From 0542ebf8aa6b955fb1b811e6007bca937b1992d2 Mon Sep 17 00:00:00 2001
From: mvdbeek <m.vandenbeek@gmail.com>
Date: Sun, 16 Apr 2023 22:56:40 +0200
Subject: [PATCH] Add ``ca_certs option`` for sentry client

---
 doc/source/admin/galaxy_options.rst                  | 12 ++++++++++++
 lib/galaxy/app.py                                    |  1 +
 lib/galaxy/config/sample/galaxy.yml.sample           |  5 +++++
 lib/galaxy/config/sample/tool_shed.yml.sample        |  5 +++++
 lib/galaxy/config/schemas/config_schema.yml          |  7 +++++++
 .../config/schemas/tool_shed_config_schema.yml       |  7 +++++++
 6 files changed, 37 insertions(+)

diff --git a/doc/source/admin/galaxy_options.rst b/doc/source/admin/galaxy_options.rst
index 88854ea2bff1..f2025891875c 100644
--- a/doc/source/admin/galaxy_options.rst
+++ b/doc/source/admin/galaxy_options.rst
@@ -2927,6 +2927,18 @@
 :Type: float
 
 
+~~~~~~~~~~~~~~~~~~~
+``sentry_ca_certs``
+~~~~~~~~~~~~~~~~~~~
+
+:Description:
+    Use this option to provide the path to location of the CA
+    (Certificate Authority) certificate file if the sentry server uses
+    a self-signed certificate.
+:Default: ``None``
+:Type: str
+
+
 ~~~~~~~~~~~~~~~
 ``statsd_host``
 ~~~~~~~~~~~~~~~
diff --git a/lib/galaxy/app.py b/lib/galaxy/app.py
index edea14e22c3c..b7c6a6266b2f 100644
--- a/lib/galaxy/app.py
+++ b/lib/galaxy/app.py
@@ -202,6 +202,7 @@ def configure_sentry_client(self):
                 release=f"{self.config.version_major}.{self.config.version_minor}",
                 integrations=[sentry_logging],
                 traces_sample_rate=self.config.sentry_traces_sample_rate,
+                ca_certs=self.config.sentry_ca_certs,
             )
 
 
diff --git a/lib/galaxy/config/sample/galaxy.yml.sample b/lib/galaxy/config/sample/galaxy.yml.sample
index 6cda0d4654bd..0189f3cebf5e 100644
--- a/lib/galaxy/config/sample/galaxy.yml.sample
+++ b/lib/galaxy/config/sample/galaxy.yml.sample
@@ -1675,6 +1675,11 @@ galaxy:
   # to Sentry. A value higher than 0 is required to analyze performance.
   #sentry_traces_sample_rate: 0.0
 
+  # Use this option to provide the path to location of the CA
+  # (Certificate Authority) certificate file if the sentry server uses a
+  # self-signed certificate.
+  #sentry_ca_certs: null
+
   # Log to statsd Statsd is an external statistics aggregator
   # (https://github.com/etsy/statsd) Enabling the following options will
   # cause galaxy to log request timing and other statistics to the
diff --git a/lib/galaxy/config/sample/tool_shed.yml.sample b/lib/galaxy/config/sample/tool_shed.yml.sample
index 6be4f308e56c..9744f777c9d5 100644
--- a/lib/galaxy/config/sample/tool_shed.yml.sample
+++ b/lib/galaxy/config/sample/tool_shed.yml.sample
@@ -316,6 +316,11 @@ tool_shed:
   # to Sentry. A value higher than 0 is required to analyze performance.
   #sentry_traces_sample_rate: 0.0
 
+  # Use this option to provide the path to location of the CA
+  # (Certificate Authority) certificate file if the sentry server uses a
+  # self-signed certificate.
+  #sentry_ca_certs: null
+
   # Galaxy Session Timeout This provides a timeout (in minutes) after
   # which a user will have to log back in. A duration of 0 disables this
   # feature.
diff --git a/lib/galaxy/config/schemas/config_schema.yml b/lib/galaxy/config/schemas/config_schema.yml
index 9bdb717ab851..fd962a1b5ad7 100644
--- a/lib/galaxy/config/schemas/config_schema.yml
+++ b/lib/galaxy/config/schemas/config_schema.yml
@@ -2117,6 +2117,13 @@ mapping:
           will have that percentage chance of being sent to Sentry. A value higher than 0
           is required to analyze performance.
 
+      sentry_ca_certs:
+        type: str
+        required: False
+        desc: |
+          Use this option to provide the path to location of the CA (Certificate Authority)
+          certificate file if the sentry server uses a self-signed certificate.
+
       statsd_host:
         type: str
         required: false
diff --git a/lib/galaxy/config/schemas/tool_shed_config_schema.yml b/lib/galaxy/config/schemas/tool_shed_config_schema.yml
index 7b2f5bcfc581..37612b580713 100644
--- a/lib/galaxy/config/schemas/tool_shed_config_schema.yml
+++ b/lib/galaxy/config/schemas/tool_shed_config_schema.yml
@@ -566,6 +566,13 @@ mapping:
           will have that percentage chance of being sent to Sentry. A value higher than 0
           is required to analyze performance.
 
+      sentry_ca_certs:
+        type: str
+        required: False
+        desc: |
+          Use this option to provide the path to location of the CA (Certificate Authority)
+          certificate file if the sentry server uses a self-signed certificate.
+
       session_duration:
         type: int
         default: 0