fix(mirror): add max auth request age configuration (#9812)

The `auth.auth_requests` table is not cleaned up so long running Zitadel installations can contain many rows. The mirror command can take long because a the data are first copied into memory (or disk) on cockroach and users do not get any output from mirror. This is unfortunate because people don't know if Zitadel got stuck. Enhance logging throughout the projection processes and introduce a configuration option for the maximum age of authentication requests. None closes https://github.com/zitadel/zitadel/issues/9764 --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-08-14 12:48:01 +00:00 · 2025-04-29 17:29:16 +02:00
parent 253c9f562a
commit e302591f09
11 changed files with 131 additions and 84 deletions
--- a/docs/docs/self-hosting/manage/cli/mirror.mdx
+++ b/docs/docs/self-hosting/manage/cli/mirror.mdx
@@ -163,6 +163,9 @@ Destination:

 # As cockroachdb first copies the data into memory this parameter is used to iterate through the events table and fetch only the given amount of events per iteration
 EventBulkSize: 10000 # ZITADEL_EVENTBULKSIZE
+# The maximum duration an auth request was last updated before it gets ignored.
+# Default is 30 days
+MaxAuthRequestAge: 720h # ZITADEL_MAXAUTHREQUESTAGE

 Projections:
  # Defines how many projections are allowed to run in parallel