Merge pull request #167 from getsentry/feat/improve-config

feat: Improve configuration to be less Docker-specific
2019-04-26 09:47:48 -07:00
parent d876a6c902 82aa12b886
commit 0b1843047a
1 changed files with 70 additions and 35 deletions
--- a/sentry.conf.py
+++ b/sentry.conf.py
@@ -29,17 +29,31 @@
 #  SENTRY_MAILGUN_API_KEY
 #  SENTRY_SINGLE_ORGANIZATION
 #  SENTRY_SECRET_KEY
 #  (slack integration)
 #  SLACK_CLIENT_ID
 #  SLACK_CLIENT_SECRET
 #  SLACK_VERIFICATION_TOKEN
 #  (github plugin, sso)
 #  GITHUB_APP_ID
 #  GITHUB_API_SECRET
 #  (github integration)
 #  GITHUB_APP_ID
 #  GITHUB_CLIENT_ID
 #  GITHUB_CLIENT_SECRET
 #  GITHUB_WEBHOOK_SECRET
 #  GITHUB_PRIVATE_KEY
 #  (azure devops integration)
 #  VSTS_CLIENT_ID
 #  VSTS_CLIENT_SECRET
 #  (bitbucket plugin)
 #  BITBUCKET_CONSUMER_KEY
 #  BITBUCKET_CONSUMER_SECRET
 from sentry.conf.server import *  # NOQA
 from sentry.utils.types import Bool, Int
 import os
 import os.path
 import six
 CONF_ROOT = os.path.dirname(__file__)
@@ -250,46 +264,61 @@ SENTRY_WEB_OPTIONS = {
    # 'workers': 3,  # the number of web workers
 }
 ###############
 # Mail Server #
 ###############
-email = env('SENTRY_EMAIL_HOST') or (env('SMTP_PORT_25_TCP_ADDR') and 'smtp')
+##########
-if email:
+# Docker #
-    SENTRY_OPTIONS['mail.backend'] = 'smtp'
+##########
    SENTRY_OPTIONS['mail.host'] = email
    SENTRY_OPTIONS['mail.password'] = env('SENTRY_EMAIL_PASSWORD') or ''
    SENTRY_OPTIONS['mail.username'] = env('SENTRY_EMAIL_USER') or ''
    SENTRY_OPTIONS['mail.port'] = int(env('SENTRY_EMAIL_PORT') or 25)
    SENTRY_OPTIONS['mail.use-tls'] = env('SENTRY_EMAIL_USE_TLS', False)
 else:
    SENTRY_OPTIONS['mail.backend'] = 'dummy'
-# The email address to send on behalf of
+# Docker's environment configuration needs to happen
-SENTRY_OPTIONS['mail.from'] = env('SENTRY_SERVER_EMAIL') or 'root@localhost'
+# prior to anything that might rely on these values to
 # enable more "smart" configuration.
-# If you're using mailgun for inbound mail, set your API key and configure a
+ENV_CONFIG_MAPPING = {
-# route to forward to /api/hooks/mailgun/inbound/
+    'SENTRY_EMAIL_PASSWORD': 'mail.password',
-SENTRY_OPTIONS['mail.mailgun-api-key'] = env('SENTRY_MAILGUN_API_KEY') or ''
+    'SENTRY_EMAIL_USER': 'mail.username',
    'SENTRY_EMAIL_PORT': ('mail.port', Int),
    'SENTRY_EMAIL_USE_TLS': ('mail.use-tls', Bool),
    'SENTRY_EMAIL_HOST': 'mail.host',
    'SENTRY_SERVER_EMAIL': 'mail.from',
    'SENTRY_ENABLE_EMAIL_REPLIES': 'mail.enable-replies',
    'SENTRY_SMTP_HOSTNAME': 'mail.reply-hostname',
    'SENTRY_SECRET_KEY': 'system.secret-key',
-# If you specify a MAILGUN_API_KEY, you definitely want EMAIL_REPLIES
+    # If you're using mailgun for inbound mail, set your API key and configure a
-if SENTRY_OPTIONS['mail.mailgun-api-key']:
+    # route to forward to /api/hooks/mailgun/inbound/
-    SENTRY_OPTIONS['mail.enable-replies'] = True
+    'SENTRY_MAILGUN_API_KEY': 'mail.mailgun-api-key',
 else:
    SENTRY_OPTIONS['mail.enable-replies'] = env('SENTRY_ENABLE_EMAIL_REPLIES', False)
-if SENTRY_OPTIONS['mail.enable-replies']:
+    'SLACK_CLIENT_ID': 'slack.client-id',
-    SENTRY_OPTIONS['mail.reply-hostname'] = env('SENTRY_SMTP_HOSTNAME') or ''
+    'SLACK_CLIENT_SECRET': 'slack.client-secret',
    'SLACK_VERIFICATION_TOKEN': 'slack.verification-token',
-#####################
+    'GITHUB_APP_ID': 'github-app.id',
-# SLACK INTEGRATION #
+    'GITHUB_CLIENT_ID': 'github-app.client-id',
-#####################
+    'GITHUB_CLIENT_SECRET': 'github-app.client-secret',
-slack = env('SLACK_CLIENT_ID') and env('SLACK_CLIENT_SECRET')
+    'GITHUB_WEBHOOK_SECRET': 'github-app.webhook-secret',
-if slack:
+    'GITHUB_PRIVATE_KEY': 'github-app.private-key',
-    SENTRY_OPTIONS['slack.client-id'] = env('SLACK_CLIENT_ID')
+
-    SENTRY_OPTIONS['slack.client-secret'] = env('SLACK_CLIENT_SECRET')
+    'VSTS_CLIENT_ID': 'vsts.client-id',
-    SENTRY_OPTIONS['slack.verification-token'] = env('SLACK_VERIFICATION_TOKEN') or ''
+    'VSTS_CLIENT_SECRET': 'vsts.client-secret',
 }
 def bind_env_config(config=SENTRY_OPTIONS, mapping=ENV_CONFIG_MAPPING):
    """
    Automatically bind SENTRY_OPTIONS from a set of environment variables.
    """
    for env_var, item in six.iteritems(mapping):
        try:
            value = os.environ[env_var]
        except KeyError:
            continue
        if isinstance(item, tuple):
            opt_key, type_ = item
            value = type_(value)
        else:
            opt_key = item
        config[opt_key] = value
 # If this value ever becomes compromised, it's important to regenerate your
 # SENTRY_SECRET_KEY. Changing this value will result in all current sessions
@@ -306,7 +335,13 @@ if 'SENTRY_RUNNING_UWSGI' not in os.environ and len(secret_key) < 32:
    print('!!     Regenerate with `generate-secret-key`.       !!')
    print('!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!')
-SENTRY_OPTIONS['system.secret-key'] = secret_key
+# Grab the easy configuration first - these are all fixed
 # key=value with no logic behind them
 bind_env_config()
 # If you specify a MAILGUN_API_KEY, you definitely want EMAIL_REPLIES
 if SENTRY_OPTIONS.get('mail.mailgun-api-key'):
    SENTRY_OPTIONS.setdefault('mail.enable-replies', True)
 if 'GITHUB_APP_ID' in os.environ:
    GITHUB_EXTENDED_PERMISSIONS = ['repo']
@@ -315,4 +350,4 @@ if 'GITHUB_APP_ID' in os.environ:
 if 'BITBUCKET_CONSUMER_KEY' in os.environ:
    BITBUCKET_CONSUMER_KEY = env('BITBUCKET_CONSUMER_KEY')
-    BITBUCKET_CONSUMER_SECRET = env('BITBUCKET_CONSUMER_SECRET')
+    BITBUCKET_CONSUMER_SECRET = env('BITBUCKET_CONSUMER_SECRET')