-
-
Notifications
You must be signed in to change notification settings - Fork 325
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Read sentry token from environment variable (SENTRY_AUTH_TOKEN) #3795
Comments
Hi @LonelyCpp, In all other cases the I also looks like is a bug to me. |
Internal Note: (mention in release) This could be potentially breaking for users expecting the token from the |
perhaps the gradle script should allow null values to be sent for the key field. This would make the cli reads from env and would not affect users who have the token in |
@LonelyCpp Thank you, yes we should think about the |
any update on this? |
Current behaviour
The android script only reads the auth token from
sentry.properties
However this file is usually checked into git, making the auth key vulnerable.
sentry-react-native/sentry.gradle
Line 186 in 7335e6e
Error logs :
Expected
Android and iOS source upload scripts must respect the
SENTRY_AUTH_TOKEN
if presentThis enables us to keep the auth token as a secret in our CI environments.
note: it looks like iOS does read from the environment variable, but I couldn't confirm it in source code. It would be helpful if the maintainers could point out where this happens
related issue : #1888 (But does not work)
The text was updated successfully, but these errors were encountered: