PauloniaAQP · ChrisChV · Feb 1, 2024 · Jan 30, 2024 · Feb 1, 2024
diff --git a/.github/workflows/deploy-to-prod.yml b/.github/workflows/deploy-to-prod.yml
@@ -0,0 +1,25 @@
+name: Deploy migrations to production
+
+on:
+  pull_request:
+    branches: [ main ]
+    types: [ closed ]
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    env:
+      SUPABASE_ACCESS_TOKEN: ${{ secrets.SUPABASE_ACCESS_TOKEN }}
+      SUPABASE_DB_PASSWORD: ${{ secrets.PRODUCTION_DB_PASSWORD }}
+      SUPABASE_PROJECT_ID: ${{ secrets.PRODUCTION_PROJECT_ID }}
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: supabase/setup-cli@v1
+        with:
+          version: latest
+
+      - run: supabase link --project-ref $SUPABASE_PROJECT_ID
+      - run: supabase db push
diff --git a/Makefile b/Makefile
diff --git a/supabase/.gitignore b/supabase/.gitignore
@@ -0,0 +1,4 @@
+# Supabase
+.branches
+.temp
+.env
diff --git a/supabase/config.toml b/supabase/config.toml
@@ -0,0 +1,151 @@
+# A string used to distinguish different Supabase projects on the same host. Defaults to the
+# working directory name when running `supabase init`.
+project_id = "shaka-opensource"
+
+[api]
+enabled = true
+# Port to use for the API URL.
+port = 54321
+# Schemas to expose in your API. Tables, views and stored procedures in this schema will get API
+# endpoints. public and storage are always included.
+schemas = ["public", "storage", "graphql_public"]
+# Extra schemas to add to the search_path of every request. public is always included.
+extra_search_path = ["public", "extensions"]
+# The maximum number of rows returns from a view, table, or stored procedure. Limits payload size
+# for accidental or malicious requests.
+max_rows = 1000
+
+[db]
+# Port to use for the local database URL.
+port = 54322
+# Port used by db diff command to initialize the shadow database.
+shadow_port = 54320
+# The database major version to use. This has to be the same as your remote database's. Run `SHOW
+# server_version;` on the remote database to check.
+major_version = 15
+
+[db.pooler]
+enabled = false
+# Port to use for the local connection pooler.
+port = 54329
+# Specifies when a server connection can be reused by other clients.
+# Configure one of the supported pooler modes: `transaction`, `session`.
+pool_mode = "transaction"
+# How many server connections to allow per user/database pair.
+default_pool_size = 20
+# Maximum number of client connections allowed.
+max_client_conn = 100
+
+[realtime]
+enabled = true
+# Bind realtime via either IPv4 or IPv6. (default: IPv6)
+# ip_version = "IPv6"
+# The maximum length in bytes of HTTP request headers. (default: 4096)
+# max_header_length = 4096
+
+[studio]
+enabled = true
+# Port to use for Supabase Studio.
+port = 54323
+# External URL of the API server that frontend connects to.
+api_url = "http://127.0.0.1"
+
+# Email testing server. Emails sent with the local dev setup are not actually sent - rather, they
+# are monitored, and you can view the emails that would have been sent from the web interface.
+[inbucket]
+enabled = true
+# Port to use for the email testing server web interface.
+port = 54324
+# Uncomment to expose additional ports for testing user applications that send emails.
+# smtp_port = 54325
+# pop3_port = 54326
+
+[storage]
+enabled = true
+# The maximum file size allowed (e.g. "5MB", "500KB").
+file_size_limit = "50MiB"
+
+[auth]
+enabled = true
+# The base URL of your website. Used as an allow-list for redirects and for constructing URLs used
+# in emails.
+site_url = "http://127.0.0.1:3000"
+# A list of *exact* URLs that auth providers are permitted to redirect to post authentication.
+additional_redirect_urls = ["https://127.0.0.1:3000"]
+# How long tokens are valid for, in seconds. Defaults to 3600 (1 hour), maximum 604,800 (1 week).
+jwt_expiry = 3600
+# If disabled, the refresh token will never expire.
+enable_refresh_token_rotation = true
+# Allows refresh tokens to be reused after expiry, up to the specified interval in seconds.
+# Requires enable_refresh_token_rotation = true.
+refresh_token_reuse_interval = 10
+# Allow/disallow new user signups to your project.
+enable_signup = true
+
+[auth.email]
+# Allow/disallow new user signups via email to your project.
+enable_signup = true
+# If enabled, a user will be required to confirm any email change on both the old, and new email
+# addresses. If disabled, only the new email is required to confirm.
+double_confirm_changes = true
+# If enabled, users need to confirm their email address before signing in.
+enable_confirmations = false
+
+# Uncomment to customize email template
+# [auth.email.template.invite]
+# subject = "You have been invited"
+# content_path = "./supabase/templates/invite.html"
+
+[auth.sms]
+# Allow/disallow new user signups via SMS to your project.
+enable_signup = true
+# If enabled, users need to confirm their phone number before signing in.
+enable_confirmations = false
+# Template for sending OTP to users
+template = "Your code is {{ .Code }} ."
+
+# Use pre-defined map of phone number to OTP for testing.
+[auth.sms.test_otp]
+# 4152127777 = "123456"
+
+# Configure one of the supported SMS providers: `twilio`, `twilio_verify`, `messagebird`, `textlocal`, `vonage`.
+[auth.sms.twilio]
+enabled = false
+account_sid = ""
+message_service_sid = ""
+# DO NOT commit your Twilio auth token to git. Use environment variable substitution instead:
+auth_token = "env(SUPABASE_AUTH_SMS_TWILIO_AUTH_TOKEN)"
+
+# Use an external OAuth provider. The full list of providers are: `apple`, `azure`, `bitbucket`,
+# `discord`, `facebook`, `github`, `gitlab`, `google`, `keycloak`, `linkedin`, `notion`, `twitch`,
+# `twitter`, `slack`, `spotify`, `workos`, `zoom`.
+[auth.external.apple]
+enabled = false
+client_id = ""
+# DO NOT commit your OAuth provider secret to git. Use environment variable substitution instead:
+secret = "env(SUPABASE_AUTH_EXTERNAL_APPLE_SECRET)"
+# Overrides the default auth redirectUrl.
+redirect_uri = ""
+# Overrides the default auth provider URL. Used to support self-hosted gitlab, single-tenant Azure,
+# or any other third-party OIDC providers.
+url = ""
+
+[analytics]
+enabled = false
+port = 54327
+vector_port = 54328
+# Configure one of the supported backends: `postgres`, `bigquery`.
+backend = "postgres"
+
+# Experimental features may be deprecated any time
+[experimental]
+# Configures Postgres storage engine to use OrioleDB (S3)
+orioledb_version = ""
+# Configures S3 bucket URL, eg. <bucket_name>.s3-<region>.amazonaws.com
+s3_host = "env(S3_HOST)"
+# Configures S3 bucket region, eg. us-east-1
+s3_region = "env(S3_REGION)"
+# Configures AWS_ACCESS_KEY_ID for S3 bucket
+s3_access_key = "env(S3_ACCESS_KEY)"
+# Configures AWS_SECRET_ACCESS_KEY for S3 bucket
+s3_secret_key = "env(S3_SECRET_KEY)"
diff --git a/supabase/migrations/20240110231549_organization.sql b/supabase/migrations/20240110231549_organization.sql
@@ -0,0 +1,63 @@
+create type "public"."organization_type" as enum ('free', 'pay', 'enterprise');
+
+create sequence "public"."organization_id_seq";
+
+create table "public"."organization" (
+    "id" integer not null default nextval('organization_id_seq'::regclass),
+    "name" text,
+    "type" organization_type,
+    "created_at" timestamp without time zone default now()
+);
+
+
+alter table "public"."organization" enable row level security;
+
+alter sequence "public"."organization_id_seq" owned by "public"."organization"."id";
+
+CREATE UNIQUE INDEX organization_pkey ON public.organization USING btree (id);
+
+alter table "public"."organization" add constraint "organization_pkey" PRIMARY KEY using index "organization_pkey";
+
+grant delete on table "public"."organization" to "anon";
+
+grant insert on table "public"."organization" to "anon";
+
+grant references on table "public"."organization" to "anon";
+
+grant select on table "public"."organization" to "anon";
+
+grant trigger on table "public"."organization" to "anon";
+
+grant truncate on table "public"."organization" to "anon";
+
+grant update on table "public"."organization" to "anon";
+
+grant delete on table "public"."organization" to "authenticated";
+
+grant insert on table "public"."organization" to "authenticated";
+
+grant references on table "public"."organization" to "authenticated";
+
+grant select on table "public"."organization" to "authenticated";
+
+grant trigger on table "public"."organization" to "authenticated";
+
+grant truncate on table "public"."organization" to "authenticated";
+
+grant update on table "public"."organization" to "authenticated";
+
+grant delete on table "public"."organization" to "service_role";
+
+grant insert on table "public"."organization" to "service_role";
+
+grant references on table "public"."organization" to "service_role";
+
+grant select on table "public"."organization" to "service_role";
+
+grant trigger on table "public"."organization" to "service_role";
+
+grant truncate on table "public"."organization" to "service_role";
+
+grant update on table "public"."organization" to "service_role";
+
+
diff --git a/supabase/migrations/20240201221317_users_table.sql b/supabase/migrations/20240201221317_users_table.sql
@@ -0,0 +1,71 @@
+create type "public"."user_role" as enum ('admin');
+
+create sequence "public"."user_id_seq";
+
+create table "public"."user" (
+    "id" integer not null default nextval('user_id_seq'::regclass),
+    "name" character varying not null,
+    "email" character varying not null,
+    "role" user_role not null,
+    "organization_id" integer not null,
+    "created_at" timestamp without time zone default now()
+);
+
+
+alter sequence "public"."user_id_seq" owned by "public"."user"."id";
+
+CREATE UNIQUE INDEX user_email_key ON public."user" USING btree (email);
+
+CREATE UNIQUE INDEX user_pkey ON public."user" USING btree (id);
+
+alter table "public"."user" add constraint "user_pkey" PRIMARY KEY using index "user_pkey";
+
+alter table "public"."user" add constraint "user_email_key" UNIQUE using index "user_email_key";
+
+alter table "public"."user" add constraint "user_organization_id_fkey" FOREIGN KEY (organization_id) REFERENCES organization(id) not valid;
+
+alter table "public"."user" validate constraint "user_organization_id_fkey";
+
+grant delete on table "public"."user" to "anon";
+
+grant insert on table "public"."user" to "anon";
+
+grant references on table "public"."user" to "anon";
+
+grant select on table "public"."user" to "anon";
+
+grant trigger on table "public"."user" to "anon";
+
+grant truncate on table "public"."user" to "anon";
+
+grant update on table "public"."user" to "anon";
+
+grant delete on table "public"."user" to "authenticated";
+
+grant insert on table "public"."user" to "authenticated";
+
+grant references on table "public"."user" to "authenticated";
+
+grant select on table "public"."user" to "authenticated";
+
+grant trigger on table "public"."user" to "authenticated";
+
+grant truncate on table "public"."user" to "authenticated";
+
+grant update on table "public"."user" to "authenticated";
+
+grant delete on table "public"."user" to "service_role";
+
+grant insert on table "public"."user" to "service_role";
+
+grant references on table "public"."user" to "service_role";
+
+grant select on table "public"."user" to "service_role";
+
+grant trigger on table "public"."user" to "service_role";
+
+grant truncate on table "public"."user" to "service_role";
+
+grant update on table "public"."user" to "service_role";
+
+
diff --git a/supabase/seed.sql b/supabase/seed.sql