From 88a4e93194fab86080018296ad8b3cc1f050775c Mon Sep 17 00:00:00 2001
From: Brad Stein <Brad.Stein@gmail.com>
Date: Wed, 28 Jan 2026 13:23:25 -0300
Subject: [PATCH] comms: tolerate MAS login rate limits

---
 .../oneoffs/mas-local-users-ensure-job.yaml   | 39 ++++++++++---------
 1 file changed, 21 insertions(+), 18 deletions(-)

diff --git a/services/comms/oneoffs/mas-local-users-ensure-job.yaml b/services/comms/oneoffs/mas-local-users-ensure-job.yaml
index a51aa09..20e1825 100644
--- a/services/comms/oneoffs/mas-local-users-ensure-job.yaml
+++ b/services/comms/oneoffs/mas-local-users-ensure-job.yaml
@@ -225,18 +225,21 @@ spec:
                   login_name = username
                   if not login_name.startswith("@"):
                       login_name = f"@{login_name}:{SERVER_NAME}"
-                  r = request_with_retry(
-                      "POST",
-                      f"{AUTH_BASE}/_matrix/client/v3/login",
-                      json={
-                          "type": "m.login.password",
-                          "identifier": {"type": "m.id.user", "user": login_name},
-                          "password": password,
-                      },
-                      timeout=30,
-                  )
-                  if r.status_code != 200:
-                      raise RuntimeError(f"login failed for {username}: {r.status_code} {r.text}")
+    r = request_with_retry(
+        "POST",
+        f"{AUTH_BASE}/_matrix/client/v3/login",
+        json={
+            "type": "m.login.password",
+            "identifier": {"type": "m.id.user", "user": login_name},
+            "password": password,
+        },
+        timeout=30,
+    )
+    if r.status_code == 429:
+        return False
+    if r.status_code != 200:
+        raise RuntimeError(f"login failed for {username}: {r.status_code} {r.text}")
+    return True
 
               wait_for_service(MAS_ADMIN_API_BASE)
               token = admin_token()
@@ -245,10 +248,10 @@ spec:
               bot_quick_pass = os.environ.get("BOT_PASS_QUICK", "")
               bot_smart_pass = os.environ.get("BOT_PASS_SMART", "")
 
-              ensure_user(token, os.environ["SEEDER_USER"], os.environ["SEEDER_PASS"])
-              ensure_user(token, os.environ["BOT_USER"], os.environ["BOT_PASS"])
-              if bot_quick and bot_quick_pass:
-                  ensure_user(token, bot_quick, bot_quick_pass)
-              if bot_smart and bot_smart_pass:
-                  ensure_user(token, bot_smart, bot_smart_pass)
+ensure_user(token, os.environ["SEEDER_USER"], os.environ["SEEDER_PASS"])
+ensure_user(token, os.environ["BOT_USER"], os.environ["BOT_PASS"])
+if bot_quick and bot_quick_pass:
+    ensure_user(token, bot_quick, bot_quick_pass)
+if bot_smart and bot_smart_pass:
+    ensure_user(token, bot_smart, bot_smart_pass)
               PY