@realtimex/realtimex-alchemy 1.0.74 → 1.0.76

package/dist/CHANGELOG.md

@@ -5,6 +5,25 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.0.76] - 2026-01-29
+
+### Added
+- **Localization**: Added full localization support for the new "Zero-Config" setup flow. All setup steps, including project selection and provisioning logs, are now available in supported languages.
+
+### Improved
+- **Setup Wizard**: Replaced hardcoded strings in the setup wizard with translation keys to ensure a consistent localized experience.
+
+## [1.0.75] - 2026-01-29
+
+### Added
+- **Onboarding**: Implemented "Zero-Config Cloud Provisioning". Users can now create and configure a brand new Supabase project directly from the Setup Wizard using just their Personal Access Token.
+- **Setup Wizard**: Added a new "Quick Launch" workflow that automates project creation, API key retrieval, and database initialization.
+- **API**: Added `/api/setup/auto-provision` endpoint that handles the full lifecycle of Supabase project creation (Create -> Poll -> Configure -> DNS Wait).
+
+### Improved
+- **Migration**: Updated `migrate.sh` to support "Docker-less" Edge Function deployment via the Supabase Cloud API (`--use-api`), significantly reducing local dependency requirements.
+- **Migration**: Added automatic `TOKEN_ENCRYPTION_KEY` generation during migration to ensure secure secret management out of the box.
+
 ## [1.0.74] - 2026-01-29
 
 ### Added

package/dist/api/index.js

@@ -1,5 +1,7 @@
 import express from 'express';
+import axios from 'axios';
 import cors from 'cors';
+import crypto from 'crypto';
 import path from 'path';
 import { fileURLToPath } from 'url';
 import { spawn } from 'child_process';
@@ -127,6 +129,166 @@ app.post('/api/migrate', (req, res) => {
         console.log('[Migrate] Client disconnected, but migration will continue');
     });
 });
+// GET /api/setup/organizations - List Supabase organizations
+app.get('/api/setup/organizations', async (req, res) => {
+    const authHeader = req.headers['authorization'];
+    if (!authHeader) {
+        return res.status(401).json({ error: 'Missing Authorization header' });
+    }
+    try {
+        const response = await axios.get('https://api.supabase.com/v1/organizations', {
+            headers: { 'Authorization': authHeader }
+        });
+        res.json(response.data);
+    }
+    catch (error) {
+        console.error('[Setup] Failed to fetch organizations:', error.response?.data || error.message);
+        res.status(error.response?.status || 500).json({
+            error: error.response?.data?.message || 'Failed to fetch organizations'
+        });
+    }
+});
+// POST /api/setup/auto-provision - Create project and poll for readiness (SSE)
+app.post('/api/setup/auto-provision', async (req, res) => {
+    const { orgId, projectName: customProjectName, region: customRegion } = req.body;
+    const authHeader = req.headers['authorization'];
+    if (!orgId) {
+        return res.status(400).json({ error: 'Missing required parameter (orgId)' });
+    }
+    if (!authHeader) {
+        return res.status(401).json({ error: 'Missing Authorization header' });
+    }
+    res.setHeader('Content-Type', 'text/event-stream');
+    res.setHeader('Cache-Control', 'no-cache');
+    res.setHeader('Connection', 'keep-alive');
+    const sendEvent = (type, data) => {
+        res.write(`data: ${JSON.stringify({ type, data })}\n\n`);
+    };
+    try {
+        const projectName = customProjectName || `Alchemy-${crypto.randomBytes(2).toString('hex')}`;
+        const region = customRegion || 'us-east-1';
+        // Generate a secure DB password server-side
+        const dbPass = crypto.randomBytes(16).toString('base64')
+            .replace(/\+/g, 'a')
+            .replace(/\//g, 'b')
+            .replace(/=/g, 'c') + '1!Aa';
+        sendEvent('info', `🚀 Creating Supabase project: ${projectName} in ${region}...`);
+        // 1. Create Project
+        const createResponse = await axios.post('https://api.supabase.com/v1/projects', {
+            name: projectName,
+            organization_id: orgId,
+            region: region,
+            db_pass: dbPass
+        }, {
+            headers: { 'Authorization': authHeader },
+            timeout: 15000 // 15s timeout for creation
+        });
+        const project = createResponse.data;
+        const projectRef = project.id;
+        sendEvent('info', `📦 Project created! ID: ${projectRef}. Waiting for it to go live...`);
+        sendEvent('project_id', projectRef);
+        // 2. Poll for Readiness
+        let isReady = false;
+        let attempts = 0;
+        const maxAttempts = 60; // 5 minutes (5s interval)
+        while (!isReady && attempts < maxAttempts) {
+            attempts++;
+            await new Promise(resolve => setTimeout(resolve, 5000));
+            try {
+                const statusResponse = await axios.get(`https://api.supabase.com/v1/projects/${projectRef}`, {
+                    headers: { 'Authorization': authHeader },
+                    timeout: 10000 // 10s timeout for status check
+                });
+                const status = statusResponse.data.status;
+                sendEvent('info', `⏳ Status: ${status} (Attempt ${attempts}/${maxAttempts})`);
+                if (status === 'ACTIVE_HEALTHY' || status === 'ACTIVE') {
+                    isReady = true;
+                }
+            }
+            catch (pollError) {
+                console.warn('[Setup] Polling error:', pollError.message);
+            }
+        }
+        if (!isReady) {
+            throw new Error('Project provision timed out after 5 minutes.');
+        }
+        // 3. Get API Keys
+        sendEvent('info', '🔑 Retrieving API keys...');
+        let anonKey = '';
+        let keyAttempts = 0;
+        const maxKeyAttempts = 10;
+        while (!anonKey && keyAttempts < maxKeyAttempts) {
+            keyAttempts++;
+            if (keyAttempts > 1) {
+                sendEvent('info', `⏳ API keys not ready yet. Retrying (Attempt ${keyAttempts}/${maxKeyAttempts})...`);
+                await new Promise(resolve => setTimeout(resolve, 3000));
+            }
+            try {
+                const keysResponse = await axios.get(`https://api.supabase.com/v1/projects/${projectRef}/api-keys`, {
+                    headers: { 'Authorization': authHeader },
+                    timeout: 10000 // 10s timeout for key retrieval
+                });
+                const keys = keysResponse.data;
+                if (Array.isArray(keys)) {
+                    anonKey = keys.find((k) => k.name === 'anon')?.api_key;
+                    if (anonKey) {
+                        sendEvent('info', '✅ API keys retrieved successfully.');
+                    }
+                }
+            }
+            catch (err) {
+                const errorMsg = err.response?.data?.message || err.message;
+                console.warn(`[Setup] Key retrieval attempt ${keyAttempts} failed:`, errorMsg);
+                sendEvent('info', `⚠️ Attempt ${keyAttempts} failed: ${errorMsg}`);
+            }
+        }
+        if (!anonKey) {
+            throw new Error('Could not find anonymous API key for the new project after several attempts.');
+        }
+        const supabaseUrl = `https://${projectRef}.supabase.co`;
+        // 4. Verification: Wait for DNS to propagate (Cloudflare/Supabase propagation)
+        sendEvent('info', '🌐 Waiting for DNS propagation (Supabase/Cloudflare)...');
+        let dnsReady = false;
+        let dnsAttempts = 0;
+        const maxDnsAttempts = 20;
+        while (!dnsReady && dnsAttempts < maxDnsAttempts) {
+            dnsAttempts++;
+            try {
+                // Try to ping the REST endpoint
+                const pingResponse = await axios.get(`${supabaseUrl}/rest/v1/`, {
+                    timeout: 5000,
+                    validateStatus: () => true // Accept any status (even 401/404) as DNS is resolved
+                });
+                if (pingResponse.status < 500) {
+                    dnsReady = true;
+                    sendEvent('info', '✨ DNS resolved! Project is fully accessible.');
+                }
+            }
+            catch (pingError) {
+                console.log(`[Setup] DNS poll ${dnsAttempts}:`, pingError.message);
+                if (dnsAttempts % 5 === 0) {
+                    sendEvent('info', '⏳ DNS still propagating... standby.');
+                }
+                await new Promise(resolve => setTimeout(resolve, 3000));
+            }
+        }
+        sendEvent('success', {
+            url: supabaseUrl,
+            anonKey: anonKey,
+            projectId: projectRef,
+            dbPass: dbPass // Password generated on line 202
+        });
+        sendEvent('done', 'success');
+    }
+    catch (error) {
+        console.error('[Setup] Auto-provision failed:', error.response?.data || error.message);
+        sendEvent('error', error.response?.data?.message || error.message || 'Auto-provisioning failed');
+        sendEvent('done', 'failed');
+    }
+    finally {
+        res.end();
+    }
+});
 // SSE Events
 app.get('/events', (req, res) => {
     res.setHeader('Content-Type', 'text/event-stream');