.gitlab-ci.yml

@@ -40,7 +40,13 @@ prepare:fpm:
   image: minds/ci:latest
   script:
     - docker login -u gitlab-ci-token -p ${CI_BUILD_TOKEN} ${CI_REGISTRY} 
-    - docker build -t $CI_REGISTRY_IMAGE/fpm:$CI_BUILD_REF -f containers/php-fpm/Dockerfile .
+    - |
+      docker build \
+        -t $CI_REGISTRY_IMAGE/fpm:$CI_BUILD_REF \
+        -f containers/php-fpm/Dockerfile \
+        --build-arg MINDS_VERSION=$CI_BUILD_REF \
+        --build-arg SENTRY_DSN=$SENTRY_DSN \
+        .
     - docker push $CI_REGISTRY_IMAGE/fpm:$CI_BUILD_REF
 
 prepare:runners:
@@ -48,9 +54,25 @@ prepare:runners:
   image: minds/ci:latest
   script:
     - docker login -u gitlab-ci-token -p ${CI_BUILD_TOKEN} ${CI_REGISTRY}
-    - docker build -t $CI_REGISTRY_IMAGE/runners:$CI_BUILD_REF -f containers/php-runners/Dockerfile .
+    - |
+      docker build \
+        -t $CI_REGISTRY_IMAGE/runners:$CI_BUILD_REF \
+        -f containers/php-runners/Dockerfile \
+        --build-arg MINDS_VERSION=$CI_BUILD_REF \
+        --build-arg SENTRY_DSN=$SENTRY_DSN \
+        .
     - docker push $CI_REGISTRY_IMAGE/runners:$CI_BUILD_REF
 
+prepare:all:sentry:
+  stage: prepare
+  image: getsentry/sentry-cli
+  script:
+    - echo "Create a new release $CI_COMMIT_SHA"
+    - sentry-cli releases new $CI_COMMIT_SHA
+    - sentry-cli releases set-commits --auto $CI_COMMIT_SHA
+    - sentry-cli releases finalize $CI_COMMIT_SHA
+    - echo "Finalized release for $CI_COMMIT_SHA"
+
 review:start:
   stage: review
   image: minds/helm-eks:latest
@@ -69,6 +91,7 @@ review:start:
         --wait \
         $CI_BUILD_REF_SLUG \
         ./helm-charts/minds"
+    - sentry-cli releases deploys $CI_COMMIT_SHA new -e review-$CI_COMMIT_REF_SLUG
   environment:
     name: review/$CI_COMMIT_REF_NAME
     url: https://$CI_BUILD_REF_SLUG.$KUBE_INGRESS_BASE_DOMAIN
@@ -112,6 +135,8 @@ staging:fpm:
     - docker push $CI_REGISTRY_IMAGE/fpm:$IMAGE_LABEL
     # Deploy to staging
     - aws ecs update-service --service=$ECS_APP_STAGING_SERVICE --force-new-deployment --region us-east-1 --cluster=$ECS_CLUSTER
+    # Update sentry
+    - sentry-cli releases deploys $CI_COMMIT_SHA new -e $IMAGE_LABEL
   environment:
     name: staging
     url: https://www.minds.com/?staging=1
@@ -136,6 +161,8 @@ canary:fpm:
     - docker push $CI_REGISTRY_IMAGE/fpm:$IMAGE_LABEL
     # Deploy to ECS
     - aws ecs update-service --service=$ECS_APP_CANARY_SERVICE --force-new-deployment --region us-east-1 --cluster=$ECS_CLUSTER
+    # Update sentry
+    - sentry-cli releases deploys $CI_COMMIT_SHA new -e $IMAGE_LABEL
   only:
     refs:
       - master
@@ -162,6 +189,8 @@ production:fpm:
     - docker push $CI_REGISTRY_IMAGE/fpm:$IMAGE_LABEL
     # Delpoy to ECS
     - aws ecs update-service --service=$ECS_APP_PRODUCTION_SERVICE --force-new-deployment --region us-east-1 --cluster=$ECS_CLUSTER
+    # Update sentry
+    - sentry-cli releases deploys $CI_COMMIT_SHA new -e $IMAGE_LABEL
   only:
     refs:
       - master

Controllers/api/v1/media/recommended.php

@@ -43,7 +43,10 @@ class recommended implements Interfaces\Api
 
         // Get the next entity
         if ($next) {
-            $entities[] = Entities\Factory::build($next);
+            $entity = Entities\Factory::build($next);
+            if ($entity) {
+                $entities[] = $entity;
+            }
         }
 
         // Calculate free slots

Controllers/api/v1/webhooks/braintree.php

@@ -32,7 +32,7 @@ class braintree implements Interfaces\Api, Interfaces\ApiIgnorePam
   {
       error_log("[webhooks]:: hit first entrace point");
 
-      $gateway = isset($pages[0]) ? $pages[0] : 'default';
+      /*$gateway = isset($pages[0]) ? $pages[0] : 'default';
 
       $bt = Payments\Factory::build('braintree', ['gateway'=>$gateway]);
 
@@ -42,7 +42,7 @@ class braintree implements Interfaces\Api, Interfaces\ApiIgnorePam
       $webhooks = new Payments\Braintree\Webhooks($hooks, $bt);
       $webhooks->setSignature($_POST['bt_signature'])
         ->setPayload($_POST['bt_payload'])
-        ->run();
+        ->run();*/
   }
 
 

Controllers/api/v2/suggestions.php

@@ -16,6 +16,13 @@ class suggestions implements Interfaces\Api
         $type = $pages[0] ?? 'user';
         $loggedInUser = Core\Session::getLoggedinUser();
 
+        if (!$loggedInUser) {
+			return Factory::response([
+                'status' => 'error',
+                'message' => 'You must be logged in to receive suggestions',
+            ]);
+        }
+
         if ($loggedInUser->getSubscriptionsCount() >= 5000) {
             return Factory::response([
                 'status' => 'error',

Core/Blockchain/Wallets/OnChain/Balance.php

@@ -44,6 +44,10 @@ class Balance
      */
     public function get()
     {
+        if (!$this->user) {
+            return 0;
+        }
+
         $address = $this->user->getEthWallet();
 
         if (!$address) {

Core/OAuth/Repositories/Delegates/SentryScopeDelegate.php

+<?php
+namespace Minds\Core\OAuth\Repositories\Delegates;
+
+use Sentry;
+use Minds\Core\OAuth\Entities\UserEntity;
+
+class SentryScopeDelegate
+{
+
+    /**
+     * Pass through a user guid to sentry
+     * @param UserEntity $entity
+     * @return void
+     */
+    public function onGetUserEntity(UserEntity $entity): void
+    {
+        Sentry\configureScope(function (Sentry\State\Scope $scope) use ($entity): void {
+            $scope->setUser([
+                'id' => (string) $entity->getIdentifier(),
+            ]);
+        });
+    }
+
+}
+

Core/OAuth/Repositories/UserRepository.php

@@ -15,12 +15,16 @@ class UserRepository implements UserRepositoryInterface
     /** @var Password $password */
     private $password;
 
+    /** @var SentryScopeDelegate $sentryScopeDelegate */
+    private $sentryScopeDelegate;
+
     /** @var User $mock */
     public $mockUser = false;
 
-    public function __construct(Password $password = null)
+    public function __construct(Password $password = null, SentryScopeDelegate $sentryScopeDelegate = null)
     {
         $this->password = $password ?: Di::_()->get('Security\Password');
+        $this->sentryScopeDelegate = $sentryScopeDelegate ?? new Delegates\SentryScopeDelegate;
     }
 
     /**
@@ -52,6 +56,10 @@ class UserRepository implements UserRepositoryInterface
 
         $entity = new UserEntity();
         $entity->setIdentifier($user->getGuid());
+
+        // Update Sentry scope with our user
+        $this->sentryScopeDelegate->onGetUserEntity($entity);
+
         return $entity;
     }
 }
\ No newline at end of file

Core/Session.php

@@ -5,6 +5,7 @@ use Minds\Core;
 use Minds\Core\Di\Di;
 use Minds\Common\Cookie;
 use Minds\Entities\User;
+use Sentry;
 
 /**
  * Minds Session Manager
@@ -96,6 +97,17 @@ class Session extends base
     public static function setUser($user)
     {
         static::$user = $user;
+
+        // Update sentry with the current user
+        // TODO: Move to a delegate
+        if ($user) {
+            Sentry\configureScope(function (Sentry\State\Scope $scope) use ($user): void {
+                $scope->setUser([
+                    'id' => (string) $user->getGuid(),
+                ]);
+            });
+        }
+
         if (!$user 
             || !static::$user->username
             || static::$user->isBanned()

Core/Sessions/Delegates/SentryScopeDelegate.php

+<?php
+namespace Minds\Core\Sessions\Delegates;
+
+use Sentry;
+use Minds\Core\Sessions\Session;
+
+class SentryScopeDelegate
+{
+
+    /**
+     * Pass through a user guid to sentry
+     * @param Session $session
+     * @return void
+     */
+    public function onSession(Session $session): void
+    {
+        Sentry\configureScope(function (Sentry\State\Scope $scope) use ($session): void {
+            $scope->setUser([
+                'id' => (string) $session->getUserGuid(),
+            ]);
+        });
+    }
+
+}
+

Core/Sessions/Manager.php

@@ -23,6 +23,9 @@ class Manager
     /** @var Cookie $cookie */
     private $cookie;
 
+    /** @var SentryScopeDelegate $sentryScopeDelegate */
+    private $sentryScopeDelegate;
+
     /** @var Session $session */
     private $session;
 
@@ -34,7 +37,8 @@ class Manager
         $config = null,
         $cookie = null,
         $jwtBuilder = null,
-        $jwtParser = null
+        $jwtParser = null,
+        $sentryScopeDelegate = null
     )
     {
         $this->repository = $repository ?: new Repository;
@@ -42,6 +46,7 @@ class Manager
         $this->cookie = $cookie ?: new Cookie;
         $this->jwtBuilder = $jwtBuilder ?: new JWT\Builder;
         $this->jwtParser = $jwtParser ?: new JWT\Parser;
+        $this->sentryScopeDelegate = $sentryScopeDelegate ?? new Delegates\SentryScopeDelegate;
     }
 
     /**
@@ -124,6 +129,9 @@ class Manager
         // Hack, needs refactoring
         Core\Session::generateJWTCookie($session);
 
+        // Allow Sentry to attach user metadata
+        $this->sentryScopeDelegate->onSession($session);
+
         return $this;
     }
 

Core/Subscriptions/Delegates/CopyToElasticSearchDelegate.php

@@ -53,6 +53,7 @@ class CopyToElasticSearchDelegate
             'type' => 'subscriptions',
             'id' => $subscription->getSubscriberGuid(),
             'body' => $body,
+            'retry_on_conflict' => 5, // Retry 5 times
         ];
         
         $prepared = new Prepared();

Core/Suggestions/Manager.php

@@ -99,11 +99,17 @@ class Manager
 
         // Hydrate the entities
         // TODO: make this a bulk request vs sequential
-        foreach ($response as $suggestion) {
+        foreach ($response as $k => $suggestion) {
             $entity = $suggestion->getEntity() ?: $this->entitiesBuilder->single($suggestion->getEntityGuid());
+            if (!$entity) {
+                error_log("{$suggestion->getEntityGuid()} suggested user not found");
+                unset($response[$k]);
+                continue;
+            }
             if ($entity->getDeleted()) {
                 error_log("Deleted entity ".$entity->guid." has been omitted from suggestions t-".time());
-                break;
+                unset($response[$k]);
+                continue;
             }
             $suggestion->setEntity($entity);
         }

composer.json

@@ -33,6 +33,7 @@
         "zendframework/zend-diactoros": "1.8.6",
         "league/oauth2-server": "7.2.0",
         "lcobucci/jwt": "3.2.4",
+        "sentry/sdk": "2.0.3",
         "zendframework/zend-permissions-rbac": "^3.0"
     },
     "repositories": [
@@ -65,7 +66,6 @@
         "phpspec/phpspec": "~3.4",
         "leanphp/phpspec-code-coverage": "~3.1",
         "friendsofphp/php-cs-fixer": "*",
-        "bossa/phpspec2-expect": "*",
-        "apigen/apigen": "*"
+        "bossa/phpspec2-expect": "*"
     }
 }

containers/php-fpm/Dockerfile

@@ -25,4 +25,12 @@ COPY containers/php-fpm/pull-secrets.sh pull-secrets.sh
 COPY containers/php-fpm/php.ini /usr/local/etc/php/
 COPY containers/php-fpm/opcache.ini /usr/local/etc/php/conf.d/opcache-recommended.ini
 COPY containers/php-fpm/apcu.ini /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini
-COPY containers/php-fpm/php-fpm.conf /usr/local/etc/php-fpm.d/www.conf
\ No newline at end of file
+COPY containers/php-fpm/php-fpm.conf /usr/local/etc/php-fpm.d/www.conf
+
+# Specify the build args
+
+ARG MINDS_VERSION="Unknown" 
+ENV MINDS_VERSION=${MINDS_VERSION}
+
+ARG SENTRY_DSN=""
+ENV SENTRY_DSN=${SENTRY_DSN}

containers/php-fpm/php-fpm.conf

@@ -21,4 +21,9 @@ catch_workers_output = yes
 
 request_terminate_timeout = 120s
 
-rlimit_files = 65535
\ No newline at end of file
+rlimit_files = 65535
+
+clear_env = no
+env[MINDS_VERSION] = $MINDS_VERSION
+env[MINDS_ENV] = $MINDS_ENV
+env[SENTRY_DSN] = $SENTRY_DSN

containers/php-runners/Dockerfile

@@ -22,4 +22,12 @@ COPY containers/php-runners/pull-secrets.sh pull-secrets.sh
 COPY ./containers/php-runners/supervisord.conf /etc
 COPY ./containers/php-runners/minds.conf /etc/supervisor/conf.d
 
-ENTRYPOINT ["supervisord", "--nodaemon", "--configuration", "/etc/supervisord.conf"]
\ No newline at end of file
+# Specify the build args
+
+ARG MINDS_VERSION="Unknown"
+ENV MINDS_VERSION=${MINDS_VERSION}
+
+ARG SENTRY_DSN=""
+ENV SENTRY_DSN=${SENTRY_DSN}
+
+ENTRYPOINT ["supervisord", "--nodaemon", "--configuration", "/etc/supervisord.conf"]

lib/elgglib.php

@@ -849,7 +849,9 @@ function _elgg_php_exception_handler($exception) {
 	// make sure the error isn't cached
 	header("Cache-Control: no-cache, must-revalidate", true);
 	header('Expires: Fri, 05 Feb 1982 00:00:00 -0500', true);
-	// @note Do not send a 500 header because it is not a server error
+    // @note Do not send a 500 header because it is not a server error
+    
+    Sentry\captureException($exception);
 }
 
 /**
@@ -940,7 +942,9 @@ function fatalErrorShutdownHandler(){
 		header('Fatal error', true, 500);
 
 		echo file_get_contents(dirname(dirname(dirname(__FILE__))) . '/errors/500.html');
-	}
+    }
+
+    \Sentry\captureLastError();
 }
 
 /**

start.php

@@ -19,5 +19,13 @@ define('__MINDS_ROOT__', dirname(__FILE__));
  */
 require_once(__MINDS_ROOT__ . '/vendor/autoload.php');
 
+// Sentry
+Sentry\init([
+    'dsn' => getenv('SENTRY_DSN'),
+    'release' => getenv('MINDS_VERSION') ?: 'Unknown',
+    'environment' => getenv('MINDS_ENV') ?: 'development',
+    'send_default_pii' => false,
+]);
+
 $minds = new Minds\Core\Minds();
 $minds->start();