feat(db): node-pg-migrate runner and provider-neutral migrations
Replaces the upstream Supabase one-shot schema (RLS policies, auth.users
FK, handle_new_user trigger) with six sequential node-pg-migrate
migrations that run against any Postgres 16+ server:
0000_initial - full upstream schema, supabase deps removed
0001_tenant_policy - tenants + tenant_group_policies tables for
Entra-mode tenant lifecycle
0002_user_profile_email - email column on user_profiles
0003_user_profile_provider_keys - OpenAI/AOAI per-user key columns
0004_user_profile_fast_model - fast_model column
0005_postgres_roles - recreates the PostgREST role topology
(web_anon / authenticated / service_role)
for deployments where Supabase's bootstrap
doesn't run
scripts/runMigrations.ts is the runner used by Container App Jobs (and
locally via npm run migrate:dev). It picks DATABASE_URL when
AUTH_PROVIDER!=entra, or mints a Postgres-flexserver Managed Identity
token when entra mode is active. After migration completes it issues
NOTIFY pgrst, 'reload schema' so PostgREST picks up the new shape
without a restart.
Adds node-pg-migrate, pg, and @types/pg.
| Repository | Altien/mikeOssAzure |
|---|---|
| Author | Allen Morgan <amorgan@altien.com> |
| Authored | |
| Parents | c3daf8fa |
| Stats | 9 files changed , +870 , -39 |
| Part of | node-pg-migrate runner + provider-neutral migrations |
Capture this commit into my fork
Download a Markdown prompt that tells Claude how to port this
exact commit into your working tree. Run it via
claude -p < capture-commit-b9f5f60a.md
from inside the repo you want the change in.