DojoCodingLabs
diff --git a/‎.claude-plugin/plugin.json‎
Lines changed: 1 addition & 1 deletion b/‎.claude-plugin/plugin.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎CHANGELOG.md‎
Lines changed: 15 additions & 1 deletion b/‎CHANGELOG.md‎
Lines changed: 15 additions & 1 deletion
diff --git a/‎migrations/001_initial_schema.sql‎
Lines changed: 103 additions & 0 deletions b/‎migrations/001_initial_schema.sql‎
Lines changed: 103 additions & 0 deletions
diff --git a/‎package-lock.json‎
Lines changed: 113 additions & 2 deletions b/‎package-lock.json‎
Lines changed: 113 additions & 2 deletions
diff --git a/‎package.json‎
Lines changed: 2 additions & 1 deletion b/‎package.json‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎scripts/ci.ts‎
Lines changed: 35 additions & 4 deletions b/‎scripts/ci.ts‎
Lines changed: 35 additions & 4 deletions
@@ -1,6 +1,6 @@
 {
   "name": "dojowatch",
-  "version": "0.3.0",
+  "version": "0.4.0",
   "description": "AI-native visual regression testing — capture, diff, and analyze UI changes with LLM vision",
   "author": {
     "name": "Dojo Coding LLC",
 
@@ -1,6 +1,20 @@
 # Changelog
 
-## [0.3.0] — Unreleased
+## [0.4.0] — Unreleased
+
+### Added
+- **Supabase data layer** (`scripts/supabase.ts`): Full Supabase integration for shared storage
+  - Upload runs, diffs, and baselines to Supabase Storage (private buckets)
+  - Insert `vr_runs`, `vr_diffs`, `vr_baselines` rows with structured metadata
+  - Signed URL generation for embedding diff thumbnails in PR comments
+  - Remote baseline management: fetch, promote, list across team
+  - `uploadCheckRun()` orchestrates the full upload in one call
+- **Database migration** (`migrations/001_initial_schema.sql`): Tables, indexes, RLS policies
+- **`--upload` flag** on CI orchestrator: pushes results to Supabase when configured
+- **Diff thumbnails in PR comments**: When Supabase is configured, regression rows include clickable diff image links
+- **Optional Supabase config**: `supabase` field in config.json is optional — local file storage works without it
+
+## [0.3.0]
 
 ### Added
 - **Gemini analysis module** (`scripts/analyze-gemini.ts`): Batch multimodal analysis using Google GenAI SDK
 
@@ -0,0 +1,103 @@
+-- DojoWatch Database Schema
+-- Run this against your Supabase project via the SQL editor or CLI.
+
+-- ─── Tables ──────────────────────────────────────────────────────
+
+-- One row per CI or local check execution
+CREATE TABLE IF NOT EXISTS vr_runs (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  project TEXT NOT NULL,
+  pr_number INTEGER,
+  branch TEXT NOT NULL,
+  commit_sha TEXT NOT NULL,
+  status TEXT NOT NULL DEFAULT 'pending' CHECK (status IN ('pending', 'pass', 'fail')),
+  total_diffs INTEGER NOT NULL DEFAULT 0,
+  regressions_count INTEGER NOT NULL DEFAULT 0,
+  engine TEXT NOT NULL CHECK (engine IN ('claude', 'gemini')),
+  created_at TIMESTAMPTZ NOT NULL DEFAULT now()
+);
+
+-- One row per changed screenshot in a run
+CREATE TABLE IF NOT EXISTS vr_diffs (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  run_id UUID NOT NULL REFERENCES vr_runs(id) ON DELETE CASCADE,
+  name TEXT NOT NULL,
+  viewport TEXT NOT NULL,
+  baseline_storage_path TEXT,
+  current_storage_path TEXT,
+  diff_storage_path TEXT,
+  pixel_diff_percent REAL NOT NULL DEFAULT 0,
+  tier TEXT NOT NULL CHECK (tier IN ('SKIP', 'FAST_CHECK', 'FULL_ANALYSIS')),
+  analysis JSONB,
+  severity TEXT CHECK (severity IN ('high', 'medium', 'low')),
+  review_status TEXT NOT NULL DEFAULT 'pending' CHECK (review_status IN ('pending', 'approved', 'rejected')),
+  reviewed_by TEXT,
+  reviewed_at TIMESTAMPTZ,
+  created_at TIMESTAMPTZ NOT NULL DEFAULT now()
+);
+
+-- Source of truth for approved baseline screenshots
+CREATE TABLE IF NOT EXISTS vr_baselines (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  project TEXT NOT NULL,
+  name TEXT NOT NULL,
+  viewport TEXT NOT NULL,
+  storage_path TEXT NOT NULL,
+  hash TEXT NOT NULL,
+  approved_at TIMESTAMPTZ NOT NULL DEFAULT now(),
+  approved_by TEXT,
+  UNIQUE (project, name, viewport)
+);
+
+-- ─── Indexes ─────────────────────────────────────────────────────
+
+CREATE INDEX IF NOT EXISTS idx_vr_runs_project ON vr_runs(project);
+CREATE INDEX IF NOT EXISTS idx_vr_runs_branch ON vr_runs(branch);
+CREATE INDEX IF NOT EXISTS idx_vr_runs_pr ON vr_runs(pr_number);
+CREATE INDEX IF NOT EXISTS idx_vr_diffs_run_id ON vr_diffs(run_id);
+CREATE INDEX IF NOT EXISTS idx_vr_diffs_review ON vr_diffs(review_status);
+CREATE INDEX IF NOT EXISTS idx_vr_baselines_project ON vr_baselines(project);
+CREATE INDEX IF NOT EXISTS idx_vr_baselines_lookup ON vr_baselines(project, name, viewport);
+
+-- ─── Row Level Security ──────────────────────────────────────────
+
+ALTER TABLE vr_runs ENABLE ROW LEVEL SECURITY;
+ALTER TABLE vr_diffs ENABLE ROW LEVEL SECURITY;
+ALTER TABLE vr_baselines ENABLE ROW LEVEL SECURITY;
+
+-- Service role (CI uploads) has full access
+CREATE POLICY "Service role full access on vr_runs"
+  ON vr_runs FOR ALL
+  USING (true)
+  WITH CHECK (true);
+
+CREATE POLICY "Service role full access on vr_diffs"
+  ON vr_diffs FOR ALL
+  USING (true)
+  WITH CHECK (true);
+
+CREATE POLICY "Service role full access on vr_baselines"
+  ON vr_baselines FOR ALL
+  USING (true)
+  WITH CHECK (true);
+
+-- Anon key can read (for dashboard, when it's built)
+CREATE POLICY "Anon read on vr_runs"
+  ON vr_runs FOR SELECT
+  USING (true);
+
+CREATE POLICY "Anon read on vr_diffs"
+  ON vr_diffs FOR SELECT
+  USING (true);
+
+CREATE POLICY "Anon read on vr_baselines"
+  ON vr_baselines FOR SELECT
+  USING (true);
+
+-- ─── Storage Buckets ─────────────────────────────────────────────
+-- Create these via Supabase dashboard or CLI:
+--   supabase storage create baselines --public false
+--   supabase storage create captures  --public false
+--   supabase storage create diffs     --public false
+--
+-- All buckets are private. Dashboard serves images via signed URLs.
@@ -1,6 +1,6 @@
 {
   "name": "dojowatch",
-  "version": "0.3.0",
+  "version": "0.4.0",
   "private": true,
   "type": "module",
   "scripts": {
@@ -11,6 +11,7 @@
   },
   "dependencies": {
     "@google/genai": "^1.46.0",
+    "@supabase/supabase-js": "^2.100.1",
     "picocolors": "^1.1.1",
     "pixelmatch": "^6.0.0",
     "playwright": "^1.50.0",
 
@@ -16,13 +16,15 @@ import { captureRoutes, captureStorybook } from "./capture.js";
 import { prefilterAll } from "./prefilter.js";
 import { analyzeWithGemini } from "./analyze-gemini.js";
 import { generateCommentMarkdown, postComment } from "./comment.js";
+import { createServiceClient, uploadCheckRun, getSignedDiffUrls } from "./supabase.js";
 import type { CheckRun } from "./types.js";
 
 async function main(): Promise<void> {
   const args = process.argv.slice(2);
   const prArg = args.find((a) => a.startsWith("--pr="))?.split("=")[1]
     ?? args[args.indexOf("--pr") + 1];
   const prNumber = prArg ? parseInt(prArg, 10) : undefined;
+  const uploadFlag = args.includes("--upload");
 
   const projectRoot = findProjectRoot();
   if (!projectRoot) {
@@ -124,14 +126,43 @@ async function main(): Promise<void> {
     },
   };
 
-  // Save check run
+  // Save check run locally
   const checkRunPath = join(dojowatchDir, "last-check.json");
   writeFileSync(checkRunPath, JSON.stringify(checkRun, null, 2));
 
-  // ── Step 4: PR Comment ─────────────────────────────────────────
+  // ── Step 4: Upload to Supabase ─────────────────────────────────
+  let runId: string | undefined;
+  if (uploadFlag && config.supabase) {
+    console.log(pc.bold("\nStep 4: Uploading to Supabase..."));
+    const supabaseClient = createServiceClient(config);
+    runId = await uploadCheckRun(supabaseClient, checkRun, config, {
+      prNumber,
+      engine: "gemini",
+      capturesDir: join(dojowatchDir, "captures"),
+      diffsDir: join(dojowatchDir, "diffs"),
+    });
+  } else if (uploadFlag && !config.supabase) {
+    console.log(pc.yellow("\n  --upload flag set but no supabase config. Skipping."));
+  }
+
+  // ── Step 5: PR Comment ─────────────────────────────────────────
   if (prNumber) {
-    console.log(pc.bold(`\nStep 4: Posting comment to PR #${prNumber}...`));
-    const markdown = generateCommentMarkdown(checkRun);
+    console.log(pc.bold(`\nStep 5: Posting comment to PR #${prNumber}...`));
+
+    // If we uploaded to Supabase, enrich comment with signed diff URLs
+    let diffUrls: Map<string, string> | undefined;
+    if (runId && config.supabase) {
+      const supabaseClient = createServiceClient(config);
+      diffUrls = await getSignedDiffUrls(
+        supabaseClient,
+        runId,
+        config.project,
+        prefilterResults,
+        config.supabase.signedUrlExpiry
+      );
+    }
+
+    const markdown = generateCommentMarkdown(checkRun, diffUrls);
     postComment(prNumber, markdown);
   } else {
     console.log(pc.dim("\nNo --pr flag. Skipping PR comment."));
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "dojowatch",`
`3`		`- "version": "0.3.0",`
	`3`	`+ "version": "0.4.0",`
`4`	`4`	`"description": "AI-native visual regression testing — capture, diff, and analyze UI changes with LLM vision",`
`5`	`5`	`"author": {`
`6`	`6`	`"name": "Dojo Coding LLC",`