diff --git a/pkg/config/config.go b/pkg/config/config.go index db441e9bc..18414546a 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -9,6 +9,7 @@ import ( "fmt" "io" "io/fs" + "maps" "net" "net/http" "net/url" @@ -119,7 +120,8 @@ func (c CustomClaims) NewToken() *jwt.Token { // // Default values for internal configs should be added to `var Config` initializer. type ( - config struct { + // Common config fields between our "base" config and any "remote" branch specific + baseConfig struct { ProjectId string `toml:"project_id"` Hostname string `toml:"-"` Api api `toml:"api"` @@ -135,6 +137,12 @@ type ( Experimental experimental `toml:"experimental" mapstructure:"-"` } + config struct { + baseConfig + Overrides map[string]interface{} `toml:"remotes"` + Remotes map[string]baseConfig `toml:"-"` + } + api struct { Enabled bool `toml:"enabled"` Image string `toml:"-"` @@ -438,6 +446,16 @@ type ( } ) +func (c *baseConfig) Clone() baseConfig { + copy := *c + copy.Storage.Buckets = maps.Clone(c.Storage.Buckets) + copy.Functions = maps.Clone(c.Functions) + copy.Auth.External = maps.Clone(c.Auth.External) + copy.Auth.Email.Template = maps.Clone(c.Auth.Email.Template) + copy.Auth.Sms.TestOTP = maps.Clone(c.Auth.Sms.TestOTP) + return copy +} + type ConfigEditor func(*config) func WithHostname(hostname string) ConfigEditor { @@ -447,7 +465,7 @@ func WithHostname(hostname string) ConfigEditor { } func NewConfig(editors ...ConfigEditor) config { - initial := config{ + initial := config{baseConfig: baseConfig{ Hostname: "127.0.0.1", Api: api{ Image: postgrestImage, @@ -543,7 +561,7 @@ func NewConfig(editors ...ConfigEditor) config { EdgeRuntime: edgeRuntime{ Image: edgeRuntimeImage, }, - } + }} for _, apply := range editors { apply(&initial) } @@ -587,7 +605,6 @@ func (c *config) Load(path string, fsys fs.FS) error { if _, err := dec.Decode(c); err != nil { return errors.Errorf("failed to decode config template: %w", err) } - // Load user defined config if metadata, err := toml.DecodeFS(fsys, builder.ConfigPath, c); err != nil { cwd, osErr := os.Getwd() if osErr != nil { @@ -595,7 +612,11 @@ func (c *config) Load(path string, fsys fs.FS) error { } return errors.Errorf("cannot read config in %s: %w", cwd, err) } else if undecoded := metadata.Undecoded(); len(undecoded) > 0 { - fmt.Fprintf(os.Stderr, "Unknown config fields: %+v\n", undecoded) + for _, key := range undecoded { + if key[0] != "remotes" { + fmt.Fprintf(os.Stderr, "Unknown config field: [%s]\n", key) + } + } } // Load secrets from .env file if err := loadDefaultEnv(); err != nil { @@ -685,10 +706,32 @@ func (c *config) Load(path string, fsys fs.FS) error { } c.Functions[slug] = function } - return c.Validate() + if err := c.baseConfig.Validate(); err != nil { + return err + } + c.Remotes = make(map[string]baseConfig, len(c.Overrides)) + for name, remote := range c.Overrides { + base := c.baseConfig.Clone() + // Encode a toml file with only config overrides + var buf bytes.Buffer + if err := toml.NewEncoder(&buf).Encode(remote); err != nil { + return errors.Errorf("failed to encode map to TOML: %w", err) + } + // Decode overrides using base config as defaults + if metadata, err := toml.NewDecoder(&buf).Decode(&base); err != nil { + return errors.Errorf("failed to decode remote config: %w", err) + } else if undecoded := metadata.Undecoded(); len(undecoded) > 0 { + fmt.Fprintf(os.Stderr, "Unknown config fields: %+v\n", undecoded) + } + if err := base.Validate(); err != nil { + return err + } + c.Remotes[name] = base + } + return nil } -func (c *config) Validate() error { +func (c *baseConfig) Validate() error { if c.ProjectId == "" { return errors.New("Missing required field in config: project_id") } else if sanitized := sanitizeProjectId(c.ProjectId); sanitized != c.ProjectId { diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go index 29a605059..733b3c7b7 100644 --- a/pkg/config/config_test.go +++ b/pkg/config/config_test.go @@ -55,6 +55,41 @@ func TestConfigParsing(t *testing.T) { // Run test assert.Error(t, config.Load("", fsys)) }) + + t.Run("config file with remotes", func(t *testing.T) { + config := NewConfig() + // Setup in-memory fs + fsys := fs.MapFS{ + "supabase/config.toml": &fs.MapFile{Data: testInitConfigEmbed}, + "supabase/templates/invite.html": &fs.MapFile{}, + } + // Run test + t.Setenv("TWILIO_AUTH_TOKEN", "token") + t.Setenv("AZURE_CLIENT_ID", "hello") + t.Setenv("AZURE_SECRET", "this is cool") + t.Setenv("AUTH_SEND_SMS_SECRETS", "v1,whsec_aWxpa2VzdXBhYmFzZXZlcnltdWNoYW5kaWhvcGV5b3Vkb3Rvbw==") + t.Setenv("SENDGRID_API_KEY", "sendgrid") + assert.NoError(t, config.Load("", fsys)) + // Check the default value in the config + assert.Equal(t, "http://127.0.0.1:3000", config.Auth.SiteUrl) + assert.Equal(t, true, config.Auth.EnableSignup) + assert.Equal(t, true, config.Auth.External["azure"].Enabled) + assert.Equal(t, []string{"image/png", "image/jpeg"}, config.Storage.Buckets["images"].AllowedMimeTypes) + // Check the values for remotes override + production, ok := config.Remotes["production"] + assert.True(t, ok) + staging, ok := config.Remotes["staging"] + assert.True(t, ok) + // Check the values for production override + assert.Equal(t, config.ProjectId, production.ProjectId) + assert.Equal(t, "http://feature-auth-branch.com/", production.Auth.SiteUrl) + assert.Equal(t, false, production.Auth.EnableSignup) + assert.Equal(t, false, production.Auth.External["azure"].Enabled) + assert.Equal(t, "nope", production.Auth.External["azure"].ClientId) + // Check the values for the staging override + assert.Equal(t, "staging-project", staging.ProjectId) + assert.Equal(t, []string{"image/png"}, staging.Storage.Buckets["images"].AllowedMimeTypes) + }) } func TestFileSizeLimitConfigParsing(t *testing.T) { diff --git a/pkg/config/testdata/config.toml b/pkg/config/testdata/config.toml index f7061c1e7..a7aa36544 100644 --- a/pkg/config/testdata/config.toml +++ b/pkg/config/testdata/config.toml @@ -217,3 +217,17 @@ s3_region = "ap-southeast-1" s3_access_key = "" # Configures AWS_SECRET_ACCESS_KEY for S3 bucket s3_secret_key = "" + +[remotes.production.auth] +site_url = "http://feature-auth-branch.com/" +enable_signup = false + +[remotes.production.auth.external.azure] +enabled = false +client_id = "nope" + +[remotes.staging] +project_id = "staging-project" + +[remotes.staging.storage.buckets.images] +allowed_mime_types = ["image/png"]