GH-653: Fix sensitive data logging, etc

[Klaas-Ritense]

generiekzaakafhandelcomponent/gzac-issues#653

• Downgrade inbox message logging from INFO to DEBUG and remove payload from log output
• Add WARN-level error logging to ValtimoCloudEventMapper catch blocks (without sensitive data)
• Replace resultId!! with null-safe check in DocumentSseEventMapper to prevent NPE
• Return null instead of empty string for missing caseDefinitionVersionTag in ConfigurationIssueSseEventMapper

[coderabbitai]

📝 Walkthrough

Summary by CodeRabbit

• Bug Fixes

  • Improved null-safety handling in event mapping to prevent silent failures and ensure required fields are properly validated.
  • Enhanced error logging and diagnostics for message publishing and event deserialization failures.
  • Reduced sensitive data exposure by adjusting logging levels for inbox message handling.

• Tests

  • Expanded test coverage for null-value scenarios in event mapping.

Walkthrough

This pull request improves null-safety and error handling across multiple components. Event mappers now treat previously defaulted fields (like caseDefinitionVersionTag and resultId) as required, returning null when they are missing instead of applying fallback values. Exception handling paths in cloud event mapping and message publishing have been enhanced with explicit logging. A logging level adjustment reduces verbosity in inbox message handling. These changes address null-safety issues in SSE event mappers, prevent silent exception swallowing during cloud event mapping, and eliminate sensitive data logging. Release notes were updated to document these fixes.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/653-inbox-sse-logging-null-safety

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

backend/outbox/outbox-rabbitmq/src/main/kotlin/com/ritense/outbox/rabbitmq/RabbitMessagePublisher.kt (1)

65-66: Disambiguate duplicate routingKey fields in the exception message.

Line 66 includes two routingKey= entries (returned.routingKey and configured routingKey), which can confuse troubleshooting. Consider distinct labels (returnedRoutingKey / configuredRoutingKey).

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: b091b349-d206-4a42-b7d1-754e737666a4

📥 Commits

Reviewing files that changed from the base of the PR and between 6c0d9bc and d4b2259.

📒 Files selected for processing (8)

• backend/case/src/main/kotlin/com/ritense/case/mapper/ConfigurationIssueSseEventMapper.kt
• backend/case/src/main/kotlin/com/ritense/document/mapper/DocumentSseEventMapper.kt
• backend/case/src/test/kotlin/com/ritense/case/mapper/ConfigurationIssueSseEventMapperTest.kt
• backend/case/src/test/kotlin/com/ritense/document/mapper/DocumentSseEventMapperTest.kt
• backend/inbox/src/main/kotlin/com/ritense/inbox/InboxHandlingService.kt
• backend/inbox/src/main/kotlin/com/ritense/inbox/ValtimoCloudEventMapper.kt
• backend/outbox/outbox-rabbitmq/src/main/kotlin/com/ritense/outbox/rabbitmq/RabbitMessagePublisher.kt
• documentation/release-notes/13.x.x/13.22.0/README.md