You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
cleanupDatabase() in apps/api/src/__tests__/integration/setup.ts attempts a per-test TRUNCATE of partners/organizations with CASCADE, but the statement never succeeds: the cascade transitively reaches audit_logs, whose audit_log_block_truncate trigger (apps/api/migrations/2026-05-25-k-audit-log-block-truncate.sql) unconditionally rejects any TRUNCATE touching the table — the append-only bypass GUC (breeze.allow_audit_retention) only exists for DELETE. The whole TRUNCATE fails and the error is swallowed by cleanupDatabase()'s try/catch, so tenant rows accumulate across every suite in an integration run.
No existing suite noticed because they all scope assertions to fixture IDs they created. It surfaced twice while building the loginContext integration suite for #2202 (the first suite to assert on global partner state):
The endpoint counts ALL partner rows, so leftover partners from earlier suites broke the single-partner case.
The first workaround (bare DELETE FROM organizations/partners) was green locally but red in CI — earlier suites leave rows in FK-child tables without ON DELETE CASCADE (backup_configs, 23503), so plain DELETEs are order-dependent.
(The test-DB user owns the table, so DISABLE TRIGGER is permitted.)
Options for the general fix, in rough order of preference:
Move this pattern into cleanupDatabase() itself — but audit first whether any existing suite depends on the broken behavior (e.g. beforeAll fixtures that a suddenly-working per-test truncate would wipe mid-suite). This is the risky part and why fix(sso): post-merge review follow-ups for partner SSO + login branding (#2194) #2202 kept the fix suite-local.
Keep cleanupDatabase() as-is but stop swallowing the error silently — log it once per run so the no-op is at least visible.
Export the trigger-aware truncate as a helper in setup.ts for suites that need genuine global resets, and document that cleanupDatabase() does not reset tenant roots.
At minimum, option 2 (surface the swallowed error) should happen — a cleanup function that silently does nothing is how this stayed hidden.
Description
cleanupDatabase()inapps/api/src/__tests__/integration/setup.tsattempts a per-testTRUNCATEofpartners/organizationswithCASCADE, but the statement never succeeds: the cascade transitively reachesaudit_logs, whoseaudit_log_block_truncatetrigger (apps/api/migrations/2026-05-25-k-audit-log-block-truncate.sql) unconditionally rejects any TRUNCATE touching the table — the append-only bypass GUC (breeze.allow_audit_retention) only exists for DELETE. The whole TRUNCATE fails and the error is swallowed bycleanupDatabase()'s try/catch, so tenant rows accumulate across every suite in an integration run.No existing suite noticed because they all scope assertions to fixture IDs they created. It surfaced twice while building the
loginContextintegration suite for #2202 (the first suite to assert on global partner state):DELETE FROM organizations/partners) was green locally but red in CI — earlier suites leave rows in FK-child tables withoutON DELETE CASCADE(backup_configs, 23503), so plain DELETEs are order-dependent.Root Cause
audit_log_block_truncatetrigger rejects TRUNCATE unconditionally (by design — append-only enforcement).cleanupDatabase()catches and ignores the resulting failure, turning "reset the DB" into a silent no-op for the tenant-root tables.Proposed Fix
The working pattern (shipped in
loginContext.integration.test.tsvia #2202, commit 38f6675) is:(The test-DB user owns the table, so DISABLE TRIGGER is permitted.)
Options for the general fix, in rough order of preference:
cleanupDatabase()itself — but audit first whether any existing suite depends on the broken behavior (e.g.beforeAllfixtures that a suddenly-working per-test truncate would wipe mid-suite). This is the risky part and why fix(sso): post-merge review follow-ups for partner SSO + login branding (#2194) #2202 kept the fix suite-local.cleanupDatabase()as-is but stop swallowing the error silently — log it once per run so the no-op is at least visible.setup.tsfor suites that need genuine global resets, and document thatcleanupDatabase()does not reset tenant roots.At minimum, option 2 (surface the swallowed error) should happen — a cleanup function that silently does nothing is how this stayed hidden.
Affected Files
apps/api/src/__tests__/integration/setup.ts(primary —cleanupDatabase())apps/api/src/__tests__/integration/loginContext.integration.test.ts(reference implementation of the workaround)apps/api/migrations/2026-05-25-k-audit-log-block-truncate.sql(the trigger, working as designed)Reported By
Found during the post-merge review follow-up work for #2194 (PR #2202).