Skip to content

perf: cache Supabase admin client as module-level singleton#138

Merged
BigSimmo merged 2 commits into
mainfrom
copilot/task-87357024-1243497866-93b3cae7-6f2a-45d2-8adc-9d9ded40f98a
Jul 2, 2026
Merged

perf: cache Supabase admin client as module-level singleton#138
BigSimmo merged 2 commits into
mainfrom
copilot/task-87357024-1243497866-93b3cae7-6f2a-45d2-8adc-9d9ded40f98a

Conversation

Copilot AI commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Summary

  • createAdminClient() previously constructed a fresh SupabaseClient — plus requireServerEnv() + assertExpectedSupabaseProjectConfig() — on every API request. This PR caches it as a module-level singleton, matching the existing openAIClient ??= new OpenAI(…) pattern in openai.ts. The service-role client holds no user-specific state (autoRefreshToken: false, persistSession: false), so sharing across requests is safe.
// before
export function createAdminClient() {
  const { NEXT_PUBLIC_SUPABASE_URL: url, SUPABASE_SERVICE_ROLE_KEY: key } = requireServerEnv();
  return createClient<Database>(url, key, { auth: { autoRefreshToken: false, persistSession: false } });
}

// after
let adminClient: ReturnType<typeof createClient<Database>> | null = null;

export function createAdminClient() {
  if (!adminClient) {
    const { NEXT_PUBLIC_SUPABASE_URL: url, SUPABASE_SERVICE_ROLE_KEY: key } = requireServerEnv();
    adminClient = createClient<Database>(url, key, { auth: { autoRefreshToken: false, persistSession: false } });
  }
  return adminClient;
}

Verification

  • npm run verify:cheap — 825/825 tests pass, no new type errors
  • npm run verify:ui when UI, routing, styling, browser behavior, reduced-motion, or forced-colors behavior changed
  • npm run verify:release before release or handoff confidence claims
  • npm run format:check
  • npm run check:production-readiness when clinical workflow, privacy, environment, Supabase, source governance, or deployment behavior changed
  • npm run check:deployment-readiness when deployment startup, hosting, or rollout behavior changed

Clinical Governance Preflight

Complete this section when the change touches ingestion, answer generation, search/ranking, source rendering, document access, privacy, production env, or clinical output.

  • Source-backed claims still require linked source verification before clinical use
  • No patient-identifiable document workflow was introduced or expanded without explicit governance approval
  • Supabase target remains Clinical KB Database (sjrfecxgysukkwxsowpy)
  • Service-role keys and private document access remain server-only
  • Demo/synthetic content remains clearly separated from real clinical sources
  • Source metadata, review status, and outdated/unknown-source behavior remain conservative
  • Deployment classification/TGA SaMD impact was checked when clinical decision-support behavior changed

Notes

Every API route calls createAdminClient() on every request, which
previously instantiated a fresh SupabaseClient (plus requireServerEnv()
+ assertExpectedSupabaseProjectConfig() validation) each time.

Introduce a module-level singleton using the same lazy-init pattern
already used for the OpenAI client (openAIClient ??= new OpenAI(…)).
The service-role client carries no user-specific session state, so
reusing a single instance across requests is safe and saves per-request
object construction + repeated env validation overhead.

825/825 tests pass.
@BigSimmo
BigSimmo marked this pull request as ready for review July 2, 2026 10:32
@BigSimmo
BigSimmo enabled auto-merge July 2, 2026 10:32
@BigSimmo
BigSimmo merged commit 805a985 into main Jul 2, 2026
4 checks passed
@BigSimmo
BigSimmo deleted the copilot/task-87357024-1243497866-93b3cae7-6f2a-45d2-8adc-9d9ded40f98a branch July 2, 2026 16:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants