(ctx context.Context, c echo.Context, logger
 func (h *Handler) ApproveDomain(c echo.Context) error {
 	logger := c.Request().Context().Value(logging.LoggingContextKey).(*zap.Logger)
 	ctx, span := h.tracer.Start(c.Request().Context(), "approve")
+	ctx, transaction := sentryTrace(ctx, c)
+	defer transaction.Finish()
 	defer span.End()
 
 	item, err := h.evaluatePermission(ctx, c, logger, func(d *model.Domain) bool { return d.Permissions.CanApprove })
@@ -340,6 +353,8 @@ func (h *Handler) ApproveDomain(c echo.Context) error {
 func (h *Handler) TransferDomain(c echo.Context) error {
 	logger := c.Request().Context().Value(logging.LoggingContextKey).(*zap.Logger)
 	ctx, span := h.tracer.Start(c.Request().Context(), "transfer")
+	ctx, transaction := sentryTrace(ctx, c)
+	defer transaction.Finish()
 	defer span.End()
 
 	req := &model.TransferRequest{}
@@ -377,6 +392,8 @@ func (h *Handler) TransferDomain(c echo.Context) error {
 func (h *Handler) DeleteDelegation(c echo.Context) error {
 	logger := c.Request().Context().Value(logging.LoggingContextKey).(*zap.Logger)
 	ctx, span := h.tracer.Start(c.Request().Context(), "deleteDelegation")
+	ctx, transaction := sentryTrace(ctx, c)
+	defer transaction.Finish()
 	defer span.End()
 
 	item, err := h.evaluatePermission(ctx, c, logger, func(d *model.Domain) bool { return d.Permissions.CanDelegate })
@@ -420,6 +437,8 @@ func (h *Handler) DeleteDelegation(c echo.Context) error {
 func (h *Handler) AddDelegation(c echo.Context) error {
 	logger := c.Request().Context().Value(logging.LoggingContextKey).(*zap.Logger)
 	ctx, span := h.tracer.Start(c.Request().Context(), "addDelegation")
+	ctx, transaction := sentryTrace(ctx, c)
+	defer transaction.Finish()
 	defer span.End()
 
 	req := &model.DelegationRequest{}

diff --git a/backend/pki-rest-interface/pkg/api/server.go b/backend/pki-rest-interface/pkg/api/server.go
@@ -7,8 +7,11 @@ import (
 	"time"
 
 	"github.com/getkin/kin-openapi/openapi3"
+	"github.com/getsentry/sentry-go"
+	sentryecho "github.com/getsentry/sentry-go/echo"
 	"github.com/labstack/echo/v4"
 	"github.com/labstack/echo/v4/middleware"
+	"github.com/labstack/gommon/log"
 	"github.com/lestrrat-go/jwx/jwk"
 	echoSwagger "github.com/swaggo/echo-swagger"
 
@@ -91,6 +94,20 @@ func (api *Server) wireRoutesAndMiddleware() {
 	api.app.Use(logging.ZapLogger(api.logger))
 	api.app.Use(middleware.Recover())
 
+	if api.config.SentryDSN != "" {
+		if err := sentry.Init(sentry.ClientOptions{
+			Dsn: api.config.SentryDSN,
+			// Set TracesSampleRate to 1.0 to capture 100%
+			// of transactions for performance monitoring.
+			// We recommend adjusting this value in production,
+			TracesSampleRate: 1.0,
+			EnableTracing:    true,
+		}); err != nil {
+			log.Warnf("Sentry initialization failed: %v\n", err)
+		} else {
+			api.app.Use(sentryecho.New(sentryecho.Options{}))
+		}
+	}
 	if len(api.config.CorsAllowedOrigins) != 0 {
 		api.app.Use(middleware.CORSWithConfig(middleware.CORSConfig{
 			AllowOrigins:     api.config.CorsAllowedOrigins,

diff --git a/backend/pki-rest-interface/pkg/api/ssl/certificate.go b/backend/pki-rest-interface/pkg/api/ssl/certificate.go
@@ -1,13 +1,15 @@
 package ssl
 
 import (
+	"context"
 	"crypto/rsa"
 	"crypto/x509"
 	"encoding/pem"
 	"fmt"
 	"net/http"
 	"strings"
 
+	"github.com/getsentry/sentry-go"
 	"github.com/hm-edu/pki-rest-interface/pkg/model"
 	"github.com/hm-edu/portal-common/auth"
 	"github.com/hm-edu/portal-common/helper"
@@ -20,6 +22,28 @@ import (
 	"go.uber.org/zap"
 )
 
+func sentryTrace(ctx context.Context, c echo.Context) (context.Context, *sentry.Span) {
+	hub := sentry.GetHubFromContext(ctx)
+	if hub == nil {
+
+		hub = sentry.CurrentHub().Clone()
+		ctx = sentry.SetHubOnContext(ctx, hub)
+	}
+
+	options := []sentry.SpanOption{
+
+		sentry.WithOpName("http.server"),
+		sentry.ContinueFromRequest(c.Request()),
+		sentry.WithTransactionSource(sentry.SourceURL),
+	}
+
+	transaction := sentry.StartTransaction(ctx,
+		fmt.Sprintf("%s %s", c.Request().Method, c.Request().URL.Path),
+		options...,
+	)
+	return ctx, transaction
+}
+
 // Active godoc
 // @Summary SSL List active certificates Endpoint
 // @Tags SSL
@@ -34,6 +58,8 @@ func (h *Handler) Active(c echo.Context) error {
 
 	logger := c.Request().Context().Value(logging.LoggingContextKey).(*zap.Logger)
 	ctx, span := h.tracer.Start(c.Request().Context(), "list active ssl certificates for given domain")
+	ctx, transaction := sentryTrace(ctx, c)
+	defer transaction.Finish()
 	defer span.End()
 
 	user, err := auth.UserFromRequest(c)
@@ -91,6 +117,8 @@ func (h *Handler) Active(c echo.Context) error {
 func (h *Handler) List(c echo.Context) error {
 	logger := c.Request().Context().Value(logging.LoggingContextKey).(*zap.Logger)
 	ctx, span := h.tracer.Start(c.Request().Context(), "list ssl certificates")
+	ctx, transaction := sentryTrace(ctx, c)
+	defer transaction.Finish()
 	defer span.End()
 	user, err := auth.UserFromRequest(c)
 	if err != nil {
@@ -128,6 +156,8 @@ func (h *Handler) List(c echo.Context) error {
 func (h *Handler) Revoke(c echo.Context) error {
 	logger := c.Request().Context().Value(logging.LoggingContextKey).(*zap.Logger)
 	ctx, span := h.tracer.Start(c.Request().Context(), "revoke")
+	ctx, transaction := sentryTrace(ctx, c)
+	defer transaction.Finish()
 	defer span.End()
 	user, err := auth.UserFromRequest(c)
 	if err != nil {
@@ -196,6 +226,8 @@ func (h *Handler) Revoke(c echo.Context) error {
 func (h *Handler) HandleCsr(c echo.Context) error {
 	logger := c.Request().Context().Value(logging.LoggingContextKey).(*zap.Logger)
 	ctx, span := h.tracer.Start(c.Request().Context(), "issue new certificate")
+	ctx, transaction := sentryTrace(ctx, c)
+	defer transaction.Finish()
 	defer span.End()
 	user, err := auth.UserFromRequest(c)
 	if err != nil {