Skip to content

feat: admin DLQ tooling, observability metrics, and standardized error responses#208

Merged
robertocarlous merged 2 commits into
Neurowealth:mainfrom
gotethry:implement-admin-tooling-and-observability
Jun 24, 2026
Merged

feat: admin DLQ tooling, observability metrics, and standardized error responses#208
robertocarlous merged 2 commits into
Neurowealth:mainfrom
gotethry:implement-admin-tooling-and-observability

Conversation

@gotethry

Copy link
Copy Markdown
Contributor

What

Implement advanced DLQ admin tooling with filtering and replay, add rate-limit and auth-failure observability metrics, establish standardized error response contract, and add critical database regression tests.

Issues Resolved

Closes #189
Closes #192
Closes #193
Closes #196

Changes

#189 - Admin tooling for DLQ triage and replay operations

  • Enhanced GET /api/admin/dlq/inspect with advanced filtering by eventType, retryCount range, and time range
  • Added pagination support with offset and limit parameters
  • Implemented POST /api/admin/dlq/replay endpoint for selective event replay with safety checks
  • Replay operations only target PENDING and RETRIED events to prevent infinite loops from RESOLVED events
  • Enhanced audit logging for all DLQ operations with detailed filter metadata

#192 - Rate-limit and auth-failure observability panels

  • Added three new Prometheus metrics: rate_limit_hits_total, auth_failures_total, rate_limit_active_violations
  • Instrumented all five rate limiters (global, auth, admin, webhook, internal) to record hits by route group
  • Added auth failure tracking in adminAuth middleware for missing_token, invalid_token, and auth_error scenarios
  • Metrics track by limiter type and endpoint for granular observability and alerting

#196 - Standardized error-response contract across API routes

  • Created errorResponse.ts utility module with canonical error format
  • All errors now follow: { error: { code, message, details? }, requestId, timestamp }
  • Updated error handler middleware to use standardized error responses
  • Defined ErrorCodes enum for consistent error categorization across routes
  • Helper functions for all common HTTP error codes (400, 401, 403, 404, 409, 429, 422, 500, 503)

#193 - Regression tests for critical Prisma-backed flows

  • Added comprehensive test suite in tests/regression.test.ts
  • Session creation/cleanup flow tests with expiration validation
  • Event persistence and cursor update tests with unique constraint validation
  • DLQ write/read/retry flows with status transitions (PENDING -> RETRIED -> RESOLVED)
  • Admin audit log persistence and query tests
  • All tests verify database integrity and ensure query correctness

@drips-wave

drips-wave Bot commented Jun 24, 2026

Copy link
Copy Markdown

@gotethry Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

gotethry added 2 commits June 24, 2026 11:03
… and auth metrics, standardized errors, and regression tests

Resolves Neurowealth#189 Neurowealth#192 Neurowealth#193 Neurowealth#196

## Changes

### Neurowealth#189 - Admin tooling for DLQ triage and replay operations
- Enhanced GET /api/admin/dlq/inspect with advanced filtering: eventType, retryCount range, time range filtering
- Added pagination support with offset and limit
- Implemented POST /api/admin/dlq/replay endpoint for selective event replay with safety checks
- Replay operations prevent retrying RESOLVED events to avoid infinite loops
- Enhanced audit logging for all DLQ operations with detailed filter metadata

### Neurowealth#192 - Rate-limit and auth-failure observability panels
- Added Prometheus metrics: rate_limit_hits_total, auth_failures_total, rate_limit_active_violations
- Instrumented all rate limiters (global, auth, admin, webhook, internal) to record hits by route group
- Added auth failure recording in adminAuth middleware for missing_token, invalid_token, and auth_error types
- Metrics track by limiter type and endpoint for granular observability

### Neurowealth#196 - Standardized error-response contract across API routes
- Created errorResponse.ts utility with canonical error format
- All errors now follow: { error: { code, message, details? }, requestId, timestamp }
- Updated error handler middleware to use standardized format
- Defined ErrorCodes enum for consistent error categorization
- Helper functions for 400, 401, 403, 404, 409, 429, 422, 500, 503 responses

### Neurowealth#193 - Regression tests for critical Prisma-backed flows
- Added comprehensive test suite covering session creation/cleanup
- Tests for event persistence and cursor updates with unique constraint validation
- DLQ write/read/retry flows with status transitions
- Admin audit log persistence and retrieval
- Tests ensure database integrity and query correctness
@gotethry gotethry force-pushed the implement-admin-tooling-and-observability branch from f6301d7 to 2a0b3af Compare June 24, 2026 10:03
@robertocarlous robertocarlous merged commit 8f73871 into Neurowealth:main Jun 24, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

2 participants