Files
wehub-resource-sync 4b6817381b
Benchmark image — build + push to ECR (any adapter) / build + push (push) Waiting to run
CI / quality (ubuntu-latest) (push) Waiting to run
CI / test (tools-runtime) (push) Waiting to run
CI / test (e2e-general) (push) Waiting to run
CI / test (cli-runtime) (push) Waiting to run
CI / test (e2e-provider-and-openclaw) (push) Waiting to run
CI / test (integrations-and-misc) (push) Waiting to run
CI / coverage-report (push) Blocked by required conditions
CI / test-kubernetes (push) Waiting to run
CI / should-run-thorough (push) Waiting to run
CI / test-thorough (cloudwatch-demo) (push) Blocked by required conditions
CI / test-thorough (flink-ecs) (push) Blocked by required conditions
CI / test-thorough (upstream-lambda) (push) Blocked by required conditions
CI / test-thorough (prefect-ecs-fargate) (push) Blocked by required conditions
CodeQL / Analyze (python) (push) Waiting to run
Release / build-binaries (zip, opensre.exe, onefile, windows-latest, windows-x64) (push) Blocked by required conditions
Release / publish-release (push) Blocked by required conditions
Release / publish-main-release (push) Blocked by required conditions
Release / prepare (push) Waiting to run
Release / verify (push) Blocked by required conditions
Release / build-python-dist (push) Blocked by required conditions
Release / build-binaries (tar.gz, opensre, onedir, macos-15-intel, darwin-x64) (push) Blocked by required conditions
Release / build-binaries (tar.gz, opensre, onedir, macos-latest, darwin-arm64) (push) Blocked by required conditions
Release / build-binaries (tar.gz, opensre, onedir, ubuntu-22.04, linux-x64) (push) Blocked by required conditions
Release / build-binaries (tar.gz, opensre, onedir, ubuntu-22.04-arm, linux-arm64) (push) Blocked by required conditions
Synthetic Deterministic Tests / Synthetic offline (deterministic) (push) Waiting to run
Interactive Shell Live (PR + post-merge) / turn-checks (no-LLM) (push) Waiting to run
Interactive Shell Live (PR + post-merge) / turn-live shard ${{ matrix.shard_index }} (push) Waiting to run
CI (OpenClaw E2E) / openclaw test (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 13:10:45 +08:00

115 lines
3.2 KiB
Plaintext

---
title: "Supabase"
description: "Connect Supabase so OpenSRE can diagnose database, API, and authentication issues during investigations"
---
Supabase powers many modern applications. When something goes wrong with your database, APIs, or authentication flows, OpenSRE can use your Supabase project configuration to investigate issues, inspect resources, and gather operational insights.
## What you'll need
* A Supabase project
* Your Supabase Project URL
* A Supabase Service Role Key
* Permissions to access project resources
## Connecting Supabase
### Guided walkthrough
Let's set this up together:
```bash
opensre integrations setup
```
Pick **Supabase** and enter your project credentials when prompted.
### DIY: Using environment variables
Or add these directly to your `.env`:
```bash
SUPABASE_URL=https://your-project.supabase.co
SUPABASE_SERVICE_KEY=your_service_role_key
```
| Variable | Description |
| ---------------------- | ------------------------- |
| `SUPABASE_URL` | Supabase project URL |
| `SUPABASE_SERVICE_KEY` | Supabase service role key |
### Option 3: Persistent store
```json
{
"version": 1,
"integrations": [
{
"id": "supabase-prod",
"service": "supabase",
"status": "active",
"credentials": {
"url": "https://your-project.supabase.co",
"service_key": "your_service_role_key"
}
}
]
}
```
## Finding your Supabase credentials
1. Log in to Supabase
2. Open your project
3. Navigate to **Settings** → **API**
4. Copy the **Project URL**
5. Copy the **Service Role Key**
6. Add these values to your OpenSRE configuration
<Info>
The Service Role Key has elevated privileges. Store it securely and never expose it in client-side applications or public repositories.
</Info>
## Investigation tools
When OpenSRE investigates a Supabase-related alert, these tools are available:
### Service health
Checks the health of PostgREST, Auth, Storage, and other Supabase services for the project. Useful when triaging 503 or 401 errors from a Supabase-backed application.
### Storage buckets
Lists all Storage buckets and their configuration metadata — public vs private access, file size limits, and allowed MIME types.
## Verify it works
Let's make sure everything is connected:
```bash
opensre integrations verify supabase
```
Expected output:
```
Service: supabase
Status: passed
Detail: Connected to Supabase project ...
```
## Troubleshooting
| Symptom | Fix |
| --- | --- |
| **401 Unauthorized** | Confirm the **Service Role Key** (not the anon key) is set in `SUPABASE_SERVICE_KEY`. |
| **Invalid project URL** | Use the Project URL from Settings → API (`https://your-project.supabase.co`). |
| **Health check shows degraded service** | Check the Supabase status page and project dashboard for the affected service. |
| **Storage bucket not found** | Verify the bucket name in the investigation matches an existing bucket in the project. |
## Security best practices
- Use the **service role key** only on the server side — never in client apps or public repos.
- Rotate the service role key if it is ever exposed.
- Prefer a dedicated Supabase project or restricted key for investigation workloads when possible.