DEV Community: Abhinav Kushwaha The latest articles on DEV Community by Abhinav Kushwaha (@abhinav_kushwaha). https://dev.to/abhinav_kushwaha https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3960734%2F911b2943-9cb0-4c48-8363-140a1da70cd8.jpg DEV Community: Abhinav Kushwaha https://dev.to/abhinav_kushwaha en Designing a Bulletproof Webhook Ingestion System in Ruby on Rails Abhinav Kushwaha Mon, 08 Jun 2026 16:15:19 +0000 https://dev.to/abhinav_kushwaha/designing-a-bulletproof-webhook-ingestion-system-in-ruby-on-rails-2i8a https://dev.to/abhinav_kushwaha/designing-a-bulletproof-webhook-ingestion-system-in-ruby-on-rails-2i8a <p>As your Rails application grows and begins integrating with external platforms—think Stripe, Shopify, or GitHub—handling incoming webhooks efficiently becomes critical.</p> <p>It’s easy to spin up a quick controller action, parse some JSON, and update a database record. But what happens when an external service suddenly floods your server with thousands of concurrent requests? Or worse, what if your third-party provider experiences network instability and drops connection mid-flight?</p> <p>If your webhook endpoint performs heavy database writes, executes API callbacks, or sends emails synchronously, you are asking for trouble. Today, we will build a resilient, decoupled, and production-ready webhook ingestion system using Rails 7/8, Solid Queue (or Sidekiq), and database-backed idling.</p> <p><strong>The Blueprint: Decouple Fast, Process Later</strong></p> <p>The absolute golden rule of webhooks is: <strong>Acknowledge receipt immediately, handle processing asynchronously.</strong> Your endpoint should do exactly three things:</p> <ol> <li><p>Verify the request signature (security first!).</p></li> <li><p>Persist the raw payload to an inbound webhooks table.</p></li> <li><p>Enqueue a background job and instantly return a 200 OK.</p></li> </ol> <p>By moving all business logic out of the request-response cycle, you keep your database locks brief, protect your web workers from timed-out connections, and ensure zero data loss.</p> <p><strong>Step 1: Data Architecture &amp; Security</strong></p> <p>First, let's create a dedicated table to house our raw webhook data. This gives us an immutable audit log and allows for seamless job retries if background workers fail.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>rails generate model InboundWebhook status:integer provider:string payload:jsonb error_message:text rails db:migrate </code></pre> </div> <p><strong>We will use an enum to keep track of the webhook lifecycle:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="c1"># app/models/inbound_webhook.rb</span> <span class="k">class</span> <span class="nc">InboundWebhook</span> <span class="o">&lt;</span> <span class="no">ApplicationRecord</span> <span class="n">enum</span> <span class="ss">:status</span><span class="p">,</span> <span class="p">{</span> <span class="ss">pending: </span><span class="mi">0</span><span class="p">,</span> <span class="ss">processing: </span><span class="mi">1</span><span class="p">,</span> <span class="ss">completed: </span><span class="mi">2</span><span class="p">,</span> <span class="ss">failed: </span><span class="mi">3</span> <span class="p">},</span> <span class="ss">default: :pending</span> <span class="n">validates</span> <span class="ss">:provider</span><span class="p">,</span> <span class="ss">:payload</span><span class="p">,</span> <span class="ss">presence: </span><span class="kp">true</span> <span class="k">end</span> </code></pre> </div> <p><strong>Step 2: The High-Speed Controller</strong></p> <p>Our controller needs to be incredibly lean. It should strictly handle verification and record creation, then pass the heavy lifting off to an ActiveJob.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="c1"># app/controllers/webhooks/stripe_controller.rb</span> <span class="k">module</span> <span class="nn">Webhooks</span> <span class="k">class</span> <span class="nc">StripeController</span> <span class="o">&lt;</span> <span class="no">ApplicationController</span> <span class="n">skip_before_action</span> <span class="ss">:verify_authenticity_token</span> <span class="c1"># Webhooks don't have CSRF tokens</span> <span class="n">before_action</span> <span class="ss">:verify_signature!</span> <span class="k">def</span> <span class="nf">create</span> <span class="n">webhook</span> <span class="o">=</span> <span class="no">InboundWebhook</span><span class="p">.</span><span class="nf">create!</span><span class="p">(</span> <span class="ss">provider: </span><span class="s1">'stripe'</span><span class="p">,</span> <span class="ss">payload: </span><span class="no">JSON</span><span class="p">.</span><span class="nf">parse</span><span class="p">(</span><span class="n">request</span><span class="p">.</span><span class="nf">body</span><span class="p">.</span><span class="nf">read</span><span class="p">)</span> <span class="p">)</span> <span class="c1"># Hand off to background workers immediately</span> <span class="no">ProcessWebhookJob</span><span class="p">.</span><span class="nf">perform_later</span><span class="p">(</span><span class="n">webhook</span><span class="p">)</span> <span class="n">render</span> <span class="ss">json: </span><span class="p">{</span> <span class="ss">success: </span><span class="kp">true</span> <span class="p">},</span> <span class="ss">status: :ok</span> <span class="k">rescue</span> <span class="no">JSON</span><span class="o">::</span><span class="no">ParserError</span> <span class="o">=&gt;</span> <span class="n">e</span> <span class="n">render</span> <span class="ss">json: </span><span class="p">{</span> <span class="ss">error: </span><span class="s2">"Malformed payload"</span> <span class="p">},</span> <span class="ss">status: :bad_request</span> <span class="k">end</span> <span class="kp">private</span> <span class="k">def</span> <span class="nf">verify_signature!</span> <span class="n">endpoint_secret</span> <span class="o">=</span> <span class="no">Rails</span><span class="p">.</span><span class="nf">application</span><span class="p">.</span><span class="nf">credentials</span><span class="p">.</span><span class="nf">dig</span><span class="p">(</span><span class="ss">:stripe</span><span class="p">,</span> <span class="ss">:webhook_secret</span><span class="p">)</span> <span class="n">signature</span> <span class="o">=</span> <span class="n">request</span><span class="p">.</span><span class="nf">env</span><span class="p">[</span><span class="s1">'HTTP_STRIPE_SIGNATURE'</span><span class="p">]</span> <span class="n">payload</span> <span class="o">=</span> <span class="n">request</span><span class="p">.</span><span class="nf">body</span><span class="p">.</span><span class="nf">read</span> <span class="c1"># Use Stripe's official SDK tool to verify the event authenticity safely</span> <span class="no">Stripe</span><span class="o">::</span><span class="no">Webhook</span><span class="p">.</span><span class="nf">construct_event</span><span class="p">(</span><span class="n">payload</span><span class="p">,</span> <span class="n">signature</span><span class="p">,</span> <span class="n">endpoint_secret</span><span class="p">)</span> <span class="k">rescue</span> <span class="no">Stripe</span><span class="o">::</span><span class="no">SignatureVerificationError</span> <span class="o">=&gt;</span> <span class="n">e</span> <span class="n">render</span> <span class="ss">json: </span><span class="p">{</span> <span class="ss">error: </span><span class="s2">"Invalid signature"</span> <span class="p">},</span> <span class="ss">status: :unauthorized</span> <span class="k">end</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <p><strong>Step 3: Resilient Background Processing</strong></p> <p>​Now that the request has safely closed with a fast 200 OK, our background architecture takes over. If the underlying logic fails (due to a third-party API outage, a database deadlock, etc.), our system marks the webhook as failed and saves the stack trace instead of silently swallowing the error.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="c1"># app/jobs/process_webhook_job.rb</span> <span class="k">class</span> <span class="nc">ProcessWebhookJob</span> <span class="o">&lt;</span> <span class="no">ApplicationJob</span> <span class="n">queue_as</span> <span class="ss">:default</span> <span class="c1"># Automatically retry network or concurrency issues before marking as failed</span> <span class="n">retry_on</span> <span class="no">ActiveRecord</span><span class="o">::</span><span class="no">Deadlocked</span><span class="p">,</span> <span class="ss">wait: </span><span class="mi">2</span><span class="p">.</span><span class="nf">seconds</span><span class="p">,</span> <span class="ss">attempts: </span><span class="mi">3</span> <span class="k">def</span> <span class="nf">perform</span><span class="p">(</span><span class="n">webhook</span><span class="p">)</span> <span class="k">return</span> <span class="k">if</span> <span class="n">webhook</span><span class="p">.</span><span class="nf">completed?</span> <span class="n">webhook</span><span class="p">.</span><span class="nf">processing!</span> <span class="c1"># Routable processing based on payload types</span> <span class="k">case</span> <span class="n">webhook</span><span class="p">.</span><span class="nf">provider</span> <span class="k">when</span> <span class="s1">'stripe'</span> <span class="n">process_stripe_event</span><span class="p">(</span><span class="n">webhook</span><span class="p">.</span><span class="nf">payload</span><span class="p">)</span> <span class="k">else</span> <span class="k">raise</span> <span class="s2">"Unknown webhook provider: </span><span class="si">#{</span><span class="n">webhook</span><span class="p">.</span><span class="nf">provider</span><span class="si">}</span><span class="s2">"</span> <span class="k">end</span> <span class="n">webhook</span><span class="p">.</span><span class="nf">completed!</span> <span class="k">rescue</span> <span class="o">=&gt;</span> <span class="n">e</span> <span class="n">webhook</span><span class="p">.</span><span class="nf">update!</span><span class="p">(</span><span class="ss">status: :failed</span><span class="p">,</span> <span class="ss">error_message: </span><span class="s2">"</span><span class="si">#{</span><span class="n">e</span><span class="p">.</span><span class="nf">class</span><span class="si">}</span><span class="s2">: </span><span class="si">#{</span><span class="n">e</span><span class="p">.</span><span class="nf">message</span><span class="si">}</span><span class="s2">"</span><span class="p">)</span> <span class="k">raise</span> <span class="n">e</span> <span class="c1"># Re-raise to let your error tracker (Sentry/Honeybadger) catch it</span> <span class="k">end</span> <span class="kp">private</span> <span class="k">def</span> <span class="nf">process_stripe_event</span><span class="p">(</span><span class="n">payload</span><span class="p">)</span> <span class="k">case</span> <span class="n">payload</span><span class="p">[</span><span class="s1">'type'</span><span class="p">]</span> <span class="k">when</span> <span class="s1">'charge.succeeded'</span> <span class="c1"># Implement your transaction tracking or ledger updates here</span> <span class="c1"># Invoice.payment_received!(payload['data']['object'])</span> <span class="k">when</span> <span class="s1">'customer.subscription.deleted'</span> <span class="c1"># Handle subscription cancellations gently</span> <span class="k">end</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <p><strong>Step 4: The Superpower — Idempotency Guardrails</strong></p> <p>Webhooks are guaranteed to be delivered at least once. This means your application will eventually receive the exact same webhook payload twice. If you don't account for this, you risk double-charging clients or duplicating inventory data.</p> <p>To make our processing layer strictly idempotent, we can utilize database uniqueness constraints or Redis locks based on the provider's unique event ID.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="c1"># Prevent duplicate processing using Stripe's unique event ID</span> <span class="k">def</span> <span class="nf">process_stripe_event</span><span class="p">(</span><span class="n">payload</span><span class="p">)</span> <span class="n">event_id</span> <span class="o">=</span> <span class="n">payload</span><span class="p">[</span><span class="s1">'id'</span><span class="p">]</span> <span class="c1"># Use an atomic lock or transaction mapping to prevent race conditions</span> <span class="k">return</span> <span class="k">if</span> <span class="no">InboundWebhook</span><span class="p">.</span><span class="nf">where</span><span class="p">(</span><span class="ss">status: :completed</span><span class="p">)</span> <span class="p">.</span><span class="nf">where</span><span class="p">(</span><span class="s2">"payload-&gt;&gt;'id' = ?"</span><span class="p">,</span> <span class="n">event_id</span><span class="p">).</span><span class="nf">exists?</span> <span class="c1"># Proceed with processing safely...</span> <span class="k">end</span> </code></pre> </div> <p>Wrapping Up<br> ​By decoupling webhook storage from execution, your Rails app can handle sudden traffic spikes without flinching.</p> <p>​The Win: Web servers spend a fraction of a millisecond handling external requests.</p> <p>​The Peace of Mind: If your worker crashes, you still have the full history of payloads sitting securely in your database ready to be rerun with a quick webhook.reload.process_later Rake task.</p> <p>​How are you currently scaling your webhook consumers? Are you using Redis-backed Sidekiq or looking into Rails 8's native Solid Queue? Let's discuss in the comments below!</p> rails ruby stripe webhook Mastering Background Processing in Rails 8: Sidekiq & Redis Optimization Abhinav Kushwaha Sun, 31 May 2026 05:20:16 +0000 https://dev.to/abhinav_kushwaha/mastering-background-processing-in-rails-8-sidekiq-redis-optimization-3202 https://dev.to/abhinav_kushwaha/mastering-background-processing-in-rails-8-sidekiq-redis-optimization-3202 <p>In modern web applications, keeping the Request-Response cycle fast is crucial for user experience. If a user registers on your Rails 8 app and you trigger a welcome email directly inside the controller, the browser will remain in a loading state until the SMTP server responds.<br> ​<br> To solve this, we offload heavy, non-blocking tasks (like sending emails, generating PDFs, or syncing third-party APIs) to background workers. While Rails 8 now introduces Solid Queue as its default database-backed adapter, Sidekiq remains the industry gold standard for high-throughput, multi-threaded asynchronous processing powered by Redis (an in-memory data store).</p> <p><strong>​1. System Requirements &amp; Installation</strong><br> ​<br> First, ensure that Redis is installed and running on your production or local environment.<br> ​<br> For Ubuntu/Linux:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">sudo </span>apt update <span class="nb">sudo </span>apt <span class="nb">install </span>redis-server <span class="nb">sudo </span>systemctl <span class="nb">enable </span>redis-server.service </code></pre> </div> <p>Next, add the Sidekiq gem to your Rails 8 Gemfile:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="n">gem</span> <span class="s1">'sidekiq'</span> </code></pre> </div> <p>Execute the bundle command in your terminal:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>bundle <span class="nb">install</span> </code></pre> </div> <p><strong>2. Configuring Rails 8 to use Sidekiq</strong></p> <p>​Even with Rails 8's new defaults, switching to Sidekiq is seamless. You need to instruct your Active Job framework to use the Sidekiq adapter. Update your config/application.rb or config/environments/production.rb:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="k">module</span> <span class="nn">BlogApp</span> <span class="k">class</span> <span class="nc">Application</span> <span class="o">&lt;</span> <span class="no">Rails</span><span class="o">::</span><span class="no">Application</span> <span class="c1"># Initialize configuration defaults for originally generated Rails version.</span> <span class="n">config</span><span class="p">.</span><span class="nf">load_defaults</span> <span class="mf">8.0</span> <span class="c1"># Setting Sidekiq as the backend queue adapter</span> <span class="n">config</span><span class="p">.</span><span class="nf">active_job</span><span class="p">.</span><span class="nf">queue_adapter</span> <span class="o">=</span> <span class="ss">:sidekiq</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <p><strong>3. Production-Ready Redis Connection Pooling</strong></p> <p>​A common issue in production is running out of Redis connections due to improper pool sizes. To handle this cleanly, create a dedicated initializer file at config/initializers/sidekiq.rb:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="c1"># config/initializers/sidekiq.rb</span> <span class="no">Sidekiq</span><span class="p">.</span><span class="nf">configure_server</span> <span class="k">do</span> <span class="o">|</span><span class="n">config</span><span class="o">|</span> <span class="c1"># Server pool size should match or slightly exceed your concurrency limit</span> <span class="n">config</span><span class="p">.</span><span class="nf">redis</span> <span class="o">=</span> <span class="p">{</span> <span class="ss">url: </span><span class="no">ENV</span><span class="p">.</span><span class="nf">fetch</span><span class="p">(</span><span class="s1">'REDIS_URL'</span><span class="p">,</span> <span class="s1">'redis://localhost:6379/0'</span><span class="p">),</span> <span class="ss">size: </span><span class="mi">25</span> <span class="p">}</span> <span class="k">end</span> <span class="no">Sidekiq</span><span class="p">.</span><span class="nf">configure_client</span> <span class="k">do</span> <span class="o">|</span><span class="n">config</span><span class="o">|</span> <span class="c1"># Client pool size scales with your web server (Puma) threads</span> <span class="n">config</span><span class="p">.</span><span class="nf">redis</span> <span class="o">=</span> <span class="p">{</span> <span class="ss">url: </span><span class="no">ENV</span><span class="p">.</span><span class="nf">fetch</span><span class="p">(</span><span class="s1">'REDIS_URL'</span><span class="p">,</span> <span class="s1">'redis://localhost:6379/0'</span><span class="p">),</span> <span class="ss">size: </span><span class="mi">5</span> <span class="p">}</span> <span class="k">end</span> </code></pre> </div> <p><strong>4. Real-World Example: Writing a Rails 8 Job</strong></p> <p>​Let's create a concrete example. We will generate a job that processes a user subscription report and sends an email.<br> ​Instead of using old workers, we leverage modern Rails 8 standard inheritance. Run the generator command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>bin/rails generate job ProcessSubscriptionReport </code></pre> </div> <p>This generates a file in app/jobs/process_subscription_report_job.rb. Let's implement it with proper error handling and a custom queue:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="c1"># app/jobs/process_subscription_report_job.rb</span> <span class="k">class</span> <span class="nc">ProcessSubscriptionReportJob</span> <span class="o">&lt;</span> <span class="no">ApplicationJob</span> <span class="c1"># Classifying the priority queue in Sidekiq</span> <span class="n">queue_as</span> <span class="ss">:default</span> <span class="c1"># Sidekiq-specific retry configuration</span> <span class="n">sidekiq_options</span> <span class="ss">retry: </span><span class="mi">3</span><span class="p">,</span> <span class="ss">backtrace: </span><span class="kp">true</span> <span class="c1"># Best Practice: Avoid passing complex ActiveRecord objects. Pass IDs instead.</span> <span class="k">def</span> <span class="nf">perform</span><span class="p">(</span><span class="n">user_id</span><span class="p">)</span> <span class="n">user</span> <span class="o">=</span> <span class="no">User</span><span class="p">.</span><span class="nf">find_by</span><span class="p">(</span><span class="ss">id: </span><span class="n">user_id</span><span class="p">)</span> <span class="k">return</span> <span class="k">unless</span> <span class="n">user</span> <span class="c1"># Simulating heavy reporting logic</span> <span class="n">report_data</span> <span class="o">=</span> <span class="no">UserReportGenerator</span><span class="p">.</span><span class="nf">generate_for</span><span class="p">(</span><span class="n">user</span><span class="p">)</span> <span class="c1"># Triggering Mailer</span> <span class="no">UserMailer</span><span class="p">.</span><span class="nf">report_ready_email</span><span class="p">(</span><span class="n">user</span><span class="p">,</span> <span class="n">report_data</span><span class="p">).</span><span class="nf">deliver_now</span> <span class="k">rescue</span> <span class="no">ActiveRecord</span><span class="o">::</span><span class="no">RecordNotFound</span> <span class="o">=&gt;</span> <span class="n">e</span> <span class="no">Rails</span><span class="p">.</span><span class="nf">logger</span><span class="p">.</span><span class="nf">error</span> <span class="s2">"Job failed: User with ID </span><span class="si">#{</span><span class="n">user_id</span><span class="si">}</span><span class="s2"> no longer exists. Error: </span><span class="si">#{</span><span class="n">e</span><span class="p">.</span><span class="nf">message</span><span class="si">}</span><span class="s2">"</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <p><strong>5. Sidekiq Concurrency &amp; Concurrency Tuning</strong><br> ​Create a configuration file at config/sidekiq.yml to manage your concurrency limits and queues systematically for production:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># config/sidekiq.yml</span> <span class="na">:concurrency</span><span class="pi">:</span> <span class="m">10</span> <span class="na">:queues</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">critical</span> <span class="pi">-</span> <span class="s">default</span> <span class="pi">-</span> <span class="s">low</span> </code></pre> </div> <p>To run Sidekiq in your terminal, simply execute:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>bundle <span class="nb">exec </span>sidekiq </code></pre> </div> ruby rails sidekiq programming