Open LonelyCpp opened 1 month ago
Hi @LonelyCpp,
thank you for the message,
the SENTRY_AUTH_TOKEN
is not read in combination with the flavorAware
which you are using.
In all other cases the SENTRY_AUTH_TOKEN
env is read in the sentry-cli
directly.
https://github.com/getsentry/sentry-cli/blob/2be24a428e5b8c1102e96919b512d431ba475a08/src/config.rs#L672
I also looks like is a bug to me.
Internal Note: (mention in release) This could be potentially breaking for users expecting the token from the sentry.properties
to be used.
perhaps the gradle script should allow null values to be sent for the key field.
This would make the cli reads from env and would not affect users who have the token in sentry.properties
- backward compatible!
@LonelyCpp Thank you, yes we should think about the sentry.properties
the same as flag of the sentry-cli
when value is missing we try to read it from the env.
any update on this?
Current behaviour
The android script only reads the auth token from
sentry.properties
However this file is usually checked into git, making the auth key vulnerable.https://github.com/getsentry/sentry-react-native/blob/7335e6ef8c0eb8aea2418e15feb770818bc4e587/sentry.gradle#L186
Error logs :
Expected
Android and iOS source upload scripts must respect the
SENTRY_AUTH_TOKEN
if presentThis enables us to keep the auth token as a secret in our CI environments.
note: it looks like iOS does read from the environment variable, but I couldn't confirm it in source code. It would be helpful if the maintainers could point out where this happens
related issue : https://github.com/getsentry/sentry-react-native/issues/1888 (But does not work)