Skip to content

Add test mode for Hookdeck destination to skip external API verification #523

New issue
New issue
Open
Open
Add test mode for Hookdeck destination to skip external API verification#523
@leggetter

Description

@leggetter
leggetter
opened on Oct 12, 2025

Description

The Hookdeck destination provider currently requires external API verification for all tokens during destination creation/update. This makes it impossible to write automated tests without real Hookdeck credentials.

7 tests are currently skipped in the SDK test suite due to this limitation.

Current Behavior

When creating or updating a Hookdeck destination, the backend:

  1. Parses the token format (base64 encoded source_id:signing_key)
  2. Makes an HTTP request to https://events.hookdeck.com/e/{source_id} to verify the token
  3. Fails with validation error if the external API call fails

Evidence

Backend Code: internal/destregistry/providers/desthookdeck/desthookdeck.go lines 208-266

func (p *HookdeckProvider) Preprocess(newDestination *models.Destination, originalDestination *models.Destination, opts *destregistry.PreprocessDestinationOpts) error {
    // ...
    if shouldVerify {
        ctx := context.Background()

        // LINE 243: Makes external HTTP request
        sourceResponse, err := VerifyHookdeckToken(p.httpClient, ctx, parsedToken)
        if err != nil {
            return destregistry.NewErrDestinationValidation([]destregistry.ValidationErrorDetail{
                {
                    Field: "credentials.token",
                    Type:  "token_verification_failed",
                },
            })
        }
    }
    return nil
}

Impact

Skipped Tests: spec-sdk-tests/tests/destinations/hookdeck.test.ts

  1. should create a Hookdeck destination with valid config (line 61)
  2. should create a Hookdeck destination with array of topics (line 66)
  3. should create destination with user-provided ID (line 81)
  4. Entire describe block: GET /api/v1/{tenant_id}/destinations/{id} (line 167)
  5. Entire describe block: GET /api/v1/{tenant_id}/destinations (line 210)
  6. Entire describe block: PATCH /api/v1/{tenant_id}/destinations/{id} (line 236)
  7. Entire describe block: DELETE /api/v1/{tenant_id}/destinations/{id} (line 304)

Proposed Solution

Add a test mode or configuration flag that skips external token verification:

Option 1: Environment Variable

if os.Getenv("OUTPOST_TEST_MODE") == "true" {
    // Skip external verification in tests
    return nil
}

Option 2: Configuration Flag

hookdeck:
  skip_token_verification: true # Only for testing

Expected Behavior

  • In production: Continue to verify tokens against Hookdeck API
  • In test mode: Skip external verification, only validate token format
  • Tests can create/update/delete Hookdeck destinations without real credentials

Additional Context

See detailed analysis in spec-sdk-tests/TEST_STATUS.md and spec-sdk-tests/GITHUB_ISSUES.md

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    Outpost Releases

    Status

    Backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions