Merge pull request #54 from kossakovsky/develop

fix: resolve supabase-storage crash-loop (Region is missing)

.env.example

@@ -421,6 +421,25 @@ IMGPROXY_ENABLE_WEBP_DETECTION=true
 # Add your OpenAI API key to enable SQL Editor Assistant
 OPENAI_API_KEY=
 
+
+############
+# Storage - Configuration for S3 protocol endpoint
+############
+
+# S3 bucket when using S3 backend, directory name when using 'file'
+GLOBAL_S3_BUCKET=stub
+
+# Used for S3 protocol endpoint configuration
+REGION=stub
+
+# Equivalent to project_ref (S3 session token authentication)
+STORAGE_TENANT_ID=stub
+
+# Access to Storage via S3 protocol endpoint
+S3_PROTOCOL_ACCESS_KEY_ID=
+S3_PROTOCOL_ACCESS_KEY_SECRET=
+
+
 # ============================================
 # Cloudflare Tunnel Configuration (Optional)
 # ============================================

.github/workflows/claude-code-review.yml

@@ -1,44 +0,0 @@
-name: Claude Code Review
-
-on:
-  pull_request:
-    types: [opened, synchronize, ready_for_review, reopened]
-    # Optional: Only run on specific file changes
-    # paths:
-    #   - "src/**/*.ts"
-    #   - "src/**/*.tsx"
-    #   - "src/**/*.js"
-    #   - "src/**/*.jsx"
-
-jobs:
-  claude-review:
-    # Optional: Filter by PR author
-    # if: |
-    #   github.event.pull_request.user.login == 'external-contributor' ||
-    #   github.event.pull_request.user.login == 'new-developer' ||
-    #   github.event.pull_request.author_association == 'FIRST_TIME_CONTRIBUTOR'
-
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      pull-requests: read
-      issues: read
-      id-token: write
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 1
-
-      - name: Run Claude Code Review
-        id: claude-review
-        uses: anthropics/claude-code-action@v1
-        with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
-          plugin_marketplaces: 'https://github.com/anthropics/claude-code.git'
-          plugins: 'code-review@claude-code-plugins'
-          prompt: '/code-review:code-review ${{ github.repository }}/pull/${{ github.event.pull_request.number }}'
-          # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
-          # or https://code.claude.com/docs/en/cli-reference for available options
-

.github/workflows/claude.yml

@@ -1,50 +0,0 @@
-name: Claude Code
-
-on:
-  issue_comment:
-    types: [created]
-  pull_request_review_comment:
-    types: [created]
-  issues:
-    types: [opened, assigned]
-  pull_request_review:
-    types: [submitted]
-
-jobs:
-  claude:
-    if: |
-      (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
-      (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) ||
-      (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
-      (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')))
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      pull-requests: read
-      issues: read
-      id-token: write
-      actions: read # Required for Claude to read CI results on PRs
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 1
-
-      - name: Run Claude Code
-        id: claude
-        uses: anthropics/claude-code-action@v1
-        with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
-
-          # This is an optional setting that allows Claude to read CI results on PRs
-          additional_permissions: |
-            actions: read
-
-          # Optional: Give a custom prompt to Claude. If this is not specified, Claude will perform the instructions specified in the comment that tagged it.
-          # prompt: 'Update the pull request description to include a summary of changes.'
-
-          # Optional: Add claude_args to customize behavior and configuration
-          # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
-          # or https://code.claude.com/docs/en/cli-reference for available options
-          # claude_args: '--allowed-tools Bash(gh pr:*)'
-

CHANGELOG.md

@@ -2,6 +2,12 @@
 
 ## [Unreleased]
 
+## [1.4.1] - 2026-03-23
+
+### Fixed
+- **Supabase Storage** - Fix crash-loop (`Region is missing`) by adding missing S3 storage configuration variables (`REGION`, `GLOBAL_S3_BUCKET`, `STORAGE_TENANT_ID`) from upstream Supabase
+- **Supabase** - Sync new environment variables to existing `supabase/docker/.env` during updates (previously only populated on first install)
+
 ## [1.4.0] - 2026-03-15
 
 ### Added

VERSION

@@ -1 +1 @@
-1.3.3
+1.4.1

scripts/03_generate_secrets.sh

@@ -115,6 +115,8 @@ declare -A VARS_TO_GENERATE=(
     ["RAGFLOW_MINIO_ROOT_PASSWORD"]="password:32"
     ["RAGFLOW_MYSQL_ROOT_PASSWORD"]="password:32"
     ["RAGFLOW_REDIS_PASSWORD"]="password:32"
+    ["S3_PROTOCOL_ACCESS_KEY_ID"]="hex:32"
+    ["S3_PROTOCOL_ACCESS_KEY_SECRET"]="hex:64"
     ["SEARXNG_PASSWORD"]="password:32" # Added SearXNG admin password
     ["SECRET_KEY_BASE"]="base64:64" # 48 bytes -> 64 chars
     ["TEMPORAL_UI_PASSWORD"]="password:32" # Temporal UI basic auth password

start_services.py

@@ -71,18 +71,40 @@ def clone_supabase_repo():
         os.chdir("..")
 
 def prepare_supabase_env():
-    """Copy .env to .env in supabase/docker."""
+    """Copy .env to supabase/docker/.env, or sync new variables if it already exists."""
     if not is_supabase_enabled():
         print("Supabase is not enabled, skipping env preparation.")
         return
     env_path = os.path.join("supabase", "docker", ".env")
-    env_example_path = os.path.join(".env")
-    # Do not overwrite existing Supabase env to avoid credential drift
+    root_env_path = ".env"
     if os.path.exists(env_path):
-        print(f"Supabase env already exists at {env_path}, not overwriting.")
+        # Sync new variables from root .env that don't exist in supabase .env
+        print(f"Syncing new variables from root .env to {env_path}...")
+        root_env = dotenv_values(root_env_path)
+        supabase_env = dotenv_values(env_path)
+        new_vars = []
+        for key, value in root_env.items():
+            if key not in supabase_env and value is not None:
+                # Quote values to handle special characters safely
+                if '$' in value:
+                    new_vars.append(f"{key}='{value}'")
+                else:
+                    new_vars.append(f'{key}="{value}"')
+        if new_vars:
+            with open(env_path, 'r') as f:
+                existing_content = f.read()
+            sync_header = "# --- Variables synced from root .env ---"
+            with open(env_path, 'a') as f:
+                if sync_header not in existing_content:
+                    f.write(f"\n{sync_header}\n")
+                for var in new_vars:
+                    f.write(f"{var}\n")
+            print(f"Synced {len(new_vars)} new variable(s) to Supabase env.")
+        else:
+            print("Supabase env is up to date, no new variables to sync.")
         return
     print("Copying .env in root to .env in supabase/docker...")
-    shutil.copyfile(env_example_path, env_path)
+    shutil.copyfile(root_env_path, env_path)
 
 def clone_dify_repo():
     """Clone the Dify repository using sparse checkout if not already present."""