diff --git a/.profile b/.profile new file mode 100644 index 0000000..5445452 --- /dev/null +++ b/.profile @@ -0,0 +1,9 @@ +#!/bin/bash + +set -o errexit +set -o pipefail + +# New Relic +service_name="datagov-harvest-secrets" +path=".credentials.NEW_RELIC_LICENSE_KEY" +export NEW_RELIC_LICENSE_KEY=$(echo $VCAP_SERVICES | jq --raw-output --arg service_name "$service_name" ".[][] | select(.name == \$service_name) | $path") diff --git a/.ruby-version b/.ruby-version index a0891f5..5ae69bd 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -3.3.4 +3.2.5 diff --git a/Dockerfile b/Dockerfile index ed846bc..b509f96 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ruby:3.3.4 +FROM ruby:3.2.5 RUN apt-get update -q diff --git a/Gemfile b/Gemfile index 5127acc..24e7fce 100644 --- a/Gemfile +++ b/Gemfile @@ -3,7 +3,7 @@ source 'https://rubygems.org' git_source(:github) { |repo| "https://github.com/#{repo}.git" } -ruby '3.3.4' +ruby '3.2.5' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails', branch: 'main' gem 'rails', '~> 6.0.6', '>= 6.0.6.1' @@ -18,6 +18,8 @@ gem 'puma', '~> 4.1' # Use Active Model has_secure_password # gem 'bcrypt', '~> 3.1.7' +gem 'newrelic_rpm', '~> 9.16' + # downgrade psych in response to https://stackoverflow.com/questions/68802089/rails-couldnt-infer-whether-you-are-using-multiple-databases-from-your-database gem 'psych', '< 4.0.0' diff --git a/Gemfile.lock b/Gemfile.lock index 9872b1c..604317e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -137,6 +137,7 @@ GEM timeout net-smtp (0.5.0) net-protocol + newrelic_rpm (9.16.0) nio4r (2.7.4) nokogiri (1.16.7-aarch64-linux) racc (~> 1.4) @@ -268,6 +269,7 @@ DEPENDENCIES bootsnap (>= 1.4.2) byebug listen (~> 3.2) + newrelic_rpm (~> 9.16) psych (< 4.0.0) puma (~> 4.1) rails (~> 6.0.6, >= 6.0.6.1) @@ -279,7 +281,7 @@ DEPENDENCIES tzinfo-data RUBY VERSION - ruby 3.3.4p94 + ruby 3.2.5p208 BUNDLED WITH 2.5.18 diff --git a/app/controllers/translates_controller.rb b/app/controllers/translates_controller.rb index 517103a..0631e61 100644 --- a/app/controllers/translates_controller.rb +++ b/app/controllers/translates_controller.rb @@ -1,5 +1,7 @@ # frozen_string_literal: true +require 'logger' + class TranslatesController < ApplicationController # POST /translates def create @@ -14,6 +16,20 @@ def create writer: writer_name ) + logger = Logger.new($stdout) + + @md_return[:readerStructureMessages].each do |m| + logger.warn(m) if m.include? 'WARNING' + logger.info(m) if m.include? 'INFO' + logger.error(m) if m.include? 'ERROR' + end + + @md_return[:readerValidationMessages].each do |m| + logger.warn(m) if m.include? 'WARNING' + logger.info(m) if m.include? 'INFO' + logger.error(m) if m.include? 'ERROR' + end + @response_info = {} @response_info[:success] = true @response_info[:readerStructureStatus] = 'OK' diff --git a/config/environments/development.rb b/config/environments/development.rb index 1cb8e11..89537be 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -1,6 +1,10 @@ # frozen_string_literal: true +require 'newrelic_rpm' + Rails.application.configure do + config.log_formatter = ::NewRelic::Agent::Logging::DecoratingFormatter.new + # Settings specified here will take precedence over those in config/application.rb. # In the development environment your application's code is reloaded on diff --git a/config/newrelic.yml b/config/newrelic.yml new file mode 100644 index 0000000..34fbfa9 --- /dev/null +++ b/config/newrelic.yml @@ -0,0 +1,1075 @@ +# +# This file configures the New Relic agent. New Relic monitors Ruby, Java, +# .NET, PHP, Python, Node, and Go applications with deep visibility and low +# overhead. For more information, visit www.newrelic.com. + +# Generated <%= Time.now.strftime('%B %d, %Y') %><%= ", for version #{@agent_version}" if @agent_version %> +#<%= "\n# #{generated_for_user}\n#" if generated_for_user %> +# For full documentation of agent configuration options, please refer to +# https://docs.newrelic.com/docs/agents/ruby-agent/installation-configuration/ruby-agent-configuration + +common: &default_settings + # Required license key associated with your New Relic account. + license_key: "" + + # Your application name. Renaming here affects where data displays in New + # Relic. For more details, see https://docs.newrelic.com/docs/apm/new-relic-apm/maintenance/renaming-applications + app_name: mdt_transformation + + # To disable the agent regardless of other settings, uncomment the following: + # agent_enabled: false + + # Logging level for log/newrelic_agent.log; options are error, warn, info, or + # debug. + log_level: info + + # All of the following configuration options are optional. Review them, and + # uncomment or edit them if they appear relevant to your application needs. + + # An array of ActiveSupport custom event names to subscribe to and instrument. + # For example, + # - one.custom.event + # - another.event + # - a.third.event + # active_support_custom_events_names: [] + + # If false, all LLM instrumentation (OpenAI only for now) will be disabled and + # no metrics, events, or spans will be sent. AI Monitoring is automatically + # disabled if high_security mode is enabled. + # ai_monitoring.enabled: false + + # If false, LLM instrumentation (OpenAI only for now) will not capture input and + # output content on specific LLM events. + # The excluded attributes include: + # * content from LlmChatCompletionMessage events + # * input from LlmEmbedding events + # This is an optional security setting to prevent recording sensitive data sent + # to and received from your LLMs. + # ai_monitoring.record_content.enabled: true + + # If true, enables capture of all HTTP request headers for all destinations. + # allow_all_headers: false + + # Your New Relic userKey. Required when using the New Relic REST API v2 to + # record deployments using the newrelic deployments command. + # api_key: "" + + # If true, enables log decoration and the collection of log events and metrics. + # application_logging.enabled: true + + # A hash with key/value pairs to add as custom attributes to all log events + # forwarded to New Relic. If sending using an environment variable, the value + # must be formatted like: "key1=value1,key2=value2" + # application_logging.forwarding.custom_attributes: {} + + # If true, the agent captures log records emitted by your application. + # application_logging.forwarding.enabled: true + + # If true, the agent attaches labels to log records. + # application_logging.forwarding.labels.enabled: false + + # A case-insensitive array or comma-delimited string containing the labels to + # exclude from log records. + # application_logging.forwarding.labels.exclude: [] + + # Sets the minimum level a log event must have to be forwarded to New Relic. + # This is based on the integer values of Ruby's Logger::Severity constants: + # https://github.com/ruby/ruby/blob/master/lib/logger/severity.rb + # The intention is to forward logs with the level given to the configuration, as + # well as any logs with a higher level of severity. + # For example, setting this value to "debug" will forward all log events to New + # Relic. Setting this value to "error" will only forward log events with the + # levels "error", "fatal", and "unknown". + # Valid values (ordered lowest to highest): + # * "debug" + # * "info" + # * "warn" + # * "error" + # * "fatal" + # * "unknown" + # application_logging.forwarding.log_level: debug + + # Defines the maximum number of log records to buffer in memory at a time. + # application_logging.forwarding.max_samples_stored: 10000 + + # If true, the agent decorates logs with metadata to link to entities, hosts, + # traces, and spans. + # application_logging.local_decorating.enabled: false + + # If true, the agent captures metrics related to logging for your application. + # application_logging.metrics.enabled: true + + # If true, enables capture of attributes for all destinations. + # attributes.enabled: true + + # Prefix of attributes to exclude from all destinations. Allows * as wildcard at + # end. + # attributes.exclude: [] + + # Prefix of attributes to include in all destinations. Allows * as wildcard at + # end. + # attributes.include: [] + + # If true, enables an audit log which logs communications with the New Relic + # collector. + # audit_log.enabled: false + + # List of allowed endpoints to include in audit log. + # audit_log.endpoints: [".*"] + + # Specifies a path to the audit log file (including the filename). + # audit_log.path: log/newrelic_audit.log + + # An array of CLASS#METHOD (for instance methods) and/or CLASS.METHOD (for class + # methods) strings representing Ruby methods that the agent can automatically + # add custom instrumentation to. This doesn't require any modifications of the + # source code that defines the methods. + # Use fully qualified class names (using the :: delimiter) that include any + # module or class namespacing. + # Here is some Ruby source code that defines a render_png instance method for an + # Image class and a notify class method for a User class, both within a + # MyCompany module namespace: + # + # module MyCompany + # class Image + # def render_png + # # code to render a PNG + # end + # end + # + # class User + # def self.notify + # # code to notify users + # end + # end + # end + # + # Given that source code, the newrelic.yml config file might request + # instrumentation for both of these methods like so: + # + # automatic_custom_instrumentation_method_list: + # - MyCompany::Image#render_png + # - MyCompany::User.notify + # + # That configuration example uses YAML array syntax to specify both methods. + # Alternatively, you can use a comma-delimited string: + # + # automatic_custom_instrumentation_method_list: 'MyCompany::Image#render_png, + # MyCompany::User.notify' + # + # Whitespace around the comma(s) in the list is optional. When configuring the + # agent with a list of methods via the + # NEW_RELIC_AUTOMATIC_CUSTOM_INSTRUMENTATION_METHOD_LIST environment variable, + # use this comma-delimited string format: + # + # export + # NEW_RELIC_AUTOMATIC_CUSTOM_INSTRUMENTATION_METHOD_LIST='MyCompany::Image#render_png, + # MyCompany::User.notify' + # + # automatic_custom_instrumentation_method_list: [] + + # Specify a list of constants that should prevent the agent from starting + # automatically. Separate individual constants with a comma ,. For example, + # "Rails::Console,UninstrumentedBackgroundJob". + # autostart.denylisted_constants: Rails::Command::ConsoleCommand,Rails::Command::CredentialsCommand,Rails::Command::Db::System::ChangeCommand,Rails::Command::DbConsoleCommand,Rails::Command::DestroyCommand,Rails::Command::DevCommand,Rails::Command::EncryptedCommand,Rails::Command::GenerateCommand,Rails::Command::InitializersCommand,Rails::Command::NotesCommand,Rails::Command::RoutesCommand,Rails::Command::RunnerCommand,Rails::Command::SecretsCommand,Rails::Console,Rails::DBConsole + + # Defines a comma-delimited list of executables that the agent should not + # instrument. For example, "rake,my_ruby_script.rb". + # autostart.denylisted_executables: irb,rspec + + # Defines a comma-delimited list of Rake tasks that the agent should not + # instrument. For example, "assets:precompile,db:migrate". + # autostart.denylisted_rake_tasks: about,assets:clean,assets:clobber,assets:environment,assets:precompile,assets:precompile:all,db:create,db:drop,db:fixtures:load,db:migrate,db:migrate:status,db:rollback,db:schema:cache:clear,db:schema:cache:dump,db:schema:dump,db:schema:load,db:seed,db:setup,db:structure:dump,db:version,doc:app,log:clear,middleware,notes,notes:custom,rails:template,rails:update,routes,secret,spec,spec:features,spec:requests,spec:controllers,spec:helpers,spec:models,spec:views,spec:routing,spec:rcov,stats,test,test:all,test:all:db,test:recent,test:single,test:uncommitted,time:zones:all,tmp:clear,tmp:create,webpacker:compile + + # Backports the faster ActiveRecord connection lookup introduced in Rails 6, + # which improves agent performance when instrumenting ActiveRecord. Note that + # this setting may not be compatible with other gems that patch ActiveRecord. + # backport_fast_active_record_connection_lookup: false + + # If true, the agent captures attributes from browser monitoring. + # browser_monitoring.attributes.enabled: false + + # Prefix of attributes to exclude from browser monitoring. Allows * as wildcard + # at end. + # browser_monitoring.attributes.exclude: [] + + # Prefix of attributes to include in browser monitoring. Allows * as wildcard at + # end. + # browser_monitoring.attributes.include: [] + + # If true, enables auto-injection of the JavaScript header for page load timing + # (sometimes referred to as real user monitoring or RUM). + # browser_monitoring.auto_instrument: true + + # If true, enables auto-injection of Content Security Policy Nonce in browser + # monitoring scripts. For now, auto-injection only works with Rails 5.2+. + # browser_monitoring.content_security_policy_nonce: true + + # Manual override for the path to your local CA bundle. This CA bundle will be + # used to validate the SSL certificate presented by New Relic's data collection + # service. + # ca_bundle_path: nil + + # Enable or disable the capture of memcache keys from transaction traces. + # capture_memcache_keys: false + + # When true, the agent captures HTTP request parameters and attaches them to + # transaction traces, traced errors, and TransactionError events. + # When using the capture_params setting, the Ruby agent will not attempt to + # filter secret information. Recommendation: To filter secret information from + # request parameters, use the attributes.include setting instead. For more + # information, see the Ruby attribute examples. + # capture_params: false + + # If true, the agent will clear Tracer::State in Agent.drop_buffered_data. + # clear_transaction_state_after_fork: false + + # The AWS account ID for the AWS account associated with this app + # cloud.aws.account_id: nil + + # If true, the agent will report source code level metrics for traced methods. + # See: + # https://docs.newrelic.com/docs/apm/agents/ruby-agent/features/ruby-codestream-integration/ + # code_level_metrics.enabled: true + + # Path to newrelic.yml. If undefined, the agent checks the following directories + # (in order): + # * config/newrelic.yml + # * newrelic.yml + # * $HOME/.newrelic/newrelic.yml + # * $HOME/newrelic.yml + # config_path: newrelic.yml + + # If false, custom attributes will not be sent on events. + # custom_attributes.enabled: true + + # If true, the agent captures custom events. + # custom_insights_events.enabled: true + + # * Specify a maximum number of custom events to buffer in memory at a time. + # * When configuring the agent for AI monitoring, set to max value 100000. This + # ensures the agent captures the maximum amount of LLM events. + # custom_insights_events.max_samples_stored: 3000 + + # If false, the agent will not add database_name parameter to transaction or + # slow sql traces. + # datastore_tracer.database_name_reporting.enabled: true + + # If false, the agent will not report datastore instance metrics, nor add host + # or port_path_or_id parameters to transaction or slow SQL traces. + # datastore_tracer.instance_reporting.enabled: true + + # If true, disables Action Cable instrumentation. + # disable_action_cable_instrumentation: false + + # If true, disables Action Controller instrumentation. + # disable_action_controller: false + + # If true, disables Action Mailbox instrumentation. + # disable_action_mailbox: false + + # If true, disables Action Mailer instrumentation. + # disable_action_mailer: false + + # If true, disables Active Record instrumentation. + # disable_active_record_instrumentation: false + + # If true, disables instrumentation for Active Record 4+ + # disable_active_record_notifications: false + + # If true, disables Active Storage instrumentation. + # disable_active_storage: false + + # If true, disables Active Support instrumentation. + # disable_active_support: false + + # If true, disables Active Job instrumentation. + # disable_activejob: false + + # If true, the agent won't sample the CPU usage of the host process. + # disable_cpu_sampler: false + + # If true, the agent won't measure the depth of Delayed Job queues. + # disable_delayed_job_sampler: false + + # If true, disables the use of GC::Profiler to measure time spent in garbage + # collection + # disable_gc_profiler: false + + # If true, the agent won't sample the memory usage of the host process. + # disable_memory_sampler: false + + # If true, the agent won't wrap third-party middlewares in instrumentation + # (regardless of whether they are installed via Rack::Builder or Rails). + # When middleware instrumentation is disabled, if an application is using + # middleware that could alter the response code, the HTTP status code reported + # on the transaction may not reflect the altered value. + # disable_middleware_instrumentation: false + + # If true, disables agent middleware for Roda. This middleware is responsible + # for advanced feature support such as page load timing and error collection. + # disable_roda_auto_middleware: false + + # If true, disables the collection of sampler metrics. Sampler metrics are + # metrics that are not event-based (such as CPU time or memory usage). + # disable_samplers: false + + # If true, disables Sequel instrumentation. + # disable_sequel_instrumentation: false + + # If true, disables Sidekiq instrumentation. + # disable_sidekiq: false + + # If true, disables agent middleware for Sinatra. This middleware is responsible + # for advanced feature support such as cross application tracing, page load + # timing, and error collection. + # + # disable_sinatra_auto_middleware: false + + # If true, disables view instrumentation. + # disable_view_instrumentation: false + + # If true, the agent won't sample performance measurements from the Ruby VM. + # disable_vm_sampler: false + + # Distributed tracing lets you see the path that a request takes through your + # distributed system. Enabling distributed tracing changes the behavior of some + # New Relic features, so carefully consult the transition guide before you + # enable this feature. + # distributed_tracing.enabled: true + + # If true, the agent captures Elasticsearch queries in transaction traces. + # elasticsearch.capture_queries: true + + # If true, the agent obfuscates Elasticsearch queries in transaction traces. + # elasticsearch.obfuscate_queries: true + + # If true, the agent captures attributes from error collection. + # error_collector.attributes.enabled: true + + # Prefix of attributes to exclude from error collection. Allows * as wildcard at + # end. + # error_collector.attributes.exclude: [] + + # Prefix of attributes to include in error collection. Allows * as wildcard at + # end. + # error_collector.attributes.include: [] + + # If true, the agent collects TransactionError events. + # error_collector.capture_events: true + + # If true, the agent captures traced errors and error count metrics. + # error_collector.enabled: true + + # A list of error classes that the agent should treat as expected. + # This option can't be set via environment variable. + # error_collector.expected_classes: [] + + # A map of error classes to a list of messages. When an error of one of the + # classes specified here occurs, if its error message contains one of the + # strings corresponding to it here, that error will be treated as expected. + # This option can't be set via environment variable. + # error_collector.expected_messages: {} + + # A comma separated list of status codes, possibly including ranges. Errors + # associated with these status codes, where applicable, will be treated as + # expected. + # error_collector.expected_status_codes: "" + + # A list of error classes that the agent should ignore. + # This option can't be set via environment variable. + # error_collector.ignore_classes: ["ActionController::RoutingError", "Sinatra::NotFound"] + + # A map of error classes to a list of messages. When an error of one of the + # classes specified here occurs, if its error message contains one of the + # strings corresponding to it here, that error will be ignored. + # This option can't be set via environment variable. + # error_collector.ignore_messages: {} + + # A comma separated list of status codes, possibly including ranges. Errors + # associated with these status codes, where applicable, will be ignored. + # error_collector.ignore_status_codes: "" + + # Defines the maximum number of frames in an error backtrace. Backtraces over + # this amount are truncated in the middle, preserving the beginning and the end + # of the stack trace. + # error_collector.max_backtrace_frames: 50 + + # Defines the maximum number of TransactionError events reported per harvest + # cycle. + # error_collector.max_event_samples_stored: 100 + + # Allows newrelic distributed tracing headers to be suppressed on outbound + # requests. + # exclude_newrelic_header: false + + # The exit handler that sends all cached data to the collector before shutting + # down is forcibly installed. This is true even when it detects scenarios where + # it generally should not be. The known use case for this option is when Sinatra + # runs as an embedded service within another framework. The agent detects the + # Sinatra app and skips the at_exit handler as a result. Sinatra classically + # runs the entire application in an at_exit block and would otherwise misbehave + # if the agent's at_exit handler was also installed in those circumstances. + # Note: send_data_on_exit should also be set to true in tandem with this + # setting. + # force_install_exit_handler: false + + # Ordinarily the agent reports dyno names with a trailing dot and process ID + # (for example, worker.3). You can remove this trailing data by specifying the + # prefixes you want to report without trailing data (for example, worker). + # heroku.dyno_name_prefixes_to_shorten: ["scheduler", "run"] + + # If true, the agent uses Heroku dyno names as the hostname. + # heroku.use_dyno_names: true + + # If true, enables high security mode. Ensure you understand the implications of + # high security mode before enabling this setting. + # high_security: false + + # If true (the default), data sent to the trace observer is batched instead of + # sending each span individually. + # infinite_tracing.batching: true + + # Configure the compression level for data sent to the trace observer. + # May be one of: :none, :low, :medium, :high. + # Set the level to :none to disable compression. + # infinite_tracing.compression_level: high + + # Configures the hostname for the trace observer Host. When configured, enables + # tail-based sampling by sending all recorded spans to a trace observer for + # further sampling decisions, irrespective of any usual agent sampling decision. + # infinite_tracing.trace_observer.host: "" + + # Configures the TCP/IP port for the trace observer Host + # infinite_tracing.trace_observer.port: 443 + + # Controls auto-instrumentation of ActiveSupport::BroadcastLogger at start up. + # May be one of: auto, prepend, chain, disabled. Used in Rails versions >= 7.1. + # instrumentation.active_support_broadcast_logger: auto + + # Controls auto-instrumentation of ActiveSupport::Logger at start up. May be one + # of: auto, prepend, chain, disabled. Used in Rails versions below 7.1. + # instrumentation.active_support_logger: auto + + # Controls auto-instrumentation of Async::HTTP at start up. May be one of: auto, + # prepend, chain, disabled. + # instrumentation.async_http: auto + + # Controls auto-instrumentation of the aws_sdk_lambda library at start-up. May + # be one of auto, prepend, chain, disabled. + # instrumentation.aws_sdk_lambda: auto + + # Controls auto-instrumentation of the aws-sdk-sqs library at start-up. May be + # one of: auto, prepend, chain, disabled. + # instrumentation.aws_sqs: auto + + # Controls auto-instrumentation of bunny at start-up. May be one of: auto, + # prepend, chain, disabled. + # instrumentation.bunny: auto + + # Controls auto-instrumentation of the concurrent-ruby library at start-up. May + # be one of: auto, prepend, chain, disabled. + # instrumentation.concurrent_ruby: auto + + # Controls auto-instrumentation of Curb at start-up. May be one of: auto, + # prepend, chain, disabled. + # instrumentation.curb: auto + + # Controls auto-instrumentation of Delayed Job at start-up. May be one of: auto, + # prepend, chain, disabled. + # instrumentation.delayed_job: auto + + # Controls auto-instrumentation of the aws-sdk-dynamodb library at start-up. May + # be one of auto, prepend, chain, disabled. + # instrumentation.dynamodb: auto + + # Controls auto-instrumentation of the elasticsearch library at start-up. May be + # one of: auto, prepend, chain, disabled. + # instrumentation.elasticsearch: auto + + # Controls auto-instrumentation of ethon at start up. May be one of auto, + # prepend, chain, disabled + # instrumentation.ethon: auto + + # Controls auto-instrumentation of Excon at start-up. May be one of: enabled, + # disabled. + # instrumentation.excon: enabled + + # Controls auto-instrumentation of the Fiber class at start-up. May be one of: + # auto, prepend, chain, disabled. + # instrumentation.fiber: auto + + # Controls auto-instrumentation of Grape at start-up. May be one of: auto, + # prepend, chain, disabled. + # instrumentation.grape: auto + + # Specifies a list of hostname patterns separated by commas that will match gRPC + # hostnames that traffic is to be ignored by New Relic for. New Relic's gRPC + # client instrumentation will ignore traffic streamed to a host matching any of + # these patterns, and New Relic's gRPC server instrumentation will ignore + # traffic for a server running on a host whose hostname matches any of these + # patterns. By default, no traffic is ignored when gRPC instrumentation is + # itself enabled. For example, "private.com$,exception.*" + # instrumentation.grpc.host_denylist: [] + + # Controls auto-instrumentation of gRPC clients at start-up. May be one of: + # auto, prepend, chain, disabled. + # instrumentation.grpc_client: auto + + # Controls auto-instrumentation of gRPC servers at start-up. May be one of: + # auto, prepend, chain, disabled. + # instrumentation.grpc_server: auto + + # Controls auto-instrumentation of HTTPClient at start-up. May be one of: auto, + # prepend, chain, disabled. + # instrumentation.httpclient: auto + + # Controls auto-instrumentation of http.rb gem at start-up. May be one of: auto, + # prepend, chain, disabled. + # instrumentation.httprb: auto + + # Controls auto-instrumentation of httpx at start up. May be one of auto, + # prepend, chain, disabled + # instrumentation.httpx: auto + + # Controls auto-instrumentation of Ruby standard library Logger at start-up. May + # be one of: auto, prepend, chain, disabled. + # instrumentation.logger: auto + + # Controls auto-instrumentation of the LogStasher library at start-up. May be + # one of: auto, prepend, chain, disabled. + # instrumentation.logstasher: auto + + # Controls auto-instrumentation of dalli gem for Memcache at start-up. May be + # one of: auto, prepend, chain, disabled. + # instrumentation.memcache: auto + + # Controls auto-instrumentation of memcache-client gem for Memcache at start-up. + # May be one of: auto, prepend, chain, disabled. + # instrumentation.memcache_client: auto + + # Controls auto-instrumentation of memcached gem for Memcache at start-up. May + # be one of: auto, prepend, chain, disabled. + # instrumentation.memcached: auto + + # Controls auto-instrumentation of Mongo at start-up. May be one of: enabled, + # disabled. + # instrumentation.mongo: enabled + + # Controls auto-instrumentation of Net::HTTP at start-up. May be one of: auto, + # prepend, chain, disabled. + # instrumentation.net_http: auto + + # Controls auto-instrumentation of the opensearch-ruby library at start-up. May + # be one of auto, prepend, chain, disabled. + # instrumentation.opensearch: auto + + # Controls auto-instrumentation of Puma::Rack. When enabled, the agent hooks + # into the to_app method in Puma::Rack::Builder to find gems to instrument + # during application startup. May be one of: auto, prepend, chain, disabled. + # instrumentation.puma_rack: auto + + # Controls auto-instrumentation of Puma::Rack::URLMap at start-up. May be one + # of: auto, prepend, chain, disabled. + # instrumentation.puma_rack_urlmap: auto + + # Controls auto-instrumentation of Rack. When enabled, the agent hooks into the + # to_app method in Rack::Builder to find gems to instrument during application + # startup. May be one of: auto, prepend, chain, disabled. + # instrumentation.rack: auto + + # Controls auto-instrumentation of Rack::URLMap at start-up. May be one of: + # auto, prepend, chain, disabled. + # instrumentation.rack_urlmap: auto + + # Controls auto-instrumentation of rake at start-up. May be one of: auto, + # prepend, chain, disabled. + # instrumentation.rake: auto + + # Controls auto-instrumentation of the rdkafka library at start-up. May be one + # of auto, prepend, chain, disabled. + # instrumentation.rdkafka: auto + + # Controls auto-instrumentation of Redis at start-up. May be one of: auto, + # prepend, chain, disabled. + # instrumentation.redis: auto + + # Controls auto-instrumentation of resque at start-up. May be one of: auto, + # prepend, chain, disabled. + # instrumentation.resque: auto + + # Controls auto-instrumentation of Roda at start-up. May be one of: auto, + # prepend, chain, disabled. + # instrumentation.roda: auto + + # Controls auto-instrumentation of the ruby-kafka library at start-up. May be + # one of auto, prepend, chain, disabled. + # instrumentation.ruby_kafka: auto + + # Controls auto-instrumentation of the ruby-openai gem at start-up. May be one + # of: auto, prepend, chain, disabled. Defaults to disabled in high security + # mode. + # instrumentation.ruby_openai: auto + + # Controls auto-instrumentation of Sinatra at start-up. May be one of: auto, + # prepend, chain, disabled. + # instrumentation.sinatra: auto + + # Controls auto-instrumentation of Stripe at startup. May be one of: enabled, + # disabled. + # instrumentation.stripe: enabled + + # Controls auto-instrumentation of the Thread class at start-up to allow the + # agent to correctly nest spans inside of an asynchronous transaction. This does + # not enable the agent to automatically trace all threads created (see + # instrumentation.thread.tracing). May be one of: auto, prepend, chain, + # disabled. + # instrumentation.thread: auto + + # Controls auto-instrumentation of the Thread class at start-up to automatically + # add tracing to all Threads created in the application. + # instrumentation.thread.tracing: true + + # Controls auto-instrumentation of the Tilt template rendering library at + # start-up. May be one of: auto, prepend, chain, disabled. + # instrumentation.tilt: auto + + # Controls auto-instrumentation of Typhoeus at start-up. May be one of: auto, + # prepend, chain, disabled. + # instrumentation.typhoeus: auto + + # Controls auto-instrumentation of ViewComponent at startup. May be one of: + # auto, prepend, chain, disabled. + # instrumentation.view_component: auto + + # A dictionary of label names and values that will be applied to the data sent + # from this agent. May also be expressed as a semicolon-delimited ; string of + # colon-separated : pairs. For example, Server:One;Data Center:Primary. + # labels: "" + + # Defines a name for the log file. + # log_file_name: newrelic_agent.log + + # Defines a path to the agent log file, excluding the filename. + # log_file_path: log/ + + # Specifies a marshaller for transmitting data to the New Relic collector. + # Currently json is the only valid value for this setting. + # marshaller: json + + # If true, the agent will collect metadata about messages and attach them as + # segment parameters. + # message_tracer.segment_parameters.enabled: true + + # If true, the agent captures Mongo queries in transaction traces. + # mongo.capture_queries: true + + # If true, the agent obfuscates Mongo queries in transaction traces. + # mongo.obfuscate_queries: true + + # When true, the agent transmits data about your app to the New Relic collector. + # monitor_mode: true + + # If true, the agent captures OpenSearch queries in transaction traces. + # opensearch.capture_queries: true + + # If true, the agent obfuscates OpenSearch queries in transaction traces. + # opensearch.obfuscate_queries: true + + # If true, uses Module#prepend rather than alias_method for ActiveRecord + # instrumentation. + # prepend_active_record_instrumentation: false + + # Specify a custom host name for display in the New Relic UI. + # process_host.display_name: default hostname + + # Defines a host for communicating with the New Relic collector via a proxy + # server. + # proxy_host: nil + + # Defines a password for communicating with the New Relic collector via a proxy + # server. + # proxy_pass: nil + + # Defines a port for communicating with the New Relic collector via a proxy + # server. + # proxy_port: 8080 + + # Defines a user for communicating with the New Relic collector via a proxy + # server. + # proxy_user: nil + + # Timeout for waiting on connect to complete before a rake task + # rake.connect_timeout: 10 + + # Specify an Array of Rake tasks to automatically instrument. This configuration + # option converts the Array to a RegEx list. If you'd like to allow all tasks by + # default, use rake.tasks: [.+]. No rake tasks will be instrumented unless + # they're added to this list. For more information, visit the New Relic Rake + # Instrumentation docs. + # rake.tasks: [] + + # Define transactions you want the agent to ignore, by specifying a list of + # patterns matching the URI you want to ignore. For more detail, see the docs on + # ignoring specific transactions. + # rules.ignore_url_regexes: [] + + # Applies Language Agent Security Policy settings. + # security_policies_token: "" + + # If true, enables the exit handler that sends data to the New Relic collector + # before shutting down. + # send_data_on_exit: true + + # If true, the agent will operate in a streamlined mode suitable for use with + # short-lived serverless functions. NOTE: Only AWS Lambda functions are + # supported currently and this option is not intended for use without New + # Relic's Ruby Lambda layer offering. + # serverless_mode.enabled: false + + # An array of strings that will collectively serve as a denylist for filtering + # which Sidekiq job arguments get reported to New Relic. To capture any Sidekiq + # arguments, 'job.sidekiq.args.*' must be added to the separate + # :'attributes.include' configuration option. Each string in this array will be + # turned into a regular expression via Regexp.new to permit advanced matching. + # For job argument hashes, if either a key or value matches the pair will be + # excluded. All matching job argument array elements and job argument scalars + # will be excluded. + # sidekiq.args.exclude: [] + + # An array of strings that will collectively serve as an allowlist for filtering + # which Sidekiq job arguments get reported to New Relic. To capture any Sidekiq + # arguments, 'job.sidekiq.args.*' must be added to the separate + # :'attributes.include' configuration option. Each string in this array will be + # turned into a regular expression via Regexp.new to permit advanced matching. + # For job argument hashes, if either a key or value matches the pair will be + # included. All matching job argument array elements and job argument scalars + # will be included. + # sidekiq.args.include: [] + + # If true, the agent collects slow SQL queries. + # slow_sql.enabled: true + + # If true, the agent collects explain plans in slow SQL queries. If this setting + # is omitted, the transaction_tracer.explain_enabled setting will be applied as + # the default setting for explain plans in slow SQL as well. + # slow_sql.explain_enabled: true + + # Specify a threshold in seconds. The agent collects slow SQL queries and + # explain plans that exceed this threshold. + # slow_sql.explain_threshold: 0.5 + + # Defines an obfuscation level for slow SQL queries. Valid options are + # obfuscated, raw, or none. + # slow_sql.record_sql: obfuscated + + # Generate a longer sql_id for slow SQL traces. sql_id is used for aggregation + # of similar queries. + # slow_sql.use_longer_sql_id: false + + # If true, the agent captures attributes on span events. + # span_events.attributes.enabled: true + + # Prefix of attributes to exclude from span events. Allows * as wildcard at end. + # span_events.attributes.exclude: [] + + # Prefix of attributes to include on span events. Allows * as wildcard at end. + # span_events.attributes.include: [] + + # If true, enables span event sampling. + # span_events.enabled: true + + # * Defines the maximum number of span events reported from a single harvest. + # Any Integer between 1 and 10000 is valid.' + # * When configuring the agent for AI monitoring, set to max value 10000.This + # ensures the agent captures the maximum amount of distributed traces. + # span_events.max_samples_stored: 2000 + + # Sets the maximum number of span events to buffer when streaming to the trace + # observer. + # span_events.queue_size: 10000 + + # Specify a list of exceptions you do not want the agent to strip when + # strip_exception_messages is true. Separate exceptions with a comma. For + # example, "ImportantException,PreserveMessageException". + # strip_exception_messages.allowed_classes: "" + + # If true, the agent strips messages from all exceptions except those in the + # allowlist. Enabled automatically in high security mode. + # strip_exception_messages.enabled: false + + # An array of strings to specify which keys and/or values inside a Stripe + # event's user_data hash should + # not be reported to New Relic. Each string in this array will be turned into a + # regular expression via + # Regexp.new to permit advanced matching. For each hash pair, if either the key + # or value is matched the + # pair will not be reported. By default, no user_data is reported, so this + # option should only be used if + # the stripe.user_data.include option is being used. + # stripe.user_data.exclude: [] + + # An array of strings to specify which keys inside a Stripe event's user_data + # hash should be reported + # to New Relic. Each string in this array will be turned into a regular + # expression via Regexp.new to + # permit advanced matching. Setting the value to ["."] will report all + # user_data. + # stripe.user_data.include: [] + + # When set to true, forces a synchronous connection to the New Relic collector + # during application startup. For very short-lived processes, this helps ensure + # the New Relic agent has time to report. + # sync_startup: false + + # If true, tracer state storage is thread-local, otherwise, fiber-local + # thread_local_tracer_state: false + + # If true, enables use of the thread profiler. + # thread_profiler.enabled: false + + # Defines the maximum number of seconds the agent should spend attempting to + # connect to the collector. + # timeout: 120 + + # If true, the agent captures attributes from transaction events. + # transaction_events.attributes.enabled: true + + # Prefix of attributes to exclude from transaction events. Allows * as wildcard + # at end. + # transaction_events.attributes.exclude: [] + + # Prefix of attributes to include in transaction events. Allows * as wildcard at + # end. + # transaction_events.attributes.include: [] + + # If true, enables transaction event sampling. + # transaction_events.enabled: true + + # Defines the maximum number of transaction events reported from a single + # harvest. + # transaction_events.max_samples_stored: 1200 + + # If true, the agent captures attributes on transaction segments. + # transaction_segments.attributes.enabled: true + + # Prefix of attributes to exclude from transaction segments. Allows * as + # wildcard at end. + # transaction_segments.attributes.exclude: [] + + # Prefix of attributes to include on transaction segments. Allows * as wildcard + # at end. + # transaction_segments.attributes.include: [] + + # If true, the agent captures attributes from transaction traces. + # transaction_tracer.attributes.enabled: true + + # Prefix of attributes to exclude from transaction traces. Allows * as wildcard + # at end. + # transaction_tracer.attributes.exclude: [] + + # Prefix of attributes to include in transaction traces. Allows * as wildcard at + # end. + # transaction_tracer.attributes.include: [] + + # If true, enables collection of transaction traces. + # transaction_tracer.enabled: true + + # If true, enables the collection of explain plans in transaction traces. This + # setting will also apply to explain plans in slow SQL traces if + # slow_sql.explain_enabled is not set separately. + # transaction_tracer.explain_enabled: true + + # Threshold (in seconds) above which the agent will collect explain plans. + # Relevant only when explain_enabled is true. + # transaction_tracer.explain_threshold: 0.5 + + # Maximum number of transaction trace nodes to record in a single transaction + # trace. + # transaction_tracer.limit_segments: 4000 + + # If true, the agent records Redis command arguments in transaction traces. + # transaction_tracer.record_redis_arguments: false + + # Obfuscation level for SQL queries reported in transaction trace nodes. + # By default, this is set to obfuscated, which strips out the numeric and string + # literals. + # - If you do not want the agent to capture query information, set this to none. + # - If you want the agent to capture all query information in its original form, + # set this to raw. + # - When you enable high security mode, this is automatically set to obfuscated. + # transaction_tracer.record_sql: obfuscated + + # Specify a threshold in seconds. The agent includes stack traces in transaction + # trace nodes when the stack trace duration exceeds this threshold. + # transaction_tracer.stack_trace_threshold: 0.5 + + # Specify a threshold in seconds. Transactions with a duration longer than this + # threshold are eligible for transaction traces. Specify a float value or the + # string apdex_f. + # transaction_tracer.transaction_threshold: 1.0 + + # If true, the agent automatically detects that it is running in an AWS + # environment. + # utilization.detect_aws: true + + # If true, the agent automatically detects that it is running in an Azure + # environment. + # utilization.detect_azure: true + + # If true, the agent automatically detects that it is running in Docker. + # utilization.detect_docker: true + + # If true, the agent automatically detects that it is running in an Google Cloud + # Platform environment. + # utilization.detect_gcp: true + + # If true, the agent automatically detects that it is running in Kubernetes. + # utilization.detect_kubernetes: true + + # If true, the agent automatically detects that it is running in a Pivotal Cloud + # Foundry environment. + # utilization.detect_pcf: true + + # BEGIN security agent + # + # NOTE: At this time, the security agent is intended for use only within + # a dedicated security testing environment with data that can tolerate + # modification or deletion. The security agent is available as a + # separate Ruby gem, newrelic_security. It is recommended that this + # separate gem only be introduced to a security testing environment + # by leveraging Bundler grouping like so: + # + # # Gemfile + # gem 'newrelic_rpm' # New Relic APM observability agent + # gem 'newrelic-infinite_tracing' # New Relic Infinite Tracing + # + # group :security do + # gem 'newrelic_security', require: false # New Relic security agent + # end + # + # NOTE: All "security.*" configuration parameters are related only to the + # security agent, and all other configuration parameters that may + # have "security" in the name somewhere are related to the APM agent. + + # If true, the security agent is loaded (a Ruby 'require' is performed) + # security.agent.enabled: false + + # The port the application is listening on. This setting is mandatory for + # Passenger servers. Other servers are detected by default. + # security.application_info.port: nil + + # If true, the security agent is started (the agent runs in its event loop) + # security.enabled: false + + # Defines API paths the security agent should ignore in IAST scans. Accepts an + # array of regex patterns matching the URI to ignore. The regex pattern should + # provide a complete match for the URL without the endpoint. For example, + # [".*account.*"], [".*/\api\/v1\/.*?\/login"] + # security.exclude_from_iast_scan.api: [] + + # An array of HTTP request body keys the security agent should ignore in IAST + # scans. + # security.exclude_from_iast_scan.http_request_parameters.body: [] + + # An array of HTTP request headers the security agent should ignore in IAST + # scans. The array should specify a list of patterns matching the headers to + # ignore. + # security.exclude_from_iast_scan.http_request_parameters.header: [] + + # An array of HTTP request query parameters the security agent should ignore in + # IAST scans. The array should specify a list of patterns matching the HTTP + # request query parameters to ignore. + # security.exclude_from_iast_scan.http_request_parameters.query: [] + + # If true, disables system command injection detection in IAST scans. + # security.exclude_from_iast_scan.iast_detection_category.command_injection: false + + # If true, disables the detection of low-severity insecure settings (e.g., hash, + # crypto, cookie, random generators, trust boundary). + # security.exclude_from_iast_scan.iast_detection_category.insecure_settings: false + + # If true, disables file operation-related IAST detections (File Access & + # Application integrity violation) + # security.exclude_from_iast_scan.iast_detection_category.invalid_file_access: false + + # If true, disables Javascript injection detection in IAST scans. + # security.exclude_from_iast_scan.iast_detection_category.javascript_injection: false + + # If true, disables LDAP injection detection in IAST scans. + # security.exclude_from_iast_scan.iast_detection_category.ldap_injection: false + + # If true, disables NOSQL injection detection in IAST scans. + # security.exclude_from_iast_scan.iast_detection_category.nosql_injection: false + + # If true, disables Reflected Cross-Site Scripting (RXSS) detection in IAST + # scans. + # security.exclude_from_iast_scan.iast_detection_category.rxss: false + + # If true, disables SQL injection detection in IAST scans. + # security.exclude_from_iast_scan.iast_detection_category.sql_injection: false + + # If true, disables Sever-Side Request Forgery (SSRF) detection in IAST scans. + # security.exclude_from_iast_scan.iast_detection_category.ssrf: false + + # If true, disables XPATH injection detection in IAST scans. + # security.exclude_from_iast_scan.iast_detection_category.xpath_injection: false + + # Unique test identifier when runnning IAST in CI/CD environment to + # differentiate between different test runs, e.g., a build number. + # security.iast_test_identifier: nil + + # Defines the mode for the security agent to operate in. Currently only IAST is + # supported + # security.mode: IAST + + # Sets the maximum number of HTTP requests allowed for the IAST scan per minute. + # Any Integer between 12 and 3600 is valid. The default value is 3600. + # security.scan_controllers.iast_scan_request_rate_limit: 3600 + + # If true, enables the sending of HTTP responses bodies. Disabling this also + # disables Reflected Cross-Site Scripting (RXSS) vulnerability detection. + # security.scan_controllers.report_http_response_body: true + + # The number of application instances for a specific entity on which IAST + # analysis is performed. + # security.scan_controllers.scan_instance_count: 0 + + # If true, allows IAST to continuously gather trace data in the background. + # Collected data will be used by the security agent to perform an IAST scan at + # the scheduled time. + # security.scan_schedule.always_sample_traces: false + + # Specifies the delay time (in minutes) before the IAST scan begins after the + # application starts. + # security.scan_schedule.delay: 0 + + # Specifies the length of time (in minutes) that the IAST scan will run. + # security.scan_schedule.duration: 0 + + # Specifies a cron expression that sets when the IAST scan should run. + # security.scan_schedule.schedule: "" + + # Defines the endpoint URL for posting security-related data + # security.validator_service_url: wss://csec.nr-data.net + + # END security agent + +# Environment-specific settings are in this section. +# RAILS_ENV or RACK_ENV (as appropriate) is used to determine the environment. +# If your application has other named environments, configure them here. +development: + <<: *default_settings + app_name: mdtranslator-development + +test: + <<: *default_settings + # It doesn't make sense to report to New Relic from automated test runs. + monitor_mode: false + +staging: + <<: *default_settings + app_name: mdtranslator-development + +production: + <<: *default_settings diff --git a/manifest.yml b/manifest.yml index 06fc49d..2526f2d 100644 --- a/manifest.yml +++ b/manifest.yml @@ -1,11 +1,16 @@ --- applications: -- name: ((app-name)) +- name: ((app_name)) buildpacks: - ruby_buildpack memory: 128M instances: ((instances)) routes: - - route: ((route-external)) + - route: ((route_external)) + env: + NEW_RELIC_APP_NAME: ((app_name))-((space_name)) + NEW_RELIC_HOST: gov-collector.newrelic.com + NEW_RELIC_MONITOR_MODE: ((new_relic_monitor_mode)) + NEW_RELIC_CONFIG_FILE: /home/vcap/app/config/newrelic.yml stack: cflinuxfs4 command: rails server \ No newline at end of file diff --git a/vars.development.yml b/vars.development.yml index 3548231..8615470 100644 --- a/vars.development.yml +++ b/vars.development.yml @@ -1,7 +1,10 @@ -app-name: mdtranslator -space-name: development -image-tag: development +app_name: mdtranslator +space_name: development +image_tag: development instances: 1 -route-external: mdtranslator.app.cloud.gov +route_external: mdtranslator.app.cloud.gov + +# New Relic +new_relic_monitor_mode: false \ No newline at end of file