Skip to content

WIP: iTunes Connect support for Debug Symbols #4574

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
mitsuhiko wants to merge 3 commits into from
Closed

WIP: iTunes Connect support for Debug Symbols #4574

mitsuhiko wants to merge 3 commits into from

Conversation

@mitsuhiko
Copy link
Contributor

@mitsuhiko mitsuhiko commented Nov 19, 2016
edited
Loading

We should decide what to do with this but for accounts without 2FA this can sign into ITC and we have enough methods available to poll for debug symbols there. Here is how this could work:

  • you can go to the project settings page and link sentry with an itunes connect account
  • there we can press a "sync" button and it shows you a list of all apps that exist and that the account has access to (similar to how travis does it)
  • you enable all the apps and platforms that you want to auto pull into that project

Then we regularly poll ITC for new symbols we have not seen yet. The archives can be uniquely identified by the tuple app_id, platform, version, build_id. We would have to store this somewhere. Additionally the itc client that exists could be cached in memcache which would save a ton of HTTP requests for as long as the session did not expire.

@dcramer @HazAT

@getsentry-bot
Copy link
Contributor

getsentry-bot commented Nov 19, 2016
edited
Loading

1 Error
🚫 You need to update CHANGES due to the size of this PR
1 Warning
⚠️ Changes require @getsentry/security sign-off

Security concerns found

  • src/sentry/lang/native/itc.py

Generated by 🚫 danger

@mitsuhiko
Copy link
Contributor Author

mitsuhiko commented Nov 19, 2016

Separately here the motivation: while the fastlane integration is pretty good, the issue that users will run into is that it takes apple quite some time to process the debug symbols and to make them available. Early feedback we got is that events come in before someone goes in and downloads the debug symbols. Generally also even with fastlane this is a major in pain and the situation is even worse for people that do not use fastlane.

With this we could take the pain away but it would require us to test this regularly since apple might change their portal.

@dcramer
Copy link
Member

dcramer commented Nov 20, 2016
edited
Loading

I'm not against doing this but:

  1. It needs some mocked HTTP response tests
  2. We need some automated way to do test this daily

We should probably also pull in part of the encryption patch before storing more passwords.

This was referenced Feb 20, 2017
Merged
Closed
@mitsuhiko
Copy link
Contributor Author

mitsuhiko commented Feb 20, 2017

We will put this into a plugin instead.

@mitsuhiko mitsuhiko closed this Feb 20, 2017
@HazAT
Copy link
Member

HazAT commented Feb 20, 2017

getsentry/sentry-plugins#135

@evanpurkhiser evanpurkhiser deleted the feature/itc branch August 16, 2018 22:20
@github-actions github-actions bot locked and limited conversation to collaborators Dec 21, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

@dcramer dcramer

@HazAT HazAT

Labels

Security

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@mitsuhiko @getsentry-bot @dcramer @HazAT