feat(sentry apps): Add circuit breaker into webhook code#111723
feat(sentry apps): Add circuit breaker into webhook code#111723Christinarlong merged 36 commits intomasterfrom
Conversation
With Exception, ignore_unpublished_app_errors swallows timeouts for unpublished (dev/test) apps, which is the correct behavior — the lifecycle halt metric still fires before the re-raise. Tests updated to use published=True so the exception propagates for assertion.
github-actions
bot
added
the
Scope: Backend
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
![sentry-warden[bot]](https://avatars.githubusercontent.com/in/2755838?s=60&v=4){kind=small}
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
This comment was marked as outdated.
This comment was marked as outdated.
shashjar
left a comment
shashjar
left a comment
There was a problem hiding this comment.
LGTM, left a couple minor comments
This comment was marked as outdated.
This comment was marked as outdated.
| return Response() | ||
|
|
||
| with circuit_breaker_tracking(circuit_breaker): | ||
| response = _send_webhook_request(url, app_platform_event, organization_context) |
There was a problem hiding this comment.
Circuit breaker errors can crash webhook delivery for published apps
Medium Severity
_create_circuit_breaker and _circuit_breaker_allows_request (which calls should_allow_request()) are invoked inside a try block that only catches specific exception types (WebhookTimeoutError, Timeout, ConnectionError, etc.). An unexpected exception from these — such as a Redis failure inside should_allow_request() → _should_trip() → check_within_quotas(), or a KeyError from a malformed options config — would propagate uncaught, causing the webhook to fail for published apps. This is inconsistent with circuit_breaker_tracking, which carefully wraps record_error() and record_success() in try/except Exception to prevent circuit breaker infrastructure issues from breaking webhook delivery.
Additional Locations (1)
There was a problem hiding this comment.
hmm, we have retries for uncaught errors at this step so idt it's that big of a deal
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
There are 2 total unresolved issues (including 1 from previous review).
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
4 participants
NOTES
crl/add-breaker-to-webhook-sending->crl/add-ff-to-breaker->crl/impl-circuit-breaker->crl/webhook-alarm->masterSummary
Adds a per-app-slug circuit breaker to send_and_save_webhook_request to track
temporarily block outbound webhook delivery to consistently failing Sentry Apps.
per-org.