kmlabz/sentry-onpremise
kmlabz/sentry-onpremise
Archived
2
0
Fork 0
Code Pull Requests Releases Activity

fix(relay): Fix failed to write credentials (#450)

Browse Source
This commit is contained in:
Burak Yigit Kaya 2020-04-27 20:54:59 +03:00 committed by GitHub
parent d31f46831e
commit ecccb211aa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 22 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docker-compose.yml
View File

@ -178,11 +178,11 @@ services:
relay:
<< : *restart_policy
image: "us.gcr.io/sentryio/relay:latest"
command: 'run --config /etc/relay'
volumes:
- type: bind
read_only: true
source: ./relay
target: /etc/relay
target: /work/.relay
depends_on:
- kafka
- redis

23
install.sh
View File

@ -64,7 +64,7 @@ if [ "$RAM_AVAILABLE_IN_DOCKER" -lt "$MIN_RAM" ]; then
exit 1
fi
#SSE4.2 required by Clickhouse (https://clickhouse.yandex/docs/en/operations/requirements/)
#SSE4.2 required by Clickhouse (https://clickhouse.yandex/docs/en/operations/requirements/)
SUPPORTS_SSE42=$(docker run --rm busybox grep -c sse4_2 /proc/cpuinfo || :);
if (($SUPPORTS_SSE42 == 0)); then
echo "FAIL: The CPU your machine is running on does not support the SSE 4.2 instruction set, which is required for one of the services Sentry uses (Clickhouse). See https://git.io/JvLDt for more info."
@ -178,9 +178,20 @@ if [ ! -f "$RELAY_CREDENTIALS_JSON" ]; then
echo ""
echo "Generating Relay credentials..."
$dcr --user $(id -u) relay --config /etc/relay credentials generate --overwrite
chmod a+r $RELAY_CREDENTIALS_JSON
# We need the ugly hack below as `relay generate credentials` tries to read the config and the credentials
# even with the `--stdout` and `--overwrite` flags and then errors out when the credentials file exists but
# not valid JSON.
$dcr --no-deps --entrypoint /bin/bash relay -c "cp /work/.relay/config.yml /tmp/config.yml && /bin/relay --config /tmp credentials generate > /dev/null && cat /tmp/credentials.json" > "$RELAY_CREDENTIALS_JSON"
CREDENTIALS=$(sed -n 's/^.*"public_key"[[:space:]]*:[[:space:]]*"\([a-zA-Z0-9_-]\{1,\}\)".*$/\1/p' "$RELAY_CREDENTIALS_JSON")
if [ -z "$CREDENTIALS" ]; then
>&2 echo "FAIL: Cannot read credentials back from $RELAY_CREDENTIALS_JSON."
>&2 echo " Please ensure this file is readable and contains valid credentials."
>&2 echo ""
exit 1
else
echo "Relay credentials written to $RELAY_CREDENTIALS_JSON"
fi
CREDENTIALS="SENTRY_RELAY_WHITELIST_PK = [\"$CREDENTIALS\"]"
if grep -xq SENTRY_RELAY_WHITELIST_PK "$SENTRY_CONFIG_PY"; then
@ -191,8 +202,10 @@ if [ ! -f "$RELAY_CREDENTIALS_JSON" ]; then
exit 1
fi
echo "" >> "$SENTRY_CONFIG_PY"
echo "$CREDENTIALS" >> "$SENTRY_CONFIG_PY"
echo "" >> "$SENTRY_CONFIG_PY"
echo "$CREDENTIALS" >> "$SENTRY_CONFIG_PY"
echo "Relay public key written to $SENTRY_CONFIG_PY"
echo ""
fi
cleanup

5
relay/config.yml
View File

@ -3,9 +3,8 @@ relay:
upstream: "http://web:9000/"
host: 0.0.0.0
port: 3000
#logging:
# # Available logging levels: TRACE, DEBUG, INFO, WARN, ERROR
# level: WARN
logging:
level: WARN
processing:
enabled: true
kafka_config: