feat: add Sentry error tracking + performance tracing to backend and auth

Integrate @sentry/node for server-side error capture and performance
monitoring on both Express apps. Add X-Request-Id middleware for
cross-service correlation with dj-site PostHog errors.

- Sentry.init() in instrument.ts (imported first to patch modules)
- setupExpressErrorHandler() before existing error handlers
- X-Request-Id middleware: reads from request or generates UUID, tags Sentry scope
- CORS updated to allow/expose X-Request-Id header
- tsup configs externalize @sentry/node (monkey-patching requires unbundled)
- Deploy action passes SENTRY_RELEASE to container
- Auth service gets a fallback error handler (had none previously)

Author: jakebromberg

.github/actions/deploy-service/action.yml

@@ -71,7 +71,7 @@ runs:
           docker ps -a --filter "publish=$PUBLISH_PORT" --format "{{.ID}}" | xargs -r docker rm 
 
           echo "Starting new Docker container..."
-          docker run -d --name $TARGET_APP -p $PUBLISH_PORT:8080 --restart unless-stopped --env-file .env ${{ inputs.aws_ecr_uri }}/$TARGET_APP:$DEPLOY_TAG
+          docker run -d --name $TARGET_APP -p $PUBLISH_PORT:8080 --restart unless-stopped --env-file .env -e SENTRY_RELEASE=$TARGET_APP@$DEPLOY_TAG ${{ inputs.aws_ecr_uri }}/$TARGET_APP:$DEPLOY_TAG
 
           echo "Cleaning up old Docker images..."
           docker images --format '{{.Repository}} {{.Tag}}' | \

apps/auth/app.ts

@@ -1,11 +1,14 @@
 // Auth service using Express
+import './instrument.js';
+import * as Sentry from '@sentry/node';
 import { config } from 'dotenv';
 const dotenvResult = config();
 
 import { auth } from '@wxyc/authentication';
 import { toNodeHandler } from 'better-auth/node';
 import cors from 'cors';
 import express from 'express';
+import type { Request, Response, NextFunction } from 'express';
 
 const port = process.env.AUTH_PORT || '8080';
 
@@ -128,6 +131,14 @@ app.get('/healthcheck', async (req, res) => {
   }
 });
 
+Sentry.setupExpressErrorHandler(app);
+
+// Fallback error handler
+app.use((err: any, req: Request, res: Response, next: NextFunction) => {
+  const message = err instanceof Error ? err.message : String(err);
+  res.status(500).json({ error: message });
+});
+
 // Create default user if needed
 const createDefaultUser = async () => {
   if (process.env.CREATE_DEFAULT_USER !== 'TRUE') return;

apps/auth/instrument.ts

@@ -0,0 +1,8 @@
+import * as Sentry from '@sentry/node';
+
+Sentry.init({
+  dsn: process.env.SENTRY_DSN,
+  release: process.env.SENTRY_RELEASE,
+  environment: process.env.NODE_ENV || 'development',
+  tracesSampleRate: 1.0,
+});

apps/auth/package.json

@@ -16,8 +16,9 @@
   "author": "Jackson Meade",
   "license": "MIT",
   "dependencies": {
-    "@wxyc/database": "^1.0.0",
+    "@sentry/node": "^10.40.0",
     "@wxyc/authentication": "^1.0.0",
+    "@wxyc/database": "^1.0.0",
     "better-auth": "^1.3.23",
     "cors": "^2.8.5",
     "dotenv": "^17.2.1",

apps/auth/tsup.config.ts

@@ -8,7 +8,7 @@ export default defineConfig((options) => ({
   target: 'node20',
   clean: true,
   sourcemap: true,
-  external: ['@wxyc/database', 'better-auth', 'drizzle-orm', 'express', 'cors', 'postgres'],
+  external: ['@wxyc/database', 'better-auth', 'drizzle-orm', 'express', 'cors', 'postgres', '@sentry/node'],
   env: {
     NODE_ENV: process.env.NODE_ENV || 'development',
   },

apps/backend/app.ts

@@ -1,3 +1,5 @@
+import './instrument.js';
+import * as Sentry from '@sentry/node';
 import express from 'express';
 import cors from 'cors';
 import swaggerUi from 'swagger-ui-express';
@@ -13,6 +15,7 @@ import { request_line_route } from './routes/requestLine.route.js';
 import { showMemberMiddleware } from './middleware/checkShowMember.js';
 import { activeShow } from './middleware/checkActiveShow.js';
 import errorHandler from './middleware/errorHandler.js';
+import { requestIdMiddleware } from './middleware/requestId.js';
 import { requirePermissions } from '@wxyc/authentication';
 
 const port = process.env.PORT || 8080;
@@ -23,12 +26,16 @@ app.set('trust proxy', true);
 //Interpret parse json into js objects
 app.use(express.json());
 
+// Cross-service request correlation
+app.use(requestIdMiddleware);
+
 //CORS
 app.use(
   cors({
     origin: process.env.FRONTEND_SOURCE || '*',
     methods: ['GET', 'POST', 'DELETE', 'PATCH'],
-    allowedHeaders: ['Content-Type', 'Authorization'],
+    allowedHeaders: ['Content-Type', 'Authorization', 'X-Request-Id'],
+    exposedHeaders: ['X-Request-Id'],
     credentials: true,
   })
 );
@@ -69,6 +76,7 @@ app.get('/healthcheck', async (req, res) => {
   res.json({ message: 'Healthy!' });
 });
 
+Sentry.setupExpressErrorHandler(app);
 app.use(errorHandler);
 
 const server = app.listen(port, () => {

apps/backend/instrument.ts

@@ -0,0 +1,8 @@
+import * as Sentry from '@sentry/node';
+
+Sentry.init({
+  dsn: process.env.SENTRY_DSN,
+  release: process.env.SENTRY_RELEASE,
+  environment: process.env.NODE_ENV || 'development',
+  tracesSampleRate: 1.0,
+});

apps/backend/middleware/requestId.ts

@@ -0,0 +1,11 @@
+import * as Sentry from '@sentry/node';
+import type { Request, Response, NextFunction } from 'express';
+
+export function requestIdMiddleware(req: Request, res: Response, next: NextFunction) {
+  const requestId = req.get('X-Request-Id') || crypto.randomUUID();
+
+  res.setHeader('X-Request-Id', requestId);
+  Sentry.getCurrentScope().setTag('request_id', requestId);
+
+  next();
+}

apps/backend/package.json

@@ -16,6 +16,7 @@
   "author": "AyBruno",
   "license": "MIT",
   "dependencies": {
+    "@sentry/node": "^10.40.0",
     "@wxyc/authentication": "*",
     "@wxyc/database": "*",
     "async-mutex": "^0.5.0",

apps/backend/tsup.config.ts

@@ -11,6 +11,8 @@ export default defineConfig((options) => ({
   format: ['esm'],
   outDir: 'dist',
   clean: true,
+  sourcemap: true,
+  external: ['@sentry/node'],
   onSuccess: options.watch ? 'node ./dist/app.js' : undefined,
   minify: !options.watch,