.

jon-bell · jon-bell · commit 93fb63935655 · 2026-02-28T20:41:10.000-05:00
diff --git a/supabase/functions/autograder-create-submission/index.ts b/supabase/functions/autograder-create-submission/index.ts
@@ -640,18 +640,26 @@ async function handleRequest(req: Request, scope: Sentry.Scope) {
         let userRoles: Database["public"]["Tables"]["user_roles"]["Row"] | undefined;
         const classId = initialCheckRun.class_id ?? repoData.assignments.class_id;
         if (classId && !isPawtograderTriggered) {
-          const { data: user } = await adminSupabase
+          const { data: user, error: userError } = await adminSupabase
             .from("users")
             .select("user_id")
-            .eq("github_username", decoded.actor)
+            .ilike("github_username", decoded.actor)
             .maybeSingle();
+          if (userError) {
+            Sentry.captureException(userError, scope);
+            throw new UserVisibleError(`Failed to lookup user: ${userError.message}`);
+          }
           if (user) {
-            const { data: userRolesData } = await adminSupabase
+            const { data: userRolesData, error: userRolesError } = await adminSupabase
               .from("user_roles")
               .select("*")
               .eq("user_id", user.user_id)
               .eq("class_id", classId)
               .maybeSingle();
+            if (userRolesError) {
+              Sentry.captureException(userRolesError, scope);
+              throw new UserVisibleError(`Failed to lookup user role: ${userRolesError.message}`);
+            }
             userRoles = userRolesData ?? undefined;
           }
         }
diff --git a/supabase/functions/autograder-submit-feedback/index.ts b/supabase/functions/autograder-submit-feedback/index.ts
@@ -60,9 +60,7 @@ function detectRateLimitType(error: unknown): {
   }
 
   if (status === 403 || status === 429) {
-    const retryAfter = headers?.["retry-after"]
-      ? parseInt(headers["retry-after"], 10)
-      : undefined;
+    const retryAfter = headers?.["retry-after"] ? parseInt(headers["retry-after"], 10) : undefined;
     const remaining = headers?.["x-ratelimit-remaining"];
     if (remaining === "0") {
       return { type: "primary", retryAfter: retryAfter ?? 60 };
diff --git a/supabase/functions/github-repo-webhook/index.ts b/supabase/functions/github-repo-webhook/index.ts
@@ -65,9 +65,7 @@ function detectRateLimitType(error: unknown): {
   }
 
   if (status === 403 || status === 429) {
-    const retryAfter = headers?.["retry-after"]
-      ? parseInt(headers["retry-after"], 10)
-      : undefined;
+    const retryAfter = headers?.["retry-after"] ? parseInt(headers["retry-after"], 10) : undefined;
     const remaining = headers?.["x-ratelimit-remaining"];
     if (remaining === "0") {
       return { type: "primary", retryAfter: retryAfter ?? 60 };
@@ -345,11 +343,11 @@ async function handlePushToStudentRepo(
     maybeCrash("push.student.for_each_commit.before_lookup");
 
     // Check circuit breaker before making GitHub API calls - fail fast if rate limited
-    // Check both org-level and create_repo method-specific circuit breakers
-    const circuitStatus = await checkCircuitBreakerOpen(adminSupabase, org, "create_repo", scope);
+    // Check both org-level and triggerWorkflow method-specific circuit breakers
+    const circuitStatus = await checkCircuitBreakerOpen(adminSupabase, org, "triggerWorkflow", scope);
     if (circuitStatus.isOpen) {
       const openUntil = circuitStatus.openUntil ? new Date(circuitStatus.openUntil).toLocaleString() : "unknown";
-      const scopeInfo = circuitStatus.circuitScope === "org_method" ? ` (method: create_repo)` : "";
+      const scopeInfo = circuitStatus.circuitScope === "org_method" ? ` (method: triggerWorkflow)` : "";
       throw new Error(
         `Circuit breaker open for org ${org}${scopeInfo}: GitHub API operations temporarily unavailable. ` +
           `Reason: ${circuitStatus.reason || "Rate limit or error threshold exceeded"}. ` +
diff --git a/supabase/migrations/20260218120000_make_check_run_id_nullable.sql b/supabase/migrations/20260218120000_make_check_run_id_nullable.sql
@@ -7,6 +7,29 @@
 ALTER TABLE repository_check_runs
   DROP CONSTRAINT IF EXISTS repository_check_runs_repository_id_check_run_id_sha_key;
 
+-- Dedupe: remove duplicate (repository_id, sha) rows before adding unique constraint.
+-- Keep the row with smallest id (earliest) per (repository_id, sha).
+-- First, update submissions that reference duplicate rows to point to the canonical row.
+WITH dups AS (
+  SELECT id,
+    FIRST_VALUE(id) OVER (PARTITION BY repository_id, sha ORDER BY id ASC) AS canonical_id
+  FROM public.repository_check_runs
+)
+UPDATE public.submissions s
+SET repository_check_run_id = d.canonical_id
+FROM dups d
+WHERE s.repository_check_run_id = d.id
+  AND d.id != d.canonical_id;
+
+-- Delete duplicate rows, keeping only the canonical (smallest id) per (repository_id, sha).
+WITH ranked AS (
+  SELECT id,
+    ROW_NUMBER() OVER (PARTITION BY repository_id, sha ORDER BY id ASC) AS rn
+  FROM public.repository_check_runs
+)
+DELETE FROM public.repository_check_runs
+WHERE id IN (SELECT id FROM ranked WHERE rn > 1);
+
 -- Add unique constraint on (repository_id, sha) for idempotency
 ALTER TABLE repository_check_runs
   ADD CONSTRAINT repository_check_runs_repository_id_sha_key UNIQUE (repository_id, sha);
