Centralized sentry credentials

Hello,

We have around 10 micro services and perhaps more in couple of months.
We want to centralized all sentry credentials in one microservice which will act as a sentry proxy for all applications. Client apps will not store credentials and will only use a specific url on the proxy. The proxy will be on charge to forward the request to sentryi.io

I made a poc using a basic nginx proxy, but planning to rewrite in GO.

Do you have any tips that will help us to build this proxy ? For example the dsn url in the sentry client requires a format as ttps://key:password@… but we want just to specify an host and a uri like ttps://sentry-proxy:9523:my-app1

Regards,
Fatih

You won’t be able to change the requirements of what Sentry expects, so if you’re trying to proxy it it comes down to rewriting the headers and sending inputs to the right outputs.

You’d probably be better off just having something that provisions each microservice with a DSN (and project if needed) and gives them to them via a configuration service.

Hi Zeeg,

Thanks for your reply. Sorry for the late response (just come back from vacation).

Currently i was to able to find a temporary solution :

In nginx we have a proxy defined as follow :

server {
listen 8083;
server_name sentry;

location /api/webapp/store {
   resolver 8.8.8.8;

  proxy_pass https://sentry.io/api/999999/store;
  proxy_set_header X-Sentry-Auth "Sentry sentry_version=6,sentry_client=$http_user_agent,sentry_key=xxxx,sentry_secret=yyyy";
}

}

and in our java app we have a config as follow : -Dsentry.dsn=http://none:none@sentry:8083/webapp

:confounded: i know it is dirty and looking for a better solution. The mandatory creds (none:none) this is what bothers me in the sentry client api.