fix(deploy): wire SENTRY_DSN + JSON structured logs through prod deployment #641

New Issue

Closed

opened 2026-05-20 08:13:39 +02:00 by marcel · 0 comments

marcel commented 2026-05-20 08:13:39 +02:00

Owner

Copy Link

Problem

Two observability gaps prevent errors from surfacing in GlitchTip and Grafana:

1. GlitchTip receives no errors

SENTRY_DSN is never passed to the backend container. docker-compose.prod.yml has no SENTRY_DSN env var, and nightly.yml does not write it into .env.staging. The application.yaml has sentry.dsn: ${SENTRY_DSN:} which resolves to an empty string → Sentry SDK is a no-op.

Sentry.captureException(ex) is called in GlobalExceptionHandler but silently does nothing.

2. Grafana/Loki logs are unstructured

Spring Boot logs in default text format:

2026-05-20T05:53:28.661Z ERROR 1 --- [Familienarchiv] [thread] o.r.f.exception.GlobalExceptionHandler : Unhandled exception
...50 lines of stack trace...

Problems:

• Loki reports detected_level: unknown — can't filter by severity
• Multiline stack traces appear as 50 separate unlinked log entries
• Grafana Loki dashboard uses | logfmt which silently fails on this format

Fix

1. Enable Spring Boot 4.0 ECS structured logging via env var LOGGING_STRUCTURED_FORMAT_CONSOLE=ecs in docker-compose.prod.yml → single JSON entry per exception including full stack trace, log.level parsed by Loki
2. Add SENTRY_DSN: ${SENTRY_DSN:-} to backend service env in docker-compose.prod.yml
3. Add SENTRY_DSN=${{ secrets.STAGING_SENTRY_DSN }} to the .env.staging writer in nightly.yml
4. Update Grafana Loki dashboard | logfmt → | json

DSNs

• Backend: https://686ec2daa9bb45dc8e264e1e2727c8a4@glitchtip.archiv.raddatz.cloud/2
• Frontend: https://758169b5be8e4d799d09aaca4215036d@glitchtip.archiv.raddatz.cloud/1 (needs separate Gitea secret STAGING_VITE_SENTRY_DSN + build-arg wiring — defer to follow-up)

Why now

A 500 on the document page is currently occurring in staging (see investigation). The logging fix makes the error traceable in GlitchTip and Grafana so we can verify the 500 fix works after deploying it.

## Problem Two observability gaps prevent errors from surfacing in GlitchTip and Grafana: ### 1. GlitchTip receives no errors `SENTRY_DSN` is never passed to the backend container. `docker-compose.prod.yml` has no `SENTRY_DSN` env var, and `nightly.yml` does not write it into `.env.staging`. The `application.yaml` has `sentry.dsn: ${SENTRY_DSN:}` which resolves to an empty string → Sentry SDK is a no-op. `Sentry.captureException(ex)` is called in `GlobalExceptionHandler` but silently does nothing. ### 2. Grafana/Loki logs are unstructured Spring Boot logs in default text format: ``` 2026-05-20T05:53:28.661Z ERROR 1 --- [Familienarchiv] [thread] o.r.f.exception.GlobalExceptionHandler : Unhandled exception ...50 lines of stack trace... ``` Problems: - Loki reports `detected_level: unknown` — can't filter by severity - Multiline stack traces appear as 50 separate unlinked log entries - Grafana Loki dashboard uses `| logfmt` which silently fails on this format ### Fix 1. Enable Spring Boot 4.0 ECS structured logging via env var `LOGGING_STRUCTURED_FORMAT_CONSOLE=ecs` in `docker-compose.prod.yml` → single JSON entry per exception including full stack trace, `log.level` parsed by Loki 2. Add `SENTRY_DSN: ${SENTRY_DSN:-}` to backend service env in `docker-compose.prod.yml` 3. Add `SENTRY_DSN=${{ secrets.STAGING_SENTRY_DSN }}` to the `.env.staging` writer in `nightly.yml` 4. Update Grafana Loki dashboard `| logfmt` → `| json` ### DSNs - Backend: `https://686ec2daa9bb45dc8e264e1e2727c8a4@glitchtip.archiv.raddatz.cloud/2` - Frontend: `https://758169b5be8e4d799d09aaca4215036d@glitchtip.archiv.raddatz.cloud/1` (needs separate Gitea secret `STAGING_VITE_SENTRY_DSN` + build-arg wiring — defer to follow-up) ### Why now A `500` on the document page is currently occurring in staging (see investigation). The logging fix makes the error traceable in GlitchTip and Grafana so we can verify the 500 fix works after deploying it.

marcel added the P1-highbugdevops labels 2026-05-20 08:13:53 +02:00

marcel referenced this issue from a commit 2026-05-20 08:16:45 +02:00

fix(deploy): wire SENTRY_DSN and enable ECS JSON logging for prod (#641)

marcel referenced a pull request that will close this issue 2026-05-20 08:17:00 +02:00

fix(deploy): wire SENTRY_DSN and enable ECS JSON logging for prod (#641) #643

marcel referenced this issue 2026-05-20 08:17:08 +02:00

fix(document): add trainingLabels to Document.full entity graph (#642) #644

marcel referenced this issue 2026-05-20 09:16:15 +02:00

fix(deploy): wire SENTRY_DSN and enable ECS JSON logging for prod (#641) #643

marcel closed this issue 2026-05-20 09:39:20 +02:00

marcel referenced this issue 2026-05-20 09:53:07 +02:00

fix: wire VITE_SENTRY_DSN as Docker build arg so frontend errors reach GlitchTip #645

marcel referenced this issue 2026-05-20 09:54:44 +02:00

fix(deploy): wire VITE_SENTRY_DSN as Docker build arg so frontend errors reach GlitchTip #646

marcel referenced this issue 2026-05-20 09:56:26 +02:00

fix(deploy): wire VITE_SENTRY_DSN as Docker build arg so frontend errors reach GlitchTip #646

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

feat/issue-380-decouple-mention-search

feat/issue-286-notification-bell-form-actions

feat/issue-580-sentry-backend

fix/issue-593-management-port-zero

worktree-feat+issue-557-upload-artifact-v3-pin

worktree-chore+issue-556-drop-client-branches-coverage-gate

fix/issue-514-prerender-crawl-bakes-redirects

fix/issue-472-prerender-entries

feat/issue-395-readme

feat/issue-345-bulk-mark-reviewed

feat/issue-344-bell-tooltip

feat/issue-341-annotieren-contrast

feat/issue-225-bulk-metadata-edit

feat/issue-317-bulk-upload

feat/issue-271-dashboard-redesign

docs/issue-240-mission-control-spec

refactor/issues-193-200

feat/issue-162-korrespondenz-redesign

feature/68-new-document-file-first

feat/81-discussion-discoverability

feat/62-document-bottom-panel

feature/56-backfill-file-hashes

feat/38-document-edit-history

fix/svelte5-test-delegation-and-login-auth

No results found.

Labels

Clear labels

P0-critical

Blocks a core user journey, causes data loss, or is a security/accessibility barrier. Work on this before P1+.

P1-high

Significant friction on a main user journey; workaround exists but is non-obvious. Next up after P0.

P2-medium

Noticeable improvement; doesn't block anything; schedule opportunistically.

P3-later

Cosmetic or parking-lot work; fine to stay open indefinitely.

audit

Read-only audit / assessment work; produces a report rather than changing code

bug

Something isn't working

cleanup

Removal of dead code, vague comments, naming violations, and scratch artifacts

collaboration

We want to extend the family archive to have more collaboration tools

conversation

descoped

We will do that later

devops

documentation

README, ARCHITECTURE, GLOSSARY, CONTRIBUTING, per-domain docs

epic

Marker for epic-level issues that group multiple child issues

feature

file-upload

legibility

Codebase Legibility Refactor — preparing the codebase for human evaluation and bus-factor reduction

notification

person

phase-1: security

Security hygiene — must be done first

phase-2: container-images

Production-ready multi-stage Docker images

phase-3: prod-compose

Production compose overlay + Caddy reverse proxy

phase-4: spring-prod-profile

Spring Boot production configuration profile

phase-5: backups

Database and object storage backup strategy

phase-6: deployment-docs

.env.example, DEPLOYMENT.md, runbook

phase-7: monitoring

Prometheus, Loki, Grafana, Alertmanager

refactor

Code restructuring without behaviour change

security

test

ui

UI/UX and accessibility issues

user

No Label P1-high bug devops

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

Jens marcel

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: marcel/familienarchiv#641