chore: Improve incoming webhook logging & add middleware

[KevLehman]

Proposed changes (including videos or screenshots)

https://rocketchat.atlassian.net/browse/CORE-1716

Issue(s)

Steps to test or reproduce

Further comments

• Adds request logging for /hooks api (the one incoming integrations use)
• Logs the error when an integration without an script fails
• Adds prom & trace logging for the /hooks api

Currently we're on the blind side when these calls fail, after this, we'll be a little bit less blind

Summary by CodeRabbit

• New Features

  • Added request logging, metrics collection, and distributed tracing for webhook and integration endpoints to improve observability.

• Improvements

  • Improved error reporting and logging for webhook processing to surface clearer failure details and aid debugging.

• Refactor

  • Centralized integrations logging to provide more consistent, structured log output across integration flows.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[changeset-bot]

⚠️ No Changeset found

Latest commit: 84087f2

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

Adds middleware (logger, metrics, tracer) to the integrations WebHook API router, exports a shared integrationLogger and re-wires incoming/outgoing loggers to use it, and enhances webhook error handling to log errors and forward error payloads to API failure responses.

Changes

Cohort / File(s)	Summary
Integration Logger Infrastructure apps/meteor/app/integrations/server/logger.ts	Export new integrationLogger; re-wire incomingLogger and outgoingLogger to derive from integrationLogger.
WebHook API Middleware & Error Handling apps/meteor/app/integrations/server/api/api.ts	Apply loggerMiddleware, metricsMiddleware, tracerSpanMiddleware to the WebHook API router (metrics scoped for /hooks/); log errors in executeIntegrationRest via incomingLogger and pass err (or message) into API failure responses; update imports for logging/metrics/tracing.

Sequence Diagram(s)

sequenceDiagram
  participant Client
  participant WebHookAPI
  participant LoggerMiddleware as Logger/Tracer/Metrics
  participant executeIntegrationRest as Executor
  participant incomingLogger

  Client->>WebHookAPI: POST /hooks/...
  WebHookAPI->>LoggerMiddleware: apply logger/metrics/tracer
  LoggerMiddleware-->>WebHookAPI: enriched request (trace/metrics/log context)

  WebHookAPI->>executeIntegrationRest: process webhook
  activate executeIntegrationRest
  alt success
    executeIntegrationRest-->>WebHookAPI: 200 OK
    LoggerMiddleware-->>Client: 200 OK (metrics recorded)
  else error
    executeIntegrationRest->>incomingLogger: log error (err)
    incomingLogger-->>WebHookAPI: logged error details
    executeIntegrationRest-->>WebHookAPI: failure(payload: err or message)
    LoggerMiddleware-->>Client: error response (metrics/tracing recorded)
  end
  deactivate executeIntegrationRest

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• chore: Logging #37956 — touches logging in apps/meteor/app/integrations/server/api/api.ts; converts a log to structured form in WebHookAPI.authenticatedRoute.

Suggested labels

stat: ready to merge

Suggested reviewers

• sampaiodiego

Poem

🐰 Hopping through hooks with a logger so true,
Tracing each request as it hops into view.
Metrics that sparkle and errors well-read,
I nibble on logs and then curl in my bed.
🎩🥕

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main changes: improving incoming webhook logging and adding middleware to webhook processing.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/logger-incoming-webhook

---

📜 Recent review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 2923a17 and 95ede5e.

📒 Files selected for processing (1)

• apps/meteor/app/integrations/server/api/api.ts

🚧 Files skipped from review as they are similar to previous changes (1)

• apps/meteor/app/integrations/server/api/api.ts

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: 🔎 Code Check / TypeScript
• GitHub Check: 🔎 Code Check / Code Lint
• GitHub Check: 🔨 Test Storybook / Test Storybook
• GitHub Check: 🔨 Test Unit / Unit Tests
• GitHub Check: 📦 Meteor Build (coverage)
• GitHub Check: CodeQL-Build
• GitHub Check: CodeQL-Build

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 70.67%. Comparing base (719b85a) to head (84087f2).
⚠️ Report is 1 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop   #37948      +/-   ##
===========================================
+ Coverage    70.63%   70.67%   +0.04%     
===========================================
  Files         3145     3145              
  Lines       108772   108772              
  Branches     19570    19570              
===========================================
+ Hits         76826    76871      +45     
+ Misses       29943    29896      -47     
- Partials      2003     2005       +2     

Flag	Coverage Δ
e2e	60.17% <ø> (+0.01%)	⬆️
e2e-api	47.44% <ø> (+0.06%)	⬆️
unit	71.80% <ø> (+0.06%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

📦 Docker Image Size Report

➡️ Changes

Service	Current	Baseline	Change	Percent
sum of all images	0B	0B	0B
account-service	0B	0B	0B
authorization-service	0B	0B	0B
ddp-streamer-service	0B	0B	0B
omnichannel-transcript-service	0B	0B	0B
presence-service	0B	0B	0B
queue-worker-service	0B	0B	0B
rocketchat	0B	0B	0B

📊 Historical Trend

---
config:
  theme: "dark"
  xyChart:
    width: 900
    height: 400
---
xychart
  title "Image Size Evolution by Service (Last 30 Days + This PR)"
  x-axis ["11/18 22:53", "11/19 23:02", "11/21 16:49", "11/24 17:34", "11/27 22:32", "11/28 19:05", "12/01 23:01", "12/02 21:57", "12/03 21:00", "12/04 18:17", "12/05 21:56", "12/08 20:15", "12/09 22:17", "12/10 23:26", "12/11 21:56", "12/12 22:45", "12/13 01:34", "12/15 22:31", "12/16 22:18", "12/17 21:04", "12/18 23:12", "12/19 23:27", "12/20 21:03", "12/22 18:54", "12/23 16:16", "12/24 19:38", "12/25 17:51", "12/26 13:18", "12/29 19:01", "12/30 20:52", "01/08 15:34 (PR)"]
  y-axis "Size (GB)" 0 --> 0.5
  line "account-service" [0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.00]
  line "authorization-service" [0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.00]
  line "ddp-streamer-service" [0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.00]
  line "omnichannel-transcript-service" [0.14, 0.14, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.00]
  line "presence-service" [0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.00]
  line "queue-worker-service" [0.14, 0.14, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.00]
  line "rocketchat" [0.35, 0.35, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.00]

Loading

Statistics (last 30 days):

• 📊 Average: 1.5GiB
• ⬇️ Minimum: 1.4GiB
• ⬆️ Maximum: 1.6GiB
• 🎯 Current PR: 0B

ℹ️ About this report

This report compares Docker image sizes from this build against the develop baseline.

• Tag: pr-37948
• Baseline: develop
• Timestamp: 2026-01-08 15:34:54 UTC
• Historical data points: 30

---

Updated: Thu, 08 Jan 2026 15:34:55 GMT

[cubic-dev-ai]

No issues found across 2 files

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

apps/meteor/app/integrations/server/api/api.ts (1)

386-389: Remove redundant RegExp constructor.

The middleware application correctly enables observability for webhook routes. However, new RegExp(/^\/hooks\//) is redundant since /^\/hooks\// is already a RegExp literal.

🔎 Simplify RegExp usage

 Api.router
   .use(loggerMiddleware(integrationLogger))
-  .use(metricsMiddleware({ basePathRegex: new RegExp(/^\/hooks\//), api: Api, settings, summary: metrics.rocketchatRestApi }))
+  .use(metricsMiddleware({ basePathRegex: /^\/hooks\//, api: Api, settings, summary: metrics.rocketchatRestApi }))
   .use(tracerSpanMiddleware);

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between a8a84ab and 2923a17.

📒 Files selected for processing (2)

• apps/meteor/app/integrations/server/api/api.ts
• apps/meteor/app/integrations/server/logger.ts

🧰 Additional context used

📓 Path-based instructions (1)

**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/playwright.mdc)

**/*.{ts,tsx,js}: Write concise, technical TypeScript/JavaScript with accurate typing in Playwright tests
Avoid code comments in the implementation

Files:

• apps/meteor/app/integrations/server/api/api.ts
• apps/meteor/app/integrations/server/logger.ts

🧬 Code graph analysis (1)

apps/meteor/app/integrations/server/api/api.ts (2)

apps/meteor/app/integrations/server/logger.ts (2)

• incomingLogger (5-5)
• integrationLogger (3-3)

apps/meteor/app/metrics/server/lib/metrics.ts (1)

• metrics (5-249)

🔇 Additional comments (4)

apps/meteor/app/integrations/server/logger.ts (1)

3-6: LGTM! Clean logger hierarchy.

The logger structure is well-organized with a base integrationLogger and appropriate sections for incoming and outgoing webhooks. This enables better log filtering and contextual logging.

apps/meteor/app/integrations/server/api/api.ts (3)

17-19: LGTM! Middleware imports for observability.

The imported middleware will enhance observability for webhook requests with logging, metrics, and tracing capabilities.

---

22-22: LGTM! Metrics import for Prometheus.

The metrics import enables Prometheus metric collection for webhook API calls.

---

25-25: LGTM! Updated import aligns with logger hierarchy.

The import now includes integrationLogger to support the middleware configuration, aligning with the refactored logger structure.

[dionisio-bot]

Looks like this PR is ready to merge! 🎉
If you have any trouble, please check the PR guidelines

[cubic-dev-ai]

1 issue found across 1 file (changes from recent commits).

Prompt for AI agents (all issues)

Check if these issues are valid — if so, understand the root cause of each and fix them.


<file name="apps/meteor/app/integrations/server/api/api.ts">

<violation number="1" location="apps/meteor/app/integrations/server/api/api.ts:256">
P2: Accessing `err.error` or `err.message` without null-safety could throw if `err` is null/undefined. Consider using optional chaining with a fallback to handle edge cases where non-Error values are thrown.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}