Skip to content

fix: resolve supabase-storage crash-loop (Region is missing)#54

Merged
kossakovsky merged 2 commits into
mainfrom
develop
Mar 23, 2026
Merged

fix: resolve supabase-storage crash-loop (Region is missing)#54
kossakovsky merged 2 commits into
mainfrom
develop

Conversation

@kossakovsky

@kossakovsky kossakovsky commented Mar 23, 2026

Copy link
Copy Markdown
Owner

Summary

  • Fix supabase-storage crash-loop (Error: Region is missing) by adding missing S3 storage configuration variables (REGION, GLOBAL_S3_BUCKET, STORAGE_TENANT_ID, S3 protocol keys) from upstream Supabase
  • Auto-generate S3_PROTOCOL_ACCESS_KEY_ID and S3_PROTOCOL_ACCESS_KEY_SECRET during installation
  • Sync new environment variables to existing supabase/docker/.env during updates (append-only, preserves existing values)
  • Bump version to 1.4.1

Root cause

The upstream Supabase storage image now uses @aws-sdk/client-s3vectors which requires a REGION env var. Our .env.example was missing this and related S3 variables. Additionally, prepare_supabase_env() previously skipped entirely if supabase/docker/.env already existed, so new variables from updates never propagated.

Test plan

  • Deploy to test server, run make update
  • Verify supabase-storage starts without errors
  • make doctor shows no errors for supabase-storage
  • make show-restarts shows 0 restarts for supabase-storage
  • grep REGION supabase/docker/.env shows REGION=stub

Summary by CodeRabbit

  • Bug Fixes

    • Resolved Supabase Storage crash-loop issue by adding S3 storage configuration support.
    • Improved environment variable syncing to propagate new S3-related configurations during updates.
  • Chores

    • Removed automated code review workflows.
    • Version bumped to 1.4.1.

…variables

supabase-storage crashes with "Region is missing" after upstream image
update because @aws-sdk/client-s3vectors requires REGION env var.

- add REGION, GLOBAL_S3_BUCKET, STORAGE_TENANT_ID to .env.example
- auto-generate S3_PROTOCOL_ACCESS_KEY_ID/SECRET in secret generation
- sync new env vars to existing supabase/docker/.env during updates
  (append-only, never overwrites existing values)
- bump version 1.3.3 → 1.4.1
@kossakovsky kossakovsky self-assigned this Mar 23, 2026
@coderabbitai

coderabbitai Bot commented Mar 23, 2026

Copy link
Copy Markdown
📝 Walkthrough

Walkthrough

This pull request introduces S3 storage configuration environment variables, upgrades the version to 1.4.1, records fixes in CHANGELOG, and enhances environment variable syncing from root .env to supabase/docker/.env. Two GitHub Actions workflows are removed. Secret generation logic for S3 credentials is added to the setup script.

Changes

Cohort / File(s) Summary
Environment Configuration
.env.example
Added S3 protocol endpoint configuration variables: GLOBAL_S3_BUCKET, REGION, STORAGE_TENANT_ID, and access credentials S3_PROTOCOL_ACCESS_KEY_ID/S3_PROTOCOL_ACCESS_KEY_SECRET.
Version & Release Notes
VERSION, CHANGELOG.md
Updated version to 1.4.1 and documented fixes for Supabase Storage crash-loop by adding S3 configuration variables and env-var syncing behavior.
GitHub Actions Workflows
.github/workflows/claude-code-review.yml, .github/workflows/claude.yml
Removed entire Claude Code Review and Claude Code workflows.
Secret Generation
scripts/03_generate_secrets.sh
Extended VARS_TO_GENERATE map with S3_PROTOCOL_ACCESS_KEY_ID (hex:32) and S3_PROTOCOL_ACCESS_KEY_SECRET (hex:64) to auto-generate S3 credentials.
Environment Syncing Logic
start_services.py
Enhanced prepare_supabase_env() to read root .env and append missing keys into supabase/docker/.env when it already exists, with smart quoting based on value content.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~22 minutes

Possibly related issues

Poem

🐰 S3 buckets now bloom in the config,
Syncing variables through the startup logic,
Crash-loops fade as secrets take flight,
From root to Supabase, everything's right! ✨🚀

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and specifically describes the main fix: resolving a Supabase storage crash-loop caused by missing Region configuration, which directly aligns with the primary objective and changes in the pull request.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch develop

Comment @coderabbitai help to get the list of available commands and usage tips.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (2)
.env.example (1)

424-424: Minor: Extra blank lines detected.

Static analysis flagged extra blank lines at lines 424 and 442. Consider removing one blank line to maintain consistency with the rest of the file.

🔧 Suggested fix
-
-
 ############
 # Storage - Configuration for S3 protocol endpoint
 ############

And similarly remove one blank line before line 443.

🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.env.example at line 424, Remove the extraneous blank lines in .env.example
around the noted areas: delete the extra empty line at the block near line 424
and the extra empty line before line 443 so the file spacing matches the
surrounding sections; no code changes required—just remove those blank lines to
maintain consistent formatting.
start_services.py (1)

89-92: Consider: Edge case with values containing both $ and single quotes.

The quoting logic uses single quotes when $ is present in the value. If a value contains both $ and ' characters, this could result in malformed output.

However, this matches the existing pattern in 03_generate_secrets.sh (line 264-268), so it's consistent with the codebase. Generated secrets (hex, base64, passwords) won't contain single quotes, making this a theoretical rather than practical concern.

🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@start_services.py` around lines 89 - 92, The current quoting logic in the
new_vars assembly (using key and value) chooses single quotes when a '$' is
present which breaks if value also contains a single quote; update the branch
that builds new_vars (the code referencing new_vars.append(f"{key}='...') /
new_vars.append(f'{key}=\"...\"') and the variables key/value) to detect values
that contain both "$" and "'" and handle them by escaping single quotes using
the shell-safe pattern: replace each single quote in value with '\'' and then
wrap the whole in single quotes (i.e. produce key='...'\''...'), so the
resulting string is always well-formed in the shell for all combinations of $
and ' characters.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In @.env.example:
- Line 424: Remove the extraneous blank lines in .env.example around the noted
areas: delete the extra empty line at the block near line 424 and the extra
empty line before line 443 so the file spacing matches the surrounding sections;
no code changes required—just remove those blank lines to maintain consistent
formatting.

In `@start_services.py`:
- Around line 89-92: The current quoting logic in the new_vars assembly (using
key and value) chooses single quotes when a '$' is present which breaks if value
also contains a single quote; update the branch that builds new_vars (the code
referencing new_vars.append(f"{key}='...') / new_vars.append(f'{key}=\"...\"')
and the variables key/value) to detect values that contain both "$" and "'" and
handle them by escaping single quotes using the shell-safe pattern: replace each
single quote in value with '\'' and then wrap the whole in single quotes (i.e.
produce key='...'\''...'), so the resulting string is always well-formed in the
shell for all combinations of $ and ' characters.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 67a3aecf-6809-40fe-92af-af934567780d

📥 Commits

Reviewing files that changed from the base of the PR and between d344291 and 6fe028d.

📒 Files selected for processing (7)
  • .env.example
  • .github/workflows/claude-code-review.yml
  • .github/workflows/claude.yml
  • CHANGELOG.md
  • VERSION
  • scripts/03_generate_secrets.sh
  • start_services.py
💤 Files with no reviewable changes (2)
  • .github/workflows/claude-code-review.yml
  • .github/workflows/claude.yml

@kossakovsky kossakovsky merged commit e914acc into main Mar 23, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant