create-svc 0.1.9 → 0.1.11

package/templates/variants/go-connectrpc/internal/auth/middleware_test.go

@@ -0,0 +1,38 @@
+package auth
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+)
+
+func TestMiddlewareRejectsProtectedPathWithoutBearerToken(t *testing.T) {
+	handler := Middleware(Config{
+		Enabled:  true,
+		Issuer:   "https://auth.anmho.com",
+		Audience: "api://{{SERVICE_ID}}",
+		JWKSURL:  "https://auth.anmho.com/api/auth/jwks",
+	})(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
+		w.WriteHeader(http.StatusNoContent)
+	}))
+
+	response := httptest.NewRecorder()
+	handler.ServeHTTP(response, httptest.NewRequest(http.MethodPost, "/waitlist.v1.WaitlistService/JoinWaitlist", nil))
+
+	if response.Code != http.StatusUnauthorized {
+		t.Fatalf("expected 401, got %d", response.Code)
+	}
+}
+
+func TestMiddlewareLeavesHealthPublic(t *testing.T) {
+	handler := Middleware(Config{Enabled: true})(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
+		w.WriteHeader(http.StatusNoContent)
+	}))
+
+	response := httptest.NewRecorder()
+	handler.ServeHTTP(response, httptest.NewRequest(http.MethodGet, "/healthz", nil))
+
+	if response.Code != http.StatusNoContent {
+		t.Fatalf("expected health to pass through, got %d", response.Code)
+	}
+}

package/templates/variants/go-connectrpc/internal/config/config.go

@@ -1,17 +1,48 @@
 package config
 
-import "os"
+import (
+	"errors"
+	"os"
+	"strings"
+)
 
 type Config struct {
-	Port        string
-	DatabaseURL string
+	Port              string
+	DatabaseURL       string
+	TemporalEnabled   bool
+	TemporalAddress   string
+	TemporalNamespace string
+	TemporalTaskQueue string
+	TemporalAPIKey    string
+	AuthEnabled       bool
+	AuthIssuer        string
+	AuthAudience      string
+	AuthJWKSURL       string
 }
 
 func Load() (Config, error) {
-	return Config{
-		Port:        envOr("PORT", "8080"),
-		DatabaseURL: envOr("DATABASE_URL", ""),
-	}, nil
+	cfg := Config{
+		Port:              envOr("PORT", "8080"),
+		DatabaseURL:       strings.TrimSpace(os.Getenv("DATABASE_URL")),
+		TemporalEnabled:   envBool("TEMPORAL_ENABLED"),
+		TemporalAddress:   envOr("TEMPORAL_ADDRESS", "localhost:7233"),
+		TemporalNamespace: envOr("TEMPORAL_NAMESPACE", "default"),
+		TemporalTaskQueue: envOr("TEMPORAL_TASK_QUEUE", "{{SERVICE_NAME}}"),
+		TemporalAPIKey:    strings.TrimSpace(os.Getenv("TEMPORAL_API_KEY")),
+		AuthEnabled:       envBool("AUTH_ENABLED"),
+		AuthIssuer:        envOr("AUTH_ISSUER", "{{AUTH_ISSUER}}"),
+		AuthAudience:      envOr("AUTH_AUDIENCE", "{{AUTH_AUDIENCE}}"),
+		AuthJWKSURL:       envOr("AUTH_JWKS_URL", "{{AUTH_JWKS_URL}}"),
+	}
+	if cfg.DatabaseURL == "" {
+		return Config{}, errors.New("DATABASE_URL is required")
+	}
+	return cfg, nil
+}
+
+func envBool(key string) bool {
+	value := strings.TrimSpace(strings.ToLower(os.Getenv(key)))
+	return value == "1" || value == "true" || value == "yes" || value == "on"
 }
 
 func envOr(key string, fallback string) string {

package/templates/variants/go-connectrpc/internal/connectapi/handler.go

@@ -2,78 +2,167 @@ package connectapi
 
 import (
 	"context"
+	"encoding/json"
+	"errors"
 	"net/http"
 
 	"connectrpc.com/connect"
 
-	dnsv1 "{{MODULE_PATH}}/gen/dns/v1"
-	dnsv1connect "{{MODULE_PATH}}/gen/dns/v1/dnsv1connect"
+	waitlistv1 "{{MODULE_PATH}}/gen/waitlist/v1"
+	waitlistv1connect "{{MODULE_PATH}}/gen/waitlist/v1/waitlistv1connect"
 	"{{MODULE_PATH}}/internal/app"
 )
 
 type Handler struct {
-	service *app.DNSService
+	service *app.WaitlistService
 }
 
-func NewHandler(service *app.DNSService) (string, http.Handler) {
-	return dnsv1connect.NewDNSServiceHandler(&Handler{service: service})
+func NewHandler(service *app.WaitlistService) (string, http.Handler) {
+	return waitlistv1connect.NewWaitlistServiceHandler(&Handler{service: service})
 }
 
-func (h *Handler) ListRecords(ctx context.Context, _ *connect.Request[dnsv1.ListRecordsRequest]) (*connect.Response[dnsv1.ListRecordsResponse], error) {
-	records, err := h.service.ListRecords(ctx)
+func (h *Handler) JoinWaitlist(ctx context.Context, request *connect.Request[waitlistv1.JoinWaitlistRequest]) (*connect.Response[waitlistv1.JoinWaitlistResponse], error) {
+	result, err := h.service.JoinWaitlist(ctx, app.JoinWaitlistInput{
+		Email:   request.Msg.GetEmail(),
+		Name:    request.Msg.GetName(),
+		Company: request.Msg.GetCompany(),
+		Source:  request.Msg.GetSource(),
+	})
+	if err != nil {
+		return nil, toConnectError(err)
+	}
+	return connect.NewResponse(&waitlistv1.JoinWaitlistResponse{
+		Entry:   toProtoEntry(result.Entry),
+		Created: result.Created,
+	}), nil
+}
+
+func (h *Handler) GetWaitlistEntry(ctx context.Context, request *connect.Request[waitlistv1.GetWaitlistEntryRequest]) (*connect.Response[waitlistv1.GetWaitlistEntryResponse], error) {
+	entry, err := h.service.GetEntry(ctx, request.Msg.GetEntryId())
+	if err != nil {
+		return nil, toConnectError(err)
+	}
+	return connect.NewResponse(&waitlistv1.GetWaitlistEntryResponse{Entry: toProtoEntry(entry)}), nil
+}
+
+func (h *Handler) GetWaitlistEntryByEmail(ctx context.Context, request *connect.Request[waitlistv1.GetWaitlistEntryByEmailRequest]) (*connect.Response[waitlistv1.GetWaitlistEntryResponse], error) {
+	entry, err := h.service.GetEntryByEmail(ctx, request.Msg.GetEmail())
 	if err != nil {
-		return nil, connect.NewError(connect.CodeInternal, err)
+		return nil, toConnectError(err)
 	}
+	return connect.NewResponse(&waitlistv1.GetWaitlistEntryResponse{Entry: toProtoEntry(entry)}), nil
+}
 
-	response := &dnsv1.ListRecordsResponse{Records: make([]*dnsv1.Record, 0, len(records))}
-	for _, record := range records {
-		response.Records = append(response.Records, toProtoRecord(record))
+func (h *Handler) ListWaitlistEntries(ctx context.Context, request *connect.Request[waitlistv1.ListWaitlistEntriesRequest]) (*connect.Response[waitlistv1.ListWaitlistEntriesResponse], error) {
+	entries, err := h.service.ListEntries(ctx, app.ListWaitlistEntriesInput{
+		Status: request.Msg.GetStatus(),
+		Limit:  int(request.Msg.GetLimit()),
+	})
+	if err != nil {
+		return nil, toConnectError(err)
+	}
+	response := &waitlistv1.ListWaitlistEntriesResponse{Entries: make([]*waitlistv1.WaitlistEntry, 0, len(entries))}
+	for _, entry := range entries {
+		response.Entries = append(response.Entries, toProtoEntry(entry))
 	}
 	return connect.NewResponse(response), nil
 }
 
-func (h *Handler) CreateRecord(ctx context.Context, request *connect.Request[dnsv1.CreateRecordRequest]) (*connect.Response[dnsv1.CreateRecordResponse], error) {
-	record, err := h.service.CreateRecord(ctx, app.CreateRecordInput{
-		Type:    request.Msg.GetType(),
-		Name:    request.Msg.GetName(),
-		Content: request.Msg.GetContent(),
-		TTL:     int(request.Msg.GetTtl()),
-		Proxied: request.Msg.GetProxied(),
+func (h *Handler) UpdateWaitlistEntry(ctx context.Context, request *connect.Request[waitlistv1.UpdateWaitlistEntryRequest]) (*connect.Response[waitlistv1.GetWaitlistEntryResponse], error) {
+	entry, err := h.service.UpdateEntry(ctx, app.UpdateWaitlistEntryInput{
+		EntryID: request.Msg.GetEntryId(),
+		Status:  request.Msg.GetStatus(),
+	})
+	if err != nil {
+		return nil, toConnectError(err)
+	}
+	return connect.NewResponse(&waitlistv1.GetWaitlistEntryResponse{Entry: toProtoEntry(entry)}), nil
+}
+
+func (h *Handler) ExportWaitlistEntries(ctx context.Context, request *connect.Request[waitlistv1.ExportWaitlistEntriesRequest]) (*connect.Response[waitlistv1.ExportWaitlistEntriesResponse], error) {
+	csv, err := h.service.ExportEntries(ctx, app.ListWaitlistEntriesInput{
+		Status: request.Msg.GetStatus(),
+		Limit:  int(request.Msg.GetLimit()),
 	})
 	if err != nil {
-		return nil, connect.NewError(connect.CodeInternal, err)
+		return nil, toConnectError(err)
 	}
-	return connect.NewResponse(&dnsv1.CreateRecordResponse{Record: toProtoRecord(record)}), nil
+	return connect.NewResponse(&waitlistv1.ExportWaitlistEntriesResponse{Csv: csv}), nil
 }
 
-func (h *Handler) UpdateRecord(ctx context.Context, request *connect.Request[dnsv1.UpdateRecordRequest]) (*connect.Response[dnsv1.UpdateRecordResponse], error) {
-	record, err := h.service.UpdateRecord(ctx, request.Msg.GetId(), app.UpdateRecordInput{
+func (h *Handler) RecordTrigger(ctx context.Context, request *connect.Request[waitlistv1.RecordTriggerRequest]) (*connect.Response[waitlistv1.RecordTriggerResponse], error) {
+	trigger, err := h.service.RecordTrigger(ctx, app.RecordTriggerInput{
 		Type:    request.Msg.GetType(),
-		Name:    request.Msg.GetName(),
-		Content: request.Msg.GetContent(),
-		TTL:     int(request.Msg.GetTtl()),
-		Proxied: request.Msg.GetProxied(),
+		EntryID: request.Msg.GetEntryId(),
+		Payload: jsonPayload(request.Msg.GetPayloadJson()),
 	})
 	if err != nil {
-		return nil, connect.NewError(connect.CodeInternal, err)
+		return nil, toConnectError(err)
+	}
+	return connect.NewResponse(&waitlistv1.RecordTriggerResponse{Trigger: toProtoTrigger(trigger)}), nil
+}
+
+func toConnectError(err error) error {
+	var appErr *app.AppError
+	if errors.As(err, &appErr) {
+		return connect.NewError(statusCodeToConnectCode(appErr.Status), err)
+	}
+	return connect.NewError(connect.CodeInternal, err)
+}
+
+func statusCodeToConnectCode(status int) connect.Code {
+	switch status {
+	case 400:
+		return connect.CodeInvalidArgument
+	case 404:
+		return connect.CodeNotFound
+	case 409:
+		return connect.CodeAlreadyExists
+	default:
+		return connect.CodeInternal
 	}
-	return connect.NewResponse(&dnsv1.UpdateRecordResponse{Record: toProtoRecord(record)}), nil
 }
 
-func (h *Handler) DeleteRecord(ctx context.Context, request *connect.Request[dnsv1.DeleteRecordRequest]) (*connect.Response[dnsv1.DeleteRecordResponse], error) {
-	if err := h.service.DeleteRecord(ctx, request.Msg.GetId()); err != nil {
-		return nil, connect.NewError(connect.CodeInternal, err)
+func toProtoEntry(entry app.WaitlistEntry) *waitlistv1.WaitlistEntry {
+	return &waitlistv1.WaitlistEntry{
+		Id:        entry.ID,
+		Email:     entry.Email,
+		Name:      entry.Name,
+		Company:   entry.Company,
+		Source:    entry.Source,
+		Status:    entry.Status,
+		CreatedAt: entry.CreatedAt,
+		UpdatedAt: entry.UpdatedAt,
 	}
-	return connect.NewResponse(&dnsv1.DeleteRecordResponse{}), nil
 }
 
-func toProtoRecord(record app.Record) *dnsv1.Record {
-	return &dnsv1.Record{
-		Id:      record.ID,
-		Type:    record.Type,
-		Name:    record.Name,
-		Content: record.Content,
-		Ttl:     int32(record.TTL),
-		Proxied: record.Proxied,
+func toProtoTrigger(trigger app.WaitlistTrigger) *waitlistv1.WaitlistTrigger {
+	return &waitlistv1.WaitlistTrigger{
+		Id:          trigger.ID,
+		Type:        trigger.Type,
+		EntryId:     trigger.EntryID,
+		Status:      trigger.Status,
+		PayloadJson: payloadToJSON(trigger.Payload),
+		CreatedAt:   trigger.CreatedAt,
+		ProcessedAt: trigger.ProcessedAt,
+	}
+}
+
+func jsonPayload(value string) any {
+	if value == "" {
+		return map[string]any{}
+	}
+	var payload any
+	if err := json.Unmarshal([]byte(value), &payload); err != nil {
+		return map[string]any{}
+	}
+	return payload
+}
+
+func payloadToJSON(value any) string {
+	encoded, err := json.Marshal(value)
+	if err != nil {
+		return "{}"
 	}
+	return string(encoded)
 }

package/templates/variants/go-connectrpc/internal/connectapi/waitlist_integration_test.go

@@ -0,0 +1,122 @@
+package connectapi
+
+import (
+	"context"
+	"net/http"
+	"net/http/httptest"
+	"os"
+	"strings"
+	"testing"
+
+	"connectrpc.com/connect"
+	_ "github.com/jackc/pgx/v5/stdlib"
+
+	waitlistv1 "{{MODULE_PATH}}/gen/waitlist/v1"
+	waitlistv1connect "{{MODULE_PATH}}/gen/waitlist/v1/waitlistv1connect"
+	"{{MODULE_PATH}}/internal/app"
+)
+
+func TestWaitlistRPCJoinIsIdempotentAndRecordsTriggers(t *testing.T) {
+	databaseURL := strings.TrimSpace(os.Getenv("DATABASE_URL"))
+	if databaseURL == "" {
+		t.Skip("DATABASE_URL is required for integration test")
+	}
+
+	db, err := app.OpenDatabase(context.Background(), databaseURL)
+	if err != nil {
+		t.Fatalf("open database: %v", err)
+	}
+	t.Cleanup(func() { _ = db.Close() })
+
+	if _, err := db.ExecContext(context.Background(), `
+truncate table
+  waitlist_triggers,
+  waitlist_entries
+restart identity cascade`); err != nil {
+		t.Fatalf("truncate tables: %v", err)
+	}
+
+	service := app.NewWaitlistService(db)
+	path, handler := NewHandler(service)
+	mux := http.NewServeMux()
+	mux.Handle(path, handler)
+	server := httptest.NewServer(mux)
+	t.Cleanup(server.Close)
+
+	client := waitlistv1connect.NewWaitlistServiceClient(http.DefaultClient, server.URL)
+
+	first, err := client.JoinWaitlist(context.Background(), connect.NewRequest(&waitlistv1.JoinWaitlistRequest{
+		Email:   "Founder@Example.com",
+		Name:    "Founder",
+		Company: "Example Co",
+		Source:  "homepage",
+	}))
+	if err != nil {
+		t.Fatalf("join waitlist: %v", err)
+	}
+	if !first.Msg.GetCreated() {
+		t.Fatal("expected first join to create entry")
+	}
+	if first.Msg.GetEntry().GetEmail() != "founder@example.com" {
+		t.Fatalf("expected normalized email, got %s", first.Msg.GetEntry().GetEmail())
+	}
+
+	second, err := client.JoinWaitlist(context.Background(), connect.NewRequest(&waitlistv1.JoinWaitlistRequest{
+		Email: "founder@example.com",
+	}))
+	if err != nil {
+		t.Fatalf("join waitlist again: %v", err)
+	}
+	if second.Msg.GetCreated() {
+		t.Fatal("expected second join to be idempotent")
+	}
+	if second.Msg.GetEntry().GetId() != first.Msg.GetEntry().GetId() {
+		t.Fatalf("expected same entry id, got %s and %s", first.Msg.GetEntry().GetId(), second.Msg.GetEntry().GetId())
+	}
+
+	trigger, err := client.RecordTrigger(context.Background(), connect.NewRequest(&waitlistv1.RecordTriggerRequest{
+		Type:        "cron.digest",
+		EntryId:     first.Msg.GetEntry().GetId(),
+		PayloadJson: "{}",
+	}))
+	if err != nil {
+		t.Fatalf("record trigger: %v", err)
+	}
+	if trigger.Msg.GetTrigger().GetType() != "cron.digest" {
+		t.Fatalf("expected cron.digest trigger, got %s", trigger.Msg.GetTrigger().GetType())
+	}
+	if trigger.Msg.GetTrigger().GetEntryId() != first.Msg.GetEntry().GetId() {
+		t.Fatalf("expected entry id %s, got %s", first.Msg.GetEntry().GetId(), trigger.Msg.GetTrigger().GetEntryId())
+	}
+
+	updated, err := client.UpdateWaitlistEntry(context.Background(), connect.NewRequest(&waitlistv1.UpdateWaitlistEntryRequest{
+		EntryId: first.Msg.GetEntry().GetId(),
+		Status:  "invited",
+	}))
+	if err != nil {
+		t.Fatalf("update waitlist entry: %v", err)
+	}
+	if updated.Msg.GetEntry().GetStatus() != "invited" {
+		t.Fatalf("expected invited status, got %s", updated.Msg.GetEntry().GetStatus())
+	}
+
+	list, err := client.ListWaitlistEntries(context.Background(), connect.NewRequest(&waitlistv1.ListWaitlistEntriesRequest{
+		Status: "invited",
+	}))
+	if err != nil {
+		t.Fatalf("list waitlist entries: %v", err)
+	}
+	if len(list.Msg.GetEntries()) != 1 || list.Msg.GetEntries()[0].GetId() != first.Msg.GetEntry().GetId() {
+		t.Fatalf("expected one invited entry %s, got %+v", first.Msg.GetEntry().GetId(), list.Msg.GetEntries())
+	}
+
+	exported, err := client.ExportWaitlistEntries(context.Background(), connect.NewRequest(&waitlistv1.ExportWaitlistEntriesRequest{
+		Status: "invited",
+	}))
+	if err != nil {
+		t.Fatalf("export waitlist entries: %v", err)
+	}
+	if !strings.Contains(exported.Msg.GetCsv(), "founder@example.com") {
+		t.Fatalf("expected exported csv to contain email, got %s", exported.Msg.GetCsv())
+	}
+}

package/templates/variants/go-connectrpc/internal/httpapi/routes.go

@@ -3,6 +3,7 @@ package httpapi
 import (
 	"encoding/json"
 	"errors"
+	"io"
 	"net/http"
 	"strconv"
 	"strings"
@@ -12,67 +13,154 @@ import (
 	"{{MODULE_PATH}}/internal/app"
 )
 
-func RegisterRoutes(router chi.Router, service *app.DNSService) {
+func RegisterRoutes(router chi.Router, service *app.WaitlistService) {
 	router.Get("/healthz", func(w http.ResponseWriter, _ *http.Request) {
 		writeJSON(w, http.StatusOK, map[string]string{"status": "ok"})
 	})
+	router.Get("/readyz", func(w http.ResponseWriter, _ *http.Request) {
+		writeJSON(w, http.StatusOK, map[string]string{"status": "ok"})
+	})
+	router.Get("/", func(w http.ResponseWriter, _ *http.Request) {
+		writeJSON(w, http.StatusOK, map[string]string{
+			"service":   "{{SERVICE_NAME}}",
+			"domain":    "waitlist",
+			"apiOrigin": "https://api.{{SERVICE_NAME}}.anmho.com",
+		})
+	})
+
+	router.Post("/v1/waitlist", func(w http.ResponseWriter, request *http.Request) {
+		var input app.JoinWaitlistInput
+		if err := decodeJSON(request, &input); err != nil {
+			writeError(w, err)
+			return
+		}
+		result, err := service.JoinWaitlist(request.Context(), input)
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		status := http.StatusOK
+		if result.Created {
+			status = http.StatusCreated
+		}
+		writeJSON(w, status, result)
+	})
+
+	router.Get("/v1/waitlist", func(w http.ResponseWriter, request *http.Request) {
+		entry, err := service.GetEntryByEmail(request.Context(), request.URL.Query().Get("email"))
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		writeJSON(w, http.StatusOK, map[string]any{"entry": entry})
+	})
+
+	router.Get("/v1/waitlist/{entryID}", func(w http.ResponseWriter, request *http.Request) {
+		entry, err := service.GetEntry(request.Context(), chi.URLParam(request, "entryID"))
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		writeJSON(w, http.StatusOK, map[string]any{"entry": entry})
+	})
+
+	router.Get("/v1/admin/waitlist", func(w http.ResponseWriter, request *http.Request) {
+		entries, err := service.ListEntries(request.Context(), app.ListWaitlistEntriesInput{
+			Status: request.URL.Query().Get("status"),
+			Limit:  optionalInt(request.URL.Query().Get("limit")),
+		})
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		writeJSON(w, http.StatusOK, map[string]any{"entries": entries})
+	})
+
+	router.Get("/v1/admin/waitlist/export", func(w http.ResponseWriter, request *http.Request) {
+		csv, err := service.ExportEntries(request.Context(), app.ListWaitlistEntriesInput{
+			Status: request.URL.Query().Get("status"),
+			Limit:  optionalInt(request.URL.Query().Get("limit")),
+		})
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		w.Header().Set("Content-Type", "text/csv; charset=utf-8")
+		w.Header().Set("Content-Disposition", `attachment; filename="waitlist.csv"`)
+		w.WriteHeader(http.StatusOK)
+		_, _ = w.Write([]byte(csv))
+	})
+
+	router.Patch("/v1/admin/waitlist/{entryID}", func(w http.ResponseWriter, request *http.Request) {
+		var input app.UpdateWaitlistEntryInput
+		if err := decodeJSON(request, &input); err != nil {
+			writeError(w, err)
+			return
+		}
+		input.EntryID = chi.URLParam(request, "entryID")
+		entry, err := service.UpdateEntry(request.Context(), input)
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		writeJSON(w, http.StatusOK, map[string]any{"entry": entry})
+	})
 
-	router.Route("/v1/dns/records", func(r chi.Router) {
-		r.Get("/", func(w http.ResponseWriter, request *http.Request) {
-			records, err := service.ListRecords(request.Context())
-			if err != nil {
-				writeError(w, err)
-				return
-			}
-			writeJSON(w, http.StatusOK, map[string]any{"records": records})
+	router.Post("/v1/triggers/waitlist", func(w http.ResponseWriter, request *http.Request) {
+		var payload map[string]any
+		if err := decodeOptionalJSON(request, &payload); err != nil {
+			writeError(w, err)
+			return
+		}
+		trigger, err := service.RecordTrigger(request.Context(), app.RecordTriggerInput{
+			Type:    stringValue(payload, "type", "manual"),
+			EntryID: stringValue(payload, "entry_id", ""),
+			Payload: payload,
 		})
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		writeJSON(w, http.StatusAccepted, map[string]any{"trigger": trigger})
+	})
 
-		r.Post("/", func(w http.ResponseWriter, request *http.Request) {
-			var input app.CreateRecordInput
-			if err := decodeJSON(request, &input); err != nil {
-				writeError(w, err)
-				return
-			}
-
-			record, err := service.CreateRecord(request.Context(), input)
-			if err != nil {
-				writeError(w, err)
-				return
-			}
-			writeJSON(w, http.StatusCreated, map[string]any{"record": record})
+	router.Post("/webhooks/{provider}", func(w http.ResponseWriter, request *http.Request) {
+		rawBody, err := io.ReadAll(request.Body)
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		trigger, err := service.RecordTrigger(request.Context(), app.RecordTriggerInput{
+			Type: "webhook." + chi.URLParam(request, "provider"),
+			Payload: map[string]any{
+				"headers": request.Header,
+				"rawBody": string(rawBody),
+			},
 		})
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		writeJSON(w, http.StatusAccepted, map[string]any{"trigger": trigger})
+	})
 
-		r.Route("/{recordID}", func(r chi.Router) {
-			r.Put("/", func(w http.ResponseWriter, request *http.Request) {
-				var input app.UpdateRecordInput
-				if err := decodeJSON(request, &input); err != nil {
-					writeError(w, err)
-					return
-				}
-
-				record, err := service.UpdateRecord(request.Context(), chi.URLParam(request, "recordID"), input)
-				if err != nil {
-					writeError(w, err)
-					return
-				}
-				writeJSON(w, http.StatusOK, map[string]any{"record": record})
-			})
-
-			r.Delete("/", func(w http.ResponseWriter, request *http.Request) {
-				if err := service.DeleteRecord(request.Context(), chi.URLParam(request, "recordID")); err != nil {
-					writeError(w, err)
-					return
-				}
-				w.WriteHeader(http.StatusNoContent)
-			})
+	router.Get("/webhooks/{provider}/health", func(w http.ResponseWriter, request *http.Request) {
+		writeJSON(w, http.StatusOK, map[string]string{
+			"status":   "ok",
+			"provider": chi.URLParam(request, "provider"),
 		})
 	})
 }
 
 func decodeJSON(request *http.Request, out any) error {
 	defer request.Body.Close()
+	return json.NewDecoder(request.Body).Decode(out)
+}
 
-	if err := json.NewDecoder(request.Body).Decode(out); err != nil {
+func decodeOptionalJSON(request *http.Request, out any) error {
+	defer request.Body.Close()
+	decoder := json.NewDecoder(request.Body)
+	if err := decoder.Decode(out); err != nil && !errors.Is(err, io.EOF) {
 		return err
 	}
 	return nil
@@ -85,9 +173,44 @@ func writeJSON(w http.ResponseWriter, status int, payload any) {
 }
 
 func writeError(w http.ResponseWriter, err error) {
+	var appErr *app.AppError
+	if errors.As(err, &appErr) {
+		writeJSON(w, appErr.Status, map[string]string{
+			"error": appErr.Error(),
+			"code":  appErr.Code,
+		})
+		return
+	}
+
 	status := http.StatusInternalServerError
-	if errors.Is(err, strconv.ErrSyntax) || strings.Contains(strings.ToLower(err.Error()), "json") {
+	if strings.Contains(strings.ToLower(err.Error()), "json") {
 		status = http.StatusBadRequest
 	}
 	writeJSON(w, status, map[string]string{"error": err.Error()})
 }
+
+func stringValue(values map[string]any, key string, fallback string) string {
+	if values == nil {
+		return fallback
+	}
+	value, ok := values[key]
+	if !ok && key == "entry_id" {
+		value, ok = values["entryId"]
+	}
+	if !ok {
+		return fallback
+	}
+	text, ok := value.(string)
+	if !ok {
+		return fallback
+	}
+	return strings.TrimSpace(text)
+}
+
+func optionalInt(value string) int {
+	parsed, err := strconv.Atoi(strings.TrimSpace(value))
+	if err != nil {
+		return 0
+	}
+	return parsed
+}