Skip to content

fix: experiment workers not set up in pushkin-cli currently#376

Merged
cherriechang merged 19 commits into
fix/aws-deploymentfrom
fix/experiment-workers
Apr 9, 2026
Merged

fix: experiment workers not set up in pushkin-cli currently#376
cherriechang merged 19 commits into
fix/aws-deploymentfrom
fix/experiment-workers

Conversation

@cherriechang

Copy link
Copy Markdown
Contributor

This should enable properly running an experiment and storing its data.
Also needed to verify user authentication system #375

When running `pushkin-dev prep` with existing database containers from a
previous run, the command would fail with a misleading "password
authentication failed" error. This happened because the existing containers
were using different credentials than the current pushkin.yaml config.

This commit implements Option 1 from the issue: automatic detection and
cleanup of stale database containers.

Changes:
- Added `ensureCleanState()` function that checks for existing database
  containers before setup
- If containers exist, displays a warning and removes them cleanly
- Uses `docker ps -a` to detect both running and stopped containers
- Follows the same pattern as `killLocal()` using compose.stop() and
  compose.rm()
- Includes proper error handling to avoid failing the entire setup

Benefits:
- Makes `prep` command idempotent - safe to run multiple times
- Eliminates confusing password authentication errors
- Improves developer experience by avoiding manual cleanup steps
- No waiting through 10 failed connection attempts (~2+ minutes)

Fixes pushkin-dev prep fails cryptically when database containers already exist
@changeset-bot

changeset-bot Bot commented Nov 24, 2025

Copy link
Copy Markdown

🦋 Changeset detected

Latest commit: cb3be45

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages
Name Type
pushkin-worker Patch
@pushkin-templates/site-basic Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@cherriechang cherriechang self-assigned this Nov 24, 2025
@cherriechang cherriechang added enhancement New feature or request pushkin-cli Relates to the CLI labels Nov 24, 2025
cherriechang and others added 7 commits November 26, 2025 17:15
This commit adds comprehensive Auth0 authentication support to the basic site template, enabling OAuth2/OIDC authentication for Pushkin users. The implementation is backward-compatible and only activates when useAuth is enabled in pushkin.yaml.

Key Changes:
- Added Auth0 authentication components (Login, Logout, Profile)
- Added AuthSync component to synchronize Auth0 state with Redux
- Enhanced Redux infrastructure to handle both Auth0 and session-based auth
- Updated Header component with conditional auth buttons and 'My account' link
- Added conditional Auth0Provider wrapper in index.js
- Created config.js to expose authDomain and authClientID from pushkin.yaml
- Added @auth0/auth0-react dependency to package.json
- Added /profile route to App.js

Features:
- Dual authentication modes: Auth0 (when configured) and session-based (fallback)
- Conditional rendering based on useAuth config setting
- Seamless integration with existing Redux state management
- User profile management via Auth0 dashboard
- Automatic token refresh and localStorage caching

Configuration:
Sites can enable Auth0 by setting in pushkin.yaml:
  addons:
    useAuth: true
    authDomain: your-domain.auth0.com
    authClientID: your-client-id

All changes are backward-compatible. Sites without Auth0 configuration will continue using session-based authentication.
- Header's useEffect now skips dispatching getUser() when Auth0 is enabled
- Auth0 users are managed by AuthSync component via SET_AUTH0_USER action
- This prevents session-based user IDs from replacing Auth0 user IDs in Redux

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
- Add heartbeat: 30 configuration to amqp.connect() in pushkin-worker
- Upgrade RabbitMQ from 3.6 to 3.12 in docker-compose template
- Add RABBITMQ_HEARTBEAT environment variable

This fixes the "Heartbeat timeout" error that was preventing experiment
workers from completing database operations. The 30-second heartbeat
interval ensures the connection stays alive during long-running tasks.
…ections

- Fix "Cannot read properties of undefined" error by checking if worker service exists
- Use 'test_db' and 'test_transaction_db' Docker service names instead of localhost
- Use internal port 5432 instead of host-mapped port for TRANS_PORT
- Fixes ECONNREFUSED errors when workers try to connect to databases

This ensures workers can communicate with databases via Docker networking.
@cherriechang
cherriechang force-pushed the fix/experiment-workers branch from 06b173a to e2c178d Compare November 26, 2025 22:20
…TaskCreator()

Problem:
When processing multiple workers (e.g., ew_test_worker, ew_test_2_worker):
1. First iteration created a reference to the template object
2. Modified the Docker image property (which mutated the shared template)
3. Second iteration reused the same mutated template object
4. Result: All workers ended up with the last processed worker's Docker image

This caused deployment failures where:
- ew_test_worker service used ew_test_2_worker:latest image (wrong!)
- Workers consumed from incorrect RabbitMQ queues
- Experiments failed to respond to API requests
@jkhartshorne

Copy link
Copy Markdown
Collaborator

@cherriechang -- what should I be looking at for this pull request? (I'm prioritizing getting through these pull requests)

@cherriechang

cherriechang commented Jan 14, 2026

Copy link
Copy Markdown
Contributor Author

@cherriechang -- what should I be looking at for this pull request? (I'm prioritizing getting through these pull requests)

Currently everything is tested in an end-to-end way (this goes for the fix/aws-deployment and feature/authentication-system branches too) -- by making a new test website and seeing if the target feature works 😅 I should add unit tests to this PR before merging it, but if you wanted to you could test the current changes out by making a new test Pushkin site using the version of Pushkin on this branch, adding an experiment with some minimal javascript and seeing if it reaches end of experiment smoothly! Problems to look out for include it getting stuck at a screen that says "Loading...", data not getting saved to the main database, and/or these things failing when user profile/authentication is enabled.

@becky-gilbert

Copy link
Copy Markdown
Contributor

FYI - I'm reviewing this one now to see if it can be merged into #373. There's probably some conflicts/duplication with what I've done on that aws branch, so we can either revert my commits on #373 or I can make changes here.

… conflicts:

- aws/index.js: kept structuredClone (fix/aws-deployment) over JSON.parse(JSON.stringify()) — both fix the same worker-sharing bug; structuredClone is cleaner.
- prep/index.js: kept hardcoded Docker service names test_db/test_transaction_db (fix/experiment-workers) over pushkinYAML.databases.*.host — localtestdb has no host field in pushkin.yaml, so the fix/aws-deployment version would have set DB_HOST=undefined. Will fix in separate commit.
- templates/experiments/basic/src/worker/index.js: kept SSL auto-detection via pushkin-worker (fix/experiment-workers) over DB_SSL env var — pushkin-worker now auto-detects SSL for RDS endpoints, so template workers don't need to configure it.
…(leftover from a different solution that was removed in favor of SSL auto-detection)

@becky-gilbert becky-gilbert left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks ready to merge! 🎉 There are some unrelated issues to fix, and I need to work off of this branch to fix those issues. So I think we should merge into fix/aws-deployment so that I can continue to use that as the base branch to merge those fixes into.

Here's what I changed:

  • b46d185 - always print the error about not being able to check for existing containers (not just with verbose)
  • 0bc9e5f - fix undefined var e in catch block (pre-existing bug)
  • 55c4cb3 - In setupdb ensureCleanState, switch from compose stop/compose rm to compose down. This does same thing but also removes named volumes. This is related to a separate issue (#372), but I fixed it here because it was blocking my workflow.
  • 6a31819 - Fix merge conflicts with fix/aws-deployment. I had fixed some issues in that branch that were also fixed here, so I went through these and found the better of the two fixes.
    • aws/index.js: kept structuredClone over JSON.parse(JSON.stringify())
    • prep/index.js: kept hardcoded Docker service names (just for this merge commit, changed to variables in separate commit)
    • templates/experiments/basic/src/worker/index.js: kept SSL auto-detection via pushkin-worker from this branch over DB_SSL env var.
  • 7e4b3a1 - Use DB_HOST/TRANS_HOST values from pushkinYAML so that the docker service name is set in one place.
  • 929ecb3 - Remove references to old DB_SSL env variable and sslConfig in workers (missed these in the merge commit)
  • 0c50a41 - Merge fix/prep-graceful-handle-container-exist to fix db password issue, and fix merge conflicts.
  • cb3be45 - The AMQP connection heartbeat needs to be set via query parameter

Here's the testing that I've done using a new test site created with this build, and with several experiments.

  • Verified DB_HOST/DB_TRANS values are correct
  • Docker build still works following switch to execFile
  • Heartbeat is set correctly: RabbitMQ container shows 30s timeout (docker exec pushkin-message-queue-1 rabbitmqctl list_connections name timeout)
  • Heartbeat works: no timeout errors due to idle period during experiment
  • Experiment data persists
  • Experiments are no longer sharing the same worker config (fixed via structuredClone)
  • DB SSL is auto-detected correctly: SSL is used with the RDS endpoint hostname, and SSL is not used locally
  • useIAM profile strings are accessed correctly, and an invalid profile name produces a clear and immediate error (due to awaiting checkIAMUser)

One thing I couldn't verify is the retry logic for PutBucketPolicy because it worked on the first attempt every time I ran aws init.

@cherriechang and I decided to leave out AWS-related unit tests for the time being. They're too difficult to write because the components we need to test are not modularized or exported from index.js. They will be modularized via Cherrie's refactoring (#374) so we should add tests for that branch when it's ready.

@cherriechang
cherriechang merged commit cbb06dc into fix/aws-deployment Apr 9, 2026
@github-actions github-actions Bot mentioned this pull request May 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

enhancement New feature or request pushkin-cli Relates to the CLI

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants