Helm chart config.configYml failing to accept valid YAML

Yinabled · January 26, 2021, 7:08am

In sentry-kubernetes v6.0.0, config.configYml was updated to take in YAML instead of the original config format. However, it seems like valid YAML still results in YAML parsing errors within sentry-web, as follows: in "/etc/sentry/config.yml", line 1, column 1 expected <block end>, but found '-'.

For context, we’re using Terraform to provision our Sentry deployment. Both of the following YAML values for config.configYml fail when pushed to prod:

set {
    name  = "config.configYml"
    value = "{slack.client-id: ${var.sentry_config.slack_client_id}, slack.client-secret: ${var.sentry_config.slack_client_secret}, slack.verification-token: ${var.sentry_config.slack_verification_token}	, github-app.id: ${var.sentry_config.github_app_id}, github-app.name: ${var.sentry_config.github_app_name}, github-app.webhook-secret: ${var.sentry_config.github_app_webhook_secret}, github-app.private-key: ${replace(var.sentry_config.github_app_private_key, "/\n/", "\\n")}, github-app.client-id: ${var.sentry_config.github_app_client_id}, github-app.client-secret: ${var.sentry_config.github_app_client_secret}}"
  }

as well as

  set {
    name  = "config.configYml"
    value = <<-EOT
--- 
slack.client-id: "${var.sentry_config.slack_client_id}"	
slack.client-secret: "${var.sentry_config.slack_client_secret}"	
slack.verification-token: "${var.sentry_config.slack_verification_token}"	
github-app.id: ${var.sentry_config.github_app_id}	
github-app.name: "${var.sentry_config.github_app_name}"	
github-app.webhook-secret: "${var.sentry_config.github_app_webhook_secret}"	
github-app.private-key: "${replace(var.sentry_config.github_app_private_key, "/\n/", "\\n")}"	
github-app.client-id: "${var.sentry_config.github_app_client_id}"	
github-app.client-secret: "${var.sentry_config.github_app_client_secret}"	
    EOT
  }

Any ideas on what might be going wrong with our YAML, or if there exists some kind of alternative that can still be provisioned via the helm chart values.yaml?

BYK · January 26, 2021, 8:01pm

Without seeing the generated YAML file it is hard to speculate. I can tell the firs version you share is invalid though, as you need double quotes around key names.

Yinabled · January 27, 2021, 8:09pm

Thanks @BYK - good catch. I quoted the key names but am still running into the same issue. Here’s the generated /etc/sentry/config.yml (sensitive values redacted):

system.secret-key: "REDACTED"
postprocess.use-cache-key: 1.0

# This URL will be used to tell Symbolicator where to obtain the Sentry source.
# See https://getsentry.github.io/symbolicator/api/
system.internal-url-prefix: 'http://sentry-web:9000'
symbolicator.enabled: false

################
#    Redis     #
################
redis.clusters:
  default:
    hosts:
      0:
        host: "sentry-sentry-redis-master"
        port: 6379
        password: ""

################
# File storage #
################
# Uploaded media uses these `filestore` settings. The available
# backends are either `filesystem` or `s3`.
filestore.backend: "filesystem"
filestore.options:
  location: "/var/lib/sentry/files"

- '"slack.client-id": REDACTED'
- ' "slack.client-secret": REDACTED'
- ' "slack.verification-token": REDACTED'
- ' "github-app.id": REDACTED'
- ' "github-app.name": REDACTED'
- ' "github-app.webhook-secret": REDACTED'
- ' "github-app.private-key": n-----BEGIN RSA PRIVATE KEY-----REDACTED-----END
  RSA PRIVATE KEY-----n'
- ' "github-app.client-id": REDACTED'
- ' "github-app.client-secret": REDACTED'

BYK · January 27, 2021, 9:04pm

Yinabled:

- '"slack.client-id": REDACTED'
- ' "slack.client-secret": REDACTED'
- ' "slack.verification-token": REDACTED'
- ' "github-app.id": REDACTED'
- ' "github-app.name": REDACTED'
- ' "github-app.webhook-secret": REDACTED'
- ' "github-app.private-key": n-----BEGIN RSA PRIVATE KEY-----REDACTED-----END
  RSA PRIVATE KEY-----n'
- ' "github-app.client-id": REDACTED'
- ' "github-app.client-secret": REDACTED'

This part here seems completely incorrectly formatted. You can use https://yaml-online-parser.appspot.com/ to check your YAML files.

Yinabled · January 27, 2021, 9:24pm

Right, exactly - so it seems there’s something wrong with the YAML parser which parses YAML from the config.configYml value into the values in config.yml. Namely, it seems like the attempt to make config.configYml accept actual YAML is leading to this issue: Updating Sentry config.yaml to support actual yaml. by DandyDeveloper · Pull Request #186 · sentry-kubernetes/charts · GitHub

Thoughts on some way to resolve this issue without directly modifying /etc/sentry/config.yml? Having to go in and manually configure the file would defeat the purpose of using Helm in the first place.

BYK · January 27, 2021, 9:37pm

@Yinabled, why don’t you try filing an issue on that repo and see how the developers would respond?

This is not something we wrote or support so we cannot really help you with that.