From db71d83d001c5102b151febf6d6146d678bf6fa4 Mon Sep 17 00:00:00 2001 From: Bernardo Anderson Date: Tue, 9 Jun 2026 14:22:18 -0500 Subject: [PATCH 1/2] CP-12437 - Harden Airbrake and New Relic config for production - Fix Airbrake root_directory from /var/cpd/app to Rails.root.to_s - Add blocklist_keys to prevent sensitive params in error reports - Add AIRBRAKE_IGNORE filter for RoutingError, RecordNotFound, etc. - Bump newrelic_rpm from 9.17.0 to 9.24.0 (match ATS) - Add job.sidekiq.args.* attributes to New Relic traces - Enable distributed_tracing in production - Include ENV_NAME in production app_name for instance differentiation --- Gemfile | 2 +- Gemfile.lock | 4 ++-- config/initializers/airbrake.rb | 18 +++++++++++++++++- config/newrelic.yml | 7 ++++--- 4 files changed, 24 insertions(+), 7 deletions(-) diff --git a/Gemfile b/Gemfile index 26541f3dc..7b3ea703a 100644 --- a/Gemfile +++ b/Gemfile @@ -46,7 +46,7 @@ gem 'twitter_cldr', require: false gem 'tzinfo-data' gem 'airbrake' -gem 'newrelic_rpm' +gem 'newrelic_rpm', '~> 9.24.0' group :development, :test do gem 'better_html' diff --git a/Gemfile.lock b/Gemfile.lock index b10943174..f556a5ddf 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -343,7 +343,7 @@ GEM timeout net-smtp (0.5.0) net-protocol - newrelic_rpm (9.17.0) + newrelic_rpm (9.24.0) nio4r (2.7.4) nokogiri (1.18.8) mini_portile2 (~> 2.8.2) @@ -629,7 +629,7 @@ DEPENDENCIES jwt letter_opener_web lograge - newrelic_rpm + newrelic_rpm (~> 9.24.0) oj pagy pg diff --git a/config/initializers/airbrake.rb b/config/initializers/airbrake.rb index ff7ef2af4..27322d047 100644 --- a/config/initializers/airbrake.rb +++ b/config/initializers/airbrake.rb @@ -6,6 +6,22 @@ config.project_id = ENV['AIRBRAKE_ID'] # rubocop:disable Style/FetchEnvVar config.environment = Rails.env config.ignore_environments = %w[development test] - config.root_directory = '/var/cpd/app' + config.root_directory = Rails.root.to_s + config.blocklist_keys = Rails.application.config.filter_parameters + end + + AIRBRAKE_IGNORE = [ + 'AbstractController::ActionNotFound', + 'ActionController::InvalidAuthenticityToken', + 'ActionController::RoutingError', + 'ActionController::UnknownAction', + 'ActionController::UnknownFormat', + 'ActiveRecord::RecordNotFound', + 'SignalException', + 'Sidekiq::Shutdown' + ].freeze + + Airbrake.add_filter do |notice| + notice.ignore! if notice[:errors].any? { |error| AIRBRAKE_IGNORE.include?(error[:type]) } end end diff --git a/config/newrelic.yml b/config/newrelic.yml index 44ae7d8e1..16bd3c22c 100644 --- a/config/newrelic.yml +++ b/config/newrelic.yml @@ -111,7 +111,8 @@ common: &default_settings # Prefix of attributes to include in all destinations. Allows * as wildcard at # end. - # attributes.include: [] + attributes.include: + - job.sidekiq.args.* # If true, enables an audit log which logs communications with the New Relic # collector. @@ -1112,6 +1113,6 @@ staging: production: <<: *default_settings - app_name: <%= ENV['NEWRELIC_APP_NAME'] %> Production + app_name: Docuseal Production - <%= ENV['ENV_NAME'] %> monitor_mode: <%= ENV['NEWRELIC_MONITOR_MODE'].presence || true %> - distributed_tracing.enabled: false + distributed_tracing.enabled: true From cccd858568057fc02f9260da7eb8722708395e6d Mon Sep 17 00:00:00 2001 From: Bernardo Anderson Date: Tue, 9 Jun 2026 14:26:11 -0500 Subject: [PATCH 2/2] CP-12437 - Remove sidekiq changes --- config/newrelic.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/config/newrelic.yml b/config/newrelic.yml index 16bd3c22c..754e21ac4 100644 --- a/config/newrelic.yml +++ b/config/newrelic.yml @@ -111,8 +111,7 @@ common: &default_settings # Prefix of attributes to include in all destinations. Allows * as wildcard at # end. - attributes.include: - - job.sidekiq.args.* + # attributes.include: [] # If true, enables an audit log which logs communications with the New Relic # collector.