Skip to content

[WIP] Update environment variables and GitHub secrets for Supabase setup#3

Draft
mjamesbond with Copilot wants to merge 1 commit into
mainfrom
copilot/update-env-variables-and-secrets
Draft

[WIP] Update environment variables and GitHub secrets for Supabase setup#3
mjamesbond with Copilot wants to merge 1 commit into
mainfrom
copilot/update-env-variables-and-secrets

Conversation

Copilot AI commented Apr 17, 2026

Copy link
Copy Markdown
Contributor

Thanks for asking me to work on this. I will get started on it and keep this PR's description up to date as I form a plan and make progress.

Original prompt

🔧 شامل: إعداد Supabase الجديد + GitHub Integration + Migrations

📋 المعلومات المعطاة:

Supabase Project:

  • URL: https://eojxsmmyowegimjljhpn.supabase.co
  • Anon Key: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImVvanhzbW15b3dlZ2ltamxqaHBuIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NzY0MjY4MDEsImV4cCI6MjA5MjAwMjgwMX0.Rx7KOUCfrB5ltOIR-DjZ7xye6NcVP4EueeX2UjhY1as
  • Service Role Key: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImVvanhzbW15b3dlZ2ltamxqaHBuIiwicm9sZSI6InNlcnZpY2Vfcm9sZSIsImlhdCI6MTc3NjQyNjgwMSwiZXhwIjoyMDkyMDAyODAxfQ.HhRyemynGCPVJrHxZncGQvMDmJd2r9LINh-I3OhDf2g

GitHub Repository:

  • Owner: SynapBytes
  • Repo: haqak
  • Languages: TypeScript 87%, PLpgSQL 12.3%, Other 0.7%

🎯 المهام الشاملة:

1️⃣ تحديث Environment Variables و GitHub Secrets:

ملف: .env.example - تحديث كامل:

# ── Supabase Configuration (NEW PROJECT) ─────────────────────
VITE_SUPABASE_URL=https://eojxsmmyowegimjljhpn.supabase.co
VITE_SUPABASE_PUBLISHABLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImVvanhzbW15b3dlZ2ltamxqaHBuIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NzY0MjY4MDEsImV4cCI6MjA5MjAwMjgwMX0.Rx7KOUCfrB5ltOIR-DjZ7xye6NcVP4EueeX2UjhY1as

# ── GitHub Actions Secrets (Store in GitHub, DO NOT commit) ────
SUPABASE_PROJECT_ID=eojxsmmyowegimjljhpn
SUPABASE_ACCESS_TOKEN=your_supabase_personal_access_token
SUPABASE_URL=https://eojxsmmyowegimjljhpn.supabase.co
SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImVvanhzbW15b3dlZ2ltamxqaHBuIiwicm9sZSI6InNlcnZpY2Vfcm9sZSIsImlhdCI6MTc3NjQyNjgwMSwiZXhwIjoyMDkyMDAyODAxfQ.HhRyemynGCPVJrHxZncGQvMDmJd2r9LINh-I3OhDf2g

# ── Frontend (Vite) ──────────────────────────────────────────
VITE_TURNSTILE_SITE_KEY=your_turnstile_site_key
VITE_VAPID_PUBLIC_KEY=your_vapid_public_key
VITE_ENV=production
VITE_MAP_TILE_URL=https://{s}.tile.openstreetmap.org/{z}/{x}/{y}.webp

# ── Analytics ────────────────────────────────────────────────
VITE_POSTHOG_KEY=phc_your_posthog_project_api_key
VITE_POSTHOG_HOST=https://app.posthog.com
VITE_HASH_SALT=$(openssl rand -hex 32)

# ── Error Monitoring ─────────────────────────────────────────
VITE_SENTRY_DSN=https://your_sentry_dsn@sentry.io/your_project_id

# ── Backend (Supabase Edge Functions) ────────────────────────
TURNSTILE_SECRET_KEY=your_turnstile_secret_key
ENVIRONMENT=production

# ── Secrets (Generate with: openssl rand -hex 32) ────────────
OTP_HMAC_SECRET=$(openssl rand -hex 32)
AUDIT_HMAC_KEY=$(openssl rand -hex 32)

# ── AI (Optional) ────────────────────────────────────────────
OPENAI_API_KEY=your_openai_api_key
OPENAI_MODEL=gpt-4o-mini
GEMINI_API_KEY=your_gemini_api_key
ALLOWED_IMAGE_HOSTS=

# ── Email (Resend) ──────────────────────────────────────────
RESEND_API_KEY=your_resend_api_key
RESEND_FROM_EMAIL="Haqak <no-reply@haqak.org>"

# ── Push Notifications (VAPID) ──────────────────────────────
VAPID_PUBLIC_KEY=your_vapid_public_key
VAPID_PRIVATE_KEY=your_vapid_private_key
VAPID_SUBJECT=mailto:admin@haqak.org

# ── CORS ─────────────────────────────────────────────────────
ALLOWED_ORIGINS=https://haqak.org,https://www.haqak.org

2️⃣ إنشاء Supabase Migrations Script:

ملف جديد: scripts/setup-supabase.sh

#!/bin/bash

# ═══════════════════════════════════════════════════════════
# Supabase Setup Script - Initialize New Project
# ═══════════════════════════════════════════════════════════

set -e

echo "🚀 Starting Supabase setup..."
echo ""

# Configuration
PROJECT_REF="eojxsmmyowegimjljhpn"
SUPABASE_URL="https://eojxsmmyowegimjljhpn.supabase.co"
SERVICE_ROLE_KEY="eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImVvanhzbW15b3dlZ2ltamxqaHBuIiwicm9sZSI6InNlcnZpY2Vfcm9sZSIsImlhdCI6MTc3NjQyNjgwMSwiZXhwIjoyMDkyMDAyODAxfQ.HhRyemynGCPVJrHxZncGQvMDmJd2r9LINh-I3OhDf2g"

echo "📌 Project Reference: $PROJECT_REF"
echo "📌 Supabase URL: $SUPABASE_URL"
echo ""

# Step 1: Link to Supabase
echo "1️⃣ Linking to Supabase project..."
supabase link --project-ref "$PROJECT_REF" || echo "Already linked"
echo "✅ Linked successfully"
echo ""

# Step 2: Push migrations
echo "2️⃣ Pushing database migrations..."
supabase db push --dry-run
read -p "Review migrations above. Continue? (y/n) " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
  supabase db push
  echo "✅ Migrations pushed"
else
  echo "❌ Aborted"
  exit 1
fi
echo ""

# Step 3: Set up secrets in Supabase Vault
echo "3️⃣ Setting up Supabase Vault secrets..."
OTP_HMAC_SECRET=$(openssl rand -hex 32)
AUDIT_HMAC_KEY=$(openssl rand -hex 32)

echo "   Setting OTP_HMAC_SECRET..."
supabase secrets set OTP_HMAC_SECRET="$OTP_HMAC_SECRET" --project-ref "$PROJECT_REF"

echo "   Setting AUDIT_HMAC_KEY..."
supabase secrets set AUDIT_HMAC_KEY="$AUDIT_HMAC_KEY" --project-ref "$PROJECT_REF"
echo "✅ Secrets configured"
echo ""

# Step 4: Create storage buckets
echo "4️⃣ Creating storage buckets..."
curl -X POST "$SUPABASE_URL/storage/v1/b" \
...

</details>



<!-- START COPILOT CODING AGENT SUFFIX -->

*This pull request was created from Copilot chat.*
>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants