feat(webapp,clickhouse,database,core): Session primitive (server side)

Durable, typed, bidirectional I/O primitive that outlives a single run.
Ship target is agent/chat use cases; run-scoped streams.pipe/streams.input
are untouched and do not create Session rows.

Postgres
- New Session table: id, friendlyId, externalId, type (plain string),
  denormalised project/environment/organization scalar columns (no FKs),
  taskIdentifier, tags String[], metadata Json, closedAt, closedReason,
  expiresAt, timestamps
- Point-lookup indexes only (friendlyId unique, (env, externalId) unique,
  expiresAt). List queries are served from ClickHouse so Postgres stays
  minimal and insert-heavy.

Control-plane API
- POST   /api/v1/sessions           create (idempotent via externalId)
- GET    /api/v1/sessions           list with filters (type, tag,
                                     taskIdentifier, externalId, status
                                     ACTIVE|CLOSED|EXPIRED, period/from/to)
                                     and cursor pagination, ClickHouse-backed
- GET    /api/v1/sessions/:session  retrieve — polymorphic: `session_` prefix
                                     hits friendlyId, otherwise externalId
- PATCH  /api/v1/sessions/:session  update tags/metadata/externalId
- POST   /api/v1/sessions/:session/close  terminal close (idempotent)

Realtime (S2-backed)
- PUT    /realtime/v1/sessions/:session/:io           returns S2 creds
- GET    /realtime/v1/sessions/:session/:io           SSE subscribe
- POST   /realtime/v1/sessions/:session/:io/append    server-side append
- S2 key format: sessions/{friendlyId}/{out|in}

Auth
- sessions added to ResourceTypes. read:sessions:{id},
  write:sessions:{id}, admin:sessions:{id} scopes work via existing JWT
  validation.

ClickHouse
- sessions_v1 ReplacingMergeTree table
- SessionsReplicationService mirrors RunsReplicationService exactly:
  logical replication with leader-locked consumer, ConcurrentFlushScheduler,
  retry with exponential backoff + jitter, identical metric shape.
  Dedicated slot + publication (sessions_to_clickhouse_v1[_publication]).
- SessionsRepository + ClickHouseSessionsRepository expose list, count,
  tags with cursor pagination keyed by (created_at DESC, session_id DESC).
- Derived status (ACTIVE/CLOSED/EXPIRED) computed from closed_at + expires_at;
  in-memory fallback on list results to catch pre-replication writes.

Verification
- Webapp typecheck 10/10
- Core + SDK build 3/3
- sessionsReplicationService.test.ts integration tests 2/2 (insert + update
  round-trip via testcontainers)
- Live round-trip against local dev: create -> retrieve (friendlyId and
  externalId) -> out.initialize -> out.append x2 -> in.send -> out.subscribe
  (receives records) -> close -> ClickHouse sessions_v1 shows the replicated
  row with closed_reason
- Live list smoke: tag, type, status CLOSED, externalId, and cursor pagination

Author: ericallam

.changeset/session-primitive.md

@@ -0,0 +1,5 @@
+---
+"@trigger.dev/core": patch
+---
+
+Add `SessionId` friendly ID generator and schemas for the new durable Session primitive. Exported from `@trigger.dev/core/v3/isomorphic` alongside `RunId`, `BatchId`, etc.

.server-changes/session-primitive.md

@@ -0,0 +1,6 @@
+---
+area: webapp
+type: feature
+---
+
+Add `Session` primitive — a durable, typed, bidirectional I/O primitive that outlives a single run, intended for agent/chat use cases. Ships the Postgres schema (`Session` table), control-plane CRUD routes (`POST/GET/PATCH /api/v1/sessions`, `POST /api/v1/sessions/:session/close` — polymorphic on friendlyId or externalId), `sessions` JWT scope, ClickHouse `sessions_v1` table, and `SessionsReplicationService` (logical replication from Postgres `Session` → ClickHouse `sessions_v1`). Run-scoped realtime streams (`streams.pipe`/`streams.input`) are unchanged and do **not** create Session rows.

apps/webapp/app/entry.server.tsx

@@ -23,6 +23,34 @@ import {
   registerRunEngineEventBusHandlers,
   setupBatchQueueCallbacks,
 } from "./v3/runEngineHandlers.server";
+import { sessionsReplicationInstance } from "./services/sessionsReplicationInstance.server";
+import { signalsEmitter } from "./services/signals.server";
+
+// Start the sessions replication service (subscribes to the logical replication
+// slot, runs leader election, flushes to ClickHouse). Done at entry level so it
+// runs deterministically on webapp boot rather than lazily via a singleton
+// reference elsewhere in the module graph.
+if (sessionsReplicationInstance && env.SESSION_REPLICATION_ENABLED === "1") {
+  sessionsReplicationInstance
+    .start()
+    .then(() => {
+      console.log("🗃️ Sessions replication service started");
+    })
+    .catch((error) => {
+      console.error("🗃️ Sessions replication service failed to start", {
+        error,
+      });
+    });
+
+  signalsEmitter.on(
+    "SIGTERM",
+    sessionsReplicationInstance.shutdown.bind(sessionsReplicationInstance)
+  );
+  signalsEmitter.on(
+    "SIGINT",
+    sessionsReplicationInstance.shutdown.bind(sessionsReplicationInstance)
+  );
+}
 
 const ABORT_DELAY = 30000;
 

apps/webapp/app/env.server.ts

@@ -1213,6 +1213,38 @@ const EnvironmentSchema = z
     RUN_REPLICATION_DISABLE_PAYLOAD_INSERT: z.string().default("0"),
     RUN_REPLICATION_DISABLE_ERROR_FINGERPRINTING: z.string().default("0"),
 
+    // Session replication (Postgres → ClickHouse sessions_v1). Shares Redis
+    // with the runs replicator for leader locking but has its own slot and
+    // publication so the two consume independently.
+    SESSION_REPLICATION_CLICKHOUSE_URL: z.string().optional(),
+    SESSION_REPLICATION_ENABLED: z.string().default("0"),
+    SESSION_REPLICATION_SLOT_NAME: z.string().default("sessions_to_clickhouse_v1"),
+    SESSION_REPLICATION_PUBLICATION_NAME: z
+      .string()
+      .default("sessions_to_clickhouse_v1_publication"),
+    SESSION_REPLICATION_MAX_FLUSH_CONCURRENCY: z.coerce.number().int().default(1),
+    SESSION_REPLICATION_FLUSH_INTERVAL_MS: z.coerce.number().int().default(1000),
+    SESSION_REPLICATION_FLUSH_BATCH_SIZE: z.coerce.number().int().default(100),
+    SESSION_REPLICATION_LEADER_LOCK_TIMEOUT_MS: z.coerce.number().int().default(30_000),
+    SESSION_REPLICATION_LEADER_LOCK_EXTEND_INTERVAL_MS: z.coerce.number().int().default(10_000),
+    SESSION_REPLICATION_LEADER_LOCK_ADDITIONAL_TIME_MS: z.coerce.number().int().default(10_000),
+    SESSION_REPLICATION_LEADER_LOCK_RETRY_INTERVAL_MS: z.coerce.number().int().default(500),
+    SESSION_REPLICATION_ACK_INTERVAL_SECONDS: z.coerce.number().int().default(10),
+    SESSION_REPLICATION_LOG_LEVEL: z
+      .enum(["log", "error", "warn", "info", "debug"])
+      .default("info"),
+    SESSION_REPLICATION_CLICKHOUSE_LOG_LEVEL: z
+      .enum(["log", "error", "warn", "info", "debug"])
+      .default("info"),
+    SESSION_REPLICATION_WAIT_FOR_ASYNC_INSERT: z.string().default("0"),
+    SESSION_REPLICATION_KEEP_ALIVE_ENABLED: z.string().default("0"),
+    SESSION_REPLICATION_KEEP_ALIVE_IDLE_SOCKET_TTL_MS: z.coerce.number().int().optional(),
+    SESSION_REPLICATION_MAX_OPEN_CONNECTIONS: z.coerce.number().int().default(10),
+    SESSION_REPLICATION_INSERT_STRATEGY: z.enum(["insert", "insert_async"]).default("insert"),
+    SESSION_REPLICATION_INSERT_MAX_RETRIES: z.coerce.number().int().default(3),
+    SESSION_REPLICATION_INSERT_BASE_DELAY_MS: z.coerce.number().int().default(100),
+    SESSION_REPLICATION_INSERT_MAX_DELAY_MS: z.coerce.number().int().default(2000),
+
     // Clickhouse
     CLICKHOUSE_URL: z.string(),
     CLICKHOUSE_KEEP_ALIVE_ENABLED: z.string().default("1"),

apps/webapp/app/routes/api.v1.sessions.$session.close.ts

@@ -0,0 +1,61 @@
+import { json } from "@remix-run/server-runtime";
+import {
+  CloseSessionRequestBody,
+  type RetrieveSessionResponseBody,
+} from "@trigger.dev/core/v3";
+import { z } from "zod";
+import { prisma } from "~/db.server";
+import {
+  resolveSessionByIdOrExternalId,
+  serializeSession,
+} from "~/services/realtime/sessions.server";
+import { createActionApiRoute } from "~/services/routeBuilders/apiBuilder.server";
+
+const ParamsSchema = z.object({
+  session: z.string(),
+});
+
+const { action } = createActionApiRoute(
+  {
+    params: ParamsSchema,
+    body: CloseSessionRequestBody,
+    maxContentLength: 1024,
+    method: "POST",
+    allowJWT: true,
+    corsStrategy: "all",
+    authorization: {
+      action: "admin",
+      resource: (params) => ({ sessions: params.session }),
+      superScopes: ["admin:sessions", "admin:all", "admin"],
+    },
+  },
+  async ({ authentication, params, body }) => {
+    const existing = await resolveSessionByIdOrExternalId(
+      prisma,
+      authentication.environment.id,
+      params.session
+    );
+
+    if (!existing) {
+      return json({ error: "Session not found" }, { status: 404 });
+    }
+
+    // Idempotent: if already closed, return the current row without clobbering
+    // the original closedAt / closedReason.
+    if (existing.closedAt) {
+      return json<RetrieveSessionResponseBody>(serializeSession(existing));
+    }
+
+    const updated = await prisma.session.update({
+      where: { id: existing.id },
+      data: {
+        closedAt: new Date(),
+        closedReason: body.reason ?? null,
+      },
+    });
+
+    return json<RetrieveSessionResponseBody>(serializeSession(updated));
+  }
+);
+
+export { action };

apps/webapp/app/routes/api.v1.sessions.$session.ts

@@ -0,0 +1,86 @@
+import { json } from "@remix-run/server-runtime";
+import {
+  type RetrieveSessionResponseBody,
+  UpdateSessionRequestBody,
+} from "@trigger.dev/core/v3";
+import { Prisma } from "@trigger.dev/database";
+import { z } from "zod";
+import { $replica, prisma } from "~/db.server";
+import {
+  resolveSessionByIdOrExternalId,
+  serializeSession,
+} from "~/services/realtime/sessions.server";
+import {
+  createActionApiRoute,
+  createLoaderApiRoute,
+} from "~/services/routeBuilders/apiBuilder.server";
+
+const ParamsSchema = z.object({
+  session: z.string(),
+});
+
+export const loader = createLoaderApiRoute(
+  {
+    params: ParamsSchema,
+    allowJWT: true,
+    corsStrategy: "all",
+    findResource: async (params, auth) => {
+      return resolveSessionByIdOrExternalId($replica, auth.environment.id, params.session);
+    },
+    authorization: {
+      action: "read",
+      resource: (session) => ({ sessions: [session.friendlyId, session.externalId ?? ""] }),
+      superScopes: ["read:sessions", "read:all", "admin"],
+    },
+  },
+  async ({ resource: session }) => {
+    return json<RetrieveSessionResponseBody>(serializeSession(session));
+  }
+);
+
+const { action } = createActionApiRoute(
+  {
+    params: ParamsSchema,
+    body: UpdateSessionRequestBody,
+    maxContentLength: 1024 * 32,
+    method: "PATCH",
+    allowJWT: true,
+    corsStrategy: "all",
+    authorization: {
+      action: "admin",
+      resource: (params) => ({ sessions: params.session }),
+      superScopes: ["admin:sessions", "admin:all", "admin"],
+    },
+  },
+  async ({ authentication, params, body }) => {
+    const existing = await resolveSessionByIdOrExternalId(
+      prisma,
+      authentication.environment.id,
+      params.session
+    );
+
+    if (!existing) {
+      return json({ error: "Session not found" }, { status: 404 });
+    }
+
+    const updated = await prisma.session.update({
+      where: { id: existing.id },
+      data: {
+        ...(body.tags !== undefined ? { tags: body.tags } : {}),
+        ...(body.metadata !== undefined
+          ? {
+              metadata:
+                body.metadata === null
+                  ? Prisma.JsonNull
+                  : (body.metadata as Prisma.InputJsonValue),
+            }
+          : {}),
+        ...(body.externalId !== undefined ? { externalId: body.externalId } : {}),
+      },
+    });
+
+    return json<RetrieveSessionResponseBody>(serializeSession(updated));
+  }
+);
+
+export { action };

apps/webapp/app/routes/api.v1.sessions.ts

@@ -0,0 +1,159 @@
+import { json } from "@remix-run/server-runtime";
+import {
+  CreateSessionRequestBody,
+  type CreatedSessionResponseBody,
+  ListSessionsQueryParams,
+  type ListSessionsResponseBody,
+  type SessionStatus,
+} from "@trigger.dev/core/v3";
+import { SessionId } from "@trigger.dev/core/v3/isomorphic";
+import type { Prisma, Session } from "@trigger.dev/database";
+import { $replica, prisma, type PrismaClient } from "~/db.server";
+import { clickhouseClient } from "~/services/clickhouseInstance.server";
+import { serializeSession } from "~/services/realtime/sessions.server";
+import { SessionsRepository } from "~/services/sessionsRepository/sessionsRepository.server";
+import {
+  createActionApiRoute,
+  createLoaderApiRoute,
+} from "~/services/routeBuilders/apiBuilder.server";
+import { ServiceValidationError } from "~/v3/services/common.server";
+
+function asArray<T>(value: T | T[] | undefined): T[] | undefined {
+  if (value === undefined) return undefined;
+  return Array.isArray(value) ? value : [value];
+}
+
+export const loader = createLoaderApiRoute(
+  {
+    searchParams: ListSessionsQueryParams,
+    findResource: async () => 1,
+  },
+  async ({ searchParams, authentication }) => {
+    const repository = new SessionsRepository({
+      clickhouse: clickhouseClient,
+      prisma: $replica as PrismaClient,
+    });
+
+    // `page[after]` is the forward cursor, `page[before]` is the backward
+    // cursor. The repository internally keys off `{cursor, direction}`.
+    const cursor = searchParams["page[after]"] ?? searchParams["page[before]"];
+    const direction = searchParams["page[before]"] ? "backward" : "forward";
+
+    const { sessions: rows, pagination } = await repository.listSessions({
+      organizationId: authentication.environment.organizationId,
+      projectId: authentication.environment.projectId,
+      environmentId: authentication.environment.id,
+      types: asArray(searchParams["filter[type]"]),
+      tags: asArray(searchParams["filter[tags]"]),
+      taskIdentifiers: asArray(searchParams["filter[taskIdentifier]"]),
+      externalId: searchParams["filter[externalId]"],
+      statuses: asArray(searchParams["filter[status]"]) as SessionStatus[] | undefined,
+      period: searchParams["filter[createdAt][period]"],
+      from: searchParams["filter[createdAt][from]"],
+      to: searchParams["filter[createdAt][to]"],
+      page: {
+        size: searchParams["page[size]"],
+        cursor,
+        direction,
+      },
+    });
+
+    return json<ListSessionsResponseBody>({
+      data: rows.map((session) =>
+        serializeSession({
+          ...session,
+          // Columns the list query doesn't select — filled so `serializeSession`
+          // can operate on a narrowed payload without type errors.
+          projectId: authentication.environment.projectId,
+          environmentType: authentication.environment.type,
+          organizationId: authentication.environment.organizationId,
+        } as Session)
+      ),
+      pagination: {
+        ...(pagination.nextCursor ? { next: pagination.nextCursor } : {}),
+        ...(pagination.previousCursor ? { previous: pagination.previousCursor } : {}),
+      },
+    });
+  }
+);
+
+const { action } = createActionApiRoute(
+  {
+    body: CreateSessionRequestBody,
+    method: "POST",
+    maxContentLength: 1024 * 32, // 32KB — metadata is the only thing that grows
+  },
+  async ({ authentication, body }) => {
+    try {
+      let session: Session;
+      let isCached = false;
+
+      if (body.externalId) {
+        // Idempotent: (env, externalId) uniquely identifies the Session.
+        const existing = await prisma.session.findUnique({
+          where: {
+            runtimeEnvironmentId_externalId: {
+              runtimeEnvironmentId: authentication.environment.id,
+              externalId: body.externalId,
+            },
+          },
+        });
+
+        if (existing) {
+          session = existing;
+          isCached = true;
+        } else {
+          const { id, friendlyId } = SessionId.generate();
+          session = await prisma.session.create({
+            data: {
+              id,
+              friendlyId,
+              externalId: body.externalId,
+              type: body.type,
+              taskIdentifier: body.taskIdentifier ?? null,
+              tags: body.tags ?? [],
+              metadata: body.metadata as Prisma.InputJsonValue | undefined,
+              expiresAt: body.expiresAt ?? null,
+              projectId: authentication.environment.projectId,
+              runtimeEnvironmentId: authentication.environment.id,
+              environmentType: authentication.environment.type,
+              organizationId: authentication.environment.organizationId,
+            },
+          });
+        }
+      } else {
+        const { id, friendlyId } = SessionId.generate();
+        session = await prisma.session.create({
+          data: {
+            id,
+            friendlyId,
+            type: body.type,
+            taskIdentifier: body.taskIdentifier ?? null,
+            tags: body.tags ?? [],
+            metadata: body.metadata as Prisma.InputJsonValue | undefined,
+            expiresAt: body.expiresAt ?? null,
+            projectId: authentication.environment.projectId,
+            runtimeEnvironmentId: authentication.environment.id,
+            environmentType: authentication.environment.type,
+            organizationId: authentication.environment.organizationId,
+          },
+        });
+      }
+
+      return json<CreatedSessionResponseBody>(
+        { ...serializeSession(session), isCached },
+        { status: isCached ? 200 : 201 }
+      );
+    } catch (error) {
+      if (error instanceof ServiceValidationError) {
+        return json({ error: error.message }, { status: 422 });
+      }
+      if (error instanceof Error) {
+        return json({ error: error.message }, { status: 500 });
+      }
+      return json({ error: "Something went wrong" }, { status: 500 });
+    }
+  }
+);
+
+export { action };