arcad/emissary
16
0
Fork 0
Code Issues 14 Pull Requests Packages Projects Releases 3 Wiki Activity

feat: sentry integration
All checks were successful
arcad/emissary/pipeline/head This commit looks good
Details

Browse Source
This commit is contained in:
wpetit
2023-10-13 12:30:52 +02:00
parent 9068203e71
commit e756a60373
27 changed files with 272 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
internal/server/agent_api.go
View File

@ -9,6 +9,7 @@ import (
"forge.cadoles.com/Cadoles/emissary/internal/agent/metadata"
"forge.cadoles.com/Cadoles/emissary/internal/datastore"
"forge.cadoles.com/Cadoles/emissary/internal/jwk"
"github.com/getsentry/sentry-go"
"github.com/go-chi/chi"
"github.com/pkg/errors"
"gitlab.com/wpetit/goweb/api"
@ -39,7 +40,9 @@ func (s *Server) registerAgent(w http.ResponseWriter, r *http.Request) {
keySet, err := jwk.Parse(registerAgentReq.KeySet)
if err != nil {
logger.Error(ctx, "could not parse key set", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not parse key set", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeUnknownError, nil)
return
@ -51,14 +54,16 @@ func (s *Server) registerAgent(w http.ResponseWriter, r *http.Request) {
validSignature, err := jwk.Verify(keySet, registerAgentReq.Signature, registerAgentReq.Thumbprint, registerAgentReq.Metadata)
if err != nil {
logger.Error(ctx, "could not validate signature", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not validate signature", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeUnknownError, nil)
return
}
if !validSignature {
logger.Error(ctx, "conflicting signature", logger.F("signature", registerAgentReq.Signature))
logger.Warn(ctx, "conflicting signature", logger.F("signature", registerAgentReq.Signature))
api.ErrorResponse(w, http.StatusConflict, ErrCodeConflict, nil)
return
@ -74,7 +79,9 @@ func (s *Server) registerAgent(w http.ResponseWriter, r *http.Request) {
)
if err != nil {
if !errors.Is(err, datastore.ErrAlreadyExist) {
logger.Error(ctx, "could not create agent", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not create agent", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeUnknownError, nil)
return
@ -86,14 +93,18 @@ func (s *Server) registerAgent(w http.ResponseWriter, r *http.Request) {
datastore.WithAgentQueryLimit(1),
)
if err != nil {
logger.Error(ctx, "could not retrieve agents", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not retrieve agents", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeUnknownError, nil)
return
}
if len(agents) == 0 {
logger.Error(ctx, "could not retrieve matching agent", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not retrieve matching agent", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeNotFound, nil)
@ -104,10 +115,13 @@ func (s *Server) registerAgent(w http.ResponseWriter, r *http.Request) {
agent, err = s.agentRepo.Get(ctx, agentID)
if err != nil {
err = errors.WithStack(err)
logger.Error(
ctx, "could not retrieve agent",
logger.E(errors.WithStack(err)), logger.F("agentID", agentID),
logger.E(err), logger.F("agentID", agentID),
)
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeUnknownError, nil)
return
@ -115,7 +129,9 @@ func (s *Server) registerAgent(w http.ResponseWriter, r *http.Request) {
validSignature, err = jwk.Verify(agent.KeySet.Set, registerAgentReq.Signature, registerAgentReq.Thumbprint, registerAgentReq.Metadata)
if err != nil {
logger.Error(ctx, "could not validate signature using previous keyset", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not validate signature using previous keyset", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusConflict, ErrCodeConflict, nil)
@ -129,7 +145,10 @@ func (s *Server) registerAgent(w http.ResponseWriter, r *http.Request) {
datastore.WithAgentUpdateThumbprint(registerAgentReq.Thumbprint),
)
if err != nil {
logger.Error(ctx, "could not update agent", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not update agent", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeUnknownError, nil)
return
@ -177,7 +196,10 @@ func (s *Server) updateAgent(w http.ResponseWriter, r *http.Request) {
options...,
)
if err != nil {
logger.Error(ctx, "could not update agent", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not update agent", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeUnknownError, nil)
return
@ -258,7 +280,10 @@ func (s *Server) queryAgents(w http.ResponseWriter, r *http.Request) {
options...,
)
if err != nil {
logger.Error(ctx, "could not list agents", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not list agents", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeUnknownError, nil)
return
@ -292,7 +317,10 @@ func (s *Server) deleteAgent(w http.ResponseWriter, r *http.Request) {
return
}
logger.Error(ctx, "could not delete agent", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not delete agent", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeUnknownError, nil)
return
@ -324,7 +352,10 @@ func (s *Server) getAgent(w http.ResponseWriter, r *http.Request) {
return
}
logger.Error(ctx, "could not get agent", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not get agent", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeUnknownError, nil)
return
@ -356,7 +387,10 @@ func getIntQueryParam(w http.ResponseWriter, r *http.Request, param string, defa
if rawValue != "" {
value, err := strconv.ParseInt(rawValue, 10, 64)
if err != nil {
logger.Error(r.Context(), "could not parse int param", logger.F("param", param), logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(r.Context(), "could not parse int param", logger.F("param", param), logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusBadRequest, api.ErrCodeMalformedRequest, nil)
return 0, false
@ -389,7 +423,10 @@ func getIntSliceValues(w http.ResponseWriter, r *http.Request, param string, def
for _, rv := range rawValues {
value, err := strconv.ParseInt(rv, 10, 64)
if err != nil {
logger.Error(r.Context(), "could not parse int slice param", logger.F("param", param), logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(r.Context(), "could not parse int slice param", logger.F("param", param), logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusBadRequest, api.ErrCodeMalformedRequest, nil)
return nil, false

7
internal/server/authorization.go
View File

@ -8,6 +8,7 @@ import (
"forge.cadoles.com/Cadoles/emissary/internal/auth"
"forge.cadoles.com/Cadoles/emissary/internal/auth/agent"
"forge.cadoles.com/Cadoles/emissary/internal/auth/thirdparty"
"github.com/getsentry/sentry-go"
"github.com/pkg/errors"
"gitlab.com/wpetit/goweb/api"
"gitlab.com/wpetit/goweb/logger"
@ -124,7 +125,9 @@ func assertRequestUser(w http.ResponseWriter, r *http.Request) (auth.User, bool)
ctx := r.Context()
user, err := auth.CtxUser(ctx)
if err != nil {
logger.Error(ctx, "could not retrieve user", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not retrieve user", logger.E(err))
sentry.CaptureException(err)
forbidden(w, r)
@ -147,7 +150,7 @@ func forbidden(w http.ResponseWriter, r *http.Request) {
}
func logUnexpectedUserType(ctx context.Context, user auth.User) {
logger.Error(
logger.Warn(
ctx, "unexpected user type",
logger.F("subject", user.Subject()),
logger.F("type", fmt.Sprintf("%T", user)),

26
internal/server/spec_api.go
View File

@ -6,6 +6,7 @@ import (
"forge.cadoles.com/Cadoles/emissary/internal/datastore"
"forge.cadoles.com/Cadoles/emissary/internal/spec"
"github.com/getsentry/sentry-go"
"github.com/go-chi/chi"
"github.com/pkg/errors"
"gitlab.com/wpetit/goweb/api"
@ -44,7 +45,10 @@ func (s *Server) updateSpec(w http.ResponseWriter, r *http.Request) {
data.Message = validationErr.Error()
}
logger.Error(ctx, "could not validate spec", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not validate spec", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusBadRequest, api.ErrCodeInvalidRequest, data)
return
@ -70,7 +74,10 @@ func (s *Server) updateSpec(w http.ResponseWriter, r *http.Request) {
return
}
logger.Error(ctx, "could not update spec", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not update spec", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeUnknownError, nil)
return
@ -99,7 +106,10 @@ func (s *Server) getAgentSpecs(w http.ResponseWriter, r *http.Request) {
return
}
logger.Error(ctx, "could not list specs", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not list specs", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeUnknownError, nil)
return
@ -141,7 +151,10 @@ func (s *Server) deleteSpec(w http.ResponseWriter, r *http.Request) {
return
}
logger.Error(ctx, "could not delete spec", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(ctx, "could not delete spec", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeUnknownError, nil)
return
@ -159,7 +172,10 @@ func getSpecID(w http.ResponseWriter, r *http.Request) (datastore.SpecID, bool)
specID, err := strconv.ParseInt(rawSpecID, 10, 64)
if err != nil {
logger.Error(r.Context(), "could not parse spec id", logger.E(errors.WithStack(err)))
err = errors.WithStack(err)
logger.Error(r.Context(), "could not parse spec id", logger.E(err))
sentry.CaptureException(err)
api.ErrorResponse(w, http.StatusBadRequest, api.ErrCodeMalformedRequest, nil)
return 0, false