fix(schedules): migrate to trigger dev

[icecrasher321]

Summary

Move schedules to trigger.dev and cleanup code. Add verifyCronAuth check to schedules execution route.

Type of Change

• Bug fix

Testing

Tested manually in staging env.

Checklist

• Code follows project style guidelines
• Self-reviewed my changes
• Tests added/updated and passing
• No new warnings introduced
• I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Preview	Comments	Updated (UTC)
docs	Skipped			Oct 13, 2025 8:06pm

[greptile-apps]

Greptile Overview

Summary

Added authentication to the schedule execution endpoint to match the security pattern used by other cron routes.

• route.ts:67-74: Added verifyCronAuth call to validate the cron authentication token before processing any schedules
• route.test.ts:14-26: Created createMockRequest() helper to generate mock NextRequest with proper authorization headers for testing
• route.test.ts:34-37: Mocked verifyCronAuth to return null (success) for all test cases
• cronjobs.yaml:44-46: Added CRON_SECRET environment variable to cron job containers
• cronjobs.yaml:64: Added Authorization header to curl requests using the CRON_SECRET value

This change ensures that only authenticated Kubernetes cron jobs can trigger schedule executions, preventing unauthorized access to the endpoint.

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• The changes follow the established authentication pattern used by other cron routes in the codebase (logs/cleanup, webhooks/poll/gmail, webhooks/poll/outlook), with proper implementation in both the route handler and tests. The Helm template correctly passes the CRON_SECRET environment variable and includes it in the Authorization header.
• No files require special attention

Important Files Changed

File Analysis

Filename	Score	Overview
apps/sim/app/api/schedules/execute/route.ts	5/5	Added cron authentication to schedule execution endpoint using verifyCronAuth, matching the security pattern used by other cron routes
apps/sim/app/api/schedules/execute/route.test.ts	5/5	Updated tests to pass NextRequest with proper authorization headers and mocked verifyCronAuth to return null (success)
helm/sim/templates/cronjobs.yaml	5/5	Added CRON_SECRET environment variable and Authorization header to cron job curl requests for authentication

Sequence Diagram

sequenceDiagram
    participant CronJob as Kubernetes CronJob
    participant API as Schedule Execute Route
    participant Auth as Cron Auth Middleware
    participant DB as Database
    participant Executor as Workflow Executor

    CronJob->>API: GET /api/schedules/execute
    API->>Auth: Verify cron authentication
    
    alt Authentication fails
        Auth-->>API: Return error response
        API-->>CronJob: 401 Unauthorized
    else Authentication succeeds
        Auth-->>API: Continue
        API->>DB: Query due schedules
        DB-->>API: Return schedules
        
        loop For each schedule
            API->>DB: Load workflow
            DB-->>API: Workflow data
            API->>Executor: Execute workflow
            Executor-->>API: Result
            API->>DB: Update schedule
        end
        
        API-->>CronJob: 200 OK
    end

Loading

_{3 files reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}