[Feature] Integrate Sentry with Opentelemetry agent to send server error alert

[LeeHanEum]

🌱 관련 이슈

• close ✨ Sentry 연동 #111

📌 작업 내용 및 특이 사항

• Sentry 의존성 추가
• Sentry와 Opentelemetry agent 연동
• Opentelemetry 에이전트 도입을 위한 Docker 멀티스테이지 빌드 전환
• BeforeSendCallback에 fingerprint 설정하여 예외 그룹핑
• 새로운 익셉션 발생 시 디스코드 알림

📝 참고

• 우선적으로 dev 배포 후, 추가 설정이 필요할 수도 있음

📌 체크 리스트

• 리뷰어를 추가하셨나요 ?
• 변경사항에 대해 충분히 설명하고 있나요 ?

Summary by CodeRabbit

• New Features

  • Integrated Sentry error monitoring and distributed tracing.
  • Added OpenTelemetry agent to container images to enable agent-based telemetry.
  • Implemented intelligent error fingerprinting for improved grouping.
  • Added prod-specific Sentry sampling override (traces-sample-rate 0.1).

• Chores

  • Updated Sentry to 8.31.0 and introduced a Sentry Gradle plugin reference.

[coderabbitai]

Warning

Rate limit exceeded

@LeeHanEum has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 16 minutes and 5 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📝 Walkthrough

Walkthrough

Integrates Sentry: updates versions and version catalog, adds Sentry JVM Gradle plugin and agent handling in builds, injects the Sentry OpenTelemetry agent into Docker images and JVM startup, adds Sentry dependencies and Spring component for custom fingerprinting, and updates monitoring config.

Changes

Cohort / File(s)	Summary
Top-level build build.gradle.kts, gradle/libs.versions.toml	Added io.sentry.jvm.gradle plugin alias, bumped Sentry version to 8.31.0, added sentry_gradle (6.0.0) plugin entry, and added sentry_spring_boot_starter_jakarta and sentry_opentelemetry_agent library entries.
Core API build pida-core/core-api/build.gradle.kts	Applied Sentry JVM Gradle plugin, added sentryAgent configuration, copySentryAgent Copy task, wired task into build, and added sentryAgent(libs.sentry.opentelemetry.agent) dependency.
Monitoring module pida-supports/monitoring/build.gradle.kts, pida-supports/monitoring/src/main/resources/monitoring.yml	Added Sentry Spring Boot starter dependency and local domain dependency; added/adjusted Sentry configuration (DSN, traces-sample-rate, environment, logging) with a prod profile override.
Sentry integration code pida-supports/monitoring/src/main/kotlin/com/pida/monitoring/sentry/SentryFingerprintCallback.kt	New Spring component implementing BeforeSendCallback to compute and assign custom fingerprints for specific exception types.
Docker images docker/DockerfileDev, docker/DockerfileProd	Added agent-downloader build stage to fetch sentry-opentelemetry-agent and copy to /opt/sentry/agent.jar; create /opt/sentry; updated CMD to include -javaagent:/opt/sentry/agent.jar and -Dsentry.auto.init=false.

sequenceDiagram
    participant Build as Build System
    participant Artifact as Agent Artifact (libs)
    participant Docker as Dockerfile / Image
    participant App as JVM App
    participant Sentry as Sentry (External)

    Build->>Artifact: declare sentryAgent dependency & copy task
    Build->>Artifact: resolve and copy agent -> build output (agent/)
    Docker->>Build: use agent from build output / agent-downloader stage
    Docker->>Docker: place /opt/sentry/agent.jar in image
    App->>App: JVM starts with -javaagent:/opt/sentry/agent.jar and -Dsentry.auto.init=false
    App->>Sentry: agent/instrumentation sends telemetry/events
    App->>App: BeforeSendCallback (SentryFingerprintCallback) enriches events before send

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Poem

🐇 I nibbled code beneath the moonlight bright,

an agent tucked, prepared to catch each blight,
Fingerprints sewn for errors bold and small,
From build to Docker, I hopped through it all,
Now Sentry watches — and I nap, ears upright.

🚥 Pre-merge checks | ✅ 5 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title clearly summarizes the main change: integrating Sentry with OpenTelemetry agent for server error alerting, which is directly supported by all file modifications.
Linked Issues check	✅ Passed	The pull request successfully implements Sentry integration as required by issue #111, with comprehensive changes across dependencies, Docker configuration, Gradle setup, and error handling callbacks.
Out of Scope Changes check	✅ Passed	All changes are directly related to Sentry integration with OpenTelemetry agent; no out-of-scope modifications detected.
Merge Conflict Detection	✅ Passed	✅ No merge conflicts detected when merging into develop

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/sentry

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

🤖 Fix all issues with AI agents

In `@docker/DockerfileDev`:
- Around line 1-2: The DockerfileDev currently downloads the Sentry agent
unpinned in the agent-downloader stage using wget to
/sentry-opentelemetry-agent.jar; update this to download a specific, versioned
artifact (match the version in libs.versions.toml or core-api/build.gradle.kts)
from a stable URL (e.g., Maven Central coordinates for
sentry-opentelemetry-agent) and add an integrity check (verify SHA256 or other
checksum) before accepting the file so builds are reproducible and supply-chain
safe.
- Around line 13-16: The CMD line places the JVM option -Xmx2048m after -jar so
the launcher will treat it as the JAR path; reorder the JVM flags so all JVM
options (e.g., -javaagent:/opt/sentry/agent.jar and -Dsentry.auto.init=false and
-Xmx2048m) appear before -jar and then the JAR file
(/service/pida/core-api-0.0.1.jar) so the JVM recognizes -Xmx2048m as a memory
flag rather than a JAR filename.

In `@pida-core/core-api/build.gradle.kts`:
- Around line 24-32: The copySentryAgent Gradle task (copySentryAgent) produces
build/agent/sentry-opentelemetry-agent.jar but DockerfileDev and DockerfileProd
still wget the agent, creating two supply chains; pick one approach. Preferred:
switch DockerfileDev/DockerfileProd to COPY the Gradle output
(build/agent/sentry-opentelemetry-agent.jar) into the image and remove the wget
step so the Docker build uses the pinned libs.versions.toml artifact (keep the
copySentryAgent task and its dependency on build). Alternative: remove the
copySentryAgent task and any sentryAgent configuration if you want to keep
downloading via wget (accepting loss of version pinning).

In `@pida-supports/monitoring/src/main/resources/monitoring.yml`:
- Line 14: The configuration in monitoring.yml currently sets send-default-pii:
true which causes Sentry to collect PII (IP addresses, user details, cookies);
change the send-default-pii setting to false (or wire it to an
environment/config flag) to stop transmitting PII by default, and if you must
enable it, gate it behind an explicit opt-in flag and document the decision in
privacy/GDPR notes; update any Sentry initialization code that reads this key to
respect the new flag if present.

🧹 Nitpick comments (2)

pida-supports/monitoring/src/main/resources/monitoring.yml (1)

12-12: traces-sample-rate: 1.0 sends 100% of traces to Sentry — consider lowering for production.

Sampling all transactions can generate significant volume and cost. A rate of 0.1–0.25 is typical for production workloads. If this is intentional for the initial rollout, consider parameterizing it via an environment variable (like dsn) so it can be tuned per environment without a code change.

Suggested change

-  traces-sample-rate: 1.0
+  traces-sample-rate: ${SENTRY_TRACES_SAMPLE_RATE:1.0}

pida-core/core-api/build.gradle.kts (1)

5-12: Sentry org and project names are hardcoded — acceptable but worth noting.

org.set("pida-za") and projectName.set("pida") are hardcoded. This is fine for a single-project setup, but consider extracting these to gradle.properties if they may change or be shared across modules.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

copySentryAgent task output is unused — Dockerfiles download the agent from a URL instead.

The Gradle task copies the agent to build/agent/sentry-opentelemetry-agent.jar, but both DockerfileDev and DockerfileProd download the agent via wget from https://get.sentry.io/sentry-opentelemetry-agent.jar. This means the Gradle-resolved artifact is never used at runtime, creating two separate supply chains for the same artifact — with potentially different versions.

Pick one approach:

• Option A (preferred): Use the Gradle-resolved agent in Docker (guarantees the version matches libs.versions.toml). COPY the build output in the Dockerfile instead of wget.
• Option B: Remove the copySentryAgent task and sentryAgent configuration, and rely solely on the Docker download (but you lose version pinning).

🤖 Prompt for AI Agents

In `@pida-core/core-api/build.gradle.kts` around lines 24 - 32, The
copySentryAgent Gradle task (copySentryAgent) produces
build/agent/sentry-opentelemetry-agent.jar but DockerfileDev and DockerfileProd
still wget the agent, creating two supply chains; pick one approach. Preferred:
switch DockerfileDev/DockerfileProd to COPY the Gradle output
(build/agent/sentry-opentelemetry-agent.jar) into the image and remove the wget
step so the Docker build uses the pinned libs.versions.toml artifact (keep the
copySentryAgent task and its dependency on build). Alternative: remove the
copySentryAgent task and any sentryAgent configuration if you want to keep
downloading via wget (accepting loss of version pinning).

[char-yb]

LGTM!
나중에 모니터링 모듈에는 domain 모듈에서 공통 Exception 코드와 같은 클래스들을 common 모듈을 별도 분리해서 수정하면 좋을 듯합니당

[LeeHanEum]

LGTM! 나중에 모니터링 모듈에는 domain 모듈에서 공통 Exception 코드와 같은 클래스들을 common 모듈을 별도 분리해서 수정하면 좋을 듯합니당

안그래도 그 부분 말씀드리고 싶었는데 좋네요 👍👍
후행 작업으로 진행해도 될것 같습니다!