Event-Driven Pipeline
How Critique accepts GitHub events, deduplicates work, and runs reviews asynchronously.
Critique’s GitHub integration is event-driven: the HTTP handler that receives a webhook returns quickly; durable work runs in background workers so traffic spikes do not cause timeouts or dropped deliveries.
Webhook ingestion
When GitHub sends an event:
- Critique verifies the payload signature.
- A delivery record is stored with a unique delivery id (GitHub’s
X-GitHub-Deliveryheader) so retries do not double-run the same work. - Processing is queued and GitHub receives an immediate success response.
You can think of deliveries as an audit log: received → processing → completed, failed, ignored, or deduplicated.
What happens next
A delivery worker interprets the event type:
| Event family | Typical outcome |
|---|---|
| Pull request | Queue or update a review run |
| Check run rerequested | May re-queue review when it matches Critique’s check |
| Push (default branch) | May refresh repository index / embeddings |
| Installation changes | Sync repos; may enqueue indexing for new repositories |
| PR / review comments | Bot mentions, commands, optional PR comment chat |
Not every webhook invokes models — many update bookkeeping only.
Review processing
PR reviews are often multi-step:
- Gather evidence — diff, files, guidance docs, sandbox collectors when enabled.
- Run specialists and synthesis — parallel lanes, then verdict.
- Publish to GitHub — check run, summary, inline comments.
Long sandbox work is split so analysis can retry independently from final publication. See PR review for the user-visible story.
Other queued work
The same infrastructure also drives Remedy, builder jobs, chat runs, and repository indexing. Each job type has its own handler but shares signature verification, retries, and delivery records.
Outbound webhooks (Platform API)
When reviews, Checkpoint gates, Remedy runs, or passport snapshots complete, Critique can POST signed JSON to HTTPS endpoints you register per GitHub App installation (manage:webhooks scope). Per-run callbacks are also available on POST /api/v1/reviews and Coding Agent run create.
| Channel | User-Agent | Typical consumer |
|---|---|---|
| Installation lifecycle | Critique-Lifecycle-Webhook/1.0 | Org-wide CI, merge bots, audit |
| Per-run review | Critique-Review-Webhook/1.0 | Single pipeline job |
| Coding Agent run | Critique-Coding-Agent-Webhook/1.0 | Sandbox automation |
review.run.completed includes inline findings[] for agent orchestrators. Full payload reference: Merge Gate API — Webhooks.
Delivery is fire-and-forget in v1 (single attempt, 8s timeout). Poll GET /api/v1/review-runs/:id?findings=all if a webhook misses.
Reliability
- Idempotency — Duplicate GitHub deliveries are detected and skipped when safe.
- Retries — Transient failures can be retried by the queue; operators may replay stuck deliveries from internal tools.
- Lazy sync — Installation metadata is refreshed on hot paths so occasional missed webhooks do not strand repos permanently.
This page is an operator overview. Exact route names, queue products, and schema fields are internal implementation details subject to change.