feat: Add strict trace continuation support#1016
Merged
Conversation
solnic
previously requested changes
Mar 11, 2026
Collaborator
solnic
left a comment
solnic
left a comment
There was a problem hiding this comment.
This also requires a high level integration test.
Extract org_id from DSN host (e.g., o1234.ingest.sentry.io -> "1234") and propagate it as sentry-org_id in outgoing baggage headers. Validate incoming traces against the SDK's org_id to prevent cross-organization trace mixing. New configuration options: - :org_id - explicit org ID override for self-hosted/Relay setups - :strict_trace_continuation - when true, both org IDs must be present and match to continue a trace (default: false) Closes #1005 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
solnic
force-pushed
the
feat/strict-trace-continuation
branch
from
dc8798d to
85b0a4a
Compare
solnic
force-pushed
the
feat/strict-trace-continuation
branch
from
3b6f426 to
1a7a3ac
Compare
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 7691303. Configure here.
- Add `requireEnv()` helper in playwright.config.ts that throws when a required env var is missing to make configuration errors explicit - Use `??=` to set local dev defaults (localhost ports) before validation so `npx playwright test` works out of the box without env vars - Hoist PHOENIX_URL to file scope in tracing.spec.ts with an explicit throw, removing the per-describe fallback declarations - Replace the hardcoded 'http://localhost:4000' URL inside page.evaluate with the file-scoped PHOENIX_URL constant Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add three end-to-end Playwright specs covering the strict trace continuation feature: 1. Matching org_id in baggage → incoming trace_id is preserved 2. Mismatched org_id in baggage → new trace_id is started 3. No org_id in baggage with strict=false → incoming trace_id is preserved Supporting changes: - Pass SENTRY_ORG_ID=123 via the webServer command in playwright.config.ts so the Phoenix app starts with an org ID configured - Read SENTRY_ORG_ID and SENTRY_STRICT_TRACE env vars in phoenix_app/config/runtime.exs when SENTRY_E2E_TEST_MODE=true Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
… org_id Adds a 4th E2E spec covering the strict mode path where baggage carries no sentry-org_id: with strict_trace_continuation=true a new trace must be started rather than continuing the incoming one. To enable per-test config toggling without a second server, adds a PUT /sentry-test-config endpoint to the Phoenix app that calls Sentry.put_config/2 for an allowlist of keys. A test.afterEach hook resets strict_trace_continuation back to false after every test so the setting cannot bleed between specs. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…orkflow The strict trace continuation specs require the Phoenix app to have an org ID configured so that mismatched/missing org IDs in incoming baggage are correctly rejected. The webServer block in playwright.config.ts already passes SENTRY_ORG_ID=123, but when SENTRY_E2E_SERVERS_RUNNING=true that block is skipped and the server is started directly by CI - without the env var, causing all rejection-path specs to fail. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
… baggage When incoming baggage contains a sentry-org_id= entry with an empty value, extract_baggage_org_id/1 correctly returns nil (treating it as absent). However, ensure_org_id_in_baggage/1 then appended a second sentry-org_id=<sdk_value> entry, producing a duplicate key. A W3C baggage parser on a downstream service would pick up the first (empty) entry and ignore the valid one. Fix by stripping any empty-valued sentry-org_id entries before appending the SDK org ID, avoiding duplicate keys entirely. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
solnic
approved these changes
Apr 9, 2026
dingsdax
approved these changes
Apr 10, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
o1234.ingest.sentry.io→"1234") and propagate assentry-org_idin outgoing baggage headers:org_idconfig option for explicit override (self-hosted/Relay setups):strict_trace_continuationconfig option (defaultfalse) — when enabled, both org IDs must be present and matchDecision Matrix
Changes
lib/sentry/dsn.ex— org ID extraction from host using^o(\d+)\.regexlib/sentry/config.ex—:org_id,:strict_trace_continuationoptions +effective_org_id/0lib/sentry/opentelemetry/propagator.ex—sentry-org_idin baggage inject/extract +should_continue_trace?/1test/sentry/strict_trace_continuation_test.exs— DSN extraction, config, and full decision matrix tests (12 cases)Test plan
Closes #1005
🤖 Generated with Claude Code