The production-cannot-fail philosophy
The SDK operates under five non-negotiable safety rules:1. Never crash the worker
All runtime code is wrapped in try/except. Network failures, API errors, serialization issues, and unexpected exceptions are caught and logged — they never propagate to your Celery worker.SluiceConfigError, and that happens at startup during init() — before your worker starts processing tasks. If you misconfigure the API key or connection ID, you’ll know immediately.
2. Never slow your tasks
The SDK captures events asynchronously. Event forwarding happens in a background thread — it doesn’t block task execution. Your tasks run at the same speed with or without Sluice.3. Never leak memory
The internal event buffer is bounded. If the Sluice API is unreachable and the buffer fills up, the SDK drops the oldest events rather than growing unboundedly. Your worker’s memory footprint stays stable.4. Never block the event loop
For Celery workers using gevent or eventlet concurrency, the SDK avoids blocking I/O in the event loop. Network calls use non-blocking HTTP transport.5. Never log sensitive data
Task arguments and return values are not sent to Sluice by default. The event stream captures task metadata — name, state, queue, timestamps, errors — but not the actual data your tasks process.Sluice V0 does not support opt-in argument/result capture. This is planned for a future release with per-task redaction controls.