chore: include storage-py into monorepo

.release-please-manifest.json

@@ -1,5 +1,6 @@
 {
   "src/supabase": "2.18.1",
   "src/realtime": "2.7.0",
-  "src/functions": "0.10.1"
+  "src/functions": "0.10.1",
+  "src/storage": "0.12.1"
 }

Makefile

@@ -4,14 +4,16 @@ default:
 	@echo "Available targets are: ci, pre-commit, publish"
 
 ci: pre-commit
-	make -C src/realtime tests
 	make -C src/functions tests
+	make -C src/realtime tests
+	make -C src/storage tests
 	make -C src/supabase tests
 
 publish:
-	uv build --project realtime
-	uv build --project supabase
-	uv build --project functions
+	uv build --package realtime
+	uv build --package storage3
+	uv build --package supabase_functions
+	uv build --package supabase
 	uv publish
 
 pre-commit:

README.md

@@ -4,6 +4,8 @@ Python monorepo for all [Supabase](https://supabase.com) libraries. This is a wo
 
 - [supabase](src/supabase/README.md)
 - [realtime](src/realtime/README.md)
+- [supabase_functions](src/functions/README.md)
+- [storage3](src/storage/README.md)
 
 Relevant links:
 

pyproject.toml

@@ -2,12 +2,14 @@
 members = [
   "src/realtime",
   "src/functions",
-  "src/supabase"
+  "src/supabase",
+  "src/storage"
 ]
 
 [tool.uv.sources]
 realtime = { workspace = true }
 supabase_functions  = { workspace = true }
+storage3 = { workspace = true }
 supabase = { workspace = true }
 
 [tool.pytest.ini_options]

release-please-config.json

@@ -8,10 +8,14 @@
     "src/functions": {
       "changelog-path": "src/functions/CHANGELOG.md",
       "release-type": "python"
-    }
+    },
+    "src/storage": {
+      "changelog-path": "src/storage/CHANGELOG.md",
+      "release-type": "python"
+    },
     "src/supabase": {
       "changelog-path": "src/supabase/CHANGELOG.md",
       "release-type": "python"
-    },
+    }
   }
 }

src/functions/pyproject.toml

@@ -8,13 +8,15 @@ authors = [
 ]
 license = "MIT"
 readme = "README.md"
-repository = "https://github.com/supabase/supabase-py"
 requires-python = ">=3.9"
 dependencies = [
   "httpx[http2] >=0.26,<0.29",
   "strenum >=0.4.15",
 ]
 
+[project.urls]
+repository = "https://github.com/supabase/supabase-py"
+
 [dependency-groups]
 tests = [
   "pyjwt >=2.8.0",

src/storage/MAINTAINERS.md

@@ -0,0 +1,16 @@
+This page lists all active maintainers of this repository. If you were a maintainer and would like to add your name to the Emeritus list, please send us a PR.
+
+See CONTRIBUTING.md for general contribution guidelines.
+
+# Maintainers (in alphabetical order)
+
+- [anand2312](https://github.com/anand2312)
+
+
+# Emeritus Maintainers (in alphabetical order)
+- [dreinon](https://github.com/dreinon)
+- [fedden](https://github.com/fedden)
+- [J0](https://github.com/J0)
+- [leynier](https://github.com/leynier)
+
+

src/storage/Makefile

@@ -0,0 +1,17 @@
+run-infra:
+	supabase --workdir infra start -x studio,gotrue,postgrest,mailpit,realtime,edge-runtime,logflare,vector,supavisor
+
+stop-infra:
+	supabase --workdir infra stop
+
+tests: run-infra pytest
+
+pytest:
+	uv run --package storage3 pytest --cov=./ --cov-report=xml --cov-report=html -vv
+
+build-sync:
+	uv run --package storage3 run-unasync.py
+	sed -i '0,/SyncMock, /{s/SyncMock, //}' tests/_sync/test_bucket.py tests/_sync/test_client.py
+	sed -i 's/SyncMock/Mock/g' tests/_sync/test_bucket.py tests/_sync/test_client.py
+	sed -i 's/SyncClient/Client/g' storage3/_sync/client.py storage3/_sync/bucket.py storage3/_sync/file_api.py tests/_sync/test_bucket.py tests/_sync/test_client.py
+	sed -i 's/self\.session\.aclose/self\.session\.close/g' storage3/_sync/client.py

src/storage/README.md

@@ -0,0 +1,31 @@
+# Storage-py
+
+Python Client library to interact with Supabase Storage.
+
+
+
+## How to use
+
+As it takes some effort to get the headers. We suggest that you use the storage functionality through the main [Supabase Python Client](https://github.com/supabase-community/supabase-py)
+
+
+```python3
+from storage3 import AsyncStorageClient
+
+url = "https://<your_supabase_id>.supabase.co/storage/v1"
+key = "<your api key>"
+headers = {"apiKey": key, "Authorization": f"Bearer {key}"}
+
+storage_client = AsyncStorageClient(url, headers)
+
+async def get_buckets():
+  await storage_client.list_buckets()
+```
+
+### Uploading files
+When uploading files, make sure to set the correct mimetype by using the `file_options` argument:
+```py
+async def file_upload():
+  await storage_client.from_("bucket").upload("/folder/file.png", file_object, {"content-type": "image/png"})
+```
+If no mime type is given, the default `text/plain` will be used.

src/storage/infra/supabase/.gitignore

@@ -0,0 +1,4 @@
+# Supabase
+.branches
+.temp
+.env

src/storage/infra/supabase/config.toml

@@ -0,0 +1,171 @@
+# A string used to distinguish different Supabase projects on the same host. Defaults to the
+# working directory name when running `supabase init`.
+project_id = "storage-py"
+
+[api]
+enabled = true
+# Port to use for the API URL.
+port = 55321
+# Schemas to expose in your API. Tables, views and stored procedures in this schema will get API
+# endpoints. `public` is always included.
+schemas = ["public", "graphql_public"]
+# Extra schemas to add to the search_path of every request. `public` is always included.
+extra_search_path = ["public", "extensions"]
+# The maximum number of rows returns from a view, table, or stored procedure. Limits payload size
+# for accidental or malicious requests.
+max_rows = 1000
+
+[db]
+# Port to use for the local database URL.
+port = 55322
+# Port used by db diff command to initialize the shadow database.
+shadow_port = 55320
+# The database major version to use. This has to be the same as your remote database's. Run `SHOW
+# server_version;` on the remote database to check.
+major_version = 15
+
+[db.pooler]
+enabled = false
+# Port to use for the local connection pooler.
+port = 55329
+# Specifies when a server connection can be reused by other clients.
+# Configure one of the supported pooler modes: `transaction`, `session`.
+pool_mode = "transaction"
+# How many server connections to allow per user/database pair.
+default_pool_size = 20
+# Maximum number of client connections allowed.
+max_client_conn = 100
+
+[realtime]
+enabled = false
+# Bind realtime via either IPv4 or IPv6. (default: IPv4)
+# ip_version = "IPv6"
+# The maximum length in bytes of HTTP request headers. (default: 4096)
+# max_header_length = 4096
+
+[studio]
+enabled = false
+# Port to use for Supabase Studio.
+port = 55323
+# External URL of the API server that frontend connects to.
+api_url = "http://127.0.0.1"
+# OpenAI API Key to use for Supabase AI in the Supabase Studio.
+openai_api_key = "env(OPENAI_API_KEY)"
+
+# Email testing server. Emails sent with the local dev setup are not actually sent - rather, they
+# are monitored, and you can view the emails that would have been sent from the web interface.
+[inbucket]
+enabled = false
+# Port to use for the email testing server web interface.
+port = 55324
+# Uncomment to expose additional ports for testing user applications that send emails.
+# smtp_port = 55325
+# pop3_port = 55326
+
+[storage]
+enabled = true
+# The maximum file size allowed (e.g. "5MB", "500KB").
+file_size_limit = "50MiB"
+
+[storage.image_transformation]
+enabled = true
+
+[auth]
+enabled = true
+# The base URL of your website. Used as an allow-list for redirects and for constructing URLs used
+# in emails.
+site_url = "http://127.0.0.1:3000"
+# A list of *exact* URLs that auth providers are permitted to redirect to post authentication.
+additional_redirect_urls = ["https://127.0.0.1:3000"]
+# How long tokens are valid for, in seconds. Defaults to 3600 (1 hour), maximum 604,800 (1 week).
+jwt_expiry = 3600
+# If disabled, the refresh token will never expire.
+enable_refresh_token_rotation = true
+# Allows refresh tokens to be reused after expiry, up to the specified interval in seconds.
+# Requires enable_refresh_token_rotation = true.
+refresh_token_reuse_interval = 10
+# Allow/disallow new user signups to your project.
+enable_signup = true
+# Allow/disallow anonymous sign-ins to your project.
+enable_anonymous_sign_ins = false
+# Allow/disallow testing manual linking of accounts
+enable_manual_linking = false
+
+[auth.email]
+# Allow/disallow new user signups via email to your project.
+enable_signup = false
+# If enabled, a user will be required to confirm any email change on both the old, and new email
+# addresses. If disabled, only the new email is required to confirm.
+double_confirm_changes = false
+# If enabled, users need to confirm their email address before signing in.
+enable_confirmations = false
+# Controls the minimum amount of time that must pass before sending another signup confirmation or password reset email.
+max_frequency = "1s"
+
+# Uncomment to customize email template
+# [auth.email.template.invite]
+# subject = "You have been invited"
+# content_path = "./supabase/templates/invite.html"
+
+[auth.sms]
+# Allow/disallow new user signups via SMS to your project.
+enable_signup = false
+# If enabled, users need to confirm their phone number before signing in.
+enable_confirmations = false
+# Template for sending OTP to users
+template = "Your code is {{ .Code }} ."
+# Controls the minimum amount of time that must pass before sending another sms otp.
+max_frequency = "5s"
+
+# Use pre-defined map of phone number to OTP for testing.
+# [auth.sms.test_otp]
+# 4152127777 = "123456"
+
+# This hook runs before a token is issued and allows you to add additional claims based on the authentication method used.
+# [auth.hook.custom_access_token]
+# enabled = true
+# uri = "pg-functions://<database>/<schema>/<hook_name>"
+
+# Configure one of the supported SMS providers: `twilio`, `twilio_verify`, `messagebird`, `textlocal`, `vonage`.
+[auth.sms.twilio]
+enabled = false
+account_sid = ""
+message_service_sid = ""
+# DO NOT commit your Twilio auth token to git. Use environment variable substitution instead:
+auth_token = "env(SUPABASE_AUTH_SMS_TWILIO_AUTH_TOKEN)"
+
+# Use an external OAuth provider. The full list of providers are: `apple`, `azure`, `bitbucket`,
+# `discord`, `facebook`, `github`, `gitlab`, `google`, `keycloak`, `linkedin_oidc`, `notion`, `twitch`,
+# `twitter`, `slack`, `spotify`, `workos`, `zoom`.
+[auth.external.apple]
+enabled = false
+client_id = ""
+# DO NOT commit your OAuth provider secret to git. Use environment variable substitution instead:
+secret = "env(SUPABASE_AUTH_EXTERNAL_APPLE_SECRET)"
+# Overrides the default auth redirectUrl.
+redirect_uri = ""
+# Overrides the default auth provider URL. Used to support self-hosted gitlab, single-tenant Azure,
+# or any other third-party OIDC providers.
+url = ""
+# If enabled, the nonce check will be skipped. Required for local sign in with Google auth.
+skip_nonce_check = false
+
+[analytics]
+enabled = false
+port = 55327
+vector_port = 55328
+# Configure one of the supported backends: `postgres`, `bigquery`.
+backend = "postgres"
+
+# Experimental features may be deprecated any time
+[experimental]
+# Configures Postgres storage engine to use OrioleDB (S3)
+orioledb_version = ""
+# Configures S3 bucket URL, eg. <bucket_name>.s3-<region>.amazonaws.com
+s3_host = "env(S3_HOST)"
+# Configures S3 bucket region, eg. us-east-1
+s3_region = "env(S3_REGION)"
+# Configures AWS_ACCESS_KEY_ID for S3 bucket
+s3_access_key = "env(S3_ACCESS_KEY)"
+# Configures AWS_SECRET_ACCESS_KEY for S3 bucket
+s3_secret_key = "env(S3_SECRET_KEY)"

src/storage/infra/supabase/migrations/20240513232811_bucket_rls_policies.sql

@@ -0,0 +1,41 @@
+CREATE POLICY "Enable read access for all users" ON "storage"."objects"
+AS PERMISSIVE FOR SELECT
+TO public
+USING (true);
+
+CREATE POLICY "Enable insert for all users" ON "storage"."objects"
+AS PERMISSIVE FOR INSERT
+TO public
+WITH CHECK (true);
+
+CREATE POLICY "Enable update for all users" ON "storage"."objects"
+AS PERMISSIVE FOR UPDATE
+TO public
+USING (true)
+WITH CHECK (true);
+
+CREATE POLICY "Enable delete for all users" ON "storage"."objects"
+AS PERMISSIVE FOR DELETE
+TO public
+USING (true);
+
+CREATE POLICY "Enable read access for all users" ON "storage"."buckets"
+AS PERMISSIVE FOR SELECT
+TO public
+USING (true);
+
+CREATE POLICY "Enable insert for all users " ON "storage"."buckets"
+AS PERMISSIVE FOR INSERT
+TO public
+WITH CHECK (true);
+
+CREATE POLICY "Enable update for all users" ON "storage"."buckets"
+AS PERMISSIVE FOR UPDATE
+TO public
+USING (true)
+WITH CHECK (true);
+
+CREATE POLICY "Enable delete for all users" ON "storage"."buckets"
+AS PERMISSIVE FOR DELETE
+TO public
+USING (true);