Skip to content

feat(chalice): Add span streaming support to Chalice integration#6503

Merged
ericapisani merged 12 commits into
masterfrom
py-2312-migrate-chalice
Jun 12, 2026
Merged

feat(chalice): Add span streaming support to Chalice integration#6503
ericapisani merged 12 commits into
masterfrom
py-2312-migrate-chalice

.

c6d2360
Select commit
Loading
Failed to load commit list.
@sentry/warden / warden completed Jun 12, 2026 in 12m 19s

3 issues

Medium

Streaming attribute-setting code in Chalice view wrapper not guarded by capture_internal_exceptions() - `sentry_sdk/integrations/chalice.py:83-109`

In _get_view_function_response's wrapped_view_function, the span-streaming setup block (the if has_span_streaming_enabled(...) branch, lines 81–110) runs outside capture_internal_exceptions(), which only wraps the configured_time and scope.add_event_processor calls (lines 71–78). Any SDK-internal exception raised while building header attributes (_filter_headers), accessing current_span._segment, or calling segment.set_attributes(attributes) will propagate out of the wrapped view function and crash the user's Chalice request. The else branch's scope.set_transaction_name(...) (line 130) is likewise unprotected; in the pre-change code the transaction-name setup was inside capture_internal_exceptions(). For example, if request_dict.get('headers', {}) returns None (key present with a None value), _filter_headers(headers, ...).items() raises AttributeError with no SDK guard to suppress it.

Low

Streaming path with no existing segment is untested - `tests/integrations/chalice/test_chalice.py:176`

The new tests only cover the case where a pre-existing StreamedSpan segment is present, leaving the segment = None branch of the streaming path in chalice.py uncovered — including the separate client.flush() call that only fires in that branch. There is no test for span streaming enabled with no parent Lambda segment.

Also found at:

  • sentry_sdk/integrations/chalice.py:14
  • sentry_sdk/integrations/chalice.py:83-128
ChaliceViewError raised in streaming path leaves segment status as 'ok' - `tests/integrations/chalice/test_chalice.py:231-261`

In the span-streaming branch of _get_view_function_response, the exception handler re-raises any ChaliceViewError before setting segment.status = SpanStatus.ERROR.value. ChaliceViewError is the base class for all explicit Chalice HTTP error responses, including 5xx variants like InternalServerError. When such an error is raised and an active segment exists (owned by the AWS Lambda integration), the segment is reported with status='ok' even though the request resulted in a server error. The accompanying test (test_span_streaming_existing_span_error) only exercises a plain Exception, which does take the status-setting path, so this branch is untested.

4 skills analyzed
Skill Findings Duration Cost
security-review 0 3.9s $0.02
code-review 1 4m 49s $0.95
find-bugs 2 11m 10s $2.07
skill-scanner 0 7.1s $0.02

⏱ 16m 10s · 1.4M in / 101.4k out · $3.05