fix(worker): Permission syncer fixes (#624)

2025-12-12 04:15:30 +00:00 · 2025-11-19 22:14:23 -08:00 · 2025-11-19 22:14:23 -08:00 · 09507d3e89
commit 09507d3e89
parent 97dd54d48f
4 changed files with 19 additions and 8 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -14,6 +14,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Fixed spurious infinite loads with explore panel, file tree, and file search command. [#617](https://github.com/sourcebot-dev/sourcebot/pull/617)
 - Wipe search context on init if entitlement no longer exists [#618](https://github.com/sourcebot-dev/sourcebot/pull/618)
 - Fixed Bitbucket repository exclusions not supporting glob patterns. [#620](https://github.com/sourcebot-dev/sourcebot/pull/620)
+- Fixed issue where the repo driven permission syncer was attempting to sync public repositories. [#624](https://github.com/sourcebot-dev/sourcebot/pull/624)
+- Fixed issue where worker would not shutdown while a permission sync job (repo or user) was in progress. [#624](https://github.com/sourcebot-dev/sourcebot/pull/624)

 ## [4.9.2] - 2025-11-13

--- a/packages/backend/src/ee/accountPermissionSyncer.ts
+++ b/packages/backend/src/ee/accountPermissionSyncer.ts
@ -102,7 +102,7 @@ export class AccountPermissionSyncer {
        if (this.interval) {
            clearInterval(this.interval);
        }
-        await this.worker.close();
+        await this.worker.close(/* force = */ true);
        await this.queue.close();
    }

--- a/packages/backend/src/ee/repoPermissionSyncer.ts
+++ b/packages/backend/src/ee/repoPermissionSyncer.ts
@ -55,19 +55,27 @@ export class RepoPermissionSyncer {
            const repos = await this.db.repo.findMany({
                // Repos need their permissions to be synced against the code host when...
                where: {
-                    // They belong to a code host that supports permissions syncing
                    AND: [
+                        // They are not public. Public repositories are always visible to all users, therefore we don't
+                        // need to explicitly perform permission syncing for them.
+                        // @see: packages/web/src/prisma.ts
+                        {
+                            isPublic: false
+                        },
+                        // They belong to a code host that supports permissions syncing
                        {
                            external_codeHostType: {
                                in: PERMISSION_SYNC_SUPPORTED_CODE_HOST_TYPES,
                            }
                        },
+                        // They have not been synced within the threshold date.
                        {
                            OR: [
                                { permissionSyncedAt: null },
                                { permissionSyncedAt: { lt: thresholdDate } },
                            ],
                        },
+                        // There aren't any active or recently failed jobs.
                        {
                            NOT: {
                                permissionSyncJobs: {
@ -106,7 +114,7 @@ export class RepoPermissionSyncer {
        if (this.interval) {
            clearInterval(this.interval);
        }
-        await this.worker.close();
+        await this.worker.close(/* force = */ true);
        await this.queue.close();
    }

--- a/packages/backend/src/index.ts
+++ b/packages/backend/src/index.ts
@ -112,19 +112,20 @@ const listenToShutdownSignals = () => {
            await api.dispose();
            await shutdownPosthog();
            
-            
            logger.info('All workers shut down gracefully');
            signals.forEach(sig => process.removeListener(sig, cleanup));
+            return 0;
        } catch (error) {
            Sentry.captureException(error);
            logger.error('Error shutting down worker:', error);
+            return 1;
        }
    }

    signals.forEach(signal => {
        process.on(signal, (err) => {
-            cleanup(err).finally(() => {
-                process.kill(process.pid, signal);
+            cleanup(err).then(code => {
+                process.exit(code);
            });
        });
    });
@ -132,14 +133,14 @@ const listenToShutdownSignals = () => {
    // Register handlers for uncaught exceptions and unhandled rejections
    process.on('uncaughtException', (err) => {
        logger.error(`Uncaught exception: ${err.message}`);
-        cleanup('uncaughtException').finally(() => {
+        cleanup('uncaughtException').then(() => {
            process.exit(1);
        });
    });

    process.on('unhandledRejection', (reason, promise) => {
        logger.error(`Unhandled rejection at: ${promise}, reason: ${reason}`);
-        cleanup('unhandledRejection').finally(() => {
+        cleanup('unhandledRejection').then(() => {
            process.exit(1);
        });
    });