Commit 9e7b49b4 authored by Mehmet Emin INAC's avatar Mehmet Emin INAC

Normalize the SQL queries before sending them to Sentry

To prevent sending some sensitive information, we need to normalize the
SQL queries before we send them to Sentry. To do so, we decided to use
the gem called `pg_query` which compiles some parts of the PostgreSQL
database to make it possible to parse SQL queries.
parent 8fb38237
...@@ -307,6 +307,9 @@ gem 'rack-attack', '~> 6.3.0' ...@@ -307,6 +307,9 @@ gem 'rack-attack', '~> 6.3.0'
# Sentry integration # Sentry integration
gem 'sentry-raven', '~> 3.0' gem 'sentry-raven', '~> 3.0'
# PostgreSQL query parsing
gem 'gitlab-pg_query', '~> 1.3', require: 'pg_query'
gem 'premailer-rails', '~> 1.10.3' gem 'premailer-rails', '~> 1.10.3'
# LabKit: Tracing and Correlation # LabKit: Tracing and Correlation
......
...@@ -439,6 +439,7 @@ GEM ...@@ -439,6 +439,7 @@ GEM
gitlab-mail_room (0.0.7) gitlab-mail_room (0.0.7)
gitlab-markup (1.7.1) gitlab-markup (1.7.1)
gitlab-net-dns (0.9.1) gitlab-net-dns (0.9.1)
gitlab-pg_query (1.3.0)
gitlab-puma (4.3.5.gitlab.3) gitlab-puma (4.3.5.gitlab.3)
nio4r (~> 2.0) nio4r (~> 2.0)
gitlab-puma_worker_killer (0.1.1.gitlab.1) gitlab-puma_worker_killer (0.1.1.gitlab.1)
...@@ -1336,6 +1337,7 @@ DEPENDENCIES ...@@ -1336,6 +1337,7 @@ DEPENDENCIES
gitlab-mail_room (~> 0.0.7) gitlab-mail_room (~> 0.0.7)
gitlab-markup (~> 1.7.1) gitlab-markup (~> 1.7.1)
gitlab-net-dns (~> 0.9.1) gitlab-net-dns (~> 0.9.1)
gitlab-pg_query (~> 1.3)
gitlab-puma (~> 4.3.3.gitlab.2) gitlab-puma (~> 4.3.3.gitlab.2)
gitlab-puma_worker_killer (~> 0.1.1.gitlab.1) gitlab-puma_worker_killer (~> 0.1.1.gitlab.1)
gitlab-sidekiq-fetcher (= 0.5.2) gitlab-sidekiq-fetcher (= 0.5.2)
......
...@@ -153,7 +153,7 @@ module Gitlab ...@@ -153,7 +153,7 @@ module Gitlab
def inject_sql_query_into_extra(exception, extra) def inject_sql_query_into_extra(exception, extra)
return unless exception.is_a?(ActiveRecord::StatementInvalid) return unless exception.is_a?(ActiveRecord::StatementInvalid)
extra[:sql] = exception.sql extra[:sql] = PgQuery.normalize(exception.sql.to_s)
end end
def sentry_dsn def sentry_dsn
......
...@@ -284,13 +284,13 @@ RSpec.describe Gitlab::ErrorTracking do ...@@ -284,13 +284,13 @@ RSpec.describe Gitlab::ErrorTracking do
end end
context 'when the error is kind of an `ActiveRecord::StatementInvalid`' do context 'when the error is kind of an `ActiveRecord::StatementInvalid`' do
let(:exception) { ActiveRecord::StatementInvalid.new(sql: :foo) } let(:exception) { ActiveRecord::StatementInvalid.new(sql: 'SELECT "users".* FROM "users" WHERE "users"."id" = 1 AND "users"."foo" = $1') }
it 'injects the sql query into extra' do it 'injects the normalized sql query into extra' do
track_exception track_exception
expect(Raven).to have_received(:capture_exception) expect(Raven).to have_received(:capture_exception)
.with(exception, a_hash_including(extra: a_hash_including(sql: :foo))) .with(exception, a_hash_including(extra: a_hash_including(sql: 'SELECT "users".* FROM "users" WHERE "users"."id" = $2 AND "users"."foo" = $1')))
end end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment