Egress Servisi
Egress Servisi, Cınga verilerini dış sistemlere kontrollü biçimde aktarır.
Sorumluluk
- Egress policy’ye göre event seçmek
- Dış sistem formatına map/transform yapmak
- Güvenli outbound gönderim yapmak
- Retry/DLQ yönetmek
- Outbound audit log tutmak
- Partner bazlı rate-limit ve tenant izolasyonu uygulamak
Girdiler
window.ready.v1rule.triggered.v1heartbeat.status.changed.v1- (opsiyonel)
blockchain.committed.v1
Çıktılar
egress.sent.v1egress.failed.v1cinga.dlq.egress
Akış
Veri Modeli
egress_policies
| Kolon | Tip | Not |
|---|---|---|
id | bigint PK | |
name | varchar(100) | |
source_event | varchar(64) | |
target_type | varchar(32) | webhook/api/mq |
target_url | text | |
method | varchar(8) | POST/PUT |
headers_template | jsonb | |
transform_template | jsonb | |
signing_profile_id | bigint | opsiyonel |
rate_limit_per_min | integer | policy bazlı |
enabled | boolean | |
created_at, updated_at | timestamptz |
egress_deliveries
| Kolon | Tip | Not |
|---|---|---|
id | bigint PK | |
policy_id | bigint FK | |
source_event | varchar(64) | |
source_trace_id | varchar(128) | |
target_url | text | |
status | varchar(16) | sent/failed/dlq |
http_status | integer | |
retry_count | integer | |
request_body_hash | varchar(128) | |
response_excerpt | text | kısaltılmış |
sent_at | timestamptz | |
created_at, updated_at | timestamptz |
Topic ve Event Standardı
- Topic:
cinga.egress.sentcinga.egress.failedcinga.dlq.egress
- Event:
egress.sent.v1egress.failed.v1
Not: Event payload standardı arşiv referansı: /projects/cinga/backend/architecture/event-envelope.
Event Örnekleri
egress.sent.v1
{
"event": "egress.sent.v1",
"meta": {
"schema_version": 1,
"trace_id": "eg-9f3f...",
"producer_service": "egress-service",
"produced_at": "2026-03-12T21:30:10.100Z",
"process_ms": 38
},
"context": {
"device_id": "400000011D081B70",
"stream_id": 9823412
},
"data": {
"policy_id": 7,
"target_type": "webhook",
"target_url": "https://partner.example.com/iot",
"http_status": 200,
"retry_count": 0,
"request_body_hash": "sha256:ab12..."
},
"error": null
}
egress.failed.v1
{
"event": "egress.failed.v1",
"meta": {
"schema_version": 1,
"trace_id": "eg-9f3f...",
"producer_service": "egress-service",
"produced_at": "2026-03-12T21:30:12.300Z",
"process_ms": 52
},
"context": {
"device_id": "400000011D081B70",
"stream_id": 9823412
},
"data": {
"policy_id": 7,
"target_type": "webhook",
"target_url": "https://partner.example.com/iot",
"retry_count": 3
},
"error": {
"failed_stage": "egress_delivery",
"error_code": "EGRESS_HTTP_TIMEOUT",
"error_message": "partner endpoint timeout",
"retryable": false,
"failed_at": "2026-03-12T21:30:12Z"
}
}
Retry / DLQ Politikası
- Backoff:
1s, 5s, 15s - Max retry:
3 - Non-retryable hatalar doğrudan DLQ
- DLQ replay yalnız admin onayı ile
Güvenlik
- Outbound allowlist zorunlu
- mTLS/API key desteği
- Payload signing (opsiyonel)
- Hassas alanlar outbound öncesi maskeleme politikasıyla yönetilir
SLO (Öneri)
| Metrik | Hedef |
|---|---|
p95 egress latency | < 800ms |
delivery success rate | > 99% |
dlq_rate | < 0.5% |
policy transform fail rate | < 0.2% |
Çıktı
- Dış sistem entegrasyon katmanı