Skip to content

feat: TLS config option availability using the client options #1168

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
ssi-anik wants to merge 6 commits into
base: master
Choose a base branch
from
Open

feat: TLS config option availability using the client options #1168

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
651d3fa
tls config option now available via the client options
ssi-anik Jan 12, 2026
d129b2d
if TlsConfig already specifies CaCerts then the other option gets ign…
ssi-anik Jan 18, 2026
fe5d6da
mutation of the tlsconfig fix
ssi-anik Jan 20, 2026
6200606
mutation of user provided tls config issue fixed
ssi-anik Jan 20, 2026
807efad
TLS config lint issue fix
ssi-anik Jan 20, 2026
a2fa698
moved tls config from transport.go to utils.go
ssi-anik Jan 20, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions client.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package sentry

import (
"context"
"crypto/tls"
"crypto/x509"
"fmt"
"io"
Expand Down Expand Up @@ -229,6 +230,8 @@ type ClientOptions struct {
// This will default to the HTTPS_PROXY environment variable.
// HTTPS_PROXY takes precedence over HTTP_PROXY for https requests.
HTTPSProxy string
// An optional tls config.
TLSConfig *tls.Config
// An optional set of SSL certificates to use.
CaCerts *x509.CertPool
// MaxErrorDepth is the maximum number of errors reported in a chain of errors.
Expand Down
13 changes: 0 additions & 13 deletions transport.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ package sentry
import (
"bytes"
"context"
"crypto/tls"
"encoding/json"
"errors"
"fmt"
Expand Down Expand Up @@ -60,18 +59,6 @@ func getProxyConfig(options ClientOptions) func(*http.Request) (*url.URL, error)
return http.ProxyFromEnvironment
}

func getTLSConfig(options ClientOptions) *tls.Config {
if options.CaCerts != nil {
// #nosec G402 -- We should be using `MinVersion: tls.VersionTLS12`,
// but we don't want to break peoples code without the major bump.
return &tls.Config{
RootCAs: options.CaCerts,
}
}

return nil
}

func getRequestBodyFromEvent(event *Event) []byte {
body, err := json.Marshal(event)
if err == nil {
Expand Down
22 changes: 22 additions & 0 deletions util.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package sentry

import (
"crypto/tls"
"encoding/json"
"fmt"
"os"
Expand Down Expand Up @@ -109,3 +110,24 @@ func revisionFromBuildInfo(info *debug.BuildInfo) string {
func Pointer[T any](v T) *T {
return &v
}

func getTLSConfig(options ClientOptions) *tls.Config {
if options.TLSConfig == nil && options.CaCerts == nil {
return nil
}

var tlsConfig *tls.Config
if options.TLSConfig != nil {
tlsConfig = options.TLSConfig.Clone()
} else {
// #nosec G402 -- We should be using `MinVersion: tls.VersionTLS12`,
// but we don't want to break peoples code without the major bump.
tlsConfig = &tls.Config{}
}

if tlsConfig.RootCAs == nil && options.CaCerts != nil {
tlsConfig.RootCAs = options.CaCerts
}

return tlsConfig
}
Loading