Skip to content

fix(deploy): route sentry tunnel through worker before static assets#48

Merged
gelbh merged 1 commit into
mainfrom
fix/sentry-tunnel-worker-first
Jul 13, 2026
Merged

fix(deploy): route sentry tunnel through worker before static assets#48
gelbh merged 1 commit into
mainfrom
fix/sentry-tunnel-worker-first

Conversation

@gelbh

@gelbh gelbh commented Jul 13, 2026

Copy link
Copy Markdown
Owner

Summary

  • Add /api/sentry-tunnel to run_worker_first so POST requests hit the Worker handler (fixes 405 from the static asset layer).
  • Add third Cloudflare Web Analytics inline script hash to CSP.

Context

Production POST /api/sentry-tunnel returned 405 because only /assets/* ran the Worker first; the SPA asset handler rejected POST.

Test plan

  • Worker tunnel unit tests pass
  • Merge and deploy worker
  • curl -X POST https://jetlag.gelbhart.dev/api/sentry-tunnel returns 400 (invalid envelope), not 405
  • /premium console: no CSP inline-script violation for the new hash; Sentry uses tunnel successfully

Summary by CodeRabbit

  • Bug Fixes

    • Sentry tunnel POST requests are now routed to the Worker correctly instead of being treated as static assets.
    • Updated the Content Security Policy to allow an approved script required by the application.
  • Documentation

    • Updated release notes to document the Sentry tunnel routing fix.

@coderabbitai

coderabbitai Bot commented Jul 13, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 66736d1f-56b4-4b6f-93f9-844b4a71bded

📥 Commits

Reviewing files that changed from the base of the PR and between 2824d39 and 66e381d.

📒 Files selected for processing (4)
  • CHANGELOG.md
  • public/_headers
  • src/domain/device/changelog.ts
  • wrangler.toml

Walkthrough

The Worker is configured to handle Sentry tunnel requests before static assets. The CSP allows an additional script hash, and the 0.5.12 changelogs document the Sentry routing fix.

Changes

Sentry routing and release updates

Layer / File(s) Summary
Route Sentry tunnel requests to the Worker
wrangler.toml, CHANGELOG.md, src/domain/device/changelog.ts
Adds /api/sentry-tunnel to run_worker_first and records the routing fix in both changelogs.
Allow the additional script hash
public/_headers
Adds a SHA-256 hash to the CSP script-src directive.

Estimated code review effort: 2 (Simple) | ~10 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly summarizes the main change: routing the Sentry tunnel through the Worker before static assets.
Description check ✅ Passed The description matches the template with a clear Summary and Test plan and includes relevant context for the fix.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/sentry-tunnel-worker-first

Comment @coderabbitai help to get the list of available commands.

@gelbh gelbh merged commit 1c068ab into main Jul 13, 2026
7 checks passed
@gelbh gelbh deleted the fix/sentry-tunnel-worker-first branch July 13, 2026 11:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant