Skip to content

feat: add OCI Email Delivery integration#1440

Merged
superdav42 merged 2 commits into
mainfrom
feature/oci-email-delivery-integration
Jun 16, 2026
Merged

feat: add OCI Email Delivery integration#1440
superdav42 merged 2 commits into
mainfrom
feature/oci-email-delivery-integration

Conversation

@superdav42

@superdav42 superdav42 commented Jun 16, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • Add an OCI HTTP Signature helper for Oracle Cloud Infrastructure API requests.
  • Add an Oracle OCI Email Delivery integration with credential fields, region/endpoint configuration, and API connection testing.
  • Add a transactional email capability that creates/locates OCI Email Delivery domains, manages DKIM records, and returns SPF/DKIM/DMARC DNS records for DNS automation.
  • Register the new oracle-oci integration alongside the existing Amazon SES transactional email provider.

Verification

  • php -l inc/helpers/class-oci-signer.php && php -l inc/integrations/providers/oci-email/class-oci-email-integration.php && php -l inc/integrations/providers/oci-email/class-oci-email-transactional-email.php && php -l inc/integrations/class-integration-registry.php
  • vendor/bin/phpcs inc/helpers/class-oci-signer.php inc/integrations/providers/oci-email/class-oci-email-integration.php inc/integrations/providers/oci-email/class-oci-email-transactional-email.php inc/integrations/class-integration-registry.php
  • composer dump-autoload --classmap-authoritative --no-dev

Notes

  • This integration manages OCI Email Delivery domain/DKIM setup and DNS record generation. Actual message sending remains on the configured SMTP transport, matching the existing OCI msmtp deployment pattern.
  • The integration returns DMARC as monitoring (p=none) so operators can advance policy after SPF/DKIM alignment is verified.

aidevops.sh v3.20.85 plugin for OpenCode v1.17.7 with gpt-5.5 spent 2h 4m and 244,476 tokens on this with the user in an interactive session.

Summary by CodeRabbit

Release Notes

  • New Features
    • Added Oracle Cloud Infrastructure Email Delivery integration for transactional email
    • Automatic domain verification using OCI Email Delivery
    • Automatic generation and management of DNS authentication records (SPF, DKIM, DMARC)
    • Connection testing for the configured OCI compartment and email domain setup
  • UI Enhancements
    • Added optional provider-specific setup instructions to the host integrations configuration wizard

@coderabbitai

coderabbitai Bot commented Jun 16, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: cd90cdad-9ce9-4707-92af-1c902659bff0

📥 Commits

Reviewing files that changed from the base of the PR and between a3266bb and 95164a4.

📒 Files selected for processing (4)
  • inc/admin-pages/class-hosting-integration-wizard-admin-page.php
  • inc/integrations/providers/amazon-ses/class-amazon-ses-integration.php
  • inc/integrations/providers/oci-email/class-oci-email-integration.php
  • views/wizards/host-integrations/configuration.php
🚧 Files skipped from review as they are similar to previous changes (1)
  • inc/integrations/providers/oci-email/class-oci-email-integration.php

📝 Walkthrough

Walkthrough

Adds Oracle Cloud Infrastructure Email Delivery as a transactional email integration. A new OCI_Signer helper signs HTTP requests using RSA-SHA256. OCI_Email_Integration provides credential resolution, a generic oci_api_call() method, a connection test, and setup-wizard field definitions. The hosting integration wizard now supports optional configuration instructions that both OCI and Amazon SES provide as setup guidance. OCI_Email_Transactional_Email manages OCI email domain and DKIM lifecycle, generates DNS records, and hooks domain add/remove events. Both classes are registered in the integration registry.

Changes

OCI Email Delivery Integration

Layer / File(s) Summary
OCI RSA-SHA256 HTTP Signer
inc/helpers/class-oci-signer.php
OCI_Signer stores tenancy/user OCIDs, fingerprint, and normalized PEM key. sign() parses the URL, builds OCI-required headers (including (request-target), date, host, and conditionally x-content-sha256/content-type/content-length), constructs the newline-delimited signing string, calls openssl_sign, and returns an array with Authorization/Date headers (plus content headers) or an empty array on failure.
OCI_Email_Integration provider, API helper, and setup instructions framework
inc/integrations/providers/oci-email/class-oci-email-integration.php, inc/admin-pages/class-hosting-integration-wizard-admin-page.php, inc/integrations/providers/amazon-ses/class-amazon-ses-integration.php, views/wizards/host-integrations/configuration.php
OCI_Email_Integration exposes region/API-base/SPF-include getters, a get_signer() factory, oci_api_call() that signs requests with OCI_Signer, executes wp_remote_request(), decodes JSON, and propagates transport/HTTP errors or returns decoded data. Includes test_connection() to validate the email domains endpoint and get_fields()/get_configuration_instructions() for the setup wizard. The hosting integration wizard's section_configuration() now conditionally retrieves and passes configuration_instructions to the template. The configuration view initializes $configuration_instructions to an empty array and conditionally renders an instructions UI block (with sanitized title, description, and step list items) when non-empty. Amazon_SES_Integration is backfilled with a get_configuration_instructions() method describing IAM permissions, credential entry, region selection, and DNS record steps.
OCI_Email_Transactional_Email capability module
inc/integrations/providers/oci-email/class-oci-email-transactional-email.php
Implements Transactional_Email_Capability: registers wu_domain_added/wu_domain_removed hooks, exposes verify_domain() to create/locate OCI email domain and DKIM records (returning DNS records), get_domain_verification_status() to return domain lifecycle status, and get_domain_dns_records() to generate SPF/DMARC/DKIM records. Stubs send_email() (delegating to SMTP transport), get_sending_statistics(), and set_sending_quota() with OCI messaging. Private helpers perform create-or-return OCI email domain operations (including multi-shape response handling), DKIM create-or-return with filtered selector generation, DNS record construction (including filter hook for final records), and flexible DKIM DNS extraction supporting multiple OCI field conventions.
Integration registry wiring
inc/integrations/class-integration-registry.php
Adds OCI_Email_Integration to the native integration list and registers OCI_Email_Transactional_Email under the oracle-oci capability key.

Sequence Diagram

sequenceDiagram
  participant Hook as WordPress Domain Hook
  participant Cap as OCI_Email_Transactional_Email
  participant Int as OCI_Email_Integration
  participant Signer as OCI_Signer
  participant OCI as OCI Email Delivery API

  Hook->>Cap: wu_domain_added(domain, site_id)
  Cap->>Cap: verify_domain(domain)
  Cap->>Int: oci_api_call(POST /emailDomains, payload)
  Int->>Signer: sign(POST, url, json_payload)
  Signer-->>Int: Authorization + Date headers
  Int->>OCI: wp_remote_request(POST /emailDomains)
  OCI-->>Int: email domain object
  Int-->>Cap: decoded domain data or WP_Error
  Cap->>Int: oci_api_call(POST /dkimRecords or GET, payload)
  Int->>Signer: sign(POST/GET, url, payload)
  Signer-->>Int: Authorization + Date headers
  Int->>OCI: wp_remote_request(POST/GET /dkimRecords)
  OCI-->>Int: DKIM record object
  Int-->>Cap: decoded DKIM data or WP_Error
  Cap->>Cap: build_dns_records(domain, dkim)
  Cap-->>Hook: fire wu_domain_verified(domain, dns_records)
Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

  • Ultimate-Multisite/ultimate-multisite#724: Introduced the Transactional_Email_Capability interface and domain lifecycle hooks (wu_domain_added/wu_domain_removed) that OCI_Email_Transactional_Email implements and consumes.

Poem

🐇 Hop, hop, I sign with SHA!
A PEM key normalized today,
OCI domains appear,
DKIM records are near,
SPF and DMARC on the way! ✉️

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The pull request title directly and accurately describes the main change: adding an OCI Email Delivery integration to the platform.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feature/oci-email-delivery-integration

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions

Copy link
Copy Markdown

🔨 Build Complete - Ready for Testing!

📦 Download Build Artifact (Recommended)

Download the zip build, upload to WordPress and test:

🌐 Test in WordPress Playground (Very Experimental)

Click the link below to instantly test this PR in your browser - no installation needed!
Playground support for multisite is very limitied, hopefully it will get better in the future.

🚀 Launch in Playground

Login credentials: admin / password

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
inc/integrations/providers/oci-email/class-oci-email-transactional-email.php (1)

140-150: 💤 Low value

Consider renaming the action to reflect initiation rather than completion.

The wu_domain_verified action fires after domain/DKIM records are created in OCI, but before DNS records are published and propagated. The name could mislead consumers into thinking verification is complete. Consider wu_domain_verification_initiated or document clearly that this action means "OCI resources created, DNS records returned for publishing."

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@inc/integrations/providers/oci-email/class-oci-email-transactional-email.php`
around lines 140 - 150, The action hook `wu_domain_verified` is misleading
because it fires after OCI resources are created and DNS records are returned,
but before actual DNS propagation and verification completion. Rename this
action hook to `wu_domain_verification_initiated` to accurately reflect that
domain verification has been initiated rather than completed. Ensure you update
both the do_action call and any corresponding documentation or filter references
that use this hook name to maintain consistency throughout the codebase.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In
`@inc/integrations/providers/oci-email/class-oci-email-transactional-email.php`:
- Around line 140-150: The action hook `wu_domain_verified` is misleading
because it fires after OCI resources are created and DNS records are returned,
but before actual DNS propagation and verification completion. Rename this
action hook to `wu_domain_verification_initiated` to accurately reflect that
domain verification has been initiated rather than completed. Ensure you update
both the do_action call and any corresponding documentation or filter references
that use this hook name to maintain consistency throughout the codebase.

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 495cf9fe-53fb-43b9-8fb6-eef6fd34ad8a

📥 Commits

Reviewing files that changed from the base of the PR and between c39947a and a3266bb.

📒 Files selected for processing (4)
  • inc/helpers/class-oci-signer.php
  • inc/integrations/class-integration-registry.php
  • inc/integrations/providers/oci-email/class-oci-email-integration.php
  • inc/integrations/providers/oci-email/class-oci-email-transactional-email.php

@github-actions

Copy link
Copy Markdown

🔨 Build Complete - Ready for Testing!

📦 Download Build Artifact (Recommended)

Download the zip build, upload to WordPress and test:

🌐 Test in WordPress Playground (Very Experimental)

Click the link below to instantly test this PR in your browser - no installation needed!
Playground support for multisite is very limitied, hopefully it will get better in the future.

🚀 Launch in Playground

Login credentials: admin / password

@superdav42 superdav42 merged commit 2de42a4 into main Jun 16, 2026
11 checks passed
@superdav42

Copy link
Copy Markdown
Collaborator Author

Summary

  • Add an OCI HTTP Signature helper for Oracle Cloud Infrastructure API requests.
  • Add an Oracle OCI Email Delivery integration with credential fields, region/endpoint configuration, and API connection testing.
  • Add a transactional email capability that creates/locates OCI Email Delivery domains, manages DKIM records, and returns SPF/DKIM/DMARC DNS records for DNS automation.
  • Register the new oracle-oci integration alongside the existing Amazon SES transactional email provider.

Verification

  • php -l inc/helpers/class-oci-signer.php && php -l inc/integrations/providers/oci-email/class-oci-email-integration.php && php -l inc/integrations/providers/oci-email/class-oci-email-transactional-email.php && php -l inc/integrations/class-integration-registry.php
  • vendor/bin/phpcs inc/helpers/class-oci-signer.php inc/integrations/providers/oci-email/class-oci-email-integration.php inc/integrations/providers/oci-email/class-oci-email-transactional-email.php inc/integrations/class-integration-registry.php
  • composer dump-autoload --classmap-authoritative --no-dev

Notes

  • This integration manages OCI Email Delivery domain/DKIM setup and DNS record generation. Actual message sending remains on the configured SMTP transport, matching the existing OCI msmtp deployment pattern.
  • The integration returns DMARC as monitoring (p=none) so operators can advance policy after SPF/DKIM alignment is verified.

aidevops.sh v3.20.85 plugin for OpenCode v1.17.7 with gpt-5.5 spent 2h 4m and 244,476 tokens on this with the user in an interactive session.


Merged via PR #1440 to main.
Merged by deterministic merge pass (pulse-wrapper.sh).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

review-feedback-scanned Merged PR already scanned for quality feedback

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant