fix: prevent race condition in objectstore auth sync

Auctor · Auctor · commit 13ddb807e36e · 2026-01-08T18:00:46.000Z
Cherry-picked from upstream PR router-for-me#859
diff --git a/internal/store/objectstore.go b/internal/store/objectstore.go
@@ -386,11 +386,12 @@ func (s *ObjectTokenStore) syncConfigFromBucket(ctx context.Context, example str
 }
 
 func (s *ObjectTokenStore) syncAuthFromBucket(ctx context.Context) error {
-	if err := os.RemoveAll(s.authDir); err != nil {
-		return fmt.Errorf("object store: reset auth directory: %w", err)
-	}
+	// NOTE: We intentionally do NOT use os.RemoveAll here.
+	// Wiping the directory triggers file watcher delete events, which then
+	// propagate deletions to the remote object store (race condition).
+	// Instead, we just ensure the directory exists and overwrite files incrementally.
 	if err := os.MkdirAll(s.authDir, 0o700); err != nil {
-		return fmt.Errorf("object store: recreate auth directory: %w", err)
+		return fmt.Errorf("object store: create auth directory: %w", err)
 	}
 
 	prefix := s.prefixedKey(objectStoreAuthPrefix + "/")
