fix: ensure relay recovery loop can reclaim stuck messages before expiry

[nickmarden]

Summary

Fixes a timing invariant bug in the relay subsystem where messages stuck as pending after a pod restart would always expire before the recovery loop could reclaim them.

DefaultWebhookExpiry was 30s but pendingIdleTimeout was 60s, so a stuck message would expire after 30s — before the recovery loop (running every 30s) ever had a chance to pick it up.

Changes

• Raised DefaultWebhookExpiry from 30s to 2 minutes
• Lowered pendingIdleTimeout from 60s to 30s
• The invariant DefaultWebhookExpiry > pendingIdleTimeout + recoveryInterval now holds with ~60s to spare
• Updated test assertions for the new expiry window
• Added CHANGELOG entry

Testing

Existing tests in redis_manager_test.go updated to reflect the new expiry window. make test passes.

Checklist

• make test passes locally
• make lint passes locally
• Documentation updated (if behavior or configuration changed)
• CHANGELOG updated (for user-visible changes)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

Docker Images Built

Images are available for testing:

# gatekeeperd
docker pull ghcr.io/tight-line/gatekeeperd:pr-29-7786b5e

# gatekeeper-relay
docker pull ghcr.io/tight-line/gatekeeper-relay:pr-29-7786b5e

docker-compose.yml

GATEKEEPERD_IMAGE=ghcr.io/tight-line/gatekeeperd:pr-29-7786b5e \
RELAY_IMAGE=ghcr.io/tight-line/gatekeeper-relay:pr-29-7786b5e \
docker-compose --profile relay up

Helm (values override)

image:
  repository: ghcr.io/tight-line/gatekeeperd  # or gatekeeper-relay
  tag: "pr-29-7786b5e"

Images expire ~15 days after PR closes.