fix(cli): bind a free port for edge-runtime diff containers#5424
Merged
Conversation
The schema diff path runs `edge-runtime start` to execute one-shot scripts (migra, pg-delta, pgcache) with host networking but without a `--port` flag, so the runtime's HTTP listener bound the edge-runtime default port directly in the host network namespace. When that port was already in use (a leftover diff container, the local stack, or anything else on the port) the bind failed with "Address already in use (os error 98)" and the container exited 1, surfacing as `error diffing schema: error running container: exit 1`. Allocate a free host port and pass it as `--port` via a shared `EdgeRuntimeStartCmd` helper used by both `RunEdgeRuntimeScript` and `diffWithStream`, so concurrent or leftover one-shot containers no longer collide on the default port. Fixes #5407
Coverage Report for CI Build 26814852769Coverage increased (+0.001%) to 63.906%Details
Uncovered ChangesNo uncovered changes found. Coverage Regressions8 previously-covered lines in 2 files lost coverage.
Coverage Stats
💛 - Coveralls |
jgoux
approved these changes
Jun 2, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What changed
The schema diff path (
supabase db pulland friends) executes one-shot scripts — migra, pg-delta, pgcache — by runningedge-runtime start --main-service=.inside a container. Both call sites (RunEdgeRuntimeScriptininternal/utils/edgeruntime.goanddiffWithStreamininternal/db/diff/diff.go) launched it withNetworkMode: hostbut without a--portflag.edge-runtime startis an HTTP server and always binds a TCP listener. With no explicit port it bound the edge-runtime default port, and with host networking that bind landed directly in the host (Docker VM) network namespace. When the port was already taken — a leftover diff container from an interrupted run, the local stack, or anything else on that port — the bind failed and the container exited 1.This change adds a shared
EdgeRuntimeStartCmdhelper that allocates a free host port and passes it as--port, used by both call sites, so concurrent or leftover one-shot containers no longer contend for the default port. On the rare port-allocation failure it falls back to the previous portless command.Why
Reported in #5407:
supabase db pullon Windows fails at "Diffing schemas..." withError: Address already in use (os error 98). Host networking on Docker Desktop (Windows/macOS) shares the VM namespace and makes the default-port collision far more likely.functions servewas never affected because it already passes an explicit--port(serve.go:190).Reviewer notes
RunEdgeRuntimeScript: migra, pg-delta (×3), pgcache, apply — plus the streamingdiffWithStream.serve.go), which can follow separately.Fixes #5407