feat: add OTEL metrics and tracing to cert_webhook plugin

[pcfreak30]

Changes

Adds OpenTelemetry metrics and distributed tracing to the cert_webhook Caddy plugin.

Metrics (4 counters)

• cert_webhook_deliveries_total - webhook delivery success/failure (labels: domain, status, result)
• cert_webhook_cert_events_total - cert events processed (labels: event_type, domain)
• cert_webhook_throttled_total - events throttled by dedup (labels: domain, source)
• cert_webhook_tls_get_cert_total - tls_get_certificate events (labels: domain, status)

Tracing

• Spans on Handle, handleCertEvent, handleTLSGetCertificateEvent, deliverAsync
• Error spans marked with codes.Error via endSpanWithError

Wiring

• initMetrics() and initTracer() called in Provision() alongside existing setup
• Metrics use nil guards so recording is a no-op if init fails
• Test mocks updated to use mock.Anything for context args (span-wrapped contexts no longer match context.Background() exactly)

OTEL env vars

Set via standard OTEL environment variables on the Caddy container. No code changes needed.

Test results

43 tests pass, clean build.

---

Pull Request Description

This PR adds OpenTelemetry (OTEL) metrics and tracing to the cert_webhook Caddy plugin, providing observability into webhook delivery, certificate event processing, throttling, and TLS certificate request handling.

Metrics Added

Four new counters are registered under the cert_webhook meter:

• cert_webhook_deliveries_total — Tracks webhook delivery attempts to the portal API, with attributes for domain, SSL status, and result (success/failure).
• cert_webhook_cert_events_total — Tracks processed certificate events (obtained, renewed, expired), with attributes for event type and domain.
• cert_webhook_throttled_total — Tracks events suppressed by the throttle/dedup mechanism, with attributes for domain and source (cert_event or tls_get_cert).
• cert_webhook_tls_get_cert_total — Tracks tls_get_certificate events processed, with attributes for domain and SSL status.

Tracing Added

Spans are created for the following operations, with relevant attributes (domain, status, event type) and error recording on failure:

• Event handling (cert_webhook.handle_event)
• Certificate event processing (cert_webhook.handle_cert_event)
• TLS get certificate event processing (cert_webhook.handle_tls_get_cert)
• Webhook delivery (cert_webhook.deliver_webhook)

Integration Changes

• Metrics and tracer are initialized during plugin provisioning in handler.go. Metric initialization failures are logged as warnings without blocking startup.
• Context is now propagated through the event handling chain (Handle → handleCertEvent / handleTLSGetCertificateEvent) to support distributed tracing.
• Webhook delivery in delivery.go now uses the traced context for the API call and records success/failure metrics.
• Existing tests were updated to pass context.Background() to modified method signatures and to use mock.Anything for context arguments in mock expectations.
• New test coverage validates metric recording correctness and nil-safety when metrics/tracer are uninitialized.

[kody-ai]

Kody Review Complete

Great news! 🎉
No issues were found that match your current review configurations.

Keep up the excellent work! 🚀

Kody Guide: Usage and Configuration

Interacting with Kody

• Request a Review: Ask Kody to review your PR manually by adding a comment with the @kody start-review command at the root of your PR.

• Validate Business Logic: Ask Kody to validate your code against business rules by adding a comment with the @kody -v business-logic command.

• Provide Feedback: Help Kody learn and improve by reacting to its comments with a 👍 for helpful suggestions or a 👎 if improvements are needed.

Current Kody Configuration

Review Options

The following review options are enabled or disabled:

Options	Enabled
Bug	✅
Performance	✅
Security	✅
Business Logic	✅

Access your configuration settings here.

​