558 lines
13 KiB
Markdown
558 lines
13 KiB
Markdown
---
|
|
name: supabase-edge-functions
|
|
description: Deploy and manage Supabase Edge Functions. Use for invoking serverless functions, deploying new functions, and managing function deployments.
|
|
---
|
|
|
|
# Supabase Edge Functions
|
|
|
|
## Overview
|
|
|
|
This skill provides operations for working with Supabase Edge Functions - serverless TypeScript/JavaScript functions that run on Deno Deploy. Use for invoking functions, deploying code, and managing function lifecycles.
|
|
|
|
## Prerequisites
|
|
|
|
**Required environment variables:**
|
|
```bash
|
|
export SUPABASE_URL="https://your-project.supabase.co"
|
|
export SUPABASE_KEY="your-anon-or-service-role-key"
|
|
```
|
|
|
|
**Required tools:**
|
|
- Supabase CLI (`supabase` command)
|
|
- Deno (for local development)
|
|
|
|
**Install Supabase CLI:**
|
|
```bash
|
|
# macOS
|
|
brew install supabase/tap/supabase
|
|
|
|
# Linux
|
|
curl -fsSL https://github.com/supabase/cli/releases/latest/download/supabase_linux_amd64.tar.gz | tar -xz
|
|
sudo mv supabase /usr/local/bin/
|
|
|
|
# Windows (PowerShell)
|
|
scoop bucket add supabase https://github.com/supabase/scoop-bucket.git
|
|
scoop install supabase
|
|
```
|
|
|
|
**Helper script:**
|
|
This skill uses the shared Supabase API helper for invoking functions:
|
|
```bash
|
|
source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/supabase-api.sh"
|
|
```
|
|
|
|
## Invoke Edge Functions
|
|
|
|
### Basic Invocation
|
|
|
|
**Invoke a function with POST:**
|
|
```bash
|
|
source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/supabase-api.sh"
|
|
|
|
FUNCTION_NAME="hello-world"
|
|
|
|
supabase_post "/functions/v1/${FUNCTION_NAME}" '{
|
|
"name": "Alice"
|
|
}'
|
|
```
|
|
|
|
**Invoke with GET:**
|
|
```bash
|
|
source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/supabase-api.sh"
|
|
|
|
FUNCTION_NAME="get-data"
|
|
|
|
supabase_get "/functions/v1/${FUNCTION_NAME}?id=123"
|
|
```
|
|
|
|
### Invoke with Headers
|
|
|
|
**Pass custom headers:**
|
|
```bash
|
|
FUNCTION_NAME="authenticated-function"
|
|
USER_TOKEN="user-access-token"
|
|
|
|
curl -s -X POST \
|
|
"${SUPABASE_URL}/functions/v1/${FUNCTION_NAME}" \
|
|
-H "apikey: ${SUPABASE_KEY}" \
|
|
-H "Authorization: Bearer ${USER_TOKEN}" \
|
|
-H "Content-Type: application/json" \
|
|
-d '{"action": "process"}'
|
|
```
|
|
|
|
### Invoke with Authentication
|
|
|
|
**Invoke function as authenticated user:**
|
|
```bash
|
|
source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/supabase-api.sh"
|
|
|
|
FUNCTION_NAME="user-profile"
|
|
ACCESS_TOKEN="user-jwt-token"
|
|
|
|
curl -s -X POST \
|
|
"${SUPABASE_URL}/functions/v1/${FUNCTION_NAME}" \
|
|
-H "apikey: ${SUPABASE_KEY}" \
|
|
-H "Authorization: Bearer ${ACCESS_TOKEN}" \
|
|
-H "Content-Type: application/json" \
|
|
-d '{}'
|
|
```
|
|
|
|
## Function Management (CLI)
|
|
|
|
### Initialize Function
|
|
|
|
**Create a new edge function:**
|
|
```bash
|
|
# Navigate to your Supabase project directory
|
|
cd /path/to/project
|
|
|
|
# Create new function
|
|
supabase functions new my-function
|
|
|
|
# This creates: supabase/functions/my-function/index.ts
|
|
```
|
|
|
|
### Function Template
|
|
|
|
**Basic function structure:**
|
|
```typescript
|
|
// supabase/functions/my-function/index.ts
|
|
|
|
import { serve } from "https://deno.land/std@0.168.0/http/server.ts"
|
|
|
|
serve(async (req) => {
|
|
const { name } = await req.json()
|
|
|
|
const data = {
|
|
message: `Hello ${name}!`,
|
|
}
|
|
|
|
return new Response(
|
|
JSON.stringify(data),
|
|
{ headers: { "Content-Type": "application/json" } },
|
|
)
|
|
})
|
|
```
|
|
|
|
**Function with authentication:**
|
|
```typescript
|
|
import { serve } from "https://deno.land/std@0.168.0/http/server.ts"
|
|
import { createClient } from 'https://esm.sh/@supabase/supabase-js@2'
|
|
|
|
serve(async (req) => {
|
|
// Get JWT from Authorization header
|
|
const authHeader = req.headers.get('Authorization')!
|
|
const token = authHeader.replace('Bearer ', '')
|
|
|
|
// Create Supabase client with user's token
|
|
const supabase = createClient(
|
|
Deno.env.get('SUPABASE_URL') ?? '',
|
|
Deno.env.get('SUPABASE_ANON_KEY') ?? '',
|
|
{ global: { headers: { Authorization: authHeader } } }
|
|
)
|
|
|
|
// Get authenticated user
|
|
const { data: { user }, error } = await supabase.auth.getUser(token)
|
|
|
|
if (error || !user) {
|
|
return new Response('Unauthorized', { status: 401 })
|
|
}
|
|
|
|
return new Response(
|
|
JSON.stringify({ message: `Hello ${user.email}!` }),
|
|
{ headers: { "Content-Type": "application/json" } },
|
|
)
|
|
})
|
|
```
|
|
|
|
### Deploy Function
|
|
|
|
**Deploy a function to Supabase:**
|
|
```bash
|
|
# Login to Supabase (first time only)
|
|
supabase login
|
|
|
|
# Link to your project (first time only)
|
|
supabase link --project-ref your-project-ref
|
|
|
|
# Deploy specific function
|
|
supabase functions deploy my-function
|
|
|
|
# Deploy with custom environment variables
|
|
supabase functions deploy my-function \
|
|
--env-file ./supabase/.env.local
|
|
|
|
# Deploy all functions
|
|
supabase functions deploy
|
|
```
|
|
|
|
### Set Environment Variables
|
|
|
|
**Set secrets for edge functions:**
|
|
```bash
|
|
# Set individual secret
|
|
supabase secrets set MY_SECRET_KEY=value123
|
|
|
|
# Set multiple secrets from file
|
|
# Create .env file:
|
|
# API_KEY=abc123
|
|
# DATABASE_URL=postgres://...
|
|
|
|
supabase secrets set --env-file .env
|
|
|
|
# List secrets (names only, not values)
|
|
supabase secrets list
|
|
|
|
# Unset secret
|
|
supabase secrets unset MY_SECRET_KEY
|
|
```
|
|
|
|
### Local Development
|
|
|
|
**Run functions locally:**
|
|
```bash
|
|
# Start local Supabase (includes edge functions)
|
|
supabase start
|
|
|
|
# Serve functions locally
|
|
supabase functions serve
|
|
|
|
# Serve specific function
|
|
supabase functions serve my-function --env-file ./supabase/.env.local
|
|
|
|
# Invoke local function
|
|
curl http://localhost:54321/functions/v1/my-function \
|
|
-H "Authorization: Bearer ${SUPABASE_KEY}" \
|
|
-d '{"name": "test"}'
|
|
```
|
|
|
|
### Delete Function
|
|
|
|
**Remove a deployed function:**
|
|
```bash
|
|
# Delete function from Supabase dashboard or using SQL
|
|
# Note: No direct CLI command to delete, must use dashboard
|
|
|
|
# Remove local function file
|
|
rm -rf supabase/functions/my-function
|
|
```
|
|
|
|
## Common Patterns
|
|
|
|
### Invoke and Process Response
|
|
|
|
```bash
|
|
#!/bin/bash
|
|
source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/supabase-api.sh"
|
|
|
|
FUNCTION_NAME="process-data"
|
|
|
|
response=$(supabase_post "/functions/v1/${FUNCTION_NAME}" '{
|
|
"action": "calculate",
|
|
"values": [1, 2, 3, 4, 5]
|
|
}')
|
|
|
|
if [[ $? -eq 0 ]]; then
|
|
result=$(echo "$response" | jq -r '.result')
|
|
echo "Function result: $result"
|
|
else
|
|
echo "Function invocation failed"
|
|
exit 1
|
|
fi
|
|
```
|
|
|
|
### Batch Function Invocations
|
|
|
|
```bash
|
|
#!/bin/bash
|
|
source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/supabase-api.sh"
|
|
|
|
FUNCTION_NAME="send-email"
|
|
RECIPIENTS=("alice@example.com" "bob@example.com" "charlie@example.com")
|
|
|
|
for email in "${RECIPIENTS[@]}"; do
|
|
echo "Processing $email..."
|
|
|
|
supabase_post "/functions/v1/${FUNCTION_NAME}" '{
|
|
"to": "'"$email"'",
|
|
"subject": "Hello",
|
|
"body": "Test message"
|
|
}'
|
|
|
|
echo "✓ Sent to $email"
|
|
done
|
|
```
|
|
|
|
### Function with Retry Logic
|
|
|
|
```bash
|
|
#!/bin/bash
|
|
source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/supabase-api.sh"
|
|
|
|
invoke_with_retry() {
|
|
local function_name="$1"
|
|
local payload="$2"
|
|
local max_retries=3
|
|
local retry_count=0
|
|
|
|
while [[ $retry_count -lt $max_retries ]]; do
|
|
if response=$(supabase_post "/functions/v1/${function_name}" "$payload" 2>&1); then
|
|
echo "$response"
|
|
return 0
|
|
else
|
|
retry_count=$((retry_count + 1))
|
|
echo "Retry $retry_count/$max_retries..." >&2
|
|
sleep 2
|
|
fi
|
|
done
|
|
|
|
echo "Function failed after $max_retries retries" >&2
|
|
return 1
|
|
}
|
|
|
|
# Use it
|
|
invoke_with_retry "my-function" '{"action": "process"}'
|
|
```
|
|
|
|
### Deploy Function Script
|
|
|
|
```bash
|
|
#!/bin/bash
|
|
# deploy-function.sh
|
|
|
|
FUNCTION_NAME="${1:-my-function}"
|
|
|
|
echo "Deploying function: $FUNCTION_NAME"
|
|
|
|
# Validate function exists
|
|
if [[ ! -d "supabase/functions/$FUNCTION_NAME" ]]; then
|
|
echo "Error: Function $FUNCTION_NAME not found"
|
|
exit 1
|
|
fi
|
|
|
|
# Deploy
|
|
if supabase functions deploy "$FUNCTION_NAME"; then
|
|
echo "✓ Deployed successfully"
|
|
|
|
# Test invocation
|
|
echo "Testing function..."
|
|
response=$(curl -s -X POST \
|
|
"${SUPABASE_URL}/functions/v1/${FUNCTION_NAME}" \
|
|
-H "apikey: ${SUPABASE_KEY}" \
|
|
-H "Content-Type: application/json" \
|
|
-d '{}')
|
|
|
|
echo "Test response: $response"
|
|
else
|
|
echo "✗ Deployment failed"
|
|
exit 1
|
|
fi
|
|
```
|
|
|
|
### Monitor Function Logs
|
|
|
|
```bash
|
|
# View function logs (requires Supabase CLI)
|
|
supabase functions logs my-function
|
|
|
|
# Follow logs in real-time
|
|
supabase functions logs my-function --follow
|
|
|
|
# Filter logs by level
|
|
supabase functions logs my-function --level error
|
|
|
|
# View logs from specific time
|
|
supabase functions logs my-function --since 1h
|
|
```
|
|
|
|
## Advanced Patterns
|
|
|
|
### Function with Database Access
|
|
|
|
```typescript
|
|
// supabase/functions/get-user-data/index.ts
|
|
import { serve } from "https://deno.land/std@0.168.0/http/server.ts"
|
|
import { createClient } from 'https://esm.sh/@supabase/supabase-js@2'
|
|
|
|
serve(async (req) => {
|
|
const supabase = createClient(
|
|
Deno.env.get('SUPABASE_URL') ?? '',
|
|
Deno.env.get('SUPABASE_SERVICE_ROLE_KEY') ?? ''
|
|
)
|
|
|
|
const { userId } = await req.json()
|
|
|
|
const { data, error } = await supabase
|
|
.from('users')
|
|
.select('*')
|
|
.eq('id', userId)
|
|
.single()
|
|
|
|
if (error) {
|
|
return new Response(JSON.stringify({ error: error.message }), {
|
|
status: 400,
|
|
headers: { 'Content-Type': 'application/json' }
|
|
})
|
|
}
|
|
|
|
return new Response(JSON.stringify(data), {
|
|
headers: { 'Content-Type': 'application/json' }
|
|
})
|
|
})
|
|
```
|
|
|
|
### Function with External API Call
|
|
|
|
```typescript
|
|
// supabase/functions/fetch-weather/index.ts
|
|
import { serve } from "https://deno.land/std@0.168.0/http/server.ts"
|
|
|
|
serve(async (req) => {
|
|
const { city } = await req.json()
|
|
const apiKey = Deno.env.get('WEATHER_API_KEY')
|
|
|
|
const response = await fetch(
|
|
`https://api.openweathermap.org/data/2.5/weather?q=${city}&appid=${apiKey}`
|
|
)
|
|
|
|
const data = await response.json()
|
|
|
|
return new Response(JSON.stringify(data), {
|
|
headers: { 'Content-Type': 'application/json' }
|
|
})
|
|
})
|
|
```
|
|
|
|
### Scheduled Function (Cron)
|
|
|
|
```typescript
|
|
// supabase/functions/daily-cleanup/index.ts
|
|
import { serve } from "https://deno.land/std@0.168.0/http/server.ts"
|
|
import { createClient } from 'https://esm.sh/@supabase/supabase-js@2'
|
|
|
|
serve(async (req) => {
|
|
// Verify request is from Supabase Cron
|
|
const authHeader = req.headers.get('Authorization')
|
|
if (authHeader !== `Bearer ${Deno.env.get('SUPABASE_SERVICE_ROLE_KEY')}`) {
|
|
return new Response('Unauthorized', { status: 401 })
|
|
}
|
|
|
|
const supabase = createClient(
|
|
Deno.env.get('SUPABASE_URL') ?? '',
|
|
Deno.env.get('SUPABASE_SERVICE_ROLE_KEY') ?? ''
|
|
)
|
|
|
|
// Delete old records
|
|
const { data, error } = await supabase
|
|
.from('logs')
|
|
.delete()
|
|
.lt('created_at', new Date(Date.now() - 30 * 24 * 60 * 60 * 1000).toISOString())
|
|
|
|
return new Response(JSON.stringify({ deleted: data?.length ?? 0 }), {
|
|
headers: { 'Content-Type': 'application/json' }
|
|
})
|
|
})
|
|
```
|
|
|
|
**Set up cron job in Supabase Dashboard:**
|
|
```sql
|
|
-- In SQL Editor, create pg_cron job:
|
|
select cron.schedule(
|
|
'daily-cleanup',
|
|
'0 2 * * *', -- Run at 2 AM daily
|
|
$$
|
|
select
|
|
net.http_post(
|
|
url := 'https://your-project.supabase.co/functions/v1/daily-cleanup',
|
|
headers := '{"Content-Type": "application/json", "Authorization": "Bearer YOUR_SERVICE_ROLE_KEY"}'::jsonb,
|
|
body := '{}'::jsonb
|
|
) as request_id;
|
|
$$
|
|
);
|
|
```
|
|
|
|
## Testing Functions
|
|
|
|
### Test Locally
|
|
|
|
```bash
|
|
# Start local environment
|
|
supabase start
|
|
|
|
# Serve function
|
|
supabase functions serve my-function
|
|
|
|
# Test with curl
|
|
curl http://localhost:54321/functions/v1/my-function \
|
|
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \
|
|
-d '{"test": "data"}'
|
|
```
|
|
|
|
### Integration Test Script
|
|
|
|
```bash
|
|
#!/bin/bash
|
|
# test-function.sh
|
|
|
|
FUNCTION_NAME="$1"
|
|
TEST_CASES_FILE="$2"
|
|
|
|
if [[ ! -f "$TEST_CASES_FILE" ]]; then
|
|
echo "Test cases file not found"
|
|
exit 1
|
|
fi
|
|
|
|
echo "Testing function: $FUNCTION_NAME"
|
|
|
|
while IFS= read -r test_case; do
|
|
echo "Test case: $test_case"
|
|
|
|
response=$(curl -s -X POST \
|
|
"${SUPABASE_URL}/functions/v1/${FUNCTION_NAME}" \
|
|
-H "apikey: ${SUPABASE_KEY}" \
|
|
-H "Content-Type: application/json" \
|
|
-d "$test_case")
|
|
|
|
echo "Response: $response"
|
|
echo "---"
|
|
done < "$TEST_CASES_FILE"
|
|
```
|
|
|
|
## Error Handling
|
|
|
|
**Function errors return HTTP status codes:**
|
|
|
|
| Status | Meaning |
|
|
|--------|---------|
|
|
| 200 | Success |
|
|
| 400 | Bad request (invalid input) |
|
|
| 401 | Unauthorized (invalid/missing auth) |
|
|
| 403 | Forbidden (insufficient permissions) |
|
|
| 500 | Internal server error (function crashed) |
|
|
| 504 | Gateway timeout (function took too long) |
|
|
|
|
**Timeout limit:** Edge functions have a 2-second CPU time limit and 150-second wall clock timeout.
|
|
|
|
## Security Best Practices
|
|
|
|
1. **Validate input**: Always validate and sanitize request data
|
|
2. **Use service role key carefully**: Only in admin functions, never expose to clients
|
|
3. **Implement authentication**: Check user tokens for protected functions
|
|
4. **Rate limiting**: Implement rate limiting for public functions
|
|
5. **Environment variables**: Store secrets in Supabase secrets, not in code
|
|
6. **CORS**: Configure CORS headers appropriately
|
|
7. **Error messages**: Don't leak sensitive information in error responses
|
|
|
|
## Performance Tips
|
|
|
|
1. **Cold starts**: Functions may have cold starts (100-200ms delay)
|
|
2. **Keep functions small**: Faster cold starts and easier debugging
|
|
3. **Cache external data**: Use in-memory caching for repeated API calls
|
|
4. **Parallel execution**: Use `Promise.all()` for concurrent operations
|
|
5. **Stream large responses**: Use streaming for large data transfers
|
|
|
|
## API Documentation
|
|
|
|
- Supabase Edge Functions: https://supabase.com/docs/guides/functions
|
|
- Deno Deploy: https://deno.com/deploy/docs
|