feat: add user/app context in controlplane sentry

.github/workflows/controlplane-ci.yaml

@@ -80,6 +80,9 @@ jobs:
       - name: Setup Keycloak
         run: nohup .github/scripts/setup-keycloak.sh &
 
+      - name: Copy dummy env file
+        run: cp ./controlplane/.env.example ./controlplane/.env
+
       - name: Test
         run: pnpm run --filter controlplane test
         env:

controlplane/src/core/sentry.config.ts

@@ -2,6 +2,7 @@ import * as Sentry from '@sentry/node';
 import { nodeProfilingIntegration } from '@sentry/profiling-node';
 import { eventLoopBlockIntegration } from '@sentry/node-native';
 import { fastifyIntegration, pinoIntegration } from '@sentry/node';
+import { version } from '../../package.json';
 import { envVariables } from './env.schema.js';
 
 const {
@@ -18,6 +19,7 @@ const {
 if (SENTRY_ENABLED && SENTRY_DSN) {
   Sentry.init({
     dsn: SENTRY_DSN,
+    release: version,
     integrations: [
       fastifyIntegration(),
       eventLoopBlockIntegration({ threshold: SENTRY_EVENT_LOOP_BLOCK_THRESHOLD_MS }),

controlplane/src/core/util.ts

@@ -1,4 +1,5 @@
 import { randomFill } from 'node:crypto';
+import * as Sentry from '@sentry/node';
 import { S3ClientConfig } from '@aws-sdk/client-s3';
 import { HandlerContext } from '@connectrpc/connect';
 import {
@@ -34,13 +35,15 @@ import { isAuthenticationError, isAuthorizationError, isPublicError } from './er
 import { GraphKeyAuthContext } from './services/GraphApiTokenAuthenticator.js';
 import { composeFederatedContract, composeFederatedGraphWithPotentialContracts } from './composition/composition.js';
 import { SubgraphsToCompose } from './repositories/FeatureFlagRepository.js';
+import { envVariables } from './env.schema.js';
 
 const labelRegex = /^[\dA-Za-z](?:[\w.-]{0,61}[\dA-Za-z])?$/;
 const organizationSlugRegex = /^[\da-z]+(?:-[\da-z]+)*$/;
 const namespaceRegex = /^[\da-z]+(?:[_-][\da-z]+)*$/;
 const schemaTagRegex = /^(?![/-])[\d/A-Za-z-]+(?<![/-])$/;
 const graphNameRegex = /^[\dA-Za-z]+(?:[./@_-][\dA-Za-z]+)*$/;
 const pluginVersionRegex = /^v\d+$/;
+const { SENTRY_ENABLED, SENTRY_DSN } = envVariables.parse(process.env);
 
 /**
  * Wraps a function with a try/catch block and logs any errors that occur.
@@ -107,6 +110,40 @@ export const enrichLogger = (
     },
   });
 
+  if (SENTRY_ENABLED && SENTRY_DSN) {
+    try {
+      // NB: Fastify integration automatically creates request-specific scopes
+      if (authContext.userId) {
+        Sentry.setUser({
+          id: authContext.userId,
+          username: authContext.userDisplayName,
+        });
+      }
+
+      if (authContext.organizationId) {
+        Sentry.setTag('org.id', authContext.organizationId);
+      }
+
+      if ('organizationSlug' in authContext && authContext.organizationSlug) {
+        Sentry.setTag('org.slug', authContext.organizationSlug);
+      }
+
+      if ('apiKeyName' in authContext && authContext.apiKeyName) {
+        Sentry.setTag('api.key', authContext.apiKeyName);
+      }
+
+      if ('federatedGraphId' in authContext && authContext.federatedGraphId) {
+        Sentry.setTag('graph.id', authContext.federatedGraphId);
+      }
+
+      if ('auth' in authContext && authContext.auth) {
+        Sentry.setTag('auth.kind', authContext.auth);
+      }
+    } catch (error) {
+      newLogger.debug({ err: error }, 'Failed to enrich Sentry context');
+    }
+  }
+
   ctx.values.set<FastifyBaseLogger>({ id: fastifyLoggerId, defaultValue: newLogger }, newLogger);
 
   return newLogger;

controlplane/vite.config.ts

@@ -4,9 +4,10 @@ export default defineConfig({
   test: {
     pool: 'forks',
     // Increase the timeout for integration tests
-    testTimeout: 20_000,
+    testTimeout: 35_000,
     teardownTimeout: 10_000,
     // Ensure always the CJS version is used otherwise we might conflict with multiple versions of graphql
     alias: [{ find: /^graphql$/, replacement: 'graphql/index.js' }],
+    setupFiles: ['dotenv/config'],
   },
 });