Use the replica for API auth queries (#2932)

When we auth API keys we get the environment, project and org. This is a
very hot path so even though these queries are fast they contribute a
significant percentage of total load.

This moves them to use the read replica instead.

Author: matt-aitken

apps/webapp/app/models/project.server.ts

@@ -1,6 +1,6 @@
 import { nanoid, customAlphabet } from "nanoid";
 import slug from "slug";
-import { prisma } from "~/db.server";
+import { $replica, prisma } from "~/db.server";
 import type { Project } from "@trigger.dev/database";
 import { Organization, createEnvironment } from "./organization.server";
 import { env } from "~/env.server";
@@ -135,7 +135,7 @@ export async function createProject(
 
 export async function findProjectBySlug(orgSlug: string, projectSlug: string, userId: string) {
   // Find the project scoped to the organization, making sure the user belongs to that org
-  return await prisma.project.findFirst({
+  return await $replica.project.findFirst({
     where: {
       slug: projectSlug,
       organization: {
@@ -148,7 +148,7 @@ export async function findProjectBySlug(orgSlug: string, projectSlug: string, us
 
 export async function findProjectByRef(externalRef: string, userId: string) {
   // Find the project scoped to the organization, making sure the user belongs to that org
-  return await prisma.project.findFirst({
+  return await $replica.project.findFirst({
     where: {
       externalRef,
       organization: {

apps/webapp/app/models/runtimeEnvironment.server.ts

@@ -1,6 +1,6 @@
 import type { AuthenticatedEnvironment } from "@internal/run-engine";
 import type { Prisma, PrismaClientOrTransaction, RuntimeEnvironment } from "@trigger.dev/database";
-import { prisma } from "~/db.server";
+import { $replica, prisma } from "~/db.server";
 import { logger } from "~/services/logger.server";
 import { getUsername } from "~/utils/username";
 import { sanitizeBranchName } from "~/v3/gitBranch";
@@ -11,7 +11,7 @@ export async function findEnvironmentByApiKey(
   apiKey: string,
   branchName: string | undefined
 ): Promise<AuthenticatedEnvironment | null> {
-  const environment = await prisma.runtimeEnvironment.findFirst({
+  const environment = await $replica.runtimeEnvironment.findFirst({
     where: {
       apiKey,
     },
@@ -67,7 +67,7 @@ export async function findEnvironmentByPublicApiKey(
   apiKey: string,
   branchName: string | undefined
 ): Promise<AuthenticatedEnvironment | null> {
-  const environment = await prisma.runtimeEnvironment.findFirst({
+  const environment = await $replica.runtimeEnvironment.findFirst({
     where: {
       pkApiKey: apiKey,
     },
@@ -89,7 +89,7 @@ export async function findEnvironmentByPublicApiKey(
 export async function findEnvironmentById(
   id: string
 ): Promise<(AuthenticatedEnvironment & { parentEnvironment: { apiKey: string } | null }) | null> {
-  const environment = await prisma.runtimeEnvironment.findFirst({
+  const environment = await $replica.runtimeEnvironment.findFirst({
     where: {
       id,
     },
@@ -118,7 +118,7 @@ export async function findEnvironmentBySlug(
   envSlug: string,
   userId: string
 ): Promise<AuthenticatedEnvironment | null> {
-  return prisma.runtimeEnvironment.findFirst({
+  return $replica.runtimeEnvironment.findFirst({
     where: {
       projectId: projectId,
       slug: envSlug,
@@ -148,7 +148,7 @@ export async function findEnvironmentFromRun(
   runId: string,
   tx?: PrismaClientOrTransaction
 ): Promise<AuthenticatedEnvironment | null> {
-  const taskRun = await (tx ?? prisma).taskRun.findFirst({
+  const taskRun = await (tx ?? $replica).taskRun.findFirst({
     where: {
       id: runId,
     },
@@ -223,7 +223,7 @@ export async function disconnectSession(environmentId: string) {
 }
 
 export async function findLatestSession(environmentId: string) {
-  const session = await prisma.runtimeEnvironmentSession.findFirst({
+  const session = await $replica.runtimeEnvironmentSession.findFirst({
     where: {
       environmentId,
     },
@@ -280,7 +280,7 @@ export async function findDisplayableEnvironment(
   environmentId: string,
   userId: string | undefined
 ) {
-  const environment = await prisma.runtimeEnvironment.findFirst({
+  const environment = await $replica.runtimeEnvironment.findFirst({
     where: {
       id: environmentId,
     },

apps/webapp/app/services/apiAuth.server.ts

@@ -3,7 +3,7 @@ import { type Prettify } from "@trigger.dev/core";
 import { SignJWT, errors, jwtVerify } from "jose";
 import { z } from "zod";
 
-import { prisma } from "~/db.server";
+import { $replica } from "~/db.server";
 import { env } from "~/env.server";
 import { findProjectByRef } from "~/models/project.server";
 import {
@@ -479,7 +479,7 @@ export async function authenticatedEnvironmentForAuthentication(
       return auth.result.environment;
     }
     case "personalAccessToken": {
-      const user = await prisma.user.findUnique({
+      const user = await $replica.user.findUnique({
         where: {
           id: auth.result.userId,
         },
@@ -498,7 +498,7 @@ export async function authenticatedEnvironmentForAuthentication(
       const sanitizedBranch = sanitizeBranchName(branch);
 
       if (!sanitizedBranch) {
-        const environment = await prisma.runtimeEnvironment.findFirst({
+        const environment = await $replica.runtimeEnvironment.findFirst({
           where: {
             projectId: project.id,
             slug: slug,
@@ -523,7 +523,7 @@ export async function authenticatedEnvironmentForAuthentication(
         return environment;
       }
 
-      const environment = await prisma.runtimeEnvironment.findFirst({
+      const environment = await $replica.runtimeEnvironment.findFirst({
         where: {
           projectId: project.id,
           type: "PREVIEW",
@@ -553,7 +553,7 @@ export async function authenticatedEnvironmentForAuthentication(
       };
     }
     case "organizationAccessToken": {
-      const organization = await prisma.organization.findUnique({
+      const organization = await $replica.organization.findUnique({
         where: {
           id: auth.result.organizationId,
         },
@@ -563,7 +563,7 @@ export async function authenticatedEnvironmentForAuthentication(
         throw json({ error: "Invalid or missing organization access token" }, { status: 401 });
       }
 
-      const project = await prisma.project.findFirst({
+      const project = await $replica.project.findFirst({
         where: {
           organizationId: organization.id,
           externalRef: projectRef,
@@ -577,7 +577,7 @@ export async function authenticatedEnvironmentForAuthentication(
       const sanitizedBranch = sanitizeBranchName(branch);
 
       if (!sanitizedBranch) {
-        const environment = await prisma.runtimeEnvironment.findFirst({
+        const environment = await $replica.runtimeEnvironment.findFirst({
           where: {
             projectId: project.id,
             slug: slug,
@@ -595,7 +595,7 @@ export async function authenticatedEnvironmentForAuthentication(
         return environment;
       }
 
-      const environment = await prisma.runtimeEnvironment.findFirst({
+      const environment = await $replica.runtimeEnvironment.findFirst({
         where: {
           projectId: project.id,
           type: "PREVIEW",