Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactoring backend codebase to use central error handling and logging #152

Merged
merged 8 commits into from
Dec 25, 2022
Merged

Refactoring backend codebase to use central error handling and logging #152

merged 8 commits into from
Dec 25, 2022

Conversation

Zamion101
Copy link
Contributor

@Zamion101 Zamion101 commented Dec 22, 2022
edited
Loading

Added:

[21.12.2022]

  • Added Midleware to capture and handle all errors
    • will catch error from throw ... and next(...)
  • Added RequestError base error class to build consistent error objects
  • Added VERBOSE_ERROR_OUTPUT environment variable to control stacktrace of error mesages, with this variable it's easier to locate error in developmen environment.
  • Added common errors like UnauthorizedRequestError, BadRequestError
  • Added consistent Logging solution using winston
    • Supports Loki Transporter using winston-loki
  • Outputing Legal disclaimer to console when TELEMETRY_ENABLED=true
  • Added Sentry.captureException to Error Handler

[22.12.2022]

  • Added middleware to capture unrouted requests for responding with proper error messages and status code

[24.12.2022]

  • New error types such as IntegrationNotFoundError, WorkspaceNotFoundError, `AccountNotFoundError' and more.

Changed:

[21.12.2022]

  • Changed console.log to getLogger() favor of using consistent logging

[24.12.2022]

  • Some of the error types in middlewares changed to more related error types.
  • Environment variable of 'VERBOSE_ERROR_OUTPUT' changed to more reliable validation method in config/index.ts as per @dangtony98 requested.

Screenshosts:

New error messages for unrouted requests (stacktrace can be omitted using VERBOSE_ERROR_OUTPUT=false)

image

@Zamion101
feat: Add central error handler
bd9041a 
Added:
- Added Midleware to capture and handle all errors
    - will catch error from `throw ...` and `next(...)`
- Added RequestError base error class to build consistent error objects
- Added common errors like `UnauthorizedRequestError`, `BadRequestError`
- Added consistent Logging solution using `winston`
    - Supports Loki Transporter using `winston-loki`
- Outputing Legal disclaimer to console when `TELEMETRY_ENABLED=true`

Changed:
- Changed console.log to getLogger() favor of using consistent logging
@Zamion101 Zamion101 mentioned this pull request Dec 22, 2022
Closed
@Zamion101
refactor: Refactored middlewares to use RequestError
6f5d7a8 
Refactored middlewares to use RequestError rather than using
`try {...}catch (err){...}`. With this change it's possible to manage
all error details within one place.

Added:
- Added Sentry.captureException to Error Handler
@Zamion101
fix: Wrong error handler middleware position
843757f 
Error handler is a middleware that captures errors from throw and
next(...), so in order to be able to handle it needs to come after
all of the routing and other middlewares. Previously it was before
routuing logic and wasn't working, now it works as intended.

Also added check for LogLevel to Sentry for not sending false-positive
errors like `BadRequestError`, `UnauthorizedRequestError` and etc.
@dangtony98
Copy link
Collaborator

Just left a few minor comments above to sort out. Otherwise, great work with improving the logging for Infisical!

Looking forward to merging this 😁

@Zamion101
refactor: Prefer use of RequestError and next() function on middlewares
28818db 
Added:
- New error types such as `IntegrationNotFoundError`,
  `WorkspaceNotFoundError`, `AccountNotFoundError' and more.

Refactored:
- Refactored most of the middlewares and very little number of helper
  functions to use RequestError
- Deleted unused imports

Changed:
- Some of the error types in middlewares changed to more related error
  types.
- Environment variable of 'VERBOSE_ERROR_OUTPUT' changed to more
  reliable validation method in `config/index.ts` as per @dangtony98
  requested.
@Zamion101
Copy link
Contributor Author

At this point, I think we can start merging these changes to take small steps forward. We still have a lot of work to do to completely refactor all legacy errors to the new RequestError. If I were to do it by myself, it would take much longer than necessary. That's why I think we can merge this pull request and encourage existing and new contributors to use getLogger() for logging, next(RequestError()) in routes and throw RequestError() in any other place.

Even though I tested in Web GUI and HTTP Request, please give it a try and give me some feedback. I will make corrections as soon as possible of any given. @dangtony98 @maidul98

@Zamion101 Zamion101 marked this pull request as ready for review December 24, 2022 20:12
Zamion101
Zamion101 commented Dec 24, 2022
View reviewed changes
backend/src/app.ts Outdated Show resolved Hide resolved
@Zamion101
feat: Patch Router#handle to catch Promise Rejection
d72e113 
In order to catch Promise rejections inside and outside of middlewares
as well as in route logic we need to patch `Router#handle` and add
.catch() to the function. With that addition it is possible to
catch rejections and handle inside `requestErrorHandler` middleware.
dangtony98
dangtony98 previously approved these changes Dec 25, 2022
View reviewed changes
Copy link
Collaborator

@dangtony98 dangtony98 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me!

There're definitely a lot of parts that need to be re-classified/renamed (e.g. there may need to be a BotNotFound Error) and ironed out but I think this is a great start for us to start re-working the backend and getting more contributors involved in that process :)

Great stuff.

@gitguardian
Copy link

gitguardian bot commented Dec 25, 2022

⚠️ GitGuardian has uncovered 4 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request
GitGuardian id Secret Commit Filename
- Generic High Entropy Secret a12ae35 .env.example View secret
- Generic High Entropy Secret a12ae35 .env.example View secret
- Generic High Entropy Secret a12ae35 .env.example View secret
- Generic High Entropy Secret a12ae35 .env.example View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secrets safely. Learn here the best practices.
  3. Revoke and rotate these secrets.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

Our GitHub checks need improvements? Share your feedbacks!

@dangtony98 dangtony98 merged commit c3b2e08 into Infisical:main Dec 25, 2022
@Zamion101 Zamion101 deleted the feat/error-handling branch January 1, 2023 22:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dangtony98 dangtony98 dangtony98 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Zamion101 @dangtony98