- Update dependencies
- GovukPrometheus - custom labels from rack env (#424)
- Update dependencies
- Update dependencies
- Update dependencies
- Update dependencies
- Update dependencies
- Update dependencies
- Update dependencies
- Update dependencies
- Add Sanitiser::Strategy::SanitisingError to excluded exceptions list (#402)
- Update dependencies
- Update dependencies
- Update dependencies
- Update SidekiqRedis healthcheck to work with Sidekiq 7 #399
- Update dependencies
- Update dependencies
- Configure
time_zone
withgovuk_time_zone
#392
- Update dependencies
- Add Slimmer::SourceWrapperNotFoundError to excluded exceptions.
- Set time_zone to London in all GOV.UK apps (#381)
- Fix Logstasher monkey patch overriding patch from this library for OpenTelemetry errors (#377)
- Fix OpenTelemetry errors when using with Logstasher gem (#372)
- Add GDS::SSO::PermissionDeniedError to excluded exceptions list (#366)
- Simplify the logic for deciding whether to initialize
GovukPrometheusExporter
.GovukPrometheusExporter
provides the/metrics
webserver and "exporter" process for aggregating counters in multi-process apps. govuk_app_config will now always attempt to initialize GovukPrometheusExporter except when running underrails console
. TheGOVUK_PROMETHEUS_EXPORTER
environment variable no longer has any effect.
- Add single cookie consent api URLs (#355)
- Stop sending SignalExceptions to Sentry by default.
- Drop support for Ruby 3.0. The minimum required Ruby version is now 3.1.4.
- Fix Ruby 3.3 compatibility (#343)
- Revert "Add GOVUK domains to script src CSP" (#336)
- Add GOVUK domains to script src CSP (#334)
- Enable adding custom LogStasher fields from apps (#327)
- Allow YouTube thumbnails from https://i.ytimg.com in the global Content Security Policy (#328)
- Allow gov.uk domains to embed pages in the global Content Security Policy (#325)
- Disallow any domain from embeding a page to prevent clickjacking (#322)
- Fix GovukContentSecurityPolicy test (#324)
- Get prometheus labels from controller, not params (#320)
- Default to Prometheus histograms, not summaries (#318)
- GovukAppConfig silences OpenTelemetry log output when running a rake task (#311)
- Update warning message for Prometheus metric server address already in use.
- Add ability to support custom collectors in the Prometheus exporter.
- Fix an issue with Rails.logger being not an instance of ActiveSupport::Logger. Rails expects Rails.logger to have methods that Ruby STD Logger does not provide. e.g.
silence()
(#309)
- When error is reported by Rails logger, the field is now logged as "error_message" in order to avoid overwriting the "message" field.
- GovukAppConfig no longer automatically initialises OpenTelemetry when running in
rails console
.
- Rename the "error" field in Rails logs from logstasher to "message" as error is supposed to be an object.
- BREAKING: JSON logs are no longer configured automatically for production Rails apps and are turned on with the GOVUK_RAILS_JSON_LOGGING environment variable (#302)
- Add govuk_request_id to JSON logging for apps with gds-api-adapters (#300)
- BREAKING: Remove $stdout, $stderr and $real_stdout redirections (#300)
- BREAKING: Change error log behaviour from logging JSON to full string (#300)
- Remove monkeypatch for errors (#300)
- Fix prometheus_exporter to method patching compatible with OpenTelemetry.
- Add ability to enable OpenTelemetry instrumentation for Rails applications.
- Fix the ability to collect Sidekiq metrics in GovukPrometheusExporter. (#299)
- Change the "source" field in Rails logs from logstasher from string representing IP host address to an empty object.
- BREAKING: Content Security Policy forbids the use of inline style attributes.
- Allow prometheus binding to fail with a warning rather than a crash (#294)
- Suppress noisy Puma::HttpParserError errors (#292)
GovukError
now allows specifying any name for the Sentry environment tag via theSENTRY_CURRENT_ENV
environment variable. The environment name no longer has to match one of a fixed set of strings in order forGovukError
to log events to Sentry.
- BREAKING: Remove unicorn and
GovukUnicorn
. All production GOV.UK apps are now using Puma instead. GovukStatsd
is deprecated and will be removed in a future major release.
- Add support for configuring timeouts for puma-based applications
- BREAKING: Drop support for Ruby 2.7
- Register the Prometheus exporter in Sinatra middleware
- Add support to force-load the GovukPrometheusExporter by setting
GOVUK_PROMETHEUS_EXPORTER
toforce
. (#282)
- Forbid base elements in the Content Security Policy
- BREAKING: Content Security Policy forbids unsafe-inline script-src and data: image-src. It provides a nonce generator. Apps that can't support this will need to amend their CSP configuration in an initializer, see example in signon. Any apps that still use jQuery 1.x will need unsafe-inline for Firefox compatibility.
- Flush log writes to stdout immediately so that structured (JSON) logs are not lost on crash or delayed indefinitely.
- Allow
https://img.youtube.com
as a CSP image source - CSP only allows scripts, styles and fonts from self which reflects GOV.UK production behaviour
- Set the default CSP behaviour to be allow communication only to self
- Remove webchat scripts from the CSP, these are now handled in government-frontend
- Remove
www.signin.service.gov.uk
from the CSP as it is no-longer used in GOV.UK - Disallow data fonts in the global Content Security policy
- Remove govuk_i18n plural rules file
- Update Plek support to allow version 5
- Add I18n plural rules for Welsh (cy), Maltese (mt) and Chinese (zh) since Rails-I18n has dropped support for them in 7.0.6 (#266)
- Fix an object ownership/sharing bug where the Rails log level was erroneously being set to
WARN
when initialising Sentry.
- Reduce log level for the Sentry gem from
INFO
toWARN
to avoid polluting logs with uninformative messages. This only affects log messages from the Sentry gem itself, which go tostdout
.
- Add GovukProxy::StaticProxy to forward Static asset requests by setting
GOVUK_PROXY_STATIC_ENABLED=true
.(#261)
- Enables Sentry environment names for EKS versions of integration, staging and production.(#260)
- Fix the ability to open the Rails console (
bundle exec rails c
) when running inside a container (#257).
- Adds Prometheus Sidekiq monitoring (#255)
- Adds
region1.google-analytics.com
to the security policy for GA (#250)
- Adds a new domain to the security policy for GA (#248)
- Fixes warning message to refer to correct Sidekiq gem dependency name (#243).
- Add a warning for apps using GovukError with Sidekiq that don't have sentry-sidekiq installed (#241).
- Add internal Sidekiq exception "Sidekiq::JobRetry::Skip" to excluded exceptions (#241).
- Add lux.speedcurve.com to connect_src for GOV.UK Content Security Policy (#232)
- Fix prometheus_exporter to only be enabled when the GOVUK_PROMETHEUS_EXPORTER env var is set to "true" (#231).
- Add Prometheus monitoring for EKS section to README.md (#231).
- Fix govuk_error being incompatible with Ruby >= 3 (#233)
- Require Ruby 2.7 as the minimum supported Ruby version (#233)
- Require Sentry 5 and Unicorn 6 major versions (#237)
- Prevent sentry-rails logger warnings when govuk_error is used with non-Rails apps (#234)
- Update prometheus exporter server to 0.0.0.0 from localhost (#227).
- Update HMPO webchat address in security policy (#225).
- Fix issue where GovukPrometheusExporter module prevented the gem to load due to missing constant "PrometheusExporter" (#224).
- Lazy load the prometheus_exporter dependency for only apps that use GovukPrometheusExporter (#224).
- Add GovukPrometheusModule, to allow for export of prometheus metrics (#223).
- Remove Speedcurve's LUX from the connect-src policy (#216).
- Add pluralisation rules for Azerbaijani, Persian, Georgian, and Turkish. (#219)
- Add Puma to dependencies (#214).
- Update Content Security Policy with new klick2contact.com subdomain (#213).
- BREAKING: replaces deprecated
sentry-raven
withsentry-ruby
andsentry-rails
. Follow the migration guide before upgrading to this version of govuk_app_config to ensure full compatibility with the new gems. - BREAKING:
GovukError.configure
can only be called once, and non-Rails apps will have to manually callGovukError.configure
in order to initialise Sentry. - BREAKING: apps will no longer increment the
error_reports_failed
statsd if events fail to get sent to Sentry. - BREAKING: the behaviour of
before_send
has changed, and theshould_capture
method is deprecated. - See pre-release notes below for details.
- PR: #212
- Fix Sentry client initialisation (#205).
- BREAKING: non-Rails apps will need to manually call
GovukError.configure
in order to initialise Sentry. - BREAKING:
GovukError.configure
can only be called once by the downstream application.
- Include sentry-rails by default (#203).
- Fix default Sentry configuration (#202).
- BREAKING: this means no more
silence_ready
ortransport_failure_callback
options.
- BREAKING: upgrades Sentry gem from
sentry-raven
tosentry-ruby
(#199). There is a migration guide you should follow before upgrading to this version of govuk_app_config. - This release also fixes the
data_sync_excluded_exceptions
behaviour that was broken in v3.1.0 (later fixed in v3.3.0, which was released after 4.0.0.pre.1). - Released as a pre-release to identify and fix any problems before a wider rollout.
- Revert the
should_capture
/before_send
consolidation introduced in 3.1.0. This fixes thedata_sync_excluded_exceptions
behaviour that has been broken since v3.1.0. (#211)
- Add Speedcurve's LUX to connect-src policy (#206)
- Fix the new before_send behaviour & tests, and add documentation (#197)
- Remove support for
should_capture
callbacks in favour ofbefore_send
(#196)
- BREAKING: Implement RFC 141 - remove unsuitable healthchecks and return a 500 on healthcheck failure (#193)
- Allow LUX domain on img-src policy (#191)
- Fixes bug in GovukI18n introduced in the last version (#189)
- Add GovukI18n module with custom plural rules (#187)
- Ensure Redis healthcheck avoids potential race condition (#185)
- Add new Redis healthcheck and relevant tests (#183)
- Allow apps to configure the host and protocol for Statsd (#180)
- Add
GdsApi::ContentStore::ItemNotFound
todata_sync_excluded_exceptions
(#178) - Dependabot bumps to allow latest versions of logstasher (#177) and unicorn (#175)
- Adds govuk_app_config version to every Sentry call (#174)
- Fix broken data sync error handling for non-Rails apps (#172)
- Ignore intermittent template retrieval errors from Slimmer (#170)
- Ignore errors that occur in temporary environments (adds
active_sentry_environments
config) (#168)
- Fix govuk_app_config in Ruby 2.7 environments by explicitly requiring the 'delegate' library (#167)
- Increase scope of
data_sync_excluded_exceptions
so that it includes subclasses (#165)
- Use delegator pattern for
GovukError.configure
, to allow customshould_capture
(#160)
- Bump 'sentry-raven' to 3.1.1 to improve grouping of errors (#162)
- Add new GovukHealthcheck::Mongoid and GovukHealthcheck::RailsCache health checks (#161)
- Remove unused SidekiqQueueSizeCheck healthcheck base class (#156)
- Add www.googletagmanager.com and www.gstatic.com to Content Security Policy (#153)
- Fix linting issues (#149)
- Monkey patch
ActionDispatch::DebugExceptions#log_error
so it logs errors on a single line (#147)
- Add missing ActiveRecord rescue_responses (#142)
- Revert using sentry option of rails_report_rescued_exceptions (#140)
- Stop exceptions rescued by rails from appearing in Sentry (#138)
- Add hmrc-uk.digital.nuance.com (Nuance/HMRC Webchat provider) and gov.klick2contact.com (HMPO web chat provider) to connect-src CSP list (#133)
- Add www.gov.uk to CSP list (#129)
- Add hmrc-uk.digital.nuance.com (Nuance/HMRC Webchat provider) to script-src CSP list (#130)
- Reorder requires to resolve: "NameError: uninitialized constant GovukAppConfig::Railtie::GovukLogging"
- Remove support for AWS X-Ray.
- Fix GdsApi::HTTPIntermittentServer errors no longer being filtered from exceptions sent to Sentry.
- Fix regression in error reporting code which caused an error.
- Fix CSP in development
- Add
youtube-nocookie.com
to consent security policy - Update dependencies
- Update error reporting code
- Use
GOVUK_CSP_REPORT_ONLY
andGOVUK_CSP_REPORT_URI
to configure content security policy.
- Fix incorrect report_uri= method usage in content security policy
- Use Rails DSL to configure content security policy, allowing apps to modify the policy and use nonce features.
- Tweak our CSP to work with 'dev.gov.uk'
- Revert PR #89 - it relies on an unreleased feature of aws-xray-sdk
- Don't log Context Missing Errors (
ERROR -- : can not find the current context.
)
- Return Critical status for SidekiqRedis if Redis raises a connection error.
- Add a DoubleClick domain to our content security policy.
- Fix the
UNICORN_TIMEOUT
setting, which previously resulted in a crash on start.
- Allow configuring the unicorn timeout through the
UNICORN_TIMEOUT
environment variable (default: 60).
- Add content security policy support.
- Remove formating from the Logstasher logger, used by default for the GDS API Adapters logging.
- Configure the GDS API Adapters logger to use logstasher
- More consistent log level configuration by default
- Make ActiveRecord healthcheck more accurate
- Add Initialized healthchecks
- Fix crash on start due to incorrect method invocation.
- Fix crash on start due to incorrect method invocation.
- Disable X-Ray entirely if the
GOVUK_APP_CONFIG_DISABLE_XRAY
environment variable is set.
- Only instrument the
aws_sdk
gem with AWS X-Ray if theXRAY_PATCH_AWS_SDK
environment variable is present.
- Do not report Sidekiq queue thresholds in healthchecks which are infinite or NaN.
- Set a default segment name for XRay if the
GOVUK_APP_NAME
environment variable is missing, rather than throwing an exception.
- Make XRay log missing segments (such as when executing rake tasks) as an error, rather than throwing an exception.
- Record 1% of requests with AWS X-Ray.
- Handle a health check which raises an exception.
- Configure Sentry to only log on startup in the production Rails environment (if Rails is in use)
- Add various convenience health check classes which make it easier to add custom checks into apps without writing lots of code.
- Make health checks classes rather than instances, allowing internal data to be cached and improve performance.
- Set the
Content-Type
of healthchecks toapplication/json
. - Make the health check statuses symbols.
- Add healthcheck support. See README.md for usage information.
- Ignore
ActionController::UnknownHttpMethod
errors.
- Check the inner exception as well for the intermittent failure behaviour
added in 1.4.0, eg in the case of
ActionView::Template::Error
- Don't log intermittent errors from
gds-api-adapters
in Sentry, count them in Graphite instead
- Update instructions to suggest that GovukUnicorn should be required directly
require "govuk_app_config/govuk_unicorn"
rather than passively throughrequire "govuk_app_config"
to isolate it from other configuration. - Move STDOUT/STDERR configuration inside GovukLogging module to reduce side effects when gem is initialised.
- In your applications
config/unicorn.rb
file changerequire "govuk_app_config"
torequire "govuk_app_config/govuk_unicorn"
- Fix collection of Statsd gauge metrics
- Include a class to configure unicorn to the common GOV.UK configuration
- Find or create a config/unicorn.rb file in the app
- At the top of the file insert:
require "govuk_app_config/govuk_unicorn" GovukUnicorn.configure(self)
- If the app has the following, remove it:
# Load the system-wide standard Unicorn file def load_file_if_exists(config, file) config.instance_eval(File.read(file)) if File.exist?(file) end load_file_if_exists(self, "/etc/govuk/unicorn.rb")
- Use
INFO
log level for the default Rails logger
- Upgrade unicorn gem from 5.3.1 to 5.4.0
- Support statsd methods of decrement, count, timing, set, and batch
- Add Unicorn (our web server) as a dependency
- Use version 2.7.0 of the Sentry client.
- Set up logging configuration for Rails applications.
- Don't send
ActionController::BadRequest
to Sentry
- Remove
gem 'unicorn'
from your Gemfile - For Rails apps only:
- Remove
gem 'logstasher'
from your Gemfile - Remove all
config.logstasher.*
configs fromconfig/environments/production.rb
- If the app has a
config/initializers/logstash.rb
remove it - If the app has any of the following (likely in
config/environments/production.rb
), remove it:# Use default logging formatter so that PID and timestamp are not suppressed. config.log_formatter = ::Logger::Formatter.new # Use a different logger for distributed setups. # require 'syslog/logger' config.logger = ActiveSupport::TaggedLogging.new(Logger.new($stderr)) $real_stdout = $stdout.clone $stdout.reopen($stderr)
- Remove
- Add
time
andgauge
toGovukStatsd
- Add
GovukError.configure
as an alias toRaven.configure
- First actual release with support for Sentry
Empty gem.