[Deployment Issue] Sentry deprecated their Docker Hub Images ⚠️

[uhlhosting]

IMPORTANT: Please avoid posting issues that are not specific to CapRover. Issues and questions related to Docker will get closed.

If you are trying to see how to deploy a particular app using a customized dockerfile - please change your questions to Dockerfile and post it where appropriate such as StackOverflow. This is a Docker question, not a CapRover specific issue.

---

What is the problem?
The issue here is that the sentry team deprecated the sentry images from Docker Hub, they did not received updates over 2 years now, lot of security issues there, deprecated docker repositories should NOT be used.

The new repo they offer is https://hub.docker.com/u/getsentry and the sentry release is version 2x.x compared to the one here 9.x very far

See: https://develop.sentry.dev/self-hosted/
and: https://github.com/getsentry/self-hosted

If applicable, content of captain-definition file:

Steps to reproduce the problem:

Output of the following command on your server:

uname -a && lsb_release -a && free -h

[githubsaturn]

One click apps are community maintained. Please feel free to update.

[InceptionTime]

I would like to use the latest version here, not sure how to change this myself tho.

[nativeit]

I'm working on this now. One potential problem--the up-to-date Docker registry that is recommended seems to be using tags that match the merge commits related to their version. I do not see version numbers anywhere. For example, the latest release on their Github repo is 22.7.0, and in order to pull that version from Docker Hub, you would need to use the tag 3d345ab5e9df6364ac63e2a4e740e9f78dadf2d1 - Docker image.

Not only are there no tags for the version number, but since the Docker Hub repo is publishing their nightly builds, you have to go back 13 pages to find the tag that matches the latest release, which was published less than a week ago. So the release images are both non-intuitive to find and identify, and also get pushed off of the front page of tags within 24-hours of their publishing.

Does anyone have any suggestions for how to navigate the circumstances? The only thing I can think is to include details for finding the correct tag in the instructions, but that won't be something that can be explained in any concise or elegant manner. I can understand why Sentry would publish images tagged with build numbers and commit IDs for developers to use, but I'm not sure why they have chosen such a hostile approach for self-hosting users.

[nativeit]

Answer: The current implementation isn't hostile to self-hosted users because the official documentation for self-hosting involves downloading the source code of the current release, and then running an install.sh (you can see that script here, and view the 23 other scripts it sources in the installation folder here). The installation then goes through a frankly incredible amount of scripting effort to build the Docker images from source on the users' local machine before packaging it together with about a dozen other services into a Docker Compose specification and launching it.

This is because Sentry isn't one self-contained application, but rather a suite of services that all work together, and given that seems to be necessary for the proper function of the contemporary releases (and with the likely presumption that the older releases are vulnerable to exploits, as @uhlhosting indicated), I'm not sure there is a reasonable approach to packaging Sentry into a template suitable for use as a Caprover one-click-app.

tldr; I hate to say it, but I think we'd be better off simply removing Sentry from the Caprover app repo altogether.

[abhranil26]

try using https://glitchtip.com/ similar to sentry and already available as a oneclick app inside caprover.