diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ff329dc07..c2658e802 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,7 +32,6 @@ jobs: workdir: 'auth0-cli' env: GITHUB_TOKEN: ${{ github.token }} - SENTRY_DSN: ${{ secrets.SENTRY_DSN }} # Homebrew Tap Process - name: Checkout Homebrew Tap Repo diff --git a/.goreleaser.yml b/.goreleaser.yml index 8540cbbd6..6e7dad18c 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -17,7 +17,6 @@ builds: - -X 'github.com/auth0/auth0-cli/internal/buildinfo.Revision={{.Commit}}' - -X 'github.com/auth0/auth0-cli/internal/buildinfo.BuildUser=goreleaser' - -X 'github.com/auth0/auth0-cli/internal/buildinfo.BuildDate={{.Date}}' - - -X 'github.com/auth0/auth0-cli/internal/instrumentation.SentryDSN={{.Env.SENTRY_DSN}}' archives: - name_template: '{{ .ProjectName }}_{{ .Version }}_{{ title .Os }}_{{ if eq .Arch "arm64" }}arm64{{ else }}x86_64{{ end }}' files: diff --git a/internal/instrumentation/instrumentation.go b/internal/instrumentation/instrumentation.go index 385ff91a4..dadec5e49 100644 --- a/internal/instrumentation/instrumentation.go +++ b/internal/instrumentation/instrumentation.go @@ -5,9 +5,17 @@ import ( "time" "github.com/getsentry/sentry-go" + + "github.com/auth0/auth0-cli/internal/buildinfo" ) -var SentryDSN string +// SentryDSN is the destination for crash reports. A Sentry DSN is a public, +// write-only key that is safe to ship inside client binaries, so we hardcode a +// default here. This ensures crash reporting works for builds that are not +// produced by our release pipeline (for example Homebrew Core, which builds +// from source and cannot inject build-time values). Release builds may still +// override this via ldflags. +var SentryDSN = "https://370df87d33df46cb90182dd80a50fdc4@o27592.ingest.sentry.io/5694458" // ReportException is designed to be called once as the CLI exits. We're // purposefully initializing a client all the time given this context. @@ -16,6 +24,15 @@ func ReportException(err error) bool { return false } + // Skip crash reporting for local/development builds so that dev-time panics + // and errors are not shipped to Sentry. Release pipelines (goreleaser and + // Homebrew Core) stamp a real semantic version via ldflags, whereas a local + // `make build`/`make install` stamps "dev" and a plain `go build` leaves it + // empty. + if buildinfo.Version == "" || buildinfo.Version == "dev" { + return false + } + if err := sentry.Init(sentry.ClientOptions{Dsn: SentryDSN}); err != nil { return false } diff --git a/internal/instrumentation/instrumentation_test.go b/internal/instrumentation/instrumentation_test.go new file mode 100644 index 000000000..044f0ebc3 --- /dev/null +++ b/internal/instrumentation/instrumentation_test.go @@ -0,0 +1,62 @@ +package instrumentation + +import ( + "errors" + "testing" + + "github.com/stretchr/testify/assert" + + "github.com/auth0/auth0-cli/internal/buildinfo" +) + +func TestReportException(t *testing.T) { + tests := []struct { + name string + sentryDSN string + version string + want bool + }{ + { + name: "skips when Sentry DSN is empty", + sentryDSN: "", + version: "1.32.0", + want: false, + }, + { + name: "skips for a plain go build with no version", + sentryDSN: "https://public@o0.ingest.sentry.io/0", + version: "", + want: false, + }, + { + name: "skips for a local dev build", + sentryDSN: "https://public@o0.ingest.sentry.io/0", + version: "dev", + want: false, + }, + { + name: "reports for a real release build", + sentryDSN: "https://public@o0.ingest.sentry.io/0", + version: "1.32.0", + want: true, + }, + } + + originalDSN := SentryDSN + originalVersion := buildinfo.Version + t.Cleanup(func() { + SentryDSN = originalDSN + buildinfo.Version = originalVersion + }) + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + SentryDSN = test.sentryDSN + buildinfo.Version = test.version + + got := ReportException(errors.New("boom")) + + assert.Equal(t, test.want, got) + }) + } +}