More e2e coverage

Author: solnic

spec/apps/rails-mini/Gemfile

@@ -4,6 +4,7 @@ source 'https://rubygems.org'
 
 gem "rake"
 gem "puma"
+gem "rack-cors"
 gem 'railties', '~> 8.0'
 gem 'actionpack', '~> 8.0'
 gem 'sentry-ruby', path: Pathname(__dir__).join("../../..").realpath

spec/apps/rails-mini/app.rb

@@ -7,6 +7,7 @@
 ENV["RAILS_ENV"] = "development"
 
 require "action_controller"
+require "rack/cors"
 
 class RailsMiniApp < Rails::Application
   config.hosts = nil
@@ -17,6 +18,18 @@ class RailsMiniApp < Rails::Application
   config.api_only = true
   config.force_ssl = false
 
+  # Add CORS middleware using Rack::Cors
+  config.middleware.insert_before 0, Rack::Cors do
+    allow do
+      origins '*'
+      resource '*',
+        headers: :any,
+        methods: :any,
+        expose: :any,
+        credentials: false
+    end
+  end
+
   initializer :configure_sentry do
     Sentry.init do |config|
       config.dsn = ENV["SENTRY_DSN"]
@@ -30,38 +43,29 @@ class RailsMiniApp < Rails::Application
       config.release = "sentry-ruby-rails-mini-#{Time.now.utc}"
 
       config.transport.transport_class = Sentry::DebugTransport
-      config.sdk_debug_transport_log_file = "/workspace/sentry/log/sentry_debug_events.log"
       config.background_worker_threads = 0
     end
   end
 end
 
 class ErrorController < ActionController::Base
-  before_action :set_cors_headers
-
   def error
+    # Let the exception bubble up so Sentry Rails integration captures it with proper context
     result = 1 / 0
     render json: { result: result }
   end
 
-  private
-
-  def set_cors_headers
-    response.headers['Access-Control-Allow-Origin'] = '*'
-    response.headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, DELETE, OPTIONS'
-    response.headers['Access-Control-Allow-Headers'] = 'Content-Type, Authorization, sentry-trace, baggage'
+  def options
+    head :ok
   end
 end
 
 class EventsController < ActionController::Base
-  before_action :set_cors_headers
-
   def health
     render json: {
       status: "ok",
       timestamp: Time.now.utc.iso8601,
-      sentry_initialized: Sentry.initialized?,
-      log_file_writable: check_log_file_writable
+      sentry_initialized: Sentry.initialized?
     }
   end
 
@@ -70,20 +74,8 @@ def trace_headers
     render json: { headers: headers }
   end
 
-  private
-
-  def check_log_file_writable
-    log_file_path = "/workspace/sentry/log/sentry_debug_events.log"
-    File.writable?(File.dirname(log_file_path)) &&
-      (!File.exist?(log_file_path) || File.writable?(log_file_path))
-  rescue
-    false
-  end
-
-  def set_cors_headers
-    response.headers['Access-Control-Allow-Origin'] = '*'
-    response.headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, DELETE, OPTIONS'
-    response.headers['Access-Control-Allow-Headers'] = 'Content-Type, Authorization, sentry-trace, baggage'
+  def options
+    head :ok
   end
 end
 
@@ -94,7 +86,12 @@ def set_cors_headers
   get '/error', to: 'error#error'
   get '/trace_headers', to: 'events#trace_headers'
 
-  # Add CORS headers for cross-origin requests from JS app
+  # Handle OPTIONS preflight requests explicitly
+  options '/health', to: 'events#options'
+  options '/error', to: 'error#options'
+  options '/trace_headers', to: 'events#options'
+
+  # Catch-all OPTIONS handler for any other paths
   match '*path', to: proc { |env|
     [200, {
       'Access-Control-Allow-Origin' => '*',

spec/apps/svelte-mini/package-lock.json

@@ -8,11 +8,11 @@
     "preview": "vite preview"
   },
   "devDependencies": {
-    "@sveltejs/vite-plugin-svelte": "^3.0.0",
-    "svelte": "^4.0.0",
-    "vite": "^5.0.0"
+    "@sveltejs/vite-plugin-svelte": "^3.1.0",
+    "svelte": "^4.2.0",
+    "vite": "^5.4.0"
   },
   "dependencies": {
-    "@sentry/svelte": "^7.0.0"
+    "@sentry/svelte": "^8.0.0"
   }
 }