From 8fbab1f87c97095976d63ebb5ff4454c9a9b0a91 Mon Sep 17 00:00:00 2001
From: Jade Ellis <jade@ellis.link>
Date: Tue, 27 Aug 2024 18:51:11 +0100
Subject: [PATCH] Factor out Sentry URLs and set Sentry environment

---
 packages/website/.env                | 6 ++++++
 packages/website/.gitignore          | 5 +++--
 packages/website/csp.js              | 4 +---
 packages/website/package.json        | 1 +
 packages/website/src/hooks.client.ts | 3 ++-
 packages/website/src/hooks.server.ts | 5 +++--
 packages/website/svelte.config.js    | 3 ++-
 pnpm-lock.yaml                       | 3 +++
 8 files changed, 21 insertions(+), 9 deletions(-)
 create mode 100644 packages/website/.env

diff --git a/packages/website/.env b/packages/website/.env
new file mode 100644
index 00000000..f849835d
--- /dev/null
+++ b/packages/website/.env
@@ -0,0 +1,6 @@
+# This is committed to git
+# DO NOT STORE SECRETS IN THIS FILE
+# use .env.local for secrets
+
+SENTRY_DSN = "https://d006c73cc53783930a1521a68ae1c312@o4507835405369344.ingest.de.sentry.io/4507835410481232"
+SENTRY_REPORT_URL = "https://o4507835405369344.ingest.de.sentry.io/api/4507835410481232/security/?sentry_key=d006c73cc53783930a1521a68ae1c312"
diff --git a/packages/website/.gitignore b/packages/website/.gitignore
index 4c65629d..a4cf6442 100644
--- a/packages/website/.gitignore
+++ b/packages/website/.gitignore
@@ -3,8 +3,9 @@ node_modules
 /build
 /.svelte-kit
 /package
-.env
-.env.*
+.env.sentry-build-plugin
+.env.local
+.env.*.local
 !.env.example
 .vercel
 .output
diff --git a/packages/website/csp.js b/packages/website/csp.js
index f48ee7e7..72992fa4 100644
--- a/packages/website/csp.js
+++ b/packages/website/csp.js
@@ -56,11 +56,9 @@ const cspDirectives = {
     // remove report-to & report-uri if you do not want to use Sentry reporting
     'report-to': ["'csp-endpoint'"],
     'report-uri': [
-        'https://o4507835405369344.ingest.de.sentry.io/api/4507835410481232/security/?sentry_key=d006c73cc53783930a1521a68ae1c312',
+        process.env.SENTRY_REPORT_URL,
     ],
 };
 
-// Report-To: {"group":"csp-endpoint","max_age":10886400,"endpoints":[{"url":"https://o4507835405369344.ingest.de.sentry.io/api/4507835410481232/security/?sentry_key=d006c73cc53783930a1521a68ae1c312"}],"include_subdomains":true}
-
 
 export default cspDirectives;
\ No newline at end of file
diff --git a/packages/website/package.json b/packages/website/package.json
index c4fffe1e..ef368fca 100644
--- a/packages/website/package.json
+++ b/packages/website/package.json
@@ -22,6 +22,7 @@
     "@types/node": "^20.16.1",
     "@types/polka": "^0.5.7",
     "@types/sharedworker": "^0.0.115",
+    "dotenv": "^16.4.5",
     "esbuild": "^0.23.1",
     "github-slugger": "^2.0.0",
     "glob": "^10.4.5",
diff --git a/packages/website/src/hooks.client.ts b/packages/website/src/hooks.client.ts
index a032924c..b3ee2bbf 100644
--- a/packages/website/src/hooks.client.ts
+++ b/packages/website/src/hooks.client.ts
@@ -1,7 +1,8 @@
 import { init as initSentry, handleErrorWithSentry, makeBrowserOfflineTransport, makeFetchTransport } from '@sentry/sveltekit';
 
 initSentry({
-    dsn: 'https://d006c73cc53783930a1521a68ae1c312@o4507835405369344.ingest.de.sentry.io/4507835410481232',
+    dsn: import.meta.env.SENTRY_DSN,
+    environment: import.meta.env.MODE,
     tracesSampleRate: 1.0,
 
     // This sets the sample rate to be 10%. You may want this to be 100% while
diff --git a/packages/website/src/hooks.server.ts b/packages/website/src/hooks.server.ts
index 0f17886f..64fbe371 100644
--- a/packages/website/src/hooks.server.ts
+++ b/packages/website/src/hooks.server.ts
@@ -4,7 +4,8 @@ import type { Handle } from "@sveltejs/kit";
 import { randomBytes } from 'crypto';
 
 initSentry({
-    dsn: "https://d006c73cc53783930a1521a68ae1c312@o4507835405369344.ingest.de.sentry.io/4507835410481232",
+    dsn: import.meta.env.SENTRY_DSN,
+    environment: import.meta.env.MODE,
     tracesSampleRate: 1
 })
 
@@ -20,7 +21,7 @@ const securityHeaders = {
     'Cross-Origin-Opener-Policy': 'same-origin',
     'Cross-Origin-Resource-Policy': 'same-origin',
 
-    'Report-To': '{"group":"csp-endpoint","max_age":10886400,"endpoints":[{"url":"https://o4507835405369344.ingest.de.sentry.io/api/4507835410481232/security/?sentry_key=d006c73cc53783930a1521a68ae1c312"}],"include_subdomains":true}',
+    'Report-To': '{"group":"csp-endpoint","max_age":10886400,"endpoints":[{"url":"' + import.meta.env.SENTRY_REPORT_URL + '"}],"include_subdomains":true}',
 }
 
 export const handle: Handle = async (input) => {
diff --git a/packages/website/svelte.config.js b/packages/website/svelte.config.js
index d0ed89d4..271c0a3e 100644
--- a/packages/website/svelte.config.js
+++ b/packages/website/svelte.config.js
@@ -1,8 +1,9 @@
+import "dotenv/config";
 import { mdsvex } from "mdsvex";
 import mdsvexConfig from "./mdsvex.config.js";
 import adapter from "@sveltejs/adapter-node";
 import { vitePreprocess } from "@sveltejs/vite-plugin-svelte";
-import htmlMinifierAdaptor from "sveltekit-html-minifier";
+// import htmlMinifierAdaptor from "sveltekit-html-minifier";
 
 import cspDirectives from "./csp.js";
 /** @type {import('@sveltejs/kit').Config} */
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 47a0a7c4..0fbd8fba 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -216,6 +216,9 @@ importers:
       '@types/sharedworker':
         specifier: ^0.0.115
         version: 0.0.115
+      dotenv:
+        specifier: ^16.4.5
+        version: 16.4.5
       esbuild:
         specifier: ^0.23.1
         version: 0.23.1