Skip to content

Add durable outbound webhook dispatcher#276

Open
220nightmore-spec wants to merge 1 commit into
Creditra:mainfrom
220nightmore-spec:feature/outbound-webhook-dispatcher-182
Open

Add durable outbound webhook dispatcher#276
220nightmore-spec wants to merge 1 commit into
Creditra:mainfrom
220nightmore-spec:feature/outbound-webhook-dispatcher-182

Conversation

@220nightmore-spec

Copy link
Copy Markdown

Closes #182.

Summary

  • add durable outbound webhook schema for subscriptions and deliveries
  • add an outbound webhook store with in-memory and Postgres-backed implementations
  • add an async dispatcher that subscribes to credit lifecycle events, records delivery rows, signs payloads, queues delivery jobs, retries through the existing job queue, and marks exhausted attempts as dead-letter
  • expose API-key-gated inspection and replay endpoints:
    • GET /api/webhooks/subscriptions
    • GET /api/webhooks/deliveries
    • POST /api/webhooks/deliveries/:id/replay
  • update schema validation and webhook subscriber/operator docs

Validation

  • node node_modules/vitest/vitest.mjs run src/services/__tests__/outboundWebhookDispatcher.test.ts src/db/validate-schema.test.ts
  • node node_modules/eslint/bin/eslint.js src/services/outboundWebhookStore.ts src/services/outboundWebhookDispatcher.ts src/services/__tests__/outboundWebhookDispatcher.test.ts src/container/Container.ts src/routes/webhook.ts src/db/migrations.ts src/db/validate-schema.ts src/db/validate-schema.test.ts
  • node --input-type=module -e "import fs from 'node:fs'; import yaml from 'yaml'; yaml.parse(fs.readFileSync('src/openapi.yaml','utf8')); yaml.parse(fs.readFileSync('openapi.yaml','utf8')); console.log('OpenAPI specs valid');"
  • git diff --check

Full tsc --noEmit --pretty false still fails on existing main-branch issues in src/app.ts, src/middleware/requestLogger.ts, src/routes/creditBulk.ts, src/routes/simulation.ts, legacy src/services/drawWebhookService.ts missing log, and existing route/container test typing. The touched files passed targeted ESLint and focused tests.

Security notes

Webhook secrets are never persisted. Subscriptions store only secret_ref (WEBHOOK_SECRET), and delivery rows store signed payload metadata/status for operator inspection and replay.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Backend: Add outbound webhook delivery with retries, backoff, and dead-letter tracking

1 participant