[#291] Apply simple sentry DNS to CSP in order to allow error reporting #292
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
placek
force-pushed
the
fix/291-dev-test-sentry-error-appears-in-conslelog
branch
from
056b410 to
5f33d20
Compare
3 tasks
adgud
approved these changes
Feb 26, 2024
MSzalowski
approved these changes
Feb 26, 2024
3 tasks
Updated CSP settings in Traefik configuration for beta, dev, staging, and test environments to include Sentry's domain without the ingest subdomain. This change permits Sentry error logging and reporting to function correctly without being blocked by the CSP. The adjustment ensures Sentry can capture and report runtime errors, facilitating better monitoring and debugging capabilities across our development, testing, and staging phases. - Modified CSP `connect-src` directive to set `o4506155985141760.ingest.sentry.io` replacing old Sentry sources. - Ensured that the updated settings adhere to our security policies by only allowing necessary and trusted sources. This update addresses the need for comprehensive error reporting through Sentry, enhancing our ability to quickly identify and resolve issues in our application's environments.
This commit introduces a significant update to the `.env.example` file within the `scripts/govtool` directory to enhance usability and prevent configuration mistakes. Key changes include: - Addition of Vim modeline at the beginning of the file (`# vim: set ft=bash`) to ensure that when editing the file with Vim, the correct filetype (bash) is automatically set. This facilitates syntax highlighting and other filetype-specific features, improving the editing experience. - Introduction of a conditional warning mechanism that activates when the environment is not set to 'dev'. This mechanism employs bash scripting to alert to users, especially those working in non-development environments, to proceed with caution and be aware of their current configuration context. The warning message explicitly states the current environment value, reinforcing the need for attentiveness. These enhancements are designed to minimize the risk of misconfiguration by providing clear, environment-specific warnings and improving file readability and editing support.
placek
force-pushed
the
fix/291-dev-test-sentry-error-appears-in-conslelog
branch
from
ffea978 to
f389129
Compare
placek
deleted the
fix/291-dev-test-sentry-error-appears-in-conslelog
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR successfully updated the Content Security Policy (CSP) settings across
beta,dev,staging, andtestenvironments in the Traefik configuration, ensuring Sentry's error reporting capabilities are fully functional without being blocked.By specifically adding Sentry's domain without the ingest subdomain to the CSP's connect-src directive, the changes enable comprehensive error logging and monitoring, thereby improving the application's debuggability and reliability across various deployment stages.