Updates

rbro112 · rbro112 · commit c5561d328943 · 2025-10-28T17:44:02.000-07:00
diff --git a/src/sentry/preprod/analytics.py b/src/sentry/preprod/analytics.py
@@ -22,27 +22,27 @@ class PreprodArtifactApiAssembleGenericEvent(analytics.Event):
     project_id: int
 
 
-@analytics.eventclass("preprod_artifact.api.size_analysis_download")
-class PreprodArtifactApiSizeAnalysisDownloadEvent(analytics.Event):
+@analytics.eventclass("preprod_artifact.api.get_build_details")
+class PreprodArtifactApiGetBuildDetailsEvent(analytics.Event):
     organization_id: int
     project_id: int
     user_id: int | None = None
     artifact_id: str
 
 
-@analytics.eventclass("preprod_artifact.api.get_build_details")
-class PreprodArtifactApiGetBuildDetailsEvent(analytics.Event):
+@analytics.eventclass("preprod_artifact.api.list_builds")
+class PreprodArtifactApiListBuildsEvent(analytics.Event):
     organization_id: int
     project_id: int
     user_id: int | None = None
-    artifact_id: str
 
 
-@analytics.eventclass("preprod_artifact.api.list_builds")
-class PreprodArtifactApiListBuildsEvent(analytics.Event):
+@analytics.eventclass("preprod_artifact.api.install_details")
+class PreprodArtifactApiInstallDetailsEvent(analytics.Event):
     organization_id: int
     project_id: int
     user_id: int | None = None
+    artifact_id: str
 
 
 @analytics.eventclass("preprod_artifact.api.admin_rerun_analysis")
@@ -77,6 +77,23 @@ class PreprodArtifactApiDeleteEvent(analytics.Event):
     artifact_id: str
 
 
+@analytics.eventclass("preprod_artifact.api.image")
+class PreprodArtifactApiImageEvent(analytics.Event):
+    organization_id: int
+    project_id: int
+    user_id: int | None = None
+    image_id: str
+
+
+# Size analysis
+@analytics.eventclass("preprod_artifact.api.size_analysis_download")
+class PreprodArtifactApiSizeAnalysisDownloadEvent(analytics.Event):
+    organization_id: int
+    project_id: int
+    user_id: int | None = None
+    artifact_id: str
+
+
 @analytics.eventclass("preprod_artifact.api.size_analysis_compare.get")
 class PreprodArtifactApiSizeAnalysisCompareGetEvent(analytics.Event):
     organization_id: int
@@ -95,14 +112,6 @@ class PreprodArtifactApiSizeAnalysisComparePostEvent(analytics.Event):
     base_artifact_id: str
 
 
-@analytics.eventclass("preprod_artifact.api.install_details")
-class PreprodArtifactApiInstallDetailsEvent(analytics.Event):
-    organization_id: int
-    project_id: int
-    user_id: int | None = None
-    artifact_id: str
-
-
 @analytics.eventclass("preprod_artifact.api.size_analysis_compare_download")
 class PreprodArtifactApiSizeAnalysisCompareDownloadEvent(analytics.Event):
     organization_id: int
@@ -146,6 +155,7 @@ class PreprodApiPrPageCommentsEvent(analytics.Event):
 analytics.register(PreprodArtifactApiAdminGetInfoEvent)
 analytics.register(PreprodArtifactApiAdminBatchDeleteEvent)
 analytics.register(PreprodArtifactApiDeleteEvent)
+analytics.register(PreprodArtifactApiImageEvent)
 # Size analysis
 analytics.register(PreprodArtifactApiSizeAnalysisDownloadEvent)
 analytics.register(PreprodArtifactApiSizeAnalysisCompareGetEvent)
diff --git a/src/sentry/preprod/api/endpoints/project_preprod_artifact_image.py b/src/sentry/preprod/api/endpoints/project_preprod_artifact_image.py
@@ -4,23 +4,22 @@
 
 from django.http import HttpResponse
 from rest_framework.request import Request
+from rest_framework.response import Response
 
+from sentry import analytics
 from sentry.api.api_owners import ApiOwner
 from sentry.api.api_publish_status import ApiPublishStatus
 from sentry.api.base import region_silo_endpoint
 from sentry.api.bases.project import ProjectEndpoint
 from sentry.models.project import Project
 from sentry.objectstore import preprod
 from sentry.objectstore.service import ClientError
+from sentry.preprod.analytics import PreprodArtifactApiImageEvent
 
 logger = logging.getLogger(__name__)
 
 
 def detect_image_content_type(image_data: bytes) -> str:
-    """
-    Detect the content type of an image from its magic bytes.
-    Returns the appropriate MIME type or a default if unknown.
-    """
     if not image_data:
         return "application/octet-stream"
 
@@ -67,7 +66,17 @@ def get(
         request: Request,
         project: Project,
         image_id: str,
-    ) -> HttpResponse:
+    ) -> Response:
+
+        analytics.record(
+            PreprodArtifactApiImageEvent(
+                organization_id=project.organization_id,
+                project_id=project.id,
+                user_id=request.user.id,
+                image_id=image_id,
+            )
+        )
+
         organization_id = project.organization_id
         project_id = project.id
 
@@ -114,7 +123,7 @@ def get(
                 )
 
                 # Upload failed, return appropriate error
-                return HttpResponse({"error": "Not found"}, status=404)
+                return Response({"error": "Not found"}, status=404)
 
             logger.warning(
                 "Failed to retrieve app icon from objectstore",
@@ -126,7 +135,7 @@ def get(
                     "status": e.status,
                 },
             )
-            return HttpResponse({"error": "Failed to retrieve app icon"}, status=500)
+            return Response({"error": "Failed to retrieve app icon"}, status=500)
 
         except Exception:
             logger.exception(
@@ -137,4 +146,4 @@ def get(
                     "image_id": image_id,
                 },
             )
-            return HttpResponse({"error": "Internal server error"}, status=500)
+            return Response({"error": "Internal server error"}, status=500)
diff --git a/src/sentry/preprod/api/endpoints/urls.py b/src/sentry/preprod/api/endpoints/urls.py
@@ -2,7 +2,7 @@
 
 from django.urls import re_path
 
-from sentry.preprod.api.endpoints.project_preprod_artifact_icon import (
+from sentry.preprod.api.endpoints.project_preprod_artifact_image import (
     ProjectPreprodArtifactImageEndpoint,
 )
 from sentry.preprod.api.endpoints.size_analysis.project_preprod_size_analysis_compare import (
@@ -87,7 +87,7 @@
     re_path(
         r"^(?P<organization_id_or_slug>[^/]+)/(?P<project_id_or_slug>[^/]+)/files/images/(?P<image_id>[^/]+)/$",
         ProjectPreprodArtifactImageEndpoint.as_view(),
-        name="sentry-api-0-project-preprod-app-icon",
+        name="sentry-api-0-project-preprod-artifact-image",
     ),
     # Size analysis
     re_path(
diff --git a/tests/sentry/preprod/api/endpoints/test_preprod_artifact_image.py b/tests/sentry/preprod/api/endpoints/test_preprod_artifact_image.py
@@ -0,0 +1,129 @@
+from io import BytesIO
+
+from django.urls import reverse
+
+from sentry.objectstore import preprod
+from sentry.testutils.cases import APITestCase
+from sentry.testutils.skips import requires_objectstore
+
+
+class ProjectPreprodArtifactImageTest(APITestCase):
+    def setUp(self):
+        super().setUp()
+        self.login_as(user=self.user)
+        self.org = self.create_organization(owner=self.user)
+        self.project = self.create_project(organization=self.org)
+        self.api_token = self.create_user_auth_token(
+            user=self.user, scope_list=["org:admin", "project:admin"]
+        )
+        self.image_id = "test-image-123"
+        self.base_path = f"/api/0/{self.org.slug}/{self.project.slug}/files/images/{self.image_id}/"
+
+    def _get_url(self, image_id=None):
+        image_id = image_id or self.image_id
+        return reverse(
+            "sentry-api-0-project-preprod-artifact-image",
+            args=[self.org.slug, self.project.slug, image_id],
+        )
+
+    @requires_objectstore
+    def test_successful_image_retrieval_png(self):
+        png_data = b"\x89PNG\r\n\x1a\n" + b"fake png content" * 100
+
+        client = preprod.for_project(self.org.id, self.project.id)
+        client.put(BytesIO(png_data), id=f"{self.org.id}/{self.project.id}/test-image-123")
+
+        url = self._get_url()
+        response = self.client.get(
+            url, format="json", HTTP_AUTHORIZATION=f"Bearer {self.api_token.token}"
+        )
+
+        assert response.status_code == 200
+        assert response.content == png_data
+        assert response["Content-Type"] == "image/png"
+
+    @requires_objectstore
+    def test_successful_image_retrieval_jpeg(self):
+        jpeg_data = b"\xff\xd8\xff" + b"fake jpeg content" * 100
+
+        client = preprod.for_project(self.org.id, self.project.id)
+        client.put(BytesIO(jpeg_data), id=f"{self.org.id}/{self.project.id}/test-image-123")
+
+        url = self._get_url()
+        response = self.client.get(
+            url, format="json", HTTP_AUTHORIZATION=f"Bearer {self.api_token.token}"
+        )
+
+        assert response.status_code == 200
+        assert response.content == jpeg_data
+        assert response["Content-Type"] == "image/jpeg"
+
+    @requires_objectstore
+    def test_successful_image_retrieval_webp(self):
+        webp_data = b"RIFF" + b"1234" + b"WEBP" + b"fake webp content" * 100
+
+        client = preprod.for_project(self.org.id, self.project.id)
+        client.put(BytesIO(webp_data), id=f"{self.org.id}/{self.project.id}/test-image-123")
+
+        url = self._get_url()
+        response = self.client.get(
+            url, format="json", HTTP_AUTHORIZATION=f"Bearer {self.api_token.token}"
+        )
+
+        assert response.status_code == 200
+        assert response.content == webp_data
+        assert response["Content-Type"] == "image/webp"
+
+    def test_successful_image_retrieval_heic(self):
+        heic_data = b"RIFF" + b"ftypheic" + b"fake heic content" * 100
+
+        client = preprod.for_project(self.org.id, self.project.id)
+        client.put(BytesIO(heic_data), id=f"{self.org.id}/{self.project.id}/test-image-123")
+
+        url = self._get_url()
+        response = self.client.get(
+            url, format="json", HTTP_AUTHORIZATION=f"Bearer {self.api_token.token}"
+        )
+
+        assert response.status_code == 200
+        assert response.content == heic_data
+        assert response["Content-Type"] == "image/heic"
+
+    @requires_objectstore
+    def test_image_not_found(self):
+        url = self._get_url()
+        response = self.client.get(
+            url, format="json", HTTP_AUTHORIZATION=f"Bearer {self.api_token.token}"
+        )
+
+        assert response.status_code == 404
+        assert response.content == b'{"error":"Not found"}'
+
+    @requires_objectstore
+    def test_unknown_image_format(self):
+        unknown_data = b"unknown binary data" * 50
+
+        client = preprod.for_project(self.org.id, self.project.id)
+        client.put(BytesIO(unknown_data), id=f"{self.org.id}/{self.project.id}/test-image-123")
+
+        url = self._get_url()
+        response = self.client.get(
+            url, format="json", HTTP_AUTHORIZATION=f"Bearer {self.api_token.token}"
+        )
+
+        assert response.status_code == 200
+        assert response.content == unknown_data
+        assert response["Content-Type"] == "application/octet-stream"
+
+    def test_endpoint_requires_project_access(self):
+        other_user = self.create_user()
+        self.login_as(user=other_user)
+        self.api_token = self.create_user_auth_token(
+            user=other_user, scope_list=["org:read", "project:read"]
+        )
+
+        url = self._get_url()
+        response = self.client.get(
+            url, format="json", HTTP_AUTHORIZATION=f"Bearer {self.api_token.token}"
+        )
+        assert response.status_code == 403
