feat: add environment variable validation and update documentation#23
Conversation
|
Yay! You're officially a Contributor! 🎉Huge thanks for opening this Pull Request. Being a contributor to ZenYukti is a big deal, and we’re excited to have you on board. Next Steps:
|
|
Hi Team ! I've implemented the environment variable validation as requested in Issue #5. I've also updated the README with a configuration table. All local tests and CI checks passed. Looking forward to your feedback! |
Shreenath-14
requested review from
Blazzzeee and
ayushHardeniya
as code owners
| ALTER TABLE volunteers ENABLE ROW LEVEL SECURITY; | ||
|
|
||
| -- Profiles policies | ||
| -- Profiles policies |
There was a problem hiding this comment.
Please revert these changes from this file.
because, it looks like some comments were accidentally duplicated (e.g., -- Profiles policies) nd some whitespace was changed...
we should keep this PR focused strictly on the environment variable validation to keep the git history clean
|
also why this "feat: typing indicater for better UI experience" commit is here, in thsi PR? this is completely irrelevant as per the target of this PR! I'd suggest you - probably rebase it, avoid "revert" or "do not merge" to keep the commit history clean for future visitors. |
Shreenath-14
left a comment
Shreenath-14
left a comment
There was a problem hiding this comment.
I have done the changes you told me just review it and let me know
|
Hi @ayushHardeniya , |
|
Hi @Shreenath-14, can you tell me what this PR is actually about! I'd suggest to filter it out, and stick with key purpose! |
|
Sir actully this PR was my first PR thats why its been mess please ignore I'll explain.
also for previous you said to make some style changes which has been done and also added detailed readme changes |
|
Hi @ayushHardeniya, I've completely reset this PR to focus strictly on Issue #5. I removed the emojis, numbered comments, and accidental schema changes as requested. I've also moved the typing indicator to a separate PR to keep the history clean. Could you please re-review when you have a moment? |
ayushHardeniya
added
developer-experience
There was a problem hiding this comment.
Pull request overview
This PR implements environment variable validation for the backend using Zod to provide a "fail-fast" startup experience. Previously, the server could start with missing or malformed environment variables, leading to runtime errors. Now, all required configuration is validated at startup with clear error messages, addressing issue #5.
Changes:
- Added Zod-based environment variable validation with type coercion and URL validation
- Refactored configuration management to use centralized validation module
- Simplified .env.example documentation (removed some helpful comments)
Reviewed changes
Copilot reviewed 4 out of 5 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| backend/src/config/env.ts | New file implementing Zod schema for environment validation with fail-fast error handling |
| backend/src/config/index.ts | Refactored to import validated env variables instead of direct process.env access |
| backend/package.json | Added Zod dependency (invalid version 4.3.6) |
| backend/package-lock.json | Lock file update for Zod dependency (invalid version) |
| backend/.env.example | Simplified environment variable documentation |
Files not reviewed (1)
- backend/package-lock.json: Language not supported
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # Supabase Configuration | ||
| SUPABASE_URL=https://your-project-id.supabase.co | ||
| SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9... | ||
| SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9... | ||
| SUPABASE_ANON_KEY=your-anon-key | ||
| SUPABASE_SERVICE_ROLE_KEY=your-service-role-key | ||
|
|
||
| # HuggingFace API Token (optional - get from https://huggingface.co/settings/tokens) | ||
| # If not provided, crisis detection will use keyword-based fallback | ||
| # HuggingFace API Token (Optional) | ||
| HUGGINGFACE_API_TOKEN=hf_YourTokenHere |
There was a problem hiding this comment.
The updated .env.example file removes helpful documentation that was present in the original version, such as URLs where developers can obtain the required keys (e.g., "get from https://app.supabase.com → Project Settings → API" for Supabase configuration, "get from https://huggingface.co/settings/tokens" for HuggingFace). Consider restoring these comments to improve the developer experience, especially for new contributors who may not know where to find these credentials.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Description
Implemented a "fail-fast" environment variable validation system for the backend. Previously, the server would start with missing or malformed .env variables, leading to silent failures and a confusing developer experience. Now, the server validates all required keys (Supabase, Port, Frontend URL) upon startup and provides clear error messages if any are invalid. Closes #5.
Type of Change
How Has This Been Tested?
Startup Validation: Verified that the server crashes with a specific error message if PORT is not a number or if SUPABASE_URL is an invalid URL.
CORS Verification: Confirmed that updating the FRONTEND_URL in the .env correctly resolves browser console errors and allows the frontend to fetch room data.
Database Connectivity: Verified that valid anonymous sign-ins and message persistence work after correctly configuring Supabase keys and RLS policies.
Screenshots
Checklist
Additional Information
Updated the CORS middleware to dynamically use the FRONTEND_URL from the environment configuration to prevent port mismatch errors between development environments (e.g., port 3000 vs 5173).
Learning Outcomes
I learned how to implement centralized configuration validation in Node.js/TypeScript and how to manage Row-Level Security (RLS) policies in Supabase for anonymous user sessions.