Monitor Gitlab::AppJsonLogger.error messages related to composition analysis features
Proposal
As discussed here, we don't currently monitor any of the Gitlab::AppJsonLogger.error messages that might be produced by the various ingestion tasks related to licenses and advisory information.
The purpose of this issue is to figure out how to monitor these error message and alert the groupcomposition analysis team so we can investigate further.
Implementation plan
The documentation mentions this specifically in that errors can be sent to sentry and to the logs via Gitlab::ErrorTracking.track_and_raise_exception
or Gitlab::ErrorTracking.track_exception
as appropriate (https://docs.gitlab.com/ee/development/logging.html#exception-handling)
Sentry can be configured to alert the team on errors.
- update sentry
- update usages of
Gitlab::AppJsonLogger.{error,warn}
under the CA feature category toGitlab::ErrorTracking.track_exception
- https://gitlab.com/gitlab-org/gitlab/-/blob/16-4-stable-ee/ee/app/services/package_metadata/ingestion/compressed_package/package_ingestion_task.rb#L31
- https://gitlab.com/gitlab-org/gitlab/-/blob/16-4-stable-ee/ee/app/services/package_metadata/ingestion/advisory/advisory_ingestion_task.rb#L35
- https://gitlab.com/gitlab-org/gitlab/-/blob/16-4-stable-ee/ee/app/services/package_metadata/ingestion/advisory/affected_package_ingestion_task.rb#L30
- https://gitlab.com/gitlab-org/gitlab/-/blob/16-4-stable-ee/ee/lib/gitlab/package_metadata/connector/ndjson_data_file.rb#L12
- update raised errors in Continuous Vulnerability Scanning services to
Gitlab::ErrorTracking.track_and_raise_exception
- https://gitlab.com/gitlab-org/gitlab/-/blob/f0ca6ad8b1c18e941a34ffc798dfc3229621449d/ee/lib/gitlab/vulnerability_scanning/finding_builder.rb#L21
- https://gitlab.com/gitlab-org/gitlab/-/blob/f0ca6ad8b1c18e941a34ffc798dfc3229621449d/ee/app/services/security/vulnerability_scanning/create_vulnerability_service.rb#L30
Testing
After feature launch, verify that errors are indeed being sent.
Edited by Igor Frenkel