There are two things that are not clear for me - and maybe I do wrong:
I have all my configuration variables in my .env file so I can pull the latest from the sentry repository without overriding my config. But I get an exception in the internal Sentry bug tracker: Could not deserialize key data when I try to authenticate with GitHub. This is how my .env file looks like:
SENTRY_GITHUB_APP_ID=12345
SENTRY_GITHUB_APP_Name=Is this name even important?
SENTRY_GITHUB_APP_CLIENT_ID=Iv1.123412341234
SENTRY_GITHUB_APP_CLIENT_SECRET=123456789
SENTRY_GITHUB_APP_WEBHOOK_SECRET=1234567890
SENTRY_GITHUB_APP_PRIVATE_KEY=-----BEGIN RSA PRIVATE KEY-----\nMIIEorR\nMp6\n1dau3IJa68=\n…\n-----END RSA PRIVATE KEY-----
After deployment of the configuration I go to Sentry Integrations and click on install GitHub but this just opens a popup that redirects me to the GitHub market place. If I Install the app from the GitHub user interface I get an exception in Sentry internal bug tracker that this is basically not supported: github.deletion-missing-integration
There is no documentation about it - looks like they don’t like it if you host sentry on your own - but there is a forum post that helped me to fix Slack: How to configure Slack in your on-prem Sentry
I am following the same article but didn’t got any success in Event Subscriptions section.
Always shows Your request URL gave us a 500 error. Update your URL to receive a new request and challenge value.
@jwillmer The error Could not deserialize key data is definitely from github-app.private-key having the incorrect value.
Where do you see documentation about putting your Github app config in your .env file? When I try it, the value of SENTRY_GITHUB_APP_PRIVATE_KEY is not picked up where it is used in src/sentry/integrations/github/utils.py. But you shouldn’t need to configure this in your .env file. You can just edit the yaml file in your home directory: ~/.sentry/config.yml. Just make sure to use the multiline string as demonstrated in the section YML Tip. Hope this helps. If you have any more questions, please let me know
The documentation is crap. config.yml does not supply any properties for github-app.*. The properties are in sentry.conf.py. Except for github-app.name, that one is missing and I guess not needed - I added it anyhow.
The documentation also states that I can use \n to add my key in one line: "GITHUB_APP_SECRET" # Replace new lines with \n to preserve them. but this seems no to work because I get a Could not deserialize key data.
As I wrote in the topic. I’m not interested in putting my configuration in any file that comes with sentry. This breaks my upgrade experience. I like to supply all configuration details in my .env file and map it with docker. Sentry does allow this and has the necessary configuration but there is no example on how to format the private key. If someone knows how the private key needs to be formatted then please let me know.
We are not suggesting you to modify any built-in configuration coming with Sentry. If you look at our on-premise repo, you’d see that we provide a base template for these config files for you to override with your custom settings and bake these into the on-premise image on build time. This should not affect your upgrade experience.
If you insist on using environment variables, you’d still need to implement some custom logic in sentry.conf.py where you read the environment variable, replace a special character you define with newlines as you cannot have newlines in environment variables and then assign that to the actual config key.
In my sentry.conf.py I see a list of environment variables I can use. And there is a variable for the GitHub private key. So I was expecting some kind of transformation is already implemented. I just don’t know how I need to format my key to comply. As shown by @scefali there is a implementation that can deal with a key that is supplyed as one long string.
# For Docker, the following environment variables are supported:
# [...]
# SENTRY_GITHUB_APP_PRIVATE_KEY
# [...]
I just don’t know how I need to format my key to comply
@jwillmer I understand, it took me a few attempts to get it right myself. Did you try the approach I posted on Oct 9th? I posted how I got it to work in my sentry.conf.py.
# encoded
SENTRY_OPTIONS['github.integration-private-key'] = base64.b64decode(env('SENTRY_GITHUB_APP_PRIVATE_KEY'))
SENTRY_OPTIONS['github-app.private-key'] = SENTRY_OPTIONS['github.integration-private-key']
# and decoded and directly used
SENTRY_OPTIONS['github.integration-private-key'] = env('SENTRY_GITHUB_APP_PRIVATE_KEY')
SENTRY_OPTIONS['github-app.private-key'] = SENTRY_OPTIONS['github.integration-private-key']
I also printed the value to make sure that it works, the private key is 100% valid in both cases but it doesn’t work and i also get the error
Could not deserialize key data.
22. return jwt.encode(payload, github_private_key, algorithm=‘RS256’)
The only time it workes for me is when i hard code the private key value like what @ scefali said.
But it’s not something good hard coding the value.
It’s really hard to see how these components are connected!
sentry.conf.py is just a Python file that reads the value from the environment variable you set, using the env function there, it doesn’t do anything special. If you get that error, that means what you put in the environment variable is not correct. You can add a print statement after you set the value to try debugging it:
SENTRY_OPTIONS['github-app.private-key'] = env('SENTRY_GITHUB_APP_PRIVATE_KEY')
print("This is the GitHub App Private Key", "\n", SENTRY_OPTIONS['github-app.private-key'])
Thanks for the fast reply, I understand that.
The value is set and valid, i printed it as you said and i have a valid value but sentry is still throwing the excepting saying that it Could not deserialize key data.
