Initial commit

WATonomous · Oct 30, 2023 · bb876b7 · bb876b7
commit bb876b7
Show file tree

Hide file tree

Showing 5 changed files with 132 additions and 0 deletions.
diff --git a/.github/workflows/push-image.yml b/.github/workflows/push-image.yml
@@ -0,0 +1,44 @@
+name: Create and publish Docker images
+
+on:
+  push:
+    branches:
+      - main
+
+env:
+  IMAGE_NAME: ${{ github.repository.name }}
+  IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
+  REGISTRY_USER: ${{ github.actor }}
+  REGISTRY_PASSWORD: ${{ github.token }}
+
+jobs:
+  build-and-push-image:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@40891eba8c2bcd1309b07ba8b11232f313e86779
+        with:
+          registry: ${{ env.IMAGE_REGISTRY }}
+          username: ${{ env.REGISTRY_USER }}
+          password: ${{ env.REGISTRY_PASSWORD }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@c4ee3adeed93b1fa6a762f209fb01608c1a22f1e
+        with:
+          images: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@91df6b874e498451163feb47610c87c4a218c1ee
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,8 @@
+FROM python:3.11.5-slim
+
+COPY . /app
+WORKDIR /app
+
+RUN pip install -r requirements.txt
+
+CMD ["python", "/app/app.py"]
diff --git a/README.md b/README.md
@@ -0,0 +1,25 @@
+# Sentry Tunnel
+
+This repo is derived from the [official example](https://github.com/getsentry/examples/tree/66da5f8c9559f64f1bfa57f8dd9b0731f75cd0e9/tunneling/python).
+
+```bash
+docker build -t sentry-tunnel .
+docker run --rm --name sentry-tunnel -e ALLOWED_SENTRY_HOSTS=o123123123.ingest.sentry.io -e ALLOWED_SENTRY_PROJECT_IDS=456456456 -e PORT=5001 -p 5001:5001 sentry-tunnel
+```
+
+Below is the original README:
+
+
+# Tunnel events through a Python Flask app
+
+This example shows how you can use [Flask](https://flask.palletsprojects.com) to proxy events to Sentry.
+
+The app always returns with status code `200`, even if the request to Sentry failed, to prevent brute force guessing of allowed configuration options.
+
+## To run this example:
+
+1. Install requirements (preferably in some [venv](https://docs.python.org/3/library/venv.html)):  
+  `pip install -r requirements.txt`
+2. Adjust `sentry_host` and `known_project_ids` in the `app.py` to your needs
+3. Run the app with e.g.: `flask run`
+4. Send sentry event to `http://localhost:5000/bugs`, e.g. via the test html mentioned at [examples/tunneling](../README.md)
diff --git a/app.py b/app.py
@@ -0,0 +1,51 @@
+import json
+import os
+import urllib
+
+import flask
+import requests
+from flask_cors import CORS
+import logging
+
+ALLOWED_SENTRY_HOSTS = [s.strip() for s in os.environ.get("ALLOWED_SENTRY_HOSTS", "").split(",")]
+ALLOWED_SENTRY_PROJECT_IDS = [s.strip() for s in os.environ.get("ALLOWED_SENTRY_PROJECT_IDS", "").split(",")]
+LOG_LEVEL = os.environ.get("LOG_LEVEL", "DEBUG")
+PORT = os.environ.get("PORT", 5000)
+HOST = os.environ.get("HOST", "0.0.0.0")
+
+logging.basicConfig(level=LOG_LEVEL)
+
+app = flask.Flask(__name__)
+CORS(app)
+
+
+@app.route("/tunnel", methods=["POST"])
+def tunnel():
+    try:
+        envelope = flask.request.data
+        piece = envelope.split(b"\n")[0].decode("utf-8")
+        header = json.loads(piece)
+        dsn = urllib.parse.urlparse(header.get("dsn"))
+
+        if dsn.hostname not in ALLOWED_SENTRY_HOSTS:
+            raise Exception(f"Invalid Sentry host: {dsn.hostname}")
+
+        project_id = dsn.path.strip("/")
+        if project_id not in ALLOWED_SENTRY_PROJECT_IDS:
+            raise Exception(f"Invalid Project ID: {project_id}")
+
+        logging.debug(f"Forwarding envelope to {dsn.hostname} for project {project_id}")
+        url = f"https://{dsn.hostname}/api/{project_id}/envelope/"
+
+        requests.post(url=url, data=envelope, headers={"Content-Type": "application/x-sentry-envelope"})
+    except Exception as e:
+        # handle exception in your preferred style,
+        # e.g. by logging or forwarding to Sentry
+        logging.exception(e)
+
+    return {}
+
+
+if __name__ == "__main__":
+    from waitress import serve
+    serve(app, host=HOST, port=PORT)
diff --git a/requirements.txt b/requirements.txt
@@ -0,0 +1,4 @@
+flask>=3.0.0
+flask-cors>=3.0.10
+requests>=2.26.0
+waitress>=2.1.2