fix(sentry apps): Self-heal/regenereate broken ServiceHooks

[Christinarlong]

Finally got around to doing this... In the past some Sentry Apps have been updated and their ServiceHooks(read: webhooks) weren't updated properly for various reasons. Leaving people with broken webhooks. That also caused these Sentry errors to surface to us

1. https://sentry.sentry.io/issues/6682915846/?project=1&query=is%3Aunresolved%20missing_servicehook&referrer=issue-stream
2. https://sentry.sentry.io/issues/6678511610/?project=1&query=operation_type%3Asend_webhook%20event_type%3Aissue.unresolved&referrer=issue-stream

This PR adds a task that will gradually regenerate the broken webhooks by re-running the create_or_update_service_hooks_for_installation function. That function is what should've been run during the initial webhook update but for various reason (timeouts, errors etc.) didn't complete.

[Christinarlong]

This function would be used whenever we encounter the SentryAppWebhookFailureReason.MISSING_SERVICEHOOK or SentryAppWebhookFailureReason.EVENT_NOT_IN_SERVCEHOOK failure cases.

In both cases we usually should have an installation with a working ServiceHook a la we use the Sentry app's event list as the source of truth for all installations

This logic was put into another task because I didn't want another logically separate operation to potentially pollute the results/info of another task. And similarly allows us to get better data on when this operation is ran.

[codecov]

Codecov Report

❌ Patch coverage is 37.50000% with 10 lines in your changes missing coverage. Please review.
✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
src/sentry/sentry_apps/tasks/sentry_apps.py	33.33%	10 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #96712      +/-   ##
==========================================
- Coverage   80.63%   80.15%   -0.49%     
==========================================
  Files        8475     8483       +8     
  Lines      373193   379104    +5911     
  Branches    24205    24205              
==========================================
+ Hits       300929   303857    +2928     
- Misses      71891    74874    +2983     
  Partials      373      373              

[Christinarlong]

thinking about this more idk if we should even have these checks, like I think we can assume the caller will have done the validation/check that the ServiceHook is in a bad state

[iamrajjoshi]

i agree with your intuition: i think this task should only be called if this if statement is true.

[iamrajjoshi]

can we add some a metric to the task so we can monitor how often it is triggers, and create a redash dashboard/query to show us the burndown rate of the broken servicehooks?

[iamrajjoshi]

just making sure we don't have to add anything extra from TASK_OPTIONS in the taskworker config

[Christinarlong]

er im not sure if we need to add anything else. O I did bork the namespace though. I highkey just copied this from the other tasks

[iamrajjoshi]

nit: maybe we raise some integrity exception and add more context ie, installation_id, etc.
another idea is to add a logger.info with this context (it becomes a breadcrumb in the sentry error)

[iamrajjoshi]

i agree with your intuition: i think this task should only be called if this if statement is true.

[Christinarlong]

can we add some a metric to the task so we can monitor how often it is triggers, and create a redash dashboard/query to show us the burndown rate of the broken servicehooks?

I think we can piggy back off the general task metric to see how often the task is triggered.

As for some stat/visualization of the burndown,

1. A counter that shows the number of installations whose SH events dont match the ones of their sentry app counter part - https://redash.getsentry.net/queries/9297/source#12084

Also I was thinking we could track this via the open Sentry issues in the PR description. Since if those go down we can correlate that to burning down the broken servicehooks