derwasp
commented
3 months ago It seems like this app was developed by your partner and it seems like the production deployment is misconfigured since at the very least Februrary.
Whenever the redirect is sent, the client ID is not set in the URL and hence the authentication flow can't proceed. In the version that akava developed, they have the client ID hardcoded in code, this ID is different from the app that Sentry owns, and it seems like the environment variables just set it to undefined for whatever reason.
Environment
What version are you running? Etc.
Steps to Reproduce
See here: https://github.com/getsentry/sentry/issues/64566
Expected Result
The app is listed in the official docs here: https://docs.github.com/en/actions/deployment/protecting-deployments/configuring-custom-deployment-protection-rules#using-existing-custom-deployment-protection-rules
I expect that this means that the app works
Actual Result
There's no way of getting the app running. We were told that Detect Bad Releases replaces this functionality, but I can't see how does that work if there's no alternative app for it.
See the original ticket here: https://github.com/getsentry/sentry/issues/64566