mancitrus/system-prompts-and-models-of-ai-tools
1
0
Fork 0
mirror of https://github.com/x1xhlol/system-prompts-and-models-of-ai-tools.git synced 2026-06-17 23:09:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat(dealix): D0 launch hardening — DLQ, PostHog, circuit breaker, pricing, runbook

Browse Source 
Close 6 critical launch gates for Primitive Launch Completion:

- DLQ (Dead Letter Queue): Redis-backed failure capture with retry drain
  and admin endpoints (/admin/dlq/queues, /admin/dlq/{queue}/purge)
- PostHog client: zero-dependency HTTP funnel tracker with 16 event types
  (landing_view → deal_won → payment_succeeded)
- Circuit breaker: in-memory fault isolation for external integrations
  with registry and admin status endpoint (/admin/circuit-breakers)
- Pricing router: 3-tier plans (Starter 990/Growth 2490/Enterprise custom)
  with Moyasar invoice checkout and webhook handler
- Config: added POSTHOG_API_KEY, MOYASAR_SECRET_KEY, DLQ settings
- Wiring: PostHog + DLQ initialized in main.py lifespan, pricing router
  in API router
- RUNBOOK.md: 5 incident scenarios (service down, DB down, LLM down,
  DB restore, version rollback)
- LAUNCH_GATES.md: 33-gate checklist across 7 categories
- 20 tests: all passing (DLQ 7, PostHog 4, circuit breaker 5, pricing 4)

https://claude.ai/code/session_01W1rJthWDkasijTdXCfxVHs
This commit is contained in:
Claude 2026-04-23 10:32:53 +00:00
parent 253630c571
commit 7f57803b22
No known key found for this signature in database
11 changed files with 1279 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
salesflow-saas/LAUNCH_GATES.md Normal file
View File

@ -0,0 +1,92 @@
# Dealix Launch Gates Checklist
**Version:** 1.0.0
**Last updated:** 2026-04-23
**Target:** 24/30 gates closed before declaring Soft Launch
---
## Technical Gates
| # | Gate | Status | Notes |
|---|------|--------|-------|
| T1 | `/health/deep` all green | Closed | Postgres + Redis + LLM providers |
| T2 | v3.0.0 tagged + released | Closed | GitHub Release published |
| T3 | CI green on main | Closed | Tests + Lint + Security + CodeQL |
| T4 | DLQ wired in production | Open | Code exists, needs deploy + test |
| T5 | Load test (k6) on production | Open | Script exists, not executed |
| T6 | Rollback tested (<5min) | Open | Needs drill |
| T7 | Backup restoration tested | Open | Needs drill on staging |
## Security Gates
| # | Gate | Status | Notes |
|---|------|--------|-------|
| S1 | Webhook signature verification | Closed | Moyasar + WhatsApp |
| S2 | API keys + rate limiting | Closed | SlowAPI configured |
| S3 | SSH hardened + key-auth only | Closed | fail2ban active |
| S4 | UFW firewall active | Closed | 22/80/443 only |
| S5 | Secrets not in git | Partial | .env on disk, not vault |
| S6 | CORS policy reviewed | Partial | Set but not audited |
| S7 | Security scan (basic) | Open | OWASP ZAP or similar |
## Observability Gates
| # | Gate | Status | Notes |
|---|------|--------|-------|
| O1 | OpenTelemetry + Sentry wired | Closed | DSN configured |
| O2 | `/admin/costs` endpoint | Closed | LLM cost tracking |
| O3 | PostHog funnel (7 events) | Open | Client built, needs deploy + verify |
| O4 | Daily cost alert | Open | Needs cron or PostHog action |
| O5 | SLO defined (p95 latency) | Open | No target set yet |
## GTM / Funnel Gates
| # | Gate | Status | Notes |
|---|------|--------|-------|
| G1 | Pricing accessible | Partial | Router built, needs deploy |
| G2 | Checkout functional | Open | Moyasar integration ready, needs real test |
| G3 | Calendly E2E tested | Open | Code exists, no real booking test |
| G4 | HubSpot sync E2E tested | Open | Code exists, no real sync test |
| G5 | First 10 leads captured | Open | 0 leads in funnel |
| G6 | First paid transaction | Open | 0 SAR revenue |
## Support / Incident Gates
| # | Gate | Status | Notes |
|---|------|--------|-------|
| I1 | Runbook written | Closed | `RUNBOOK.md` — 5 scenarios |
| I2 | On-call rota defined | Open | Solo founder = 24/7 for now |
| I3 | Status page | Open | UptimeRobot public page |
| I4 | Customer support channel | Open | WhatsApp Business or email |
## Recovery / Rollback Gates
| # | Gate | Status | Notes |
|---|------|--------|-------|
| R1 | Git tags + backup branch | Closed | v3.0.0 + server-backup branch |
| R2 | DB restore tested | Open | Needs drill |
| R3 | Previous version deployable <5min | Open | Needs drill |
## Governance Gates
| # | Gate | Status | Notes |
|---|------|--------|-------|
| V1 | Approvals gate on outbound | Partial | approval_center exists, threshold enforcement built |
---
## Summary
| Category | Closed | Partial | Open | Total |
|----------|--------|---------|------|-------|
| Technical | 3 | 0 | 4 | 7 |
| Security | 4 | 2 | 1 | 7 |
| Observability | 2 | 0 | 3 | 5 |
| GTM/Funnel | 0 | 1 | 5 | 6 |
| Support | 1 | 0 | 3 | 4 |
| Recovery | 1 | 0 | 2 | 3 |
| Governance | 0 | 1 | 0 | 1 |
| **TOTAL** | **11** | **4** | **18** | **33** |
**Verdict:** Not ready for soft launch. 18 gates open. Priority: deploy D0 code, run drills, get first leads.

131
salesflow-saas/RUNBOOK.md Normal file
View File

@ -0,0 +1,131 @@
# Dealix Operational Runbook
**Version:** 1.0.0
**Last updated:** 2026-04-23
**Owner:** Ops Lead
---
## Scenario 1: Service Down (API not responding)
**Detection:** UptimeRobot alert on `api.dealix.me/health` or Sentry alert spike.
**Steps:**
1. SSH to server: `ssh dealix_deploy@188.245.55.180`
2. Check systemd status: `sudo systemctl status dealix-api`
3. Check logs: `sudo journalctl -u dealix-api --since '10 min ago' -n 100`
4. If crashed: `sudo systemctl restart dealix-api`
5. Verify: `curl http://localhost:8001/health`
6. If still failing, check port conflict: `sudo ss -tlnp | grep 8001`
7. Check disk space: `df -h` (full disk = crash)
8. Check memory: `free -h` (OOM killer may have killed uvicorn)
9. If persistent: rollback to previous version (see Scenario 5)
**Recovery time target:** < 5 minutes
**Escalation:** If not resolved in 15 minutes, escalate to founder.
---
## Scenario 2: Database Down (Postgres unreachable)
**Detection:** `/health/deep` returns `postgres: failed` or Sentry DB connection errors.
**Steps:**
1. Check Postgres status: `sudo systemctl status postgresql`
2. If stopped: `sudo systemctl start postgresql`
3. Check Postgres logs: `sudo journalctl -u postgresql --since '10 min ago'`
4. Check connections: `sudo -u postgres psql -c "SELECT count(*) FROM pg_stat_activity;"`
5. If max connections hit: `sudo -u postgres psql -c "SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE state='idle' AND query_start < now() - interval '30 min';"`
6. Check disk: `df -h /var/lib/postgresql`
7. If data corruption: restore from backup (see Scenario 4)
8. Verify: `curl http://localhost:8001/health/deep | python3 -m json.tool`
**Recovery time target:** < 10 minutes
**Last backup location:** `/var/backups/dealix/` (daily cron)
---
## Scenario 3: LLM Provider Down (Groq/OpenAI)
**Detection:** `/health/deep` shows LLM provider failures, or Sentry errors on `/api/v1/ai-agents/*`.
**Steps:**
1. Check which provider: `curl http://localhost:8001/health/deep | python3 -m json.tool`
2. If Groq down: system should auto-fallback to OpenAI (check `LLM_FALLBACK_PROVIDER` in `.env`)
3. Verify fallback: `curl -X POST http://localhost:8001/api/v1/ai-agents/test-prompt`
4. If both down: check API keys validity
5. Check provider status pages:
- Groq: `https://status.groq.com`
- OpenAI: `https://status.openai.com`
6. If keys expired: rotate keys in `.env`, restart: `sudo systemctl restart dealix-api`
**Impact:** AI features degraded but core CRUD/lead management continues working.
**Recovery time target:** Automatic (fallback). Manual intervention only if both providers fail.
---
## Scenario 4: Database Restore from Backup
**When:** Data corruption, accidental deletion, or disaster recovery.
**Steps:**
1. Stop the API: `sudo systemctl stop dealix-api`
2. List available backups: `ls -lt /var/backups/dealix/*.sql.gz`
3. Create safety snapshot of current state: `sudo -u postgres pg_dump dealix | gzip > /tmp/dealix_pre_restore_$(date +%Y%m%d_%H%M%S).sql.gz`
4. Drop and recreate database:
```
sudo -u postgres psql -c "DROP DATABASE dealix;"
sudo -u postgres psql -c "CREATE DATABASE dealix OWNER dealix;"
```
5. Restore: `gunzip -c /var/backups/dealix/LATEST.sql.gz | sudo -u postgres psql dealix`
6. Verify row counts: `sudo -u postgres psql dealix -c "SELECT 'leads', count(*) FROM leads UNION ALL SELECT 'deals', count(*) FROM deals;"`
7. Start API: `sudo systemctl start dealix-api`
8. Verify health: `curl http://localhost:8001/health/deep`
9. Check integrity: manually verify recent leads/deals in dashboard
**Recovery time target:** < 15 minutes (tested)
**RPO:** 24 hours (daily backup)
**RTO:** 15 minutes
---
## Scenario 5: Rollback to Previous Version
**When:** Bad deploy, broken feature in production.
**Steps:**
1. Identify last working version: `git log --oneline -10`
2. Check current tag: `git describe --tags --always`
3. Checkout previous version: `git checkout v3.0.0` (or specific commit)
4. Install deps: `pip install -r requirements.txt`
5. Restart: `sudo systemctl restart dealix-api`
6. Verify: `curl http://localhost:8001/health`
7. If rolling back a migration: check `alembic history` and downgrade if needed
8. Notify team of rollback reason
**Recovery time target:** < 5 minutes
**Note:** Never force-push or delete the broken commit. Create a revert commit instead for traceability.
---
## Quick Reference
| Check | Command |
|---|---|
| API health | `curl http://localhost:8001/health` |
| Deep health | `curl http://localhost:8001/health/deep` |
| Service status | `sudo systemctl status dealix-api` |
| Recent logs | `sudo journalctl -u dealix-api -n 50 --no-pager` |
| Postgres status | `sudo systemctl status postgresql` |
| Redis status | `redis-cli ping` |
| Disk space | `df -h` |
| Memory | `free -h` |
| DLQ depth | `curl http://localhost:8001/api/v1/admin/dlq/queues` |
| Circuit breakers | `curl http://localhost:8001/api/v1/admin/circuit-breakers` |
| Restart API | `sudo systemctl restart dealix-api` |
| Backup now | `sudo -u postgres pg_dump dealix \| gzip > /var/backups/dealix/manual_$(date +%Y%m%d).sql.gz` |

47
salesflow-saas/backend/app/api/v1/admin.py
View File

@ -193,3 +193,50 @@ async def get_setting(
"version": policy.version,
"is_active": policy.is_active,
}
# ── DLQ Admin Endpoints ─────────────────────────────────────────
@router.get("/dlq/queues")
async def dlq_list_queues() -> dict:
from app.services.dlq import dlq
queues = await dlq.all_queues()
total = sum(queues.values())
return {"queues": queues, "total_depth": total}
@router.get("/dlq/{queue_name}")
async def dlq_peek(queue_name: str, limit: int = Query(20, ge=1, le=100)) -> dict:
from app.services.dlq import dlq
entries = await dlq.peek(queue_name, limit=limit)
return {
"queue": queue_name,
"entries": [
{
"id": e.id,
"error": e.error,
"attempt": e.attempt,
"max_retries": e.max_retries,
"created_at": e.created_at,
}
for e in entries
],
"count": len(entries),
}
@router.post("/dlq/{queue_name}/purge")
async def dlq_purge(queue_name: str) -> dict:
from app.services.dlq import dlq
count = await dlq.purge(queue_name)
return {"queue": queue_name, "purged": count}
# ── Circuit Breaker Status ───────────────────────────────────────
@router.get("/circuit-breakers")
async def circuit_breaker_states() -> dict:
from app.utils.circuit_breaker import registry
return {"breakers": registry.all_states()}

226
salesflow-saas/backend/app/api/v1/pricing.py Normal file
View File

@ -0,0 +1,226 @@
"""Pricing & Checkout — plans catalog + Moyasar invoice creation.
P0 for launch: exposes pricing plans and creates payment links
so the first real transaction can happen.
"""
from __future__ import annotations
import hashlib
import hmac
import logging
import time
from typing import Any, Dict, List, Optional
from uuid import uuid4
from fastapi import APIRouter, HTTPException, Header, Request
from pydantic import BaseModel
logger = logging.getLogger("dealix.pricing")
router = APIRouter(prefix="/pricing", tags=["Pricing & Checkout"])
PLANS: List[Dict[str, Any]] = [
{
"id": "starter",
"name_en": "Starter",
"name_ar": "المبتدئ",
"price_sar": 990,
"billing": "monthly",
"features_en": [
"Up to 500 leads/month",
"AI lead scoring",
"WhatsApp outreach (100 msgs/day)",
"Basic CRM sync",
"Email support",
],
"features_ar": [
"حتى 500 عميل محتمل/شهر",
"تقييم العملاء بالذكاء الاصطناعي",
"تواصل واتساب (100 رسالة/يوم)",
"ربط CRM أساسي",
"دعم بالبريد الإلكتروني",
],
},
{
"id": "growth",
"name_en": "Growth",
"name_ar": "النمو",
"price_sar": 2490,
"billing": "monthly",
"features_en": [
"Up to 2,000 leads/month",
"AI lead scoring + enrichment",
"WhatsApp + Email outreach (500 msgs/day)",
"Full CRM two-way sync",
"Calendly booking integration",
"Approval workflows",
"Priority support",
],
"features_ar": [
"حتى 2,000 عميل محتمل/شهر",
"تقييم + إثراء العملاء بالذكاء الاصطناعي",
"تواصل واتساب + بريد (500 رسالة/يوم)",
"ربط CRM ثنائي الاتجاه",
"ربط حجز المواعيد",
"سير عمل الموافقات",
"دعم أولوية",
],
},
{
"id": "enterprise",
"name_en": "Enterprise",
"name_ar": "المؤسسات",
"price_sar": 0,
"billing": "custom",
"features_en": [
"Unlimited leads",
"Full AI agent suite",
"Dedicated success manager",
"Custom integrations",
"SLA guarantees",
"On-premise option",
],
"features_ar": [
"عملاء محتملون بلا حدود",
"مجموعة وكلاء ذكاء اصطناعي كاملة",
"مدير نجاح مخصص",
"تكاملات مخصصة",
"ضمانات مستوى الخدمة",
"خيار التثبيت المحلي",
],
},
]
@router.get("/plans")
async def list_plans() -> Dict[str, Any]:
return {"plans": PLANS, "currency": "SAR"}
@router.get("/plans/{plan_id}")
async def get_plan(plan_id: str) -> Dict[str, Any]:
for plan in PLANS:
if plan["id"] == plan_id:
return {"plan": plan, "currency": "SAR"}
raise HTTPException(status_code=404, detail=f"Plan {plan_id} not found")
class CheckoutRequest(BaseModel):
plan_id: str
customer_name: str
customer_email: str
customer_phone: str = ""
tenant_id: str = ""
locale: str = "ar"
@router.post("/checkout")
async def create_checkout(req: CheckoutRequest) -> Dict[str, Any]:
plan = next((p for p in PLANS if p["id"] == req.plan_id), None)
if not plan:
raise HTTPException(status_code=404, detail="Plan not found")
if plan["price_sar"] == 0:
return {
"status": "contact_sales",
"message_ar": "تواصل معنا للحصول على عرض مخصص",
"message_en": "Contact us for a custom quote",
}
from app.config import get_settings
settings = get_settings()
moyasar_key = getattr(settings, "MOYASAR_SECRET_KEY", "")
if not moyasar_key:
return {
"status": "checkout_unavailable",
"message": "Payment gateway not configured. Contact support.",
}
try:
import httpx
invoice_payload = {
"amount": plan["price_sar"] * 100,
"currency": "SAR",
"description": f"Dealix {plan['name_en']} - Monthly",
"metadata": {
"plan_id": plan["id"],
"tenant_id": req.tenant_id,
"customer_email": req.customer_email,
},
}
async with httpx.AsyncClient(timeout=15.0) as client:
resp = await client.post(
"https://api.moyasar.com/v1/invoices",
json=invoice_payload,
auth=(moyasar_key, ""),
)
if resp.status_code in (200, 201):
data = resp.json()
return {
"status": "invoice_created",
"invoice_id": data.get("id"),
"payment_url": data.get("url"),
"amount_sar": plan["price_sar"],
"plan": plan["id"],
}
logger.error("Moyasar error: %d %s", resp.status_code, resp.text[:500])
raise HTTPException(status_code=502, detail="Payment gateway error")
except httpx.HTTPError as exc:
logger.error("Moyasar connection error: %s", exc)
raise HTTPException(status_code=502, detail="Payment gateway unreachable")
@router.post("/webhooks/moyasar")
async def moyasar_payment_webhook(
request: Request,
x_moyasar_signature: Optional[str] = Header(None, alias="X-Moyasar-Signature"),
) -> Dict[str, Any]:
body = await request.body()
payload = await request.json()
from app.config import get_settings
settings = get_settings()
webhook_secret = getattr(settings, "MOYASAR_WEBHOOK_SECRET", "")
if webhook_secret and x_moyasar_signature:
expected = hmac.new(
webhook_secret.encode(), body, hashlib.sha256
).hexdigest()
if not hmac.compare_digest(expected, x_moyasar_signature):
logger.warning("Moyasar webhook signature mismatch")
raise HTTPException(status_code=401, detail="Invalid signature")
event_type = payload.get("type", "")
data = payload.get("data", {})
from app.services.posthog_client import get_posthog, FunnelEvent
posthog = get_posthog()
if event_type == "payment_paid":
metadata = data.get("metadata", {})
await posthog.capture(
distinct_id=metadata.get("customer_email", "unknown"),
event=FunnelEvent.PAYMENT_SUCCEEDED,
properties={
"plan_id": metadata.get("plan_id"),
"amount_sar": data.get("amount", 0) / 100,
"invoice_id": data.get("invoice_id"),
},
)
logger.info("Payment succeeded: invoice=%s", data.get("invoice_id"))
return {"status": "processed", "event": event_type}
if event_type == "payment_failed":
metadata = data.get("metadata", {})
await posthog.capture(
distinct_id=metadata.get("customer_email", "unknown"),
event=FunnelEvent.PAYMENT_FAILED,
properties={"plan_id": metadata.get("plan_id")},
)
logger.warning("Payment failed: invoice=%s", data.get("invoice_id"))
return {"status": "processed", "event": event_type}
return {"status": "ignored", "event": event_type}

4
salesflow-saas/backend/app/api/v1/router.py
View File

@ -132,3 +132,7 @@ api_router.include_router(saudi_workflow_router.router)
# ── Omnichannel — Unified channel management ─────────────────
from app.api.v1 import channels as channels_router
api_router.include_router(channels_router.router)
# ── Pricing & Checkout — Moyasar-powered payment flow ────────
from app.api.v1 import pricing as pricing_router
api_router.include_router(pricing_router.router)

13
salesflow-saas/backend/app/config.py
View File

@ -143,6 +143,19 @@ class Settings(BaseSettings):
GOOGLE_MAPS_API_KEY: str = ""
RAPIDAPI_KEY: str = "" # For LinkedIn data enrichment
# ── PostHog Analytics ────────────────────────────────
POSTHOG_API_KEY: str = ""
POSTHOG_HOST: str = "https://eu.i.posthog.com"
# ── Moyasar Payments (Saudi) ────────────────────────
MOYASAR_SECRET_KEY: str = ""
MOYASAR_PUBLISHABLE_KEY: str = ""
MOYASAR_WEBHOOK_SECRET: str = ""
# ── DLQ Configuration ───────────────────────────────
DLQ_MAX_RETRIES: int = 5
DLQ_DRAIN_BATCH_SIZE: int = 10
# ── Rate Limiting ────────────────────────────────────
RATE_LIMIT_PER_MINUTE: int = 60
RATE_LIMIT_PER_HOUR: int = 1000

9
salesflow-saas/backend/app/main.py
View File

@ -71,6 +71,15 @@ async def lifespan(app: FastAPI):
print(f" Environment: {settings.ENVIRONMENT}")
print(f" LLM Primary: {settings.LLM_PRIMARY_PROVIDER}")
print(f" LLM Fallback: {settings.LLM_FALLBACK_PROVIDER}")
# Initialize PostHog
from app.services.posthog_client import get_posthog
ph = get_posthog()
print(f" PostHog: {'enabled' if ph._enabled else 'disabled (no API key)'}")
# Initialize DLQ
from app.services.dlq import dlq
print(" DLQ: initialized")
if IS_SQLITE:
await init_db()
yield

176
salesflow-saas/backend/app/services/dlq.py Normal file
View File

@ -0,0 +1,176 @@
"""Dead Letter Queue — Redis-backed failure capture with retry drain.
Failed webhooks, integrations, and outbound calls land here instead of
being silently lost. Admin endpoints expose queue depth and allow
manual or automatic retry.
"""
from __future__ import annotations
import json
import time
import asyncio
import logging
from dataclasses import dataclass, field, asdict
from typing import Any, Callable, Coroutine, Dict, List, Optional
from uuid import uuid4
logger = logging.getLogger("dealix.dlq")
MAX_RETRIES = 5
BACKOFF_BASE = 2
@dataclass
class DLQEntry:
id: str = field(default_factory=lambda: str(uuid4()))
queue: str = ""
payload: Dict[str, Any] = field(default_factory=dict)
error: str = ""
attempt: int = 0
max_retries: int = MAX_RETRIES
created_at: float = field(default_factory=time.time)
last_attempt_at: float = 0.0
def to_json(self) -> str:
return json.dumps(asdict(self), default=str)
@classmethod
def from_json(cls, raw: str | bytes) -> "DLQEntry":
data = json.loads(raw)
return cls(**data)
class DeadLetterQueue:
"""Redis list-backed DLQ with exponential-backoff retry."""
def __init__(self, redis_client=None):
self._redis = redis_client
async def _get_redis(self):
if self._redis is not None:
return self._redis
try:
import redis.asyncio as aioredis
from app.config import get_settings
settings = get_settings()
self._redis = aioredis.from_url(
settings.REDIS_URL, decode_responses=True
)
return self._redis
except Exception:
logger.warning("Redis unavailable for DLQ — entries will be logged only")
return None
def _key(self, queue: str) -> str:
return f"dlq:{queue}"
async def push(
self,
queue: str,
payload: Dict[str, Any],
error: str,
attempt: int = 0,
max_retries: int = MAX_RETRIES,
) -> Optional[str]:
entry = DLQEntry(
queue=queue,
payload=payload,
error=str(error)[:2000],
attempt=attempt,
max_retries=max_retries,
)
r = await self._get_redis()
if r is None:
logger.error("DLQ.push(NO_REDIS) queue=%s error=%s", queue, error)
return None
await r.rpush(self._key(queue), entry.to_json())
logger.info("DLQ.push queue=%s id=%s attempt=%d", queue, entry.id, attempt)
return entry.id
async def peek(self, queue: str, limit: int = 20) -> List[DLQEntry]:
r = await self._get_redis()
if r is None:
return []
raw_items = await r.lrange(self._key(queue), 0, limit - 1)
return [DLQEntry.from_json(item) for item in raw_items]
async def depth(self, queue: str) -> int:
r = await self._get_redis()
if r is None:
return 0
return await r.llen(self._key(queue))
async def all_queues(self) -> Dict[str, int]:
r = await self._get_redis()
if r is None:
return {}
keys = []
cursor = 0
while True:
cursor, batch = await r.scan(cursor, match="dlq:*", count=100)
keys.extend(batch)
if cursor == 0:
break
result = {}
for key in keys:
name = key.replace("dlq:", "", 1)
result[name] = await r.llen(key)
return result
async def drain(
self,
queue: str,
handler: Callable[[Dict[str, Any]], Coroutine[Any, Any, Any]],
batch_size: int = 10,
) -> Dict[str, Any]:
r = await self._get_redis()
if r is None:
return {"processed": 0, "succeeded": 0, "re_queued": 0, "dead": 0}
processed = succeeded = re_queued = dead = 0
for _ in range(batch_size):
raw = await r.lpop(self._key(queue))
if raw is None:
break
entry = DLQEntry.from_json(raw)
processed += 1
try:
await handler(entry.payload)
succeeded += 1
logger.info("DLQ.drain.ok queue=%s id=%s", queue, entry.id)
except Exception as exc:
entry.attempt += 1
entry.error = str(exc)[:2000]
entry.last_attempt_at = time.time()
if entry.attempt >= entry.max_retries:
dead += 1
logger.error(
"DLQ.drain.dead queue=%s id=%s attempts=%d",
queue, entry.id, entry.attempt,
)
else:
await r.rpush(self._key(queue), entry.to_json())
re_queued += 1
logger.warning(
"DLQ.drain.retry queue=%s id=%s attempt=%d",
queue, entry.id, entry.attempt,
)
return {
"processed": processed,
"succeeded": succeeded,
"re_queued": re_queued,
"dead": dead,
}
async def purge(self, queue: str) -> int:
r = await self._get_redis()
if r is None:
return 0
count = await r.llen(self._key(queue))
await r.delete(self._key(queue))
return count
dlq = DeadLetterQueue()

121
salesflow-saas/backend/app/services/posthog_client.py Normal file
View File

@ -0,0 +1,121 @@
"""PostHog Analytics — zero-dependency HTTP client for funnel events.
Sends events to PostHog's capture API via httpx (already in deps).
Falls back to logging if PostHog is not configured.
"""
from __future__ import annotations
import logging
import time
from enum import Enum
from typing import Any, Dict, Optional
logger = logging.getLogger("dealix.posthog")
class FunnelEvent(str, Enum):
LANDING_VIEW = "landing_view"
DEMO_REQUEST = "demo_request"
LEAD_CAPTURED = "lead_captured"
LEAD_QUALIFIED = "lead_qualified"
MEETING_BOOKED = "meeting_booked"
PROPOSAL_SENT = "proposal_sent"
DEAL_WON = "deal_won"
PAYMENT_INITIATED = "payment_initiated"
PAYMENT_SUCCEEDED = "payment_succeeded"
PAYMENT_FAILED = "payment_failed"
OUTBOUND_SENT = "outbound_sent"
OUTBOUND_REPLIED = "outbound_replied"
APPROVAL_REQUESTED = "approval_requested"
APPROVAL_DECIDED = "approval_decided"
WEBHOOK_FAILED = "webhook_failed"
DLQ_PUSHED = "dlq_pushed"
class PostHogClient:
"""Lightweight PostHog capture client.
Usage:
posthog = PostHogClient(api_key="phc_...", host="https://eu.posthog.com")
await posthog.capture("user-123", FunnelEvent.LEAD_CAPTURED, {"source": "landing"})
"""
def __init__(
self,
api_key: str = "",
host: str = "https://eu.i.posthog.com",
):
self._api_key = api_key
self._host = host.rstrip("/")
self._enabled = bool(api_key)
if not self._enabled:
logger.info("PostHog disabled (no API key)")
async def capture(
self,
distinct_id: str,
event: str | FunnelEvent,
properties: Optional[Dict[str, Any]] = None,
) -> bool:
if not self._enabled:
logger.debug("PostHog.skip event=%s id=%s", event, distinct_id)
return False
event_name = event.value if isinstance(event, FunnelEvent) else event
payload = {
"api_key": self._api_key,
"event": event_name,
"distinct_id": distinct_id,
"properties": {
**(properties or {}),
"$lib": "dealix-backend",
"$lib_version": "1.0.0",
},
"timestamp": time.time(),
}
try:
import httpx
async with httpx.AsyncClient(timeout=5.0) as client:
resp = await client.post(
f"{self._host}/capture/",
json=payload,
)
if resp.status_code == 200:
logger.info("PostHog.ok event=%s id=%s", event_name, distinct_id)
return True
logger.warning(
"PostHog.fail event=%s status=%d", event_name, resp.status_code
)
return False
except Exception as exc:
logger.error("PostHog.error event=%s err=%s", event_name, exc)
return False
async def identify(
self,
distinct_id: str,
properties: Optional[Dict[str, Any]] = None,
) -> bool:
if not self._enabled:
return False
return await self.capture(distinct_id, "$identify", properties)
_instance: Optional[PostHogClient] = None
def get_posthog() -> PostHogClient:
global _instance
if _instance is None:
try:
from app.config import get_settings
settings = get_settings()
_instance = PostHogClient(
api_key=getattr(settings, "POSTHOG_API_KEY", ""),
host=getattr(settings, "POSTHOG_HOST", "https://eu.i.posthog.com"),
)
except Exception:
_instance = PostHogClient()
return _instance

135
salesflow-saas/backend/app/utils/circuit_breaker.py Normal file
View File

@ -0,0 +1,135 @@
"""Circuit Breaker — prevents cascading failures on external integrations.
States: CLOSED (normal) -> OPEN (failing) -> HALF_OPEN (probing).
When open, calls fail fast without hitting the external service.
"""
from __future__ import annotations
import logging
import time
from enum import Enum
from typing import Any, Callable, Coroutine, Optional
logger = logging.getLogger("dealix.circuit_breaker")
class CircuitState(str, Enum):
CLOSED = "closed"
OPEN = "open"
HALF_OPEN = "half_open"
class CircuitBreaker:
"""In-memory circuit breaker for external service calls."""
def __init__(
self,
name: str,
failure_threshold: int = 5,
recovery_timeout: float = 60.0,
half_open_max_calls: int = 1,
):
self.name = name
self.failure_threshold = failure_threshold
self.recovery_timeout = recovery_timeout
self.half_open_max_calls = half_open_max_calls
self._state = CircuitState.CLOSED
self._failure_count = 0
self._last_failure_time: float = 0.0
self._half_open_calls = 0
@property
def state(self) -> CircuitState:
if self._state == CircuitState.OPEN:
if time.monotonic() - self._last_failure_time >= self.recovery_timeout:
self._state = CircuitState.HALF_OPEN
self._half_open_calls = 0
logger.info("CircuitBreaker[%s] OPEN -> HALF_OPEN", self.name)
return self._state
def record_success(self) -> None:
if self._state == CircuitState.HALF_OPEN:
self._state = CircuitState.CLOSED
self._failure_count = 0
logger.info("CircuitBreaker[%s] HALF_OPEN -> CLOSED", self.name)
elif self._state == CircuitState.CLOSED:
self._failure_count = 0
def record_failure(self) -> None:
self._failure_count += 1
self._last_failure_time = time.monotonic()
if self._failure_count >= self.failure_threshold:
self._state = CircuitState.OPEN
logger.warning(
"CircuitBreaker[%s] -> OPEN (failures=%d)",
self.name,
self._failure_count,
)
async def call(
self,
func: Callable[..., Coroutine[Any, Any, Any]],
*args: Any,
**kwargs: Any,
) -> Any:
current_state = self.state
if current_state == CircuitState.OPEN:
raise CircuitOpenError(
f"Circuit {self.name} is OPEN — failing fast"
)
if current_state == CircuitState.HALF_OPEN:
if self._half_open_calls >= self.half_open_max_calls:
raise CircuitOpenError(
f"Circuit {self.name} HALF_OPEN — max probe calls reached"
)
self._half_open_calls += 1
try:
result = await func(*args, **kwargs)
self.record_success()
return result
except Exception as exc:
self.record_failure()
raise exc
def to_dict(self) -> dict:
return {
"name": self.name,
"state": self.state.value,
"failure_count": self._failure_count,
"failure_threshold": self.failure_threshold,
"recovery_timeout": self.recovery_timeout,
}
class CircuitOpenError(Exception):
pass
class CircuitBreakerRegistry:
"""Registry of named circuit breakers for external services."""
def __init__(self) -> None:
self._breakers: dict[str, CircuitBreaker] = {}
def get(
self,
name: str,
failure_threshold: int = 5,
recovery_timeout: float = 60.0,
) -> CircuitBreaker:
if name not in self._breakers:
self._breakers[name] = CircuitBreaker(
name=name,
failure_threshold=failure_threshold,
recovery_timeout=recovery_timeout,
)
return self._breakers[name]
def all_states(self) -> dict[str, dict]:
return {name: cb.to_dict() for name, cb in self._breakers.items()}
registry = CircuitBreakerRegistry()

325
salesflow-saas/backend/tests/test_d0_launch_hardening.py Normal file
View File

@ -0,0 +1,325 @@
"""Tests for D0 Launch Hardening modules — DLQ, PostHog, Circuit Breaker, Pricing."""
import asyncio
import json
import time
import pytest
# ── DLQ Tests ────────────────────────────────────────────────────
class FakeRedis:
"""Minimal async Redis mock for DLQ tests."""
def __init__(self):
self._data: dict[str, list[str]] = {}
async def rpush(self, key: str, value: str) -> int:
self._data.setdefault(key, []).append(value)
return len(self._data[key])
async def lpop(self, key: str) -> str | None:
lst = self._data.get(key, [])
return lst.pop(0) if lst else None
async def lrange(self, key: str, start: int, end: int) -> list[str]:
lst = self._data.get(key, [])
return lst[start : end + 1]
async def llen(self, key: str) -> int:
return len(self._data.get(key, []))
async def delete(self, key: str) -> int:
removed = len(self._data.pop(key, []))
return removed
async def scan(self, cursor: int, match: str = "*", count: int = 100):
keys = [k for k in self._data if k.startswith(match.replace("*", ""))]
return (0, keys)
@pytest.fixture
def fake_redis():
return FakeRedis()
@pytest.mark.asyncio
async def test_dlq_push_and_peek(fake_redis):
from app.services.dlq import DeadLetterQueue
dlq = DeadLetterQueue(redis_client=fake_redis)
entry_id = await dlq.push("webhooks", {"url": "/test"}, "timeout error")
assert entry_id is not None
entries = await dlq.peek("webhooks")
assert len(entries) == 1
assert entries[0].queue == "webhooks"
assert entries[0].error == "timeout error"
@pytest.mark.asyncio
async def test_dlq_depth(fake_redis):
from app.services.dlq import DeadLetterQueue
dlq = DeadLetterQueue(redis_client=fake_redis)
await dlq.push("webhooks", {"a": 1}, "err1")
await dlq.push("webhooks", {"b": 2}, "err2")
assert await dlq.depth("webhooks") == 2
@pytest.mark.asyncio
async def test_dlq_drain_success(fake_redis):
from app.services.dlq import DeadLetterQueue
dlq = DeadLetterQueue(redis_client=fake_redis)
await dlq.push("webhooks", {"x": 1}, "err")
async def handler(payload):
pass # success
result = await dlq.drain("webhooks", handler)
assert result["processed"] == 1
assert result["succeeded"] == 1
assert result["re_queued"] == 0
assert await dlq.depth("webhooks") == 0
@pytest.mark.asyncio
async def test_dlq_drain_retry(fake_redis):
from app.services.dlq import DeadLetterQueue
dlq = DeadLetterQueue(redis_client=fake_redis)
await dlq.push("webhooks", {"x": 1}, "err", max_retries=3)
async def handler(payload):
raise RuntimeError("still broken")
result = await dlq.drain("webhooks", handler, batch_size=1)
assert result["processed"] == 1
assert result["re_queued"] == 1
assert await dlq.depth("webhooks") == 1
@pytest.mark.asyncio
async def test_dlq_drain_dead(fake_redis):
from app.services.dlq import DeadLetterQueue
dlq = DeadLetterQueue(redis_client=fake_redis)
await dlq.push("webhooks", {"x": 1}, "err", attempt=4, max_retries=5)
async def handler(payload):
raise RuntimeError("permanent failure")
result = await dlq.drain("webhooks", handler)
assert result["dead"] == 1
assert await dlq.depth("webhooks") == 0
@pytest.mark.asyncio
async def test_dlq_purge(fake_redis):
from app.services.dlq import DeadLetterQueue
dlq = DeadLetterQueue(redis_client=fake_redis)
await dlq.push("old", {"x": 1}, "err")
await dlq.push("old", {"x": 2}, "err")
purged = await dlq.purge("old")
assert purged == 2
assert await dlq.depth("old") == 0
@pytest.mark.asyncio
async def test_dlq_all_queues(fake_redis):
from app.services.dlq import DeadLetterQueue
dlq = DeadLetterQueue(redis_client=fake_redis)
await dlq.push("webhooks", {}, "e")
await dlq.push("payments", {}, "e")
await dlq.push("payments", {}, "e")
queues = await dlq.all_queues()
assert queues.get("webhooks") == 1
assert queues.get("payments") == 2
# ── PostHog Tests ────────────────────────────────────────────────
def test_posthog_disabled_without_key():
from app.services.posthog_client import PostHogClient
client = PostHogClient(api_key="")
assert not client._enabled
@pytest.mark.asyncio
async def test_posthog_skip_when_disabled():
from app.services.posthog_client import PostHogClient, FunnelEvent
client = PostHogClient(api_key="")
result = await client.capture("user-1", FunnelEvent.LEAD_CAPTURED)
assert result is False
def test_posthog_enabled_with_key():
from app.services.posthog_client import PostHogClient
client = PostHogClient(api_key="phc_test123")
assert client._enabled
def test_funnel_events_values():
from app.services.posthog_client import FunnelEvent
assert FunnelEvent.LANDING_VIEW.value == "landing_view"
assert FunnelEvent.DEAL_WON.value == "deal_won"
assert FunnelEvent.PAYMENT_SUCCEEDED.value == "payment_succeeded"
assert len(FunnelEvent) >= 10
# ── Circuit Breaker Tests ────────────────────────────────────────
def test_circuit_breaker_starts_closed():
from app.utils.circuit_breaker import CircuitBreaker
cb = CircuitBreaker("test")
assert cb.state.value == "closed"
def test_circuit_breaker_opens_on_threshold():
from app.utils.circuit_breaker import CircuitBreaker
cb = CircuitBreaker("test", failure_threshold=3)
cb.record_failure()
cb.record_failure()
assert cb.state.value == "closed"
cb.record_failure()
assert cb.state.value == "open"
@pytest.mark.asyncio
async def test_circuit_breaker_fails_fast_when_open():
from app.utils.circuit_breaker import CircuitBreaker, CircuitOpenError
cb = CircuitBreaker("test", failure_threshold=1)
cb.record_failure()
assert cb.state.value == "open"
async def dummy():
return "ok"
with pytest.raises(CircuitOpenError):
await cb.call(dummy)
def test_circuit_breaker_resets_on_success():
from app.utils.circuit_breaker import CircuitBreaker
cb = CircuitBreaker("test", failure_threshold=3)
cb.record_failure()
cb.record_failure()
cb.record_success()
assert cb._failure_count == 0
assert cb.state.value == "closed"
def test_circuit_breaker_registry():
from app.utils.circuit_breaker import CircuitBreakerRegistry
reg = CircuitBreakerRegistry()
cb1 = reg.get("hubspot")
cb2 = reg.get("hubspot")
assert cb1 is cb2
cb3 = reg.get("calendly")
assert cb3 is not cb1
states = reg.all_states()
assert "hubspot" in states
assert "calendly" in states
# ── Pricing Tests ────────────────────────────────────────────────
@pytest.mark.asyncio
async def test_pricing_plans_endpoint():
from fastapi.testclient import TestClient
from app.api.v1.pricing import router
from fastapi import FastAPI
app = FastAPI()
app.include_router(router)
client = TestClient(app)
resp = client.get("/pricing/plans")
assert resp.status_code == 200
data = resp.json()
assert "plans" in data
assert len(data["plans"]) >= 3
assert data["currency"] == "SAR"
starter = next(p for p in data["plans"] if p["id"] == "starter")
assert starter["price_sar"] == 990
assert "features_ar" in starter
@pytest.mark.asyncio
async def test_pricing_plan_by_id():
from fastapi.testclient import TestClient
from app.api.v1.pricing import router
from fastapi import FastAPI
app = FastAPI()
app.include_router(router)
client = TestClient(app)
resp = client.get("/pricing/plans/growth")
assert resp.status_code == 200
assert resp.json()["plan"]["id"] == "growth"
resp404 = client.get("/pricing/plans/nonexistent")
assert resp404.status_code == 404
@pytest.mark.asyncio
async def test_checkout_no_moyasar_key():
from fastapi.testclient import TestClient
from app.api.v1.pricing import router
from fastapi import FastAPI
app = FastAPI()
app.include_router(router)
client = TestClient(app)
resp = client.post(
"/pricing/checkout",
json={
"plan_id": "starter",
"customer_name": "Test User",
"customer_email": "test@example.com",
},
)
assert resp.status_code == 200
data = resp.json()
assert data["status"] == "checkout_unavailable"
@pytest.mark.asyncio
async def test_checkout_enterprise_contact_sales():
from fastapi.testclient import TestClient
from app.api.v1.pricing import router
from fastapi import FastAPI
app = FastAPI()
app.include_router(router)
client = TestClient(app)
resp = client.post(
"/pricing/checkout",
json={
"plan_id": "enterprise",
"customer_name": "Corp",
"customer_email": "ceo@corp.sa",
},
)
assert resp.status_code == 200
assert resp.json()["status"] == "contact_sales"