fix: dedupe alert_rules before creating unique index in setup_indexes()

The unique index on alert_rules.name was being created before duplicates
were cleaned up, causing DuplicateKeyError on startup when existing
duplicates were present. Move deduplication into setup_indexes() so it
runs before the unique index is created.

v1.7.6

VERSION

@@ -1 +1 @@
-1.7.3
+1.7.6

backend/database.py

@@ -12,6 +12,20 @@ alerts_collection = db["alerts"]
 logger = structlog.get_logger("aoc.database")
 
 
+def _dedupe_alert_rules():
+    """Remove duplicate alert_rules by name, keeping the oldest document."""
+    try:
+        pipeline = [
+            {"$sort": {"_id": ASCENDING}},
+            {"$group": {"_id": "$name", "first_id": {"$first": "$_id"}}},
+        ]
+        seen = {doc["_id"]: doc["first_id"] for doc in db["alert_rules"].aggregate(pipeline)}
+        for name, keep_id in seen.items():
+            db["alert_rules"].delete_many({"name": name, "_id": {"$ne": keep_id}})
+    except Exception:
+        pass  # Collection may not exist yet
+
+
 def setup_indexes(max_retries: int = 5, delay: float = 2.0):
     """Ensure MongoDB indexes exist. Retries on connection errors."""
     from time import sleep
@@ -23,6 +37,8 @@ def setup_indexes(max_retries: int = 5, delay: float = 2.0):
             events_collection.create_index([("service", ASCENDING), ("timestamp", DESCENDING)])
             events_collection.create_index("id")
             saved_searches_collection.create_index([("created_by", ASCENDING), ("created_at", DESCENDING)])
+            _dedupe_alert_rules()
+            db["alert_rules"].create_index("name", unique=True)
             events_collection.create_index(
                 [("actor_display", TEXT), ("raw_text", TEXT), ("operation", TEXT)],
                 name="text_search_index",

backend/rules.py

@@ -12,6 +12,7 @@ from datetime import UTC, datetime, timedelta
 import structlog
 from config import ALERT_DEDUPE_MINUTES, ALERT_WEBHOOK_FORMAT, ALERT_WEBHOOK_URL
 from database import db
+from pymongo import ASCENDING
 
 logger = structlog.get_logger("aoc.rules")
 rules_collection = db["alert_rules"]
@@ -136,9 +137,15 @@ def _create_alert(rule: dict, event: dict):
 
 
 def seed_default_rules():
-    """Insert pre-built admin-ops rule templates if the collection is empty."""
+    """Upsert pre-built admin-ops rule templates. Safe for concurrent startup."""
-    if rules_collection.count_documents({}) > 0:
+    # One-time cleanup: remove duplicates by name, keep the oldest (_id ascending)
-        return
+    pipeline = [
+        {"$sort": {"_id": ASCENDING}},
+        {"$group": {"_id": "$name", "first_id": {"$first": "$_id"}}},
+    ]
+    seen = {doc["_id"]: doc["first_id"] for doc in rules_collection.aggregate(pipeline)}
+    for name, keep_id in seen.items():
+        rules_collection.delete_many({"name": name, "_id": {"$ne": keep_id}})
 
     defaults = [
         {
@@ -261,8 +268,17 @@ def seed_default_rules():
         },
     ]
 
-    try:
+    inserted = 0
-        rules_collection.insert_many(defaults)
+    for rule in defaults:
-        logger.info("Default admin-ops rules seeded", count=len(defaults))
+        try:
-    except Exception as exc:
+            result = rules_collection.replace_one(
-        logger.warning("Failed to seed default rules", error=str(exc))
+                {"name": rule["name"]},
+                rule,
+                upsert=True,
+            )
+            if result.upserted_id:
+                inserted += 1
+        except Exception as exc:
+            logger.warning("Failed to seed rule", rule=rule["name"], error=str(exc))
+    if inserted:
+        logger.info("Default admin-ops rules seeded", inserted=inserted, total=len(defaults))