ros/n8n-mcp
1
0
Fork 0
mirror of https://github.com/czlonkowski/n8n-mcp.git synced 2026-03-30 06:03:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: refactor telemetry system with critical improvements (v2.14.1)

Browse Source 
Major improvements to telemetry system addressing code review findings:

Architecture & Modularization:
- Split 636-line TelemetryManager into 7 focused modules
- Separated concerns: event tracking, batch processing, validation, rate limiting
- Lazy initialization pattern to avoid early singleton creation
- Clean separation of responsibilities

Security & Privacy:
- Added comprehensive input validation with Zod schemas
- Sanitization of sensitive data (URLs, API keys, emails)
- Expanded sensitive key detection patterns (25+ patterns)
- Row Level Security on Supabase backend
- Added data deletion contact info (romuald@n8n-mcp.com)

Performance & Reliability:
- Sliding window rate limiter (100 events/minute)
- Circuit breaker pattern for network failures
- Dead letter queue for failed events
- Exponential backoff with jitter for retries
- Performance monitoring with overhead tracking (<5%)
- Memory-safe array limits in rate limiter

Testing:
- Comprehensive test coverage (87%+ for core modules)
- Unit tests for all new modules
- Integration tests for MCP telemetry
- Fixed test isolation issues

Data Management:
- Clear user consent in welcome message
- Batch processing with deduplication
- Automatic workflow flushing

BREAKING CHANGE: TelemetryManager constructor is now private, use getInstance()

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
czlonkowski
2025-09-26 16:10:54 +02:00
parent 6f21a717cd
commit e14c647b7d
17 changed files with 6032 additions and 466 deletions
Download Patch File Download Diff File Expand all files Collapse all files

610
src/telemetry/telemetry-manager.ts
View File

@@ -1,69 +1,51 @@
/**
* Telemetry Manager
* Main telemetry class for anonymous usage statistics
* Main telemetry coordinator using modular components
*/
import { createClient, SupabaseClient } from '@supabase/supabase-js';
import { TelemetryConfigManager } from './config-manager';
import { WorkflowSanitizer } from './workflow-sanitizer';
import { TelemetryEventTracker } from './event-tracker';
import { TelemetryBatchProcessor } from './batch-processor';
import { TelemetryPerformanceMonitor } from './performance-monitor';
import { TELEMETRY_BACKEND } from './telemetry-types';
import { TelemetryError, TelemetryErrorType, TelemetryErrorAggregator } from './telemetry-error';
import { logger } from '../utils/logger';
import { resolve } from 'path';
import { existsSync, readFileSync } from 'fs';
interface TelemetryEvent {
user_id: string;
event: string;
properties: Record<string, any>;
created_at?: string;
}
interface WorkflowTelemetry {
user_id: string;
workflow_hash: string;
node_count: number;
node_types: string[];
has_trigger: boolean;
has_webhook: boolean;
complexity: 'simple' | 'medium' | 'complex';
sanitized_workflow: any;
created_at?: string;
}
// Configuration constants
const TELEMETRY_CONFIG = {
BATCH_FLUSH_INTERVAL: 5000, // 5 seconds - reduced for multi-process
EVENT_QUEUE_THRESHOLD: 1, // Immediate flush for multi-process compatibility
WORKFLOW_QUEUE_THRESHOLD: 1, // Immediate flush for multi-process compatibility
MAX_RETRIES: 3,
RETRY_DELAY: 1000, // 1 second
OPERATION_TIMEOUT: 5000, // 5 seconds
} as const;
// Hardcoded telemetry backend configuration
// IMPORTANT: This is intentionally hardcoded for zero-configuration telemetry
// The anon key is PUBLIC and SAFE to expose because:
// 1. It only allows INSERT operations (write-only)
// 2. Row Level Security (RLS) policies prevent reading/updating/deleting data
// 3. This is standard practice for anonymous telemetry collection
// 4. No sensitive user data is ever sent
const TELEMETRY_BACKEND = {
URL: 'https://ydyufsohxdfpopqbubwk.supabase.co',
ANON_KEY: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6InlkeXVmc29oeGRmcG9wcWJ1YndrIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NTg3OTYyMDAsImV4cCI6MjA3NDM3MjIwMH0.xESphg6h5ozaDsm4Vla3QnDJGc6Nc_cpfoqTHRynkCk'
} as const;
export class TelemetryManager {
private static instance: TelemetryManager;
private supabase: SupabaseClient | null = null;
private configManager: TelemetryConfigManager;
private eventQueue: TelemetryEvent[] = [];
private workflowQueue: WorkflowTelemetry[] = [];
private flushTimer?: NodeJS.Timeout;
private eventTracker: TelemetryEventTracker;
private batchProcessor: TelemetryBatchProcessor;
private performanceMonitor: TelemetryPerformanceMonitor;
private errorAggregator: TelemetryErrorAggregator;
private isInitialized: boolean = false;
private isFlushingWorkflows: boolean = false;
private constructor() {
// Prevent direct instantiation even when TypeScript is bypassed
if (TelemetryManager.instance) {
throw new Error('Use TelemetryManager.getInstance() instead of new TelemetryManager()');
}
this.configManager = TelemetryConfigManager.getInstance();
this.initialize();
this.errorAggregator = new TelemetryErrorAggregator();
this.performanceMonitor = new TelemetryPerformanceMonitor();
// Initialize event tracker with callbacks
this.eventTracker = new TelemetryEventTracker(
() => this.configManager.getUserId(),
() => this.isEnabled()
);
// Initialize batch processor (will be configured after Supabase init)
this.batchProcessor = new TelemetryBatchProcessor(
null,
() => this.isEnabled()
);
// Delay initialization to first use, not constructor
// this.initialize();
}
static getInstance(): TelemetryManager {
@@ -73,6 +55,15 @@ export class TelemetryManager {
return TelemetryManager.instance;
}
/**
* Ensure telemetry is initialized before use
*/
private ensureInitialized(): void {
if (!this.isInitialized && this.configManager.isEnabled()) {
this.initialize();
}
}
/**
* Initialize telemetry if enabled
*/
@@ -100,23 +91,24 @@ export class TelemetryManager {
},
});
this.isInitialized = true;
this.startBatchProcessor();
// Update batch processor with Supabase client
this.batchProcessor = new TelemetryBatchProcessor(
this.supabase,
() => this.isEnabled()
);
// Flush on exit
process.on('beforeExit', () => this.flush());
process.on('SIGINT', () => {
this.flush();
process.exit(0);
});
process.on('SIGTERM', () => {
this.flush();
process.exit(0);
});
this.batchProcessor.start();
this.isInitialized = true;
logger.debug('Telemetry initialized successfully');
} catch (error) {
logger.debug('Failed to initialize telemetry:', error);
const telemetryError = new TelemetryError(
TelemetryErrorType.INITIALIZATION_ERROR,
'Failed to initialize telemetry',
{ error: error instanceof Error ? error.message : String(error) }
);
this.errorAggregator.record(telemetryError);
telemetryError.log();
this.isInitialized = false;
}
}
@@ -125,395 +117,137 @@ export class TelemetryManager {
* Track a tool usage event
*/
trackToolUsage(toolName: string, success: boolean, duration?: number): void {
if (!this.isEnabled()) return;
// Sanitize tool name (remove any potential sensitive data)
const sanitizedToolName = toolName.replace(/[^a-zA-Z0-9_-]/g, '_');
this.trackEvent('tool_used', {
tool: sanitizedToolName,
success,
duration: duration || 0,
});
this.ensureInitialized();
this.performanceMonitor.startOperation('trackToolUsage');
this.eventTracker.trackToolUsage(toolName, success, duration);
this.eventTracker.updateToolSequence(toolName);
this.performanceMonitor.endOperation('trackToolUsage');
}
/**
* Track workflow creation (fire-and-forget)
* Track workflow creation
*/
trackWorkflowCreation(workflow: any, validationPassed: boolean): void {
if (!this.isEnabled()) return;
// Only store workflows that pass validation
if (!validationPassed) {
this.trackEvent('workflow_validation_failed', {
nodeCount: workflow.nodes?.length || 0,
});
return;
async trackWorkflowCreation(workflow: any, validationPassed: boolean): Promise<void> {
this.ensureInitialized();
this.performanceMonitor.startOperation('trackWorkflowCreation');
try {
await this.eventTracker.trackWorkflowCreation(workflow, validationPassed);
// Auto-flush workflows to prevent data loss
await this.flush();
} catch (error) {
const telemetryError = error instanceof TelemetryError
? error
: new TelemetryError(
TelemetryErrorType.UNKNOWN_ERROR,
'Failed to track workflow',
{ error: String(error) }
);
this.errorAggregator.record(telemetryError);
} finally {
this.performanceMonitor.endOperation('trackWorkflowCreation');
}
// Process asynchronously without blocking
setImmediate(async () => {
try {
const sanitized = WorkflowSanitizer.sanitizeWorkflow(workflow);
const telemetryData: WorkflowTelemetry = {
user_id: this.configManager.getUserId(),
workflow_hash: sanitized.workflowHash,
node_count: sanitized.nodeCount,
node_types: sanitized.nodeTypes,
has_trigger: sanitized.hasTrigger,
has_webhook: sanitized.hasWebhook,
complexity: sanitized.complexity,
sanitized_workflow: {
nodes: sanitized.nodes,
connections: sanitized.connections,
},
};
// Add to queue synchronously to avoid race conditions
const queueLength = this.addToWorkflowQueue(telemetryData);
// Also track as event
this.trackEvent('workflow_created', {
nodeCount: sanitized.nodeCount,
nodeTypes: sanitized.nodeTypes.length,
complexity: sanitized.complexity,
hasTrigger: sanitized.hasTrigger,
hasWebhook: sanitized.hasWebhook,
});
// Flush if queue reached threshold
if (queueLength >= TELEMETRY_CONFIG.WORKFLOW_QUEUE_THRESHOLD) {
await this.flush();
}
} catch (error) {
logger.debug('Failed to track workflow creation:', error);
}
});
}
/**
* Thread-safe method to add workflow to queue
* Returns the new queue length after adding
*/
private addToWorkflowQueue(telemetryData: WorkflowTelemetry): number {
// Don't add to queue if we're currently flushing workflows
// This prevents race conditions where items are added during flush
if (this.isFlushingWorkflows) {
// Queue the flush for later to ensure we don't lose data
setImmediate(() => {
this.workflowQueue.push(telemetryData);
if (this.workflowQueue.length >= TELEMETRY_CONFIG.WORKFLOW_QUEUE_THRESHOLD) {
this.flush();
}
});
return 0; // Don't trigger immediate flush
}
this.workflowQueue.push(telemetryData);
return this.workflowQueue.length;
}
/**
* Track an error event
*/
trackError(errorType: string, context: string, toolName?: string): void {
if (!this.isEnabled()) return;
this.trackEvent('error_occurred', {
errorType: this.sanitizeErrorType(errorType),
context: this.sanitizeContext(context),
tool: toolName ? toolName.replace(/[^a-zA-Z0-9_-]/g, '_') : undefined,
});
this.ensureInitialized();
this.eventTracker.trackError(errorType, context, toolName);
}
/**
* Track a generic event
*/
trackEvent(eventName: string, properties: Record<string, any>): void {
if (!this.isEnabled()) return;
const event: TelemetryEvent = {
user_id: this.configManager.getUserId(),
event: eventName,
properties: this.sanitizeProperties(properties),
};
this.eventQueue.push(event);
// Flush if queue is getting large
if (this.eventQueue.length >= TELEMETRY_CONFIG.EVENT_QUEUE_THRESHOLD) {
this.flush();
}
this.ensureInitialized();
this.eventTracker.trackEvent(eventName, properties);
}
/**
* Track session start
*/
trackSessionStart(): void {
if (!this.isEnabled()) return;
this.trackEvent('session_start', {
version: this.getPackageVersion(),
platform: process.platform,
arch: process.arch,
nodeVersion: process.version,
});
this.ensureInitialized();
this.eventTracker.trackSessionStart();
}
/**
* Track search queries to identify documentation gaps
* Track search queries
*/
trackSearchQuery(query: string, resultsFound: number, searchType: string): void {
if (!this.isEnabled()) return;
this.trackEvent('search_query', {
query: this.sanitizeString(query).substring(0, 100),
resultsFound,
searchType,
hasResults: resultsFound > 0,
isZeroResults: resultsFound === 0
});
this.eventTracker.trackSearchQuery(query, resultsFound, searchType);
}
/**
* Track validation failure details for improvement insights
* Track validation details
*/
trackValidationDetails(nodeType: string, errorType: string, details: Record<string, any>): void {
if (!this.isEnabled()) return;
this.trackEvent('validation_details', {
nodeType: nodeType.replace(/[^a-zA-Z0-9_.-]/g, '_'),
errorType: this.sanitizeErrorType(errorType),
errorCategory: this.categorizeError(errorType),
details: this.sanitizeProperties(details)
});
this.eventTracker.trackValidationDetails(nodeType, errorType, details);
}
/**
* Track tool usage sequences to understand workflows
* Track tool sequences
*/
trackToolSequence(previousTool: string, currentTool: string, timeDelta: number): void {
if (!this.isEnabled()) return;
this.trackEvent('tool_sequence', {
previousTool: previousTool.replace(/[^a-zA-Z0-9_-]/g, '_'),
currentTool: currentTool.replace(/[^a-zA-Z0-9_-]/g, '_'),
timeDelta: Math.min(timeDelta, 300000), // Cap at 5 minutes
isSlowTransition: timeDelta > 10000, // More than 10 seconds
sequence: `${previousTool}->${currentTool}`
});
this.eventTracker.trackToolSequence(previousTool, currentTool, timeDelta);
}
/**
* Track node configuration patterns
* Track node configuration
*/
trackNodeConfiguration(nodeType: string, propertiesSet: number, usedDefaults: boolean): void {
if (!this.isEnabled()) return;
this.trackEvent('node_configuration', {
nodeType: nodeType.replace(/[^a-zA-Z0-9_.-]/g, '_'),
propertiesSet,
usedDefaults,
complexity: this.categorizeConfigComplexity(propertiesSet)
});
this.eventTracker.trackNodeConfiguration(nodeType, propertiesSet, usedDefaults);
}
/**
* Track performance metrics for optimization
* Track performance metrics
*/
trackPerformanceMetric(operation: string, duration: number, metadata?: Record<string, any>): void {
if (!this.isEnabled()) return;
this.trackEvent('performance_metric', {
operation: operation.replace(/[^a-zA-Z0-9_-]/g, '_'),
duration,
isSlow: duration > 1000,
isVerySlow: duration > 5000,
metadata: metadata ? this.sanitizeProperties(metadata) : undefined
});
this.eventTracker.trackPerformanceMetric(operation, duration, metadata);
}
/**
* Categorize error types for better analysis
*/
private categorizeError(errorType: string): string {
const lowerError = errorType.toLowerCase();
if (lowerError.includes('type')) return 'type_error';
if (lowerError.includes('validation')) return 'validation_error';
if (lowerError.includes('required')) return 'required_field_error';
if (lowerError.includes('connection')) return 'connection_error';
if (lowerError.includes('expression')) return 'expression_error';
return 'other_error';
}
/**
* Categorize configuration complexity
*/
private categorizeConfigComplexity(propertiesSet: number): string {
if (propertiesSet === 0) return 'defaults_only';
if (propertiesSet <= 3) return 'simple';
if (propertiesSet <= 10) return 'moderate';
return 'complex';
}
/**
* Get package version safely
*/
private getPackageVersion(): string {
try {
// Try multiple approaches to find package.json
const possiblePaths = [
resolve(__dirname, '..', '..', 'package.json'),
resolve(process.cwd(), 'package.json'),
resolve(__dirname, '..', '..', '..', 'package.json')
];
for (const packagePath of possiblePaths) {
if (existsSync(packagePath)) {
const packageJson = JSON.parse(readFileSync(packagePath, 'utf-8'));
if (packageJson.version) {
return packageJson.version;
}
}
}
// Fallback: try require (works in some environments)
try {
const packageJson = require('../../package.json');
return packageJson.version || 'unknown';
} catch {
// Ignore require error
}
return 'unknown';
} catch (error) {
logger.debug('Failed to get package version:', error);
return 'unknown';
}
}
/**
* Execute Supabase operation with retry and timeout
*/
private async executeWithRetry<T>(
operation: () => Promise<T>,
operationName: string
): Promise<T | null> {
let lastError: Error | null = null;
for (let attempt = 1; attempt <= TELEMETRY_CONFIG.MAX_RETRIES; attempt++) {
try {
// Create a timeout promise
const timeoutPromise = new Promise<never>((_, reject) => {
setTimeout(() => reject(new Error('Operation timed out')), TELEMETRY_CONFIG.OPERATION_TIMEOUT);
});
// Race between operation and timeout
const result = await Promise.race([operation(), timeoutPromise]) as T;
return result;
} catch (error) {
lastError = error as Error;
logger.debug(`${operationName} attempt ${attempt} failed:`, error);
if (attempt < TELEMETRY_CONFIG.MAX_RETRIES) {
// Wait before retrying
await new Promise(resolve => setTimeout(resolve, TELEMETRY_CONFIG.RETRY_DELAY * attempt));
}
}
}
logger.debug(`${operationName} failed after ${TELEMETRY_CONFIG.MAX_RETRIES} attempts:`, lastError);
return null;
}
/**
* Flush queued events to Supabase
*/
async flush(): Promise<void> {
this.ensureInitialized();
if (!this.isEnabled() || !this.supabase) return;
// Flush events
if (this.eventQueue.length > 0) {
const events = [...this.eventQueue];
this.eventQueue = [];
this.performanceMonitor.startOperation('flush');
await this.executeWithRetry(async () => {
const { error } = await this.supabase!
.from('telemetry_events')
.insert(events); // No .select() - we don't need the response
// Get queued data from event tracker
const events = this.eventTracker.getEventQueue();
const workflows = this.eventTracker.getWorkflowQueue();
if (error) {
throw error;
}
// Clear queues immediately to prevent duplicate processing
this.eventTracker.clearEventQueue();
this.eventTracker.clearWorkflowQueue();
logger.debug(`Flushed ${events.length} telemetry events`);
return true;
}, 'Flush telemetry events');
}
// Flush workflows
if (this.workflowQueue.length > 0) {
this.isFlushingWorkflows = true;
try {
const workflows = [...this.workflowQueue];
this.workflowQueue = [];
const result = await this.executeWithRetry(async () => {
// Deduplicate workflows by hash before inserting
const uniqueWorkflows = workflows.reduce((acc, workflow) => {
if (!acc.some(w => w.workflow_hash === workflow.workflow_hash)) {
acc.push(workflow);
}
return acc;
}, [] as WorkflowTelemetry[]);
logger.debug(`Deduplicating workflows: ${workflows.length} -> ${uniqueWorkflows.length} unique`);
// Use insert (same as events) - duplicates are handled by deduplication above
const { error } = await this.supabase!
.from('telemetry_workflows')
.insert(uniqueWorkflows); // No .select() - we don't need the response
if (error) {
logger.debug('Detailed workflow flush error:', {
error: error,
workflowCount: workflows.length,
firstWorkflow: workflows[0] ? {
user_id: workflows[0].user_id,
workflow_hash: workflows[0].workflow_hash,
node_count: workflows[0].node_count
} : null
});
throw error;
}
logger.debug(`Flushed ${uniqueWorkflows.length} unique telemetry workflows (${workflows.length} total processed)`);
return true;
}, 'Flush telemetry workflows');
if (!result) {
logger.debug('Failed to flush workflows after retries');
}
} finally {
this.isFlushingWorkflows = false;
try {
// Use batch processor to flush
await this.batchProcessor.flush(events, workflows);
} catch (error) {
const telemetryError = error instanceof TelemetryError
? error
: new TelemetryError(
TelemetryErrorType.NETWORK_ERROR,
'Failed to flush telemetry',
{ error: String(error) },
true // Retryable
);
this.errorAggregator.record(telemetryError);
telemetryError.log();
} finally {
const duration = this.performanceMonitor.endOperation('flush');
if (duration > 100) {
logger.debug(`Telemetry flush took ${duration.toFixed(2)}ms`);
}
}
}
/**
* Start batch processor for periodic flushing
*/
private startBatchProcessor(): void {
// Flush periodically
this.flushTimer = setInterval(() => {
this.flush();
}, TELEMETRY_CONFIG.BATCH_FLUSH_INTERVAL);
// Prevent timer from keeping process alive
this.flushTimer.unref();
}
/**
* Check if telemetry is enabled
@@ -522,89 +256,12 @@ export class TelemetryManager {
return this.isInitialized && this.configManager.isEnabled();
}
/**
* Sanitize properties to remove sensitive data
*/
private sanitizeProperties(properties: Record<string, any>): Record<string, any> {
const sanitized: Record<string, any> = {};
for (const [key, value] of Object.entries(properties)) {
// Skip sensitive keys
if (this.isSensitiveKey(key)) {
continue;
}
// Sanitize values
if (typeof value === 'string') {
sanitized[key] = this.sanitizeString(value);
} else if (typeof value === 'object' && value !== null) {
sanitized[key] = this.sanitizeProperties(value);
} else {
sanitized[key] = value;
}
}
return sanitized;
}
/**
* Check if a key is sensitive
*/
private isSensitiveKey(key: string): boolean {
const sensitiveKeys = [
'password', 'token', 'key', 'secret', 'credential',
'auth', 'url', 'endpoint', 'host', 'database',
];
const lowerKey = key.toLowerCase();
return sensitiveKeys.some(sensitive => lowerKey.includes(sensitive));
}
/**
* Sanitize string values
*/
private sanitizeString(value: string): string {
// Remove URLs
let sanitized = value.replace(/https?:\/\/[^\s]+/gi, '[URL]');
// Remove potential API keys (long alphanumeric strings)
sanitized = sanitized.replace(/[a-zA-Z0-9_-]{32,}/g, '[KEY]');
// Remove email addresses
sanitized = sanitized.replace(/[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/g, '[EMAIL]');
return sanitized;
}
/**
* Sanitize error type
*/
private sanitizeErrorType(errorType: string): string {
// Remove any potential sensitive data from error type
return errorType
.replace(/[^a-zA-Z0-9_-]/g, '_')
.substring(0, 50);
}
/**
* Sanitize context
*/
private sanitizeContext(context: string): string {
// Remove any potential sensitive data from context
return context
.replace(/https?:\/\/[^\s]+/gi, '[URL]')
.replace(/[a-zA-Z0-9_-]{32,}/g, '[KEY]')
.substring(0, 100);
}
/**
* Disable telemetry
*/
disable(): void {
this.configManager.disable();
if (this.flushTimer) {
clearInterval(this.flushTimer);
}
this.batchProcessor.stop();
this.isInitialized = false;
this.supabase = null;
}
@@ -623,6 +280,29 @@ export class TelemetryManager {
getStatus(): string {
return this.configManager.getStatus();
}
/**
* Get comprehensive telemetry metrics
*/
getMetrics() {
return {
status: this.isEnabled() ? 'enabled' : 'disabled',
initialized: this.isInitialized,
tracking: this.eventTracker.getStats(),
processing: this.batchProcessor.getMetrics(),
errors: this.errorAggregator.getStats(),
performance: this.performanceMonitor.getDetailedReport(),
overhead: this.performanceMonitor.getTelemetryOverhead()
};
}
/**
* Reset singleton instance (for testing purposes)
*/
static resetInstance(): void {
TelemetryManager.instance = undefined as any;
(global as any).__telemetryManager = undefined;
}
}
// Create a global singleton to ensure only one instance across all imports