Add sentry

[drew2a]

Resolves #5727

This PR adds Sentry support to Tribler Client.
The UX keeps unchanged.

The main concept: suppress (but store) all Sentry events until a user clicked on the "send report" button.

There are two new entities:

1. SentryReporter(singleton) for managing work with Sentry
2. SentryScrubber for scrubbing sensitive and redundant information.

How it works

Basically, Sentry-based reporting works the same way the old Reporter did:

• catch the error in the Core (or in the GUI)
• send it to the GUI over the Events endpoint (GUI errors are handled directly)
• present the "report error" dialog to the user
• send the report when the user clicks the "send report" button

Protecting user identities

A user will now be assigned a unique pseudonym (e.g.Jonh Doe) based on the hash of their public_key.

Note. The current implementation specifies user only for errors raised in the Core process, but it can be extended in the future.

Simplified python-friendly explanation

# `SentryReporter` will be inited at the start of a Tribler Client run
SentryReporter.init(sentry_url=sentry_url, scrubber=SentryScrubber())

# Then all Sentry events will be suppressed (`session.py`):
SentryReporter.allow_sending_globally(False)

# In a case of an error in  the `Core process`, the Sentry event will be obtained and sent to `GUI` (`session.py`):
sentry_event = SentryReporter.last_event
self.api_manager.get_endpoint('events').on_tribler_exception(text_long, sentry_event)

In the case of an error inside the GUI process, the event will be obtained directly in the GUI process.

After the user's click on the "sent report" button, the Sentry event will be sent to the server (feedbackdialog.py):

SentryReporter.send(post_data, sentry_event, sys_info_dict)

Removing sensitive and redundant information

SentryScrubber is the class responsible for scrubbing.
It is calling on every Sentry's attempt to sent an event.
By using regex it scans all the necessary event fields and replaces real information with placeholders.

What is sensitive information:

• IPs
• User Name
• 40-symbols-long hashes

What is redundant information:

• Information on installed python modules

Which fields will be affected by scrubbing:

• Extra
• Logentry
• Breadcrumbds
• Os.environ
• Stacktrace
• Sysinfo

Tests

This PR introduced the first tests for the tribler-common module.
All the corresponding Jenkin's jobs have to be updated:

• PR Linux
• PR macOS
• PR Windows

Thanks to @ichorid for contributing to the description.

[ghost]

DeepCode's analysis on #30b602 found:

• ⚠️ 1 warning 👇

Top issues

Description	Example fixes
hashlib.md5 is insecure. Consider changing it to a secure hashing algorithm (e.g. SHA256). Occurrences: sentry_reporter.py:185	🔧 Example fixes

👉 View analysis in DeepCode’s Dashboard | Configure the bot

[ichorid]

Would you kindly run pre-commit hooks to format the stuff using black?

[ichorid]

🐬 👍 🐟

[drew2a]

🐳🌸

[kozlovsky]

As I understand it from Sentry documentation, logging integration is one of the default integrations which are enabled by default, so probably it is unnecessary to specify it explicitly:
https://docs.sentry.io/platforms/python/configuration/integrations/default-integrations/
https://docs.sentry.io/platforms/python/guides/logging/

[drew2a]

Yes, you a right, But now it is easy to configure levels of capturing information.
Otherwise, you need to spend some time reading documentation.

[xoriole]

@drew2a Could you update sentry_url from environment variable to version.py via this script below? It will make sure that builder works as well.

tribler/build/update_version_from_git.py

Lines 35 to 37 in d89f5ca

	with open(path.join('src', 'tribler-core', 'tribler_core', 'version.py'), 'w') as f:
	f.write('version_id = "%s"%sbuild_date = "%s"%scommit_id = "%s"%s' %
	(version_id, linesep, build_date, linesep, commit_id, linesep))

[drew2a]

@xoriole yes, sure! 👌

[ichorid]

Personally, I still perceive 9-line comments and tests for trivial one-liners a waste of both the writer's and the reader's mental energy, exactly the thing Python was designed to avoid.

But we need this PR in 7.6.

p.s.
Be warned that I will remove excessive comments if I ever touch the said code 😈

[ichorid]

Thanks! 👍

[drew2a]

@ichorid you are welcome :)

[xoriole]

After the merge, please make sure to update the build jobs with the right sentry URL.
https://jenkins-ci.tribler.org/job/Build-Tribler_release/job/Build/

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!

0 Bugs
0 Vulnerabilities (and 5 Security Hotspots to review)
6 Code Smells

No Coverage information
0.0% Duplication