23.12.0

Various fixes & improvements

• test(backup): Use --no-prompt for backup tests (#2618) by @azaslavsky

23.11.2

Security Fix

• SSRF in symbolicator

23.11.1

Important changes

License change

This is self-hosted's first release under the new FSL license. Please take a minute to familiarize yourself with it.

Increased minimum RAM requirements

Some users have been reported memory troubles in certain scenarios, so we bumped the minimum RAM requirements for self-hosted to 16GB going forward.

New sentry-admin.sh interface

We've added a new tool at the top of the repository, sentry-admin.sh, which makes it a bit easier to interact with the command line administration functions, which live inside of the web container. While these have always been accessible via the long command line incantation docker compose run --rm -T -e SENTRY_LOG_LEVEL=CRITICAL web <MY_ADMIN_COMMAND_HERE>, using the new shell script makes them this a bit cleaner: ./sentry-admin.sh <MY_ADMIN_COMMAND_HERE>. The help documentation has also been improved, and is a bit easier to access: ./sentry-admin.sh --help and ./sentry-admin.sh <SOME_ADMIN_COMMAND> --help should both work as expected.

Profile transaction association bug fix

Associating profiles and transactions was broken at the time of the 23.11.0 release. This feature should now be working again.

Included changes

• feat: Add sentry-admin.sh tool (#2594) by @azaslavsky
• Patch for dev self-hosted environments (#2592) by @hubertdeng123
• Relicense under FSL-1.0-Apache-2.0 (#2586) by @chadwhitacre
• Bump minimum ram usage (#2585) by @hubertdeng123

23.11.0

Important Changes

• Sessions infrastructure has been deprecated. Release health now runs on the metrics backend
• Discord integration is now live!
• ProjectUserDetailsEndpoint has been deleted.

Various fixes & improvements

• feat: provide a toggle to enable discord integration (#2548) by @aldy505
• ref: fix a typo (#2556) by @asottile-sentry
• ref: use git branch --show-current instead of sed (#2550) by @asottile-sentry
• Remove sessions infra (#2514) by @hubertdeng123
• Upgrade Clickhouse to 21.8 (#2536) by @hubertdeng123
• [Snyk] Security upgrade debian from bullseye-slim to bookworm-20231009-slim (#2511) by @Indigi-managed
• snuba: Remove deprecated CLI arg (#2515) by @lynnagara

23.10.1

Important

This patch fixes an issue on the projects page stats were not being fetched properly.

Various fixes & improvements

• Revert "feat: upgrade to zookeeper-less kafka (#2445)" (#2500) by @hubertdeng123
• Add fast revert GH workflow (#2499) by @hubertdeng123
• build(deps): bump actions/checkout from 3 to 4 (#2493) by @dependabot
• configure dependabot (#2491) by @mdtro
• deps: bump nginx to 1.25.2 (#2490) by @mdtro
• feat: upgrade to zookeeper-less kafka (#2445) by @joshuarli
• Update outdated install option in README (#2440) by @hubertdeng123

23.10.0

Further backup and restore improvements

Building off of the revamped backup and restore script introduced in 23.9.1, this release further improves the script in a couple of ways.

23.10.0 adds the --encrypt_with option on all sentry export ... methods, and the corresponding --decrypt_with option on all sentry import ... methods. Unsurprisingly, these methods can be used to encrypt and decrypt JSON backups. The --encrypt_with option takes a path to a file containing a public 2048-bit RSA key. An export encrypted in this manner generates a tarball instead of a JSON file, which can be decrypted when passed to a sentry import ... call with a path to the matching private key supplied to the --decrypt_with option.

In addition to the already supported User, Organization, and Global export scopes, a new scope has been added in this release: Config. This scope is used for exporting all data related to globally configuring and administering a Sentry instance, including global options, relay configurations, and administrator accounts, privileges, and roles.

Various fixes & improvements

• Switch geoipupdate image to ghcr.io (#2442) by @hkraal
• Add system.url-prefix to config for visibility (#2426) by @hubertdeng123
• Remove CSPMiddleware since it is enabled by default in the upstream sentry (#2434) by @oioki
• Update nginx.conf (#2455) by @mwarkentin
• Update Redis container image to 6.2.13 (#2432) by @mencarellic

23.9.1

TL;DR: There is a new backup/restore interface in 23.9.1, but this is incompatible with backup JSON generated by prior versions. Therefore, before upgrading to this version, we recommend doing a full-volume docker backup in lieu of the backup/restore scripts as described here.

We’ve made a couple of significant changes in this release.

Migration to Metrics Backend

The metrics and generic-metrics backend have been enabled for self-hosted. This has been enabled on SaaS for a while now, and we’re happy to bring this feature to self-hosted customers. Many of our new features are now being built on this new backend, and it’ll be much more powerful as time goes on.

As of 23.9.1, release health sessions will now be writing to the metrics backend. In a few months, we will cutover completely to the metrics backend and remove the existing sessions infrastructure. We expect users to be able to smoothly upgrade after staying on this version of self-hosted for the amount of time specified by their SENTRY_EVENT_RETENTION_DAYS.

Improved Backup/Restore

The backup/restore scripts have been completely overhauled. The old scripts were under-tested and bug-prone, making it unlikely that data exported by them could be successfully restored on another instance. We’ve made some major changes to both the content of the exported JSON, and the interfaces that produce and consume it.

What’s Stayed the Same

You can still export all of the core, low-volume models of your Sentry instance for migration and data-processing purposes using the backup.sh script, and re-import them into another (clean!) database using the restore.sh script. Full-volume “snapshot” backups should still be done by taking a full docker backup of all sentry- prefixed volumes, as described in our docs.

What’s Changed

The format of the backup JSON has changed slightly, making it incompatible with older versions. Because of this, we strongly encourage users to do a full-volume docker backup before migrating. Going forward, the format will only be guaranteed up to the next major version. For instance, exports on self-hosted version 23.9._ will be importable on 23.9._ or 23.10._, but no higher).

Restores are now non-destructive of data by default: whereas previous restores assumed a clean database, or otherwise updated colliding data in place, new restores are strictly INSERT-only. In cases where INSERTing new data is not possible, like for global singleton options, existing values are re-used. The --overwrite_configs flag on the sentry import CLI command is provided to permit overwriting this singleton config data if the importing user so desires.

There is now a new, more powerful interface for creating more granular imports/exports. This interface can be accessed by using the export and import commands of sentry CLI tool in your docker-compose instance. Exports are no longer filtered by model, which was brittle and often left out necessary dependencies, making restoring from exports filtered in this way impossible. Instead, exports are grouped into coherent buckets of related content, called “scopes”. There are now three such export “scopes”:

• User: exports data associated with Sentry users only, like their emails, permissions, and login credentials. Exports in this scope can be filtered by username. Exports in this scope can be created using the sentry export users ... CLI command.
• Organization: exports data owned by a set of Sentry organizations, and the users that are members of that set. Exports in this scope can be filtered by organization slug. Exports in this scope can be created using the sentry export organizations ... CLI command.
• Global: exports all exportable data. Exports in this scope can be created using the sentry export global ... CLI command. This is equivalent to running backup.sh.

So, for example, to export the users alice and bob for use on another Sentry instance, one might invoke the CLI command docker compose run -v $(pwd)/sentry:/sentry-data/backup --rm -T -e web export users /sentry-data/backup/some_users.json --filter_usernames “alice,bob”.

All of the above CLI commands have companion sentry import variants for imported and filtering in data from a backup generated by sentry export.

Future releases will add more scopes to this interface, and will expand the set of models included for export.

Various other fixes & improvements

• fix: e2e test jq bug (#2410) by @azaslavsky
• feat(backup): Support new backup script (#2407) by @azaslavsky
• Decrease frequency of e2e tests (#2383) by @hubertdeng123
• Reduce logs coming from clickhouse (#2382) by @hubertdeng123
• Increase frequency of e2e test runs (#2375) by @hubertdeng123
• Remove nginx content-disposition hack for safari (#2381) by @hubertdeng123
• Attempt to fix integration test flakiness (#2372) by @hubertdeng123
• change health check for kafka service (#2371) by @johnatannvmd
• Add metrics and generic metrics backend (#2355) by @hubertdeng123
• Bump self-hosted e2e action commit sha (#2369) by @hubertdeng123

23.8.0

New

• Issue platform is now added to self-hosted, meaning performance issues are now live!

Various fixes & improvements

• Add issue platform infra (#2309) by @hubertdeng123

23.7.2

Important

Picks up a security fix here: getsentry/sentry#53850

Various fixes & improvements

• Ignore fixture-custom-ca-roots service in integration test (#2321) by @hubertdeng123
• Update GeoIpUpdate to v6.0.0 (#2287) by @victorelec14
• Bump healthcheck timeout (#2300) by @hubertdeng123

23.7.1

Important Changes

• A database migration corrupting bug, #2281, in 23.7.0 has been fixed. Users are encouraged to use 23.7.1 instead of 23.7.0 before performing any database migrations.

Various fixes & improvements

• Resolve Safari Content-Disposition header bug (#2297) by @azaslavsky
• feat: vroom cleanup script that respects default retention days (#2211) by @aldy505