Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Add accept_invalid_certs flag to HttpSource #1405

Merged
merged 5 commits into from
Mar 7, 2024
Merged

feat: Add accept_invalid_certs flag to HttpSource #1405

merged 5 commits into from
Mar 7, 2024

Conversation

loewenheim
Copy link
Contributor

Based on #1404.

This adds a flag to HttpSource (parsed as false by default, so backwards compatible) that allows downloading from the source even if its SSL certs can't be verified.

@loewenheim loewenheim requested a review from a team March 7, 2024 09:46
@loewenheim loewenheim self-assigned this Mar 7, 2024
@loewenheim loewenheim mentioned this pull request Mar 7, 2024
Closed
@Swatinem
Copy link
Member

Swatinem commented Mar 7, 2024

As another NOTE:

There is a toggle in the project settings UI specifically for this (on the very bottom):

Screenshot 2024-03-07 at 11-02-57 Project Settings - rust — Sentry

We noticed this back when we ported JS processing over, where we never implemented this. Noone has complained about this as a matter of fact. 🤷🏻‍♂️

Base automatically changed from no-ssl-client to master March 7, 2024 14:55
@loewenheim loewenheim merged commit 6bdd388 into master Mar 7, 2024
10 checks passed
@loewenheim loewenheim deleted the no-ssl-source branch March 7, 2024 15:23
@loewenheim loewenheim mentioned this pull request Mar 7, 2024
Merged
loewenheim added a commit to getsentry/sentry that referenced this pull request Mar 8, 2024
@loewenheim
ref: Mark NVIDIA source as accept_invalid_certs (#66509)
600febc 
This sets the `accept_invalid_certs` flag on the NVIDIA symbol source.
This flag was defined on the Symbolicator side in
getsentry/symbolicator#1405.

Background: we currently can't fetch symbols from the NVIDIA source
because we can't verify its SSL certificates. We've added the capacity
to skip SSL cert verification to Symbolicator, and this PR enables it
for the NVIDIA source.

The epic is tracked in
getsentry/symbolicator#1402.

This is intended as a stopgap until we manage to verify the certificates
one way or another.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Swatinem Swatinem Swatinem approved these changes

Assignees

@loewenheim loewenheim

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@loewenheim @Swatinem