New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(relay): Add endpoint for registering trusted relay #82808

Open

iambriccardo wants to merge 9 commits into master from riccardo/feat/register-relay

+358 −1

Member

iambriccardo commented Jan 2, 2025 •

edited

Loading

This PR exposes a new endpoint for registering an external Relay to Sentry.

This endpoint can be authenticated exclusively with the organization auth token, since it's meant to be used in a cli environment.

Closes: https://github.com/getsentry/team-ingest/issues/275


          feat(relay): Add endpoint for registering trusted relay

aef1924

github-actions bot added the Scope: Backend label

vercel bot deployed to Preview

January 2, 2025 16:08

View deployment

codecov bot commented Jan 2, 2025 •

edited

Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #82808      +/-   ##
==========================================
+ Coverage   87.56%   87.57%   +0.01%     
==========================================
  Files        9469     9471       +2     
  Lines      536963   537109     +146     
  Branches    21119    21119              
==========================================
+ Hits       470182   470384     +202     
+ Misses      66422    66366      -56     
  Partials      359      359

Fix

725cff0

vercel bot deployed to Preview

January 3, 2025 11:07

View deployment

Fix

d2b059d

vercel bot deployed to Preview

January 3, 2025 13:03

View deployment

Fix

07f7f47

vercel bot deployed to Preview

January 3, 2025 13:31

View deployment

iambriccardo marked this pull request as ready for review

January 7, 2025 15:09

iambriccardo requested a review from a team as a code owner

January 7, 2025 15:09


          Add user auth token

b78f48b

vercel bot deployed to Preview

January 8, 2025 13:17

View deployment

markstory reviewed

View reviewed changes

src/sentry/api/endpoints/internal_register_trusted_relay.py Outdated Show resolved Hide resolved

src/sentry/api/endpoints/internal_register_trusted_relay.py Show resolved Hide resolved

Fix

79e2df4

vercel bot deployed to Preview

January 10, 2025 09:08

View deployment


          Add audit log entry

ea3afa8

vercel bot deployed to Preview

January 10, 2025 09:13

View deployment

iambriccardo added 2 commits

January 10, 2025 10:16


          Merge

30ad057

Fix

c5f949c

vercel bot deployed to Preview

January 10, 2025 09:26

View deployment

iambriccardo requested a review from markstory

January 10, 2025 09:34

markstory reviewed

View reviewed changes

src/sentry/api/endpoints/internal_register_trusted_relay.py

+                      serializer = TrustedRelaySerializer(data=request.data)
+                      if not serializer.is_valid():
+                          return Response({"detail": "Invalid request body"}, status=status.HTTP_400_BAD_REQUEST)

Member

markstory Jan 10, 2025

Are there any validation errors we could give to the user? Right now it would be hard to figure what field you made a mistake on.

src/sentry/api/endpoints/internal_register_trusted_relay.py

Comment on lines +43 to +50

+                      try:
+                          existing_option = OrganizationOption.objects.get(
+                              organization=organization, key=option_key
+                          )
+                          existing_relays = existing_option.value
+                      except OrganizationOption.DoesNotExist:
+                          existing_option = None
+                          existing_relays = []

Member

markstory Jan 10, 2025

You could also use OrganizationOption.objects.get_value(organization=organization, key=option_key, default=[]) to read the value without needing a try/except. You wouldn't be able to know if the option was new/existing though.

src/sentry/api/endpoints/internal_register_trusted_relay.py

Comment on lines +77 to +83

+                      if existing_option is not None:
+                          existing_option.value = existing_relays
+                          existing_option.save()
+                      else:
+                          OrganizationOption.objects.set_value(
+                              organization=organization, key=option_key, value=existing_relays
+                          )

Member

markstory Jan 10, 2025

OrganizationOption.objects.set_value() should take care of the insert/update paths for you.

src/sentry/api/endpoints/internal_register_trusted_relay.py



		@region_silo_endpoint
		class InternalRegisterTrustedRelayEndpoint(OrganizationEndpoint):

Member

markstory Jan 10, 2025

The default permissions from OrganizationEndpoint will allow manager role users to make changes, is that ok for this endpoint?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels