fix(webapp): retry on version collision when initializing a deployment by d-cs · Pull Request #3610 · triggerdotdev/trigger.dev

d-cs · 2026-05-13T13:36:11Z

Concurrent POST /api/v1/deployments requests for the same environment race on the WorkerDeployment(environmentId, version) unique constraint. Both requests read the same latest deployment via findFirst, compute the same next version via calculateNextBuildVersion, and both attempt prisma.workerDeployment.create() — one wins, the other crashes with Prisma P2002. The bug is a classic TOCTOU between the version read and the version write; it's been latent since the version-assignment logic was first added but only fires when two deploys land within milliseconds of each other (CI matrices, retried CLI calls, webhook-triggered redeploys).

Approach

Extracts the version assignment + create into a small helper createDeploymentWithNextVersion (apps/webapp/app/v3/services/initializeDeployment/createDeploymentWithNextVersion.server.ts). The helper retries on P2002 (environmentId, version) up to 5 times with randomised 5–50ms jitter so N concurrent racers don't loop in lockstep. Each attempt re-reads the latest version, recomputes via calculateNextBuildVersion, and re-runs the caller's buildData callback so version-dependent fields (image ref tag, friendlyId) are always consistent with the version actually persisted. A logger.warn fires per collision so the retry rate is observable in production logs.

When retries are exhausted, the helper throws a dedicated DeploymentVersionCollisionError carrying environmentId, attempts, and lastAttemptedVersion, with the original PrismaClientKnownRequestError attached as cause. Sentry walks the cause chain natively, so contention exhaustion shows up as a distinguishable wrapper exception linked to the underlying P2002 rather than a generic unique-constraint violation that looks identical to every other duplicate-key bug.

The behavioural change is limited to "catch P2002 and retry instead of crashing." The image ref computation stays inside the builder callback (same call site as before the refactor), so ECR / non-ECR behaviour, S2 stream creation order, and all downstream side effects are unchanged.

Non-goals

No new database migrations, no schema changes, no isolation-level / locking changes. A serialisable transaction or advisory lock would also fix this; retry-on-conflict is the smaller change that keeps the existing version-allocation logic intact.
Does not touch the analogous calculateNextBuildVersion call in createBackgroundWorker.server.ts, which likely has the same race shape against BackgroundWorker's unique constraint — flagged as a follow-up.

Test plan

pnpm run typecheck --filter webapp passes (no new errors in the modified files).
Three real-Postgres tests in apps/webapp/test/createDeploymentWithNextVersion.test.ts via containerTest:
- 5 concurrent calls all produce distinct, persistable versions (Set(versions).size === concurrency). The naive read-then-create version of the helper fails this test with the exact same P2002 seen in production; the retry version passes.
- Non-P2002 errors raised from the buildData callback propagate immediately without retry, builder invoked exactly once.
- With maxRetries: 0, concurrent racers surface the wrapped DeploymentVersionCollisionError (not a raw P2002); environmentId, attempts, lastAttemptedVersion are populated and error.cause.code === "P2002".
Existing apps/webapp/test/getDeploymentImageRef.test.ts still green (the file was untouched in the final diff).

Follow-ups (not in this PR)

createBackgroundWorker.server.ts likely has the same TOCTOU shape against its background-worker version unique constraint — should use the same helper.
Sentry visibility check: confirm error.cause chain renders as a linked exception in the Sentry UI when the wrapped error fires (requires a sandboxed triggering of the exhaustion path).

Concurrent `POST /api/v1/deployments` requests for the same environment both read the same latest deployment, compute the same next version, and race on the `WorkerDeployment(environmentId, version)` unique constraint. One succeeds, the other crashes with P2002. Extract version assignment + create into `createDeploymentWithNextVersion`, which retries on P2002 (max 5 attempts) with small randomised jitter so N concurrent racers don't loop in lockstep. Logs a `warn` per collision so the retry rate is observable. When retries are exhausted, throws a dedicated `DeploymentVersionCollisionError` (with the original P2002 as `cause` and `environmentId`/`attempts`/`lastAttemptedVersion` for debugging) so contention exhaustion is distinguishable in Sentry from any other unique-constraint violation. The image ref computation stays inside the builder callback so it's recomputed against the freshly-assigned version on every attempt; the persisted `imageReference` always matches the persisted `version`. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

changeset-bot · 2026-05-13T13:36:21Z

⚠️ No Changeset found

Latest commit: cf0a9da

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

coderabbitai · 2026-05-13T13:36:29Z

Walkthrough

This PR fixes a race condition in worker deployment version assignment by introducing createDeploymentWithNextVersion, a helper module that retries deployment creation when unique constraint collisions occur on (environmentId, version). The PR refactors InitializeDeploymentService.call to delegate to this helper, which computes the next version, builds insert data via a provided callback, and retries with jittered exponential backoff on P2002 errors. Tests verify concurrent version uniqueness, immediate propagation of non-collision errors, and correct error wrapping when retries are exhausted. A changelog entry documents the fix.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly summarizes the main fix: retrying on version collision when deploying to the same environment, which directly addresses the TOCTOU race condition that is the core change.
Description check	✅ Passed	The description follows the template structure with all required sections present: issue reference, checklist, testing details, and changelog information thoroughly documented.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

Create stacked PR
Commit on current branch

🧪 Generate unit tests (beta)

Create PR with unit tests
Commit unit tests in branch fix-worker-deployment-version-race

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

coderabbitai

🧹 Nitpick comments (2)

apps/webapp/test/createDeploymentWithNextVersion.test.ts (1)

1-133: ⚡ Quick win

Move this test beside the source helper to match repo test layout conventions.

The coverage looks good, but this file should be colocated with createDeploymentWithNextVersion.server.ts (e.g., createDeploymentWithNextVersion.test.ts) instead of living under apps/webapp/test.

As per coding guidelines: "Place test files next to source files using the pattern MyService.ts -> MyService.test.ts".
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@apps/webapp/test/createDeploymentWithNextVersion.test.ts` around lines 1 -
133, The test file should be moved to be colocated with the source helper
createDeploymentWithNextVersion.server.ts: create a new file named
createDeploymentWithNextVersion.test.ts alongside
createDeploymentWithNextVersion.server.ts, copy the existing tests (which
reference createDeploymentWithNextVersion and DeploymentVersionCollisionError)
into that file, update the import paths so the test imports from
"~/v3/services/initializeDeployment/createDeploymentWithNextVersion.server"
relative to the new location (or use the existing module alias), and delete the
old file under apps/webapp/test; do not change test logic or assertions.

apps/webapp/app/v3/services/initializeDeployment/createDeploymentWithNextVersion.server.ts (1)

16-19: ⚡ Quick win

Validate retry options at runtime before using them.

options.maxRetries/options.jitterMs are trusted directly on Line 52-Line 53. Invalid values can silently break retry behavior; parse once with Zod and use the parsed result.

Proposed patch

 import {
   isUniqueConstraintError,
   type Prisma,
   type PrismaClientOrTransaction,
   type WorkerDeployment,
 } from "@trigger.dev/database";
 import { setTimeout as sleep } from "node:timers/promises";
+import { z } from "zod";
 import { logger } from "~/services/logger.server";
 import { calculateNextBuildVersion } from "../../utils/calculateNextBuildVersion";
@@
 export type CreateDeploymentWithNextVersionOptions = {
   maxRetries?: number;
   jitterMs?: { min: number; max: number };
 };
+
+const CreateDeploymentWithNextVersionOptionsSchema = z.object({
+  maxRetries: z.number().int().min(0).optional(),
+  jitterMs: z
+    .object({
+      min: z.number().int().min(0),
+      max: z.number().int().min(0),
+    })
+    .refine((v) => v.max >= v.min, {
+      message: "jitterMs.max must be greater than or equal to jitterMs.min",
+    })
+    .optional(),
+});
@@
 export async function createDeploymentWithNextVersion(
   prisma: PrismaClientOrTransaction,
   environmentId: string,
   buildData: (nextVersion: string) => CreateDeploymentData | Promise<CreateDeploymentData>,
   options: CreateDeploymentWithNextVersionOptions = {}
 ): Promise<WorkerDeployment> {
-  const maxRetries = options.maxRetries ?? DEFAULT_MAX_RETRIES;
-  const jitterMs = options.jitterMs ?? DEFAULT_JITTER_MS;
+  const parsedOptions = CreateDeploymentWithNextVersionOptionsSchema.parse(options);
+  const maxRetries = parsedOptions.maxRetries ?? DEFAULT_MAX_RETRIES;
+  const jitterMs = parsedOptions.jitterMs ?? DEFAULT_JITTER_MS;

As per coding guidelines: "Use zod for validation in packages/core and apps/webapp".

Also applies to: 52-53

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@apps/webapp/app/v3/services/initializeDeployment/createDeploymentWithNextVersion.server.ts`
around lines 16 - 19, Create a zod schema for
CreateDeploymentWithNextVersionOptions (e.g., maxRetries:
z.number().int().min(0).optional().default(3); jitterMs: z.object({ min:
z.number().min(0), max: z.number().min(0) }).optional()) and parse the incoming
options at the start of createDeploymentWithNextVersion (or wherever options are
consumed); replace direct uses of options.maxRetries and options.jitterMs with
the validated/parsed values from the zod result to ensure correct types/defaults
and prevent invalid retry/jitter behavior.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In
`@apps/webapp/app/v3/services/initializeDeployment/createDeploymentWithNextVersion.server.ts`:
- Around line 16-19: Create a zod schema for
CreateDeploymentWithNextVersionOptions (e.g., maxRetries:
z.number().int().min(0).optional().default(3); jitterMs: z.object({ min:
z.number().min(0), max: z.number().min(0) }).optional()) and parse the incoming
options at the start of createDeploymentWithNextVersion (or wherever options are
consumed); replace direct uses of options.maxRetries and options.jitterMs with
the validated/parsed values from the zod result to ensure correct types/defaults
and prevent invalid retry/jitter behavior.

In `@apps/webapp/test/createDeploymentWithNextVersion.test.ts`:
- Around line 1-133: The test file should be moved to be colocated with the
source helper createDeploymentWithNextVersion.server.ts: create a new file named
createDeploymentWithNextVersion.test.ts alongside
createDeploymentWithNextVersion.server.ts, copy the existing tests (which
reference createDeploymentWithNextVersion and DeploymentVersionCollisionError)
into that file, update the import paths so the test imports from
"~/v3/services/initializeDeployment/createDeploymentWithNextVersion.server"
relative to the new location (or use the existing module alias), and delete the
old file under apps/webapp/test; do not change test logic or assertions.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: f6a959b5-e870-4b67-b147-dea0df3dd9bc

📥 Commits

Reviewing files that changed from the base of the PR and between 759214e and cf0a9da.

📒 Files selected for processing (4)

.server-changes/fix-worker-deployment-version-race.md
apps/webapp/app/v3/services/initializeDeployment.server.ts
apps/webapp/app/v3/services/initializeDeployment/createDeploymentWithNextVersion.server.ts
apps/webapp/test/createDeploymentWithNextVersion.test.ts

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (29)

GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (7, 8)
GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (4, 8)
GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (8, 8)
GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (6, 8)
GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (5, 8)
GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (1, 8)
GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (2, 8)
GitHub Check: units / internal / 🧪 Unit Tests: Internal (4, 8)
GitHub Check: units / internal / 🧪 Unit Tests: Internal (5, 8)
GitHub Check: units / internal / 🧪 Unit Tests: Internal (7, 8)
GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (3, 8)
GitHub Check: units / internal / 🧪 Unit Tests: Internal (8, 8)
GitHub Check: units / internal / 🧪 Unit Tests: Internal (2, 8)
GitHub Check: units / internal / 🧪 Unit Tests: Internal (6, 8)
GitHub Check: units / internal / 🧪 Unit Tests: Internal (1, 8)
GitHub Check: units / internal / 🧪 Unit Tests: Internal (3, 8)
GitHub Check: units / e2e-webapp / 🧪 E2E Tests: Webapp
GitHub Check: units / packages / 🧪 Unit Tests: Packages (1, 1)
GitHub Check: sdk-compat / Node.js 20.20 (ubuntu-latest)
GitHub Check: sdk-compat / Deno Runtime
GitHub Check: e2e / 🧪 CLI v3 tests (windows-latest - npm)
GitHub Check: sdk-compat / Node.js 22.12 (ubuntu-latest)
GitHub Check: e2e / 🧪 CLI v3 tests (ubuntu-latest - pnpm)
GitHub Check: sdk-compat / Cloudflare Workers
GitHub Check: e2e / 🧪 CLI v3 tests (windows-latest - pnpm)
GitHub Check: e2e / 🧪 CLI v3 tests (ubuntu-latest - npm)
GitHub Check: sdk-compat / Bun Runtime
GitHub Check: typecheck / typecheck
GitHub Check: Analyze (javascript-typescript)

🧰 Additional context used

📓 Path-based instructions (14)

**/*.{ts,tsx}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

**/*.{ts,tsx}: Use types over interfaces for TypeScript
Avoid using enums; prefer string unions or const objects instead

Files:

apps/webapp/test/createDeploymentWithNextVersion.test.ts
apps/webapp/app/v3/services/initializeDeployment/createDeploymentWithNextVersion.server.ts
apps/webapp/app/v3/services/initializeDeployment.server.ts

{packages/core,apps/webapp}/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Use zod for validation in packages/core and apps/webapp

Files:

apps/webapp/test/createDeploymentWithNextVersion.test.ts
apps/webapp/app/v3/services/initializeDeployment/createDeploymentWithNextVersion.server.ts
apps/webapp/app/v3/services/initializeDeployment.server.ts

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Use function declarations instead of default exports

Files:

apps/webapp/test/createDeploymentWithNextVersion.test.ts
apps/webapp/app/v3/services/initializeDeployment/createDeploymentWithNextVersion.server.ts
apps/webapp/app/v3/services/initializeDeployment.server.ts

**/*.{test,spec}.{ts,tsx}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Use vitest for all tests in the Trigger.dev repository

Files:

apps/webapp/test/createDeploymentWithNextVersion.test.ts

**/*.ts

📄 CodeRabbit inference engine (.cursor/rules/otel-metrics.mdc)

**/*.ts: When creating or editing OTEL metrics (counters, histograms, gauges), ensure metric attributes have low cardinality by using only enums, booleans, bounded error codes, or bounded shard IDs
Do not use high-cardinality attributes in OTEL metrics such as UUIDs/IDs (envId, userId, runId, projectId, organizationId), unbounded integers (itemCount, batchSize, retryCount), timestamps (createdAt, startTime), or free-form strings (errorMessage, taskName, queueName)
When exporting OTEL metrics via OTLP to Prometheus, be aware that the exporter automatically adds unit suffixes to metric names (e.g., 'my_duration_ms' becomes 'my_duration_ms_milliseconds', 'my_counter' becomes 'my_counter_total'). Account for these transformations when writing Grafana dashboards or Prometheus queries

Files:

apps/webapp/test/createDeploymentWithNextVersion.test.ts
apps/webapp/app/v3/services/initializeDeployment/createDeploymentWithNextVersion.server.ts
apps/webapp/app/v3/services/initializeDeployment.server.ts

apps/webapp/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/webapp.mdc)

apps/webapp/**/*.{ts,tsx}: Access environment variables through the env export of env.server.ts instead of directly accessing process.env
Use subpath exports from @trigger.dev/core package instead of importing from the root @trigger.dev/core path

Use named constants for sentinel/placeholder values (e.g. const UNSET_VALUE = '__unset__') instead of raw string literals scattered across comparisons

Files:

apps/webapp/test/createDeploymentWithNextVersion.test.ts
apps/webapp/app/v3/services/initializeDeployment/createDeploymentWithNextVersion.server.ts
apps/webapp/app/v3/services/initializeDeployment.server.ts

apps/webapp/**/*.test.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/webapp.mdc)

Do not import env.server.ts directly or indirectly into test files; instead pass environment-dependent values through options/parameters to make code testable

For testable code, never import env.server.ts in test files. Pass configuration as options instead (e.g., realtimeClient.server.ts takes config as constructor arg, realtimeClientGlobal.server.ts creates singleton with env config)

Files:

apps/webapp/test/createDeploymentWithNextVersion.test.ts

{apps,internal-packages}/**/*.{ts,tsx,js}