Unsure about Github Enterprise new app configurations

Hi All,

I’m following directions on GitHub | Sentry Documentation for configuring creating a new Github Enterprise - Github app, but the directions are unclear about a few options.

I don’t see any guidance in Sentry docs on enabling/disabling the following options:

  • Expire user authorization tokens
  • Request user authorization (OAuth) during installation
  • Redirect on update

I found the on premise guide which gives a bit more information but leaves out the questions I was wondering about above.

It should be the same with the exception that you need to set this config option to point to your GHE instance (github-login.base-domain):

I am having the same issue

16:38:18 [INFO] sentry.superuser: superuser.request (url='https://sentry.aud-opr.augmented.globant.com/extensions/github-enterprise/setup/?code=e3dc4e60eab63b002662&state=8f8e14b23fac4cbab298667513366177' method='GET' ip_address='10.240.96.80' user_id=1)
/usr/local/lib/python3.6/site-packages/urllib3/connectionpool.py:847: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning)
/usr/local/lib/python3.6/site-packages/sentry/integrations/github_enterprise/integration.py:330: ResourceWarning: unclosed <socket.socket fd=12, family=AddressFamily.AF_INET, type=2049, proto=6, laddr=('100.64.39.222', 42190), raddr=('10.54.2.160', 443)>
user = get_user_info(installation_data["url"], identity["access_token"])
Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/django/core/handlers/exception.py", line 41, in inner
response = get_response(request)
File "/usr/local/lib/python3.6/site-packages/django/core/handlers/base.py", line 249, in _legacy_get_response
response = self._get_response(request)
File "/usr/local/lib/python3.6/site-packages/django/core/handlers/base.py", line 187, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/usr/local/lib/python3.6/site-packages/django/core/handlers/base.py", line 185, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/local/lib/python3.6/site-packages/sentry_sdk/integrations/django/views.py", line 67, in sentry_wrapped_callback
return callback(request, *args, **kwargs)
File "/usr/local/lib/python3.6/site-packages/django/views/generic/base.py", line 68, in view
return self.dispatch(request, *args, **kwargs)
File "/usr/local/lib/python3.6/site-packages/django/views/decorators/csrf.py", line 58, in wrapped_view
return view_func(*args, **kwargs)
File "/usr/local/lib/python3.6/site-packages/sentry/web/frontend/base.py", line 221, in dispatch
return self.handle(request, *args, **kwargs)
File "/usr/local/lib/python3.6/site-packages/sentry/web/decorators.py", line 59, in wrapped
return func(request, *args, **kwargs)
File "/usr/local/lib/python3.6/site-packages/sentry/web/frontend/pipeline_advancer.py", line 53, in handle
return pipeline.current_step()
File "/usr/local/lib/python3.6/site-packages/sentry/pipeline/__init__.py", line 232, in current_step
return step.dispatch(request=self.request, pipeline=self)
File "/usr/local/lib/python3.6/site-packages/sentry/pipeline/__init__.py", line 107, in dispatch
return nested_pipeline.current_step()
File "/usr/local/lib/python3.6/site-packages/sentry/pipeline/__init__.py", line 232, in current_step
return step.dispatch(request=self.request, pipeline=self)
File "/usr/local/lib/python3.6/site-packages/django/views/decorators/csrf.py", line 58, in wrapped_view
return view_func(*args, **kwargs)
File "/usr/local/lib/python3.6/site-packages/sentry/identity/oauth2.py", line 235, in dispatch
return pipeline.next_step()
File "/usr/local/lib/python3.6/site-packages/sentry/pipeline/__init__.py", line 260, in next_step
return self.current_step()
File "/usr/local/lib/python3.6/site-packages/sentry/pipeline/__init__.py", line 232, in current_step
return step.dispatch(request=self.request, pipeline=self)
File "/usr/local/lib/python3.6/site-packages/sentry/identity/oauth2.py", line 336, in dispatch
return pipeline.next_step()
File "/usr/local/lib/python3.6/site-packages/sentry/pipeline/__init__.py", line 260, in next_step
return self.current_step()
File "/usr/local/lib/python3.6/site-packages/sentry/pipeline/__init__.py", line 224, in current_step
return self.finish_pipeline()
File "/usr/local/lib/python3.6/site-packages/sentry/pipeline/__init__.py", line 89, in finish_pipeline
return self.parent_pipeline.next_step()
File "/usr/local/lib/python3.6/site-packages/sentry/pipeline/__init__.py", line 260, in next_step
return self.current_step()
File "/usr/local/lib/python3.6/site-packages/sentry/pipeline/__init__.py", line 224, in current_step
return self.finish_pipeline()
File "/usr/local/lib/python3.6/site-packages/sentry/integrations/pipeline.py", line 37, in finish_pipeline
data = self.provider.build_integration(self.state.data)
File "/usr/local/lib/python3.6/site-packages/sentry/integrations/github_enterprise/integration.py", line 332, in build_integration
installation_data, identity["access_token"], state["installation_id"]
File "/usr/local/lib/python3.6/site-packages/sentry/integrations/github_enterprise/integration.py", line 317, in get_installation_info
resp.raise_for_status()
File "/usr/local/lib/python3.6/site-packages/requests/models.py", line 940, in raise_for_status
raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 400 Client Error: Bad Request for url: https://github.corp.globant.com/api/v3/user/installations?access_token=c502036b3f4560647c7ce5ca1b72adde50726298
16:38:19 [ERROR] django.request: Internal Server Error: /extensions/github-enterprise/setup/ (status_code=500 request=<WSGIRequest: GET '/extensions/github-enterprise/setup/?code=e3dc4e60eab63b002662&state=8f8e14b23fac4cbab298667513366177'>)
100.64.4.218 - - [28/May/2021:16:38:18 +0000] "GET /extensions/github-enterprise/setup/?code=e3dc4e60eab63b002662&state=8f8e14b23fac4cbab298667513366177 HTTP/1.0" 500 7787 "https://github.corp.globant.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36"
172.29.8.219 - - [28/May/2021:16:38:24 +0000] "GET /_health/ HTTP/1.1" 200 200 "-" "kube-probe/1.17+"

telling

indicating the request Apps - GitHub Docs

are inverted the integration

This is 404 representation

// 20210528114742
// https://github.corp.globant.com/api/v3/user/installations?access_token=077c8a84fe1dc4adb0eedf29d4f5480a120ab729

{
“message”: “Must specify access token via Authorization header”,
“documentation_url”: “https://docs.github.com/enterprise/3.0/v3/#oauth2-token-sent-in-a-header
}

Looks like you are using an old version of Sentry which uses the old way of authenticating with GitHub. You need to upgrade your instance.

I used from 21.3 to 21.5 and also SaaS, all the same issue

and it’s reported at github.com Can't connect Github to Sentry · Issue #25258 · getsentry/sentry · GitHub

on GHE 2 works but GHE 3 does not
Its rare the usage of GHE 2 on sentry using github actions. Many people uses GHE 3 with Actions and sentry actions, but plop with sentry

https://sentry.aud-opr.augmented.globant.com/share/issue/c9ed4fb34db14323934b711036af89e9/

Please accept this Adding Authorization-header for installations-request by itssimple · Pull Request #26281 · getsentry/sentry · GitHub

Ah sorry, I thought this was resolved for all GitHub integrations but turns out we missed GHE. The patch will be out soon, thanks for the detective work!