alldigital/PSA
2
0
Fork 0
Code Issues Pull Requests Actions 14 Packages Projects Releases Wiki Activity
PSA/docs/integrations/calendar-sync-operations.md
Hermes 284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Details
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Details
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
Details
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
Details
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Details
Integration Tests / Check for relevant changes (push) Waiting to run
Details
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Details
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Details
Mobile checks / Mobile unit tests (push) Waiting to run
Details
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Details
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Details
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Details
Temporal Readiness / fast-readiness (push) Waiting to run
Details
Temporal Readiness / docker-parity (push) Waiting to run
Details
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Details
Unit Tests / Skipped-test budget (push) Waiting to run
Details
Unit Tests / Nx affected unit tests (push) Waiting to run
Details
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Details
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Details
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
Details
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Details
Initial import of AlgaPSA codebase from PSA server 
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz

Source: /opt/alga-psa on psa.joliet.tech
2026-06-22 16:12:17 -05:00

48 lines
3.5 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Calendar Sync Operations Runbook
This runbook covers the day-to-day operational tasks for the Google and Microsoft calendar integrations. It pairs with the UI updates delivered in Phase 4 so operators can onboard tenants, monitor sync health, and respond to incidents without engineering support.
## Prerequisites
- Tenants must configure vendor OAuth credentials via tenant secrets (same flow for hosted and on-prem deployments).
- Background jobs MUST be running so webhook renewals and delta token updates proceed automatically.
- Verify Redis and the `CALENDAR_OAUTH_ENCRYPTION_KEY`/`NEXTAUTH_SECRET` variables are present in the environment.
## Connecting A Provider
1. Navigate to **Settings → Calendar Integrations**.
2. Select either **Add Google Calendar** or **Add Outlook Calendar**.
3. For Google: ensure **Settings → Integrations → Providers** is configured first (tenant-owned OAuth client + redirect URI).
4. Complete the configuration form:
- Give the provider an operator-friendly name.
- Supply the external calendar identifier (use `primary` for the default Google calendar or `calendar` for Outlook).
- Choose the desired sync direction and enable the provider.
5. Press **Authorize**. A vendor popup appears; complete the OAuth consent flow.
6. After a successful callback you will see the `OAuth Complete` badge. Save the form to persist changes.
## Monitoring Sync Health
- Each provider card now shows **Connection Status**, **OAuth badge**, **Last Sync**, and **Sync Direction** at a glance.
- Trigger a manual sync with **Sync Now**. While the job executes the button displays `Syncing…` and a spinner badge appears.
- Successful runs emit a green confirmation banner; any issues surface as a red alert and the provider status flips to `Error` until the next healthy sync.
- Error text in the card mirrors backend status details, making it easy to copy into incident tickets.
## Conflict Handling
- When both systems edit the same entry the subscriber marks the mapping as `Conflict` and emits a notification event.
- UI surfaces show `Conflict` badges and direct users back to Calendar Settings to resolve.
- Operators should review the mapping, decide which side wins, and re-run the manual sync once conflict remediation is complete.
## Deleting A Provider
1. Select **Delete** in the provider card.
2. A confirmation dialog explains the blast radius (webhooks removed, sync halted). Confirm to proceed.
3. The provider is removed and a toast confirms success. Any scheduled jobs referencing the provider will skip automatically.
## Troubleshooting Checklist
- **Authorization failures**: ensure the OAuth popup is not blocked and that tenant secrets are valid.
- **Stale last sync**: run a manual sync to force a pass; if the timestamp does not advance check webhook subscriptions.
- **Webhook errors**: consult the `calendar-webhook-maintenance` job logs. Google uses Calendar “watch” channels (webhook) and Microsoft uses Graph subscriptions; both are renewed by maintenance jobs.
- **Multi-tenant bleed**: confirm the provider belongs to the active tenant. All actions enforce tenant scoping; mismatches result in `Forbidden` errors.
- **Conflicts stuck**: if repeated conflicts appear, reset the mappings `sync_status` through the conflict resolution workflow and retry.
## Escalation
- Pager duty rotation: **Platform Integrations**.
- Slack channel: `#calendar-sync-ops` (monitor for automated alerts from the webhook maintenance job).
- Include provider name, tenant, last sync timestamp, and any alert messages when escalating.
Reference in New Issue View Git Blame Copy Permalink