update metrics

* chore(main): release 1.70.1

* Apply automatic changes

---------

Co-authored-by: rubenfiszel <rubenfiszel@users.noreply.github.com>

.devcontainer/Dockerfile

@@ -29,6 +29,7 @@ FROM mcr.microsoft.com/vscode/devcontainers/rust:bullseye
 
 RUN apt update \
     && apt-get install -y \
+    lld \
     python3 \
     libprotobuf-dev \ 
     libnl-route-3-dev \

.env

@@ -1,9 +1,2 @@
-DATABASE_URL=postgres://postgres:changeme@db/windmill?sslmode=disable
-
-# For Enterprise Edition, use:
-# WM_IMAGE=ghcr.io/windmill-labs/windmill-ee:main
-WM_IMAGE=ghcr.io/windmill-labs/windmill:main
-
-
-# To use another port than :80, setup the Caddyfile and the caddy section of the docker-compose to your needs: https://caddyserver.com/docs/getting-started
-# To have caddy take care of automatic TLS
+DB_PASSWORD=changeme
+WM_BASE_URL=localhost

.githooks/pre-commit

@@ -1,14 +0,0 @@
-#!/bin/sh
-#
-# This file is symlinked to local .git/hooks/pre-commit by the setup-hooks.sh script
-# It wil run before every commit, so it needs to be quick and efficient. If it returns
-# a non-zero exit code, the commit will be aborted.
-
-echo "Running pre-commit hook"
-
-# This checks that there is no symlinks in the backend directory among the EE files
-./backend/check_no_symlink.sh > /dev/null
-if [ $? -ne 0 ]; then
-  echo "/!\ Symlinks detected in the backend directory. Please run './backend/substitute_ee_code.sh --revert' before committing."
-  exit 1
-fi

.github/Dockerfile

@@ -1,7 +1,7 @@
 FROM nikolaik/python-nodejs
 
 RUN npm install -g @apidevtools/swagger-cli
-RUN pip install openapi-python-client==0.15.1
+RUN pip install openapi-python-client
 RUN pip install poetry
 
 

.github/DockerfileBackendTests

@@ -1,65 +1,64 @@
-ARG DEBIAN_IMAGE=debian:bookworm-slim
-ARG RUST_IMAGE=rust:1.79-slim-bookworm
-ARG PYTHON_IMAGE=python:3.11.4-slim-bookworm
+FROM python:3.10-slim-buster as nsjail
 
-FROM ${DEBIAN_IMAGE} as downloader
+WORKDIR /nsjail
 
-ARG TARGETPLATFORM
+RUN apt-get -y update \
+    && apt-get install -y \
+    bison=2:3.3.* \
+    flex=2.6.* \
+    g++=4:8.3.* \
+    gcc=4:8.3.* \
+    git=1:2.20.* \
+    libprotobuf-dev=3.6.* \
+    libnl-route-3-dev=3.4.* \
+    make=4.2.* \
+    pkg-config=0.29-6 \
+    protobuf-compiler=3.6.*
 
-SHELL ["/bin/bash", "-c"]
-
-RUN apt update -y
-RUN apt install -y unzip curl
-
-RUN [ "$TARGETPLATFORM" == "linux/amd64" ] && curl -Lsf https://github.com/denoland/deno/releases/download/v1.41.0/deno-x86_64-unknown-linux-gnu.zip -o deno.zip || true
-RUN [ "$TARGETPLATFORM" == "linux/arm64" ] && curl -Lsf https://github.com/denoland/deno/releases/download/v1.41.0/deno-aarch64-unknown-linux-gnu.zip -o deno.zip || true
+RUN git clone -b master --single-branch https://github.com/google/nsjail.git . \
+    && git checkout dccf911fd2659e7b08ce9507c25b2b38ec2c5800
+RUN make
 
 
-RUN unzip deno.zip && rm deno.zip
-
-
-FROM ${RUST_IMAGE} as builder
+FROM rust:slim-buster as builder
 
 RUN apt-get update && apt-get install -y git libssl-dev pkg-config
 
 RUN apt-get -y update \
     && apt-get install -y \
-    curl
+    curl lld
 
 ENV SQLX_OFFLINE=true
 
 
 RUN mkdir -p /frontend/build
 RUN apt-get update \
-    && apt-get install -y ca-certificates tzdata libpq5 cmake\
+    && apt-get install -y ca-certificates tzdata libpq5 \
     make build-essential libssl-dev zlib1g-dev libbz2-dev libreadline-dev \
     libsqlite3-dev wget curl llvm libncurses5-dev libncursesw5-dev xz-utils tk-dev libxml2-dev \
-    libxmlsec1-dev libffi-dev liblzma-dev mecab-ipadic-utf8 libgdbm-dev libc6-dev git libprotobuf-dev libnl-route-3-dev \
-    libv8-dev  nodejs npm clang libclang-dev\
+    libxmlsec1-dev libffi-dev liblzma-dev mecab-ipadic-utf8 libgdbm-dev libc6-dev git libprotobuf-dev=3.6.* libnl-route-3-dev=3.4.* \
+    libv8-dev tesseract-ocr nodejs npm\
     && rm -rf /var/lib/apt/lists/*
 
-
-RUN wget https://golang.org/dl/go1.21.5.linux-amd64.tar.gz && tar -C /usr/local -xzf go1.21.5.linux-amd64.tar.gz
+RUN wget https://golang.org/dl/go1.19.1.linux-amd64.tar.gz && tar -C /usr/local -xzf go1.19.1.linux-amd64.tar.gz
 ENV PATH="${PATH}:/usr/local/go/bin"
 ENV GO_PATH=/usr/local/go/bin/go
 
 ENV TZ=Etc/UTC
 
-ENV PYTHON_VERSION 3.11.4
+ENV PYTHON_VERSION 3.10.4
 
 RUN wget https://www.python.org/ftp/python/${PYTHON_VERSION}/Python-${PYTHON_VERSION}.tgz \
     && tar -xf Python-${PYTHON_VERSION}.tgz && cd Python-${PYTHON_VERSION}/ && ./configure --enable-optimizations \
     && make -j 4 && make install
 
 RUN /usr/local/bin/python3 -m pip install pip-tools
+RUN /usr/local/bin/python3 -m pip install nltk
+RUN mkdir -p /nsjail_data/python && HOME=/nsjail_data/python /usr/local/bin/python3 -m nltk.downloader vader_lexicon
 
-COPY --from=oven/bun:1.1.8 /usr/local/bin/bun /usr/bin/bun
+COPY --from=nsjail /nsjail/nsjail /bin/nsjail
 
-
-RUN [ "$TARGETPLATFORM" == "linux/amd64" ] && curl -Lsf https://github.com/denoland/deno/releases/download/v1.41.0/deno-x86_64-unknown-linux-gnu.zip -o deno.zip || true
-RUN [ "$TARGETPLATFORM" == "linux/arm64" ] && curl -Lsf https://github.com/denoland/deno/releases/download/v1.41.0/deno-aarch64-unknown-linux-gnu.zip -o deno.zip || true
-
-COPY --from=downloader --chmod=755 /deno /usr/bin/deno
+COPY --from=denoland/deno:latest /usr/bin/deno /usr/bin/deno
 
 RUN apt-get update \
     && apt-get install -y postgresql-client --allow-unauthenticated

.github/DockerfilePypiBuilder

@@ -4,4 +4,4 @@ RUN python3 -m pip install pipx poetry
 RUN python3 -m pipx ensurepath
 ENV PATH="/root/.local/bin:${PATH}"
 ENV PATH="/usr/local/bin:${PATH}"
-RUN pipx install openapi-python-client==0.15.1 --include-deps
+RUN pipx install openapi-python-client==0.11.6 --include-deps

.github/change-versions-mac.sh

@@ -1,26 +0,0 @@
-#!/bin/bash
-set -euo pipefail
-script_dirpath="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-root_dirpath="$(cd "${script_dirpath}/.." && pwd)"
-
-VERSION=$1
-echo "Updating versions to: $VERSION"
-
-sed -i '' -e "/^version =/s/= .*/= \"$VERSION\"/" ${root_dirpath}/backend/Cargo.toml
-sed -i '' -e "/^export const VERSION =/s/= .*/= \"v$VERSION\";/"  ${root_dirpath}/cli/main.ts
-sed -i '' -e "/^export const VERSION =/s/= .*/= \"v$VERSION\";/" ${root_dirpath}/benchmarks/lib.ts
-sed -i '' -e "/version: /s/: .*/: $VERSION/" ${root_dirpath}/backend/windmill-api/openapi.yaml
-sed -i '' -e "/version: /s/: .*/: $VERSION/" ${root_dirpath}/openflow.openapi.yaml
-sed -i '' -e "/\"version\": /s/: .*,/: \"$VERSION\",/" ${root_dirpath}/typescript-client/package.json
-sed -i '' -e "/\"version\": /s/: .*,/: \"$VERSION\",/" ${root_dirpath}/frontend/package.json
-sed -i '' -e "/^version =/s/= .*/= \"$VERSION\"/" ${root_dirpath}/python-client/wmill/pyproject.toml
-sed -i '' -e "/^windmill-api =/s/= .*/= \"\\^$VERSION\"/" ${root_dirpath}/python-client/wmill/pyproject.toml
-sed -i '' -e "/^version =/s/= .*/= \"$VERSION\"/" ${root_dirpath}/python-client/wmill_pg/pyproject.toml
-sed -i '' -e "/^ModuleVersion =/s/= .*/= '$VERSION'/" ${root_dirpath}/powershell-client/WindmillClient/WindmillClient.psd1
-# sed -i '' -e "/^wmill =/s/= .*/= \"\\^$VERSION\"/" python-client/wmill_pg/pyproject.toml
-sed -i '' -e "/^wmill =/s/= .*/= \">=$VERSION\"/" ${root_dirpath}/lsp/Pipfile
-sed -i '' -e "/^wmill_pg =/s/= .*/= \">=$VERSION\"/" ${root_dirpath}/lsp/Pipfile
-
-sed -i '' -E "s/name = \"windmill\"\nversion = \"[^\"]*\"\\n(.*)/name = \"windmill\"\nversion = \"$VERSION\"\\n\\1/" ${root_dirpath}/backend/Cargo.lock
-
-cd ${root_dirpath}/frontend && npm i --package-lock-only

.github/change-versions.sh

@@ -1,27 +1,20 @@
 #!/bin/bash
-set -euo pipefail
-script_dirpath="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-root_dirpath="$(cd "${script_dirpath}/.." && pwd)"
 
 VERSION=$1
 echo "Updating versions to: $VERSION"
 
-sed -i -e "/^version =/s/= .*/= \"$VERSION\"/" ${root_dirpath}/backend/Cargo.toml
-sed -i -e "/^export const VERSION =/s/= .*/= \"v$VERSION\";/" ${root_dirpath}/cli/main.ts
-sed -i -e "/^export const VERSION =/s/= .*/= \"v$VERSION\";/" ${root_dirpath}/benchmarks/lib.ts
-sed -i -e "/version: /s/: .*/: $VERSION/" ${root_dirpath}/backend/windmill-api/openapi.yaml
-sed -i -e "/version: /s/: .*/: $VERSION/" ${root_dirpath}/openflow.openapi.yaml
-sed -i -e "/\"version\": /s/: .*,/: \"$VERSION\",/" ${root_dirpath}/typescript-client/package.json
-sed -i -e "/\"version\": /s/: .*,/: \"$VERSION\",/" ${root_dirpath}/typescript-client/jsr.json
-sed -i -e "/\"version\": /s/: .*,/: \"$VERSION\",/" ${root_dirpath}/frontend/package.json
-sed -i -e "/^version =/s/= .*/= \"$VERSION\"/" ${root_dirpath}/python-client/wmill/pyproject.toml
-sed -i -e "/^windmill-api =/s/= .*/= \"\\^$VERSION\"/" ${root_dirpath}/python-client/wmill/pyproject.toml
-sed -i -e "/^version =/s/= .*/= \"$VERSION\"/" ${root_dirpath}/python-client/wmill_pg/pyproject.toml
-sed -i -e "/^ModuleVersion =/s/= .*/= '$VERSION'/" ${root_dirpath}/powershell-client/WindmillClient/WindmillClient.psd1
-# sed -i -e "/^wmill =/s/= .*/= \"\\^$VERSION\"/" ${root_dirpath}/python-client/wmill_pg/pyproject.toml
-sed -i -e "/^wmill =/s/= .*/= \">=$VERSION\"/" ${root_dirpath}/lsp/Pipfile
-sed -i -e "/^wmill_pg =/s/= .*/= \">=$VERSION\"/" ${root_dirpath}/lsp/Pipfile
+sed -i -e "/^version =/s/= .*/= \"$VERSION\"/" backend/Cargo.toml
+sed -i -e "/^const VERSION =/s/= .*/= \"v$VERSION\";/" cli/main.ts
+sed -i -e "/version: /s/: .*/: $VERSION/" backend/windmill-api/openapi.yaml
+sed -i -e "/version: /s/: .*/: $VERSION/" openflow.openapi.yaml
+sed -i -e "/\"version\": /s/: .*,/: \"$VERSION\",/" frontend/package.json
+sed -i -e "/^version =/s/= .*/= \"$VERSION\"/" python-client/wmill/pyproject.toml
+sed -i -e "/^windmill-api =/s/= .*/= \"\\^$VERSION\"/" python-client/wmill/pyproject.toml
+sed -i -e "/^version =/s/= .*/= \"$VERSION\"/" python-client/wmill_pg/pyproject.toml
+# sed -i -e "/^wmill =/s/= .*/= \"\\^$VERSION\"/" python-client/wmill_pg/pyproject.toml
+sed -i -e "/^wmill =/s/= .*/= \">=$VERSION\"/" lsp/Pipfile
+sed -i -e "/^wmill_pg =/s/= .*/= \">=$VERSION\"/" lsp/Pipfile
 
-sed -i -zE "s/name = \"windmill\"\nversion = \"[^\"]*\"\\n(.*)/name = \"windmill\"\nversion = \"$VERSION\"\\n\\1/" ${root_dirpath}/backend/Cargo.lock
+sed -i -zE "s/name = \"windmill\"\nversion = \"[^\"]*\"\\n(.*)/name = \"windmill\"\nversion = \"$VERSION\"\\n\\1/" backend/Cargo.lock
 
-cd ${root_dirpath}/frontend && npm i --package-lock-only
+cd frontend && npm i --package-lock-only

.github/uffizzi/caddy/Caddyfile

@@ -0,0 +1,5 @@
+localhost {
+        bind 0.0.0.0
+        reverse_proxy /ws/* http://0.0.0.0:3001
+        reverse_proxy /* http://0.0.0.0:8000
+}

.github/uffizzi/docker-compose.uffizzi.yml

@@ -0,0 +1,53 @@
+version: '3.7'
+
+x-uffizzi:
+  ingress:
+    service: windmill
+    port: 8000
+
+services:
+  db:
+    image: postgres:14
+    environment:
+      POSTGRES_PASSWORD: changeme
+      POSTGRES_DB: windmill
+
+  windmill:
+    image: '${WINDMILL_IMAGE}'
+    ports:
+      - 8000:8000
+    entrypoint: ['/bin/sh', '-c']
+    command: 'echo ${OAUTH_JSON_BASE64} | base64 --decode > /usr/src/app/oauth.json && ./windmill'
+    environment:
+      - DATABASE_URL=postgres://postgres:changeme@localhost/windmill?sslmode=disable
+      - BASE_URL=${EXPECTED_URL}
+      - BASE_INTERNAL_URL=http://localhost:8000
+      - RUST_LOG=info
+      - NUM_WORKERS=3
+      - KEEP_JOB_DIR=false
+      - DENO_PATH=/usr/bin/deno
+      - PYTHON_PATH=/usr/local/bin/python3
+      - METRICS_ADDR=false
+      - OAUTH_JSON_BASE64=${OAUTH_JSON_BASE64}
+    volumes:
+      - worker_dependency_cache:/tmp/windmill/cache
+    deploy:
+      resources:
+        limits:
+          memory: 250M
+
+  lsp:
+    image: '${LSP_IMAGE}'
+    ports:
+      - 3001:3001
+
+  # caddy:
+  #   image: caddy:2.5.2-alpine
+  #   restart: unless-stopped
+  #   volumes:
+  #     - ./.github/uffizzi/caddy:/etc/caddy
+  #   environment:
+  #     - BASE_URL=localhost
+
+volumes:
+  worker_dependency_cache:

.github/workflows/automerge-dependabot.yml

@@ -0,0 +1,26 @@
+name: dependabot auto-merge
+
+on: pull_request_target
+
+permissions:
+  contents: read
+  pull-requests: read
+
+jobs:
+  dependabot:
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    steps:
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v1.3.6
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+      - name: Enable auto-merge for Dependabot PRs
+        if: steps.metadata.outputs.update-type == 'version-update:semver-patch' ||  steps.metadata.outputs.update-type == 'version-update:semver-minor'
+        run: |
+          echo ${{ secrets.RUBEN_PAT }} | gh auth login --with-token
+          gh pr review --approve "$PR_URL"
+          gh pr merge --auto --squash "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}

.github/workflows/automerge-dependabot.yml.archived

@@ -1,26 +0,0 @@
-# name: dependabot auto-merge
-
-# on: pull_request_target
-
-# permissions:
-#   contents: read
-#   pull-requests: read
-
-# jobs:
-#   dependabot:
-#     runs-on: ubuntu-latest
-#     if: ${{ github.actor == 'dependabot[bot]' }}
-#     steps:
-#       - name: Dependabot metadata
-#         id: metadata
-#         uses: dependabot/fetch-metadata@v1.6.0
-#         with:
-#           github-token: "${{ secrets.GITHUB_TOKEN }}"
-#       - name: Enable auto-merge for Dependabot PRs
-#         if: steps.metadata.outputs.update-type == 'version-update:semver-patch' ||  steps.metadata.outputs.update-type == 'version-update:semver-minor'
-#         run: |
-#           echo ${{ secrets.RUBEN_PAT }} | gh auth login --with-token
-#           gh pr review --approve "$PR_URL"
-#           gh pr merge --auto --squash "$PR_URL"
-#         env:
-#           PR_URL: ${{github.event.pull_request.html_url}}

.github/workflows/backend-test.yml

@@ -15,9 +15,10 @@ on:
 
 jobs:
   cargo_test:
-    runs-on: ubicloud-standard-8
+    runs-on: [self-hosted, new]
     container:
       image: ghcr.io/windmill-labs/backend-tests
+      options: --privileged
     services:
       postgres:
         image: postgres
@@ -26,23 +27,17 @@ jobs:
           POSTGRES_PASSWORD: changeme
 
         options: >-
-          --health-cmd pg_isready --health-interval 10s --health-timeout 5s
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
           --health-retries 5
     steps:
       - uses: actions/checkout@v3
-      - uses: actions-rust-lang/setup-rust-toolchain@v1
+      - uses: Swatinem/rust-cache@v2
         with:
-          toolchain: 1.79.0
-      # - uses: Swatinem/rust-cache@v2
-      #   with:
-      #     workspaces: |
-      #       backend
-      #       backend -> target
+          workspaces: |
+            backend
+            backend -> target
       - name: cargo test
-        timeout-minutes: 15
-        run:
-          mkdir frontend/build && cd backend && touch
-          windmill-api/openapi-deref.yaml &&
-          DATABASE_URL=postgres://postgres:changeme@postgres:5432/windmill
-          DISABLE_EMBEDDING=true RUST_LOG=info cargo test --features enterprise
-          --all -- --nocapture
+        timeout-minutes: 10
+        run: mkdir frontend/build && cd backend && touch windmill-api/openapi-deref.yaml && DATABASE_URL=postgres://postgres:changeme@postgres:5432/windmill DISABLE_NSJAIL=false cargo test --all -- --nocapture

.github/workflows/benchmark.yml

@@ -1,315 +0,0 @@
-name: Run benchmarks
-
-on:
-  schedule:
-    - cron: "0 0 */1 * *"
-  workflow_dispatch:
-
-jobs:
-  benchmark_single:
-    runs-on: ubicloud-standard-8
-    services:
-      postgres:
-        image: postgres
-        env:
-          POSTGRES_DB: windmill
-          POSTGRES_PASSWORD: changeme
-        options: >-
-          --health-cmd pg_isready --health-interval 10s --health-timeout 5s
-          --health-retries 5
-      windmill:
-        image: ghcr.io/windmill-labs/windmill-ee:main
-        env:
-          DATABASE_URL: postgres://postgres:changeme@postgres:5432/windmill
-          LICENSE_KEY: ${{ secrets.WM_LICENSE_KEY_CI }}
-          WORKER_GROUP: main
-          WORKER_TAGS: deno,bun,go,python3,bash,dependency,flow,nativets
-        options: >-
-          --pull always --health-interval 10s --health-timeout 5s
-          --health-retries 5 --health-cmd "curl
-          http://localhost:8000/api/version"
-        ports:
-          - 8000:8000
-    steps:
-      - uses: denoland/setup-deno@v1
-        with:
-          deno-version: v1.x
-      - name: benchmark
-        timeout-minutes: 20
-        run: deno run --unstable -A -r
-          https://raw.githubusercontent.com/windmill-labs/windmill/${GITHUB_REF##ref/head/}/benchmarks/benchmark_suite.ts
-          -c
-          https://raw.githubusercontent.com/windmill-labs/windmill/${GITHUB_REF##ref/head/}/benchmarks/suite_config.json
-      - name: Save benchmark results
-        uses: actions/upload-artifact@v4
-        with:
-          name: benchmark_single
-          path: |
-            *.json
-
-  benchmark_dedicated:
-    runs-on: ubicloud-standard-8
-    services:
-      postgres:
-        image: postgres
-        env:
-          POSTGRES_DB: windmill
-          POSTGRES_PASSWORD: changeme
-        options: >-
-          --health-cmd pg_isready --health-interval 10s --health-timeout 5s
-          --health-retries 5
-      windmill:
-        image: ghcr.io/windmill-labs/windmill-ee:main
-        env:
-          DATABASE_URL: postgres://postgres:changeme@postgres:5432/windmill
-          LICENSE_KEY: ${{ secrets.WM_LICENSE_KEY_CI }}
-          WORKER_GROUP: dedicated
-          DEDICATED_WORKER: "admins:f/benchmarks/dedicated"
-        options: >-
-          --pull always --restart unless-stopped --health-interval 10s --health-timeout 5s
-          --health-retries 5 --health-cmd "curl
-          http://localhost:8000/api/version"
-        ports:
-          - 8000:8000
-    steps:
-      - uses: denoland/setup-deno@v1
-        with:
-          deno-version: v1.x
-      - name: benchmark
-        timeout-minutes: 20
-        run: deno run --unstable -A -r
-          https://raw.githubusercontent.com/windmill-labs/windmill/${GITHUB_REF##ref/head/}/benchmarks/benchmark_suite.ts
-          --no-warm-up -c
-          https://raw.githubusercontent.com/windmill-labs/windmill/${GITHUB_REF##ref/head/}/benchmarks/suite_dedicated.json
-      - name: Save benchmark results
-        uses: actions/upload-artifact@v4
-        with:
-          name: benchmark_dedicated
-          path: |
-            *.json
-
-  benchmark_4workers:
-    runs-on: ubicloud-standard-8
-    services:
-      postgres:
-        image: postgres
-        env:
-          POSTGRES_DB: windmill
-          POSTGRES_PASSWORD: changeme
-        options: >-
-          --health-cmd pg_isready --health-interval 10s --health-timeout 5s
-          --health-retries 5
-      windmill:
-        image: ghcr.io/windmill-labs/windmill-ee:main
-        env:
-          DATABASE_URL: postgres://postgres:changeme@postgres:5432/windmill
-          LICENSE_KEY: ${{ secrets.WM_LICENSE_KEY_CI }}
-          WORKER_GROUP: main
-          WORKER_TAGS: deno,bun,go,python3,bash,dependency,flow,nativets
-        options: >-
-          --pull always --health-interval 10s --health-timeout 5s
-          --health-retries 5 --health-cmd "curl
-          http://localhost:8000/api/version"
-        ports:
-          - 8000:8000
-      windmill_1:
-        image: ghcr.io/windmill-labs/windmill-ee:main
-        env:
-          DATABASE_URL: postgres://postgres:changeme@postgres:5432/windmill
-          LICENSE_KEY: ${{ secrets.WM_LICENSE_KEY_CI }}
-          MODE: worker
-          WORKER_GROUP: main
-          WORKER_TAGS: deno,bun,go,python3,bash,dependency,flow,nativets
-        options: >-
-          --pull always
-
-      windmill_2:
-        image: ghcr.io/windmill-labs/windmill-ee:main
-        env:
-          DATABASE_URL: postgres://postgres:changeme@postgres:5432/windmill
-          LICENSE_KEY: ${{ secrets.WM_LICENSE_KEY_CI }}
-          MODE: worker
-          WORKER_GROUP: main
-          WORKER_TAGS: deno,bun,go,python3,bash,dependency,flow,nativets
-        options: >-
-          --pull always
-
-      windmill_3:
-        image: ghcr.io/windmill-labs/windmill-ee:main
-        env:
-          DATABASE_URL: postgres://postgres:changeme@postgres:5432/windmill
-          LICENSE_KEY: ${{ secrets.WM_LICENSE_KEY_CI }}
-          MODE: worker
-          WORKER_GROUP: main
-          WORKER_TAGS: deno,bun,go,python3,bash,dependency,flow,nativets
-        options: >-
-          --pull always
-
-    steps:
-      - uses: denoland/setup-deno@v1
-        with:
-          deno-version: v1.x
-      - name: benchmark
-        timeout-minutes: 20
-        run: deno run --unstable -A -r
-          https://raw.githubusercontent.com/windmill-labs/windmill/${GITHUB_REF##ref/head/}/benchmarks/benchmark_suite.ts
-          -c
-          https://raw.githubusercontent.com/windmill-labs/windmill/${GITHUB_REF##ref/head/}/benchmarks/suite_config.json
-          --workers 4
-      - name: Save benchmark results
-        uses: actions/upload-artifact@v4
-        with:
-          name: benchmark_4workers
-          path: |
-            *.json
-
-  benchmark_8workers:
-    runs-on: ubicloud-standard-8
-    services:
-      postgres:
-        image: postgres
-        env:
-          POSTGRES_DB: windmill
-          POSTGRES_PASSWORD: changeme
-        options: >-
-          --health-cmd pg_isready --health-interval 10s --health-timeout 5s
-          --health-retries 5
-      windmill:
-        image: ghcr.io/windmill-labs/windmill-ee:main
-        env:
-          DATABASE_URL: postgres://postgres:changeme@postgres:5432/windmill
-          LICENSE_KEY: ${{ secrets.WM_LICENSE_KEY_CI }}
-          WORKER_GROUP: main
-          WORKER_TAGS: deno,bun,go,python3,bash,dependency,flow,nativets
-        options: >-
-          --pull always --health-interval 10s --health-timeout 5s
-          --health-retries 5 --health-cmd "curl
-          http://localhost:8000/api/version"
-        ports:
-          - 8000:8000
-      windmill_1:
-        image: ghcr.io/windmill-labs/windmill-ee:main
-        env:
-          DATABASE_URL: postgres://postgres:changeme@postgres:5432/windmill
-          LICENSE_KEY: ${{ secrets.WM_LICENSE_KEY_CI }}
-          MODE: worker
-          WORKER_GROUP: main
-          WORKER_TAGS: deno,bun,go,python3,bash,dependency,flow,nativets
-        options: >-
-          --pull always
-
-      windmill_2:
-        image: ghcr.io/windmill-labs/windmill-ee:main
-        env:
-          DATABASE_URL: postgres://postgres:changeme@postgres:5432/windmill
-          LICENSE_KEY: ${{ secrets.WM_LICENSE_KEY_CI }}
-          MODE: worker
-          WORKER_GROUP: main
-          WORKER_TAGS: deno,bun,go,python3,bash,dependency,flow,nativets
-        options: >-
-          --pull always
-
-      windmill_3:
-        image: ghcr.io/windmill-labs/windmill-ee:main
-        env:
-          DATABASE_URL: postgres://postgres:changeme@postgres:5432/windmill
-          LICENSE_KEY: ${{ secrets.WM_LICENSE_KEY_CI }}
-          MODE: worker
-          WORKER_GROUP: main
-          WORKER_TAGS: deno,bun,go,python3,bash,dependency,flow,nativets
-        options: >-
-          --pull always
-
-      windmill_4:
-        image: ghcr.io/windmill-labs/windmill-ee:main
-        env:
-          DATABASE_URL: postgres://postgres:changeme@postgres:5432/windmill
-          LICENSE_KEY: ${{ secrets.WM_LICENSE_KEY_CI }}
-          MODE: worker
-          WORKER_GROUP: main
-          WORKER_TAGS: deno,bun,go,python3,bash,dependency,flow,nativets
-        options: >-
-          --pull always
-
-      windmill_5:
-        image: ghcr.io/windmill-labs/windmill-ee:main
-        env:
-          DATABASE_URL: postgres://postgres:changeme@postgres:5432/windmill
-          LICENSE_KEY: ${{ secrets.WM_LICENSE_KEY_CI }}
-          MODE: worker
-          WORKER_GROUP: main
-          WORKER_TAGS: deno,bun,go,python3,bash,dependency,flow,nativets
-        options: >-
-          --pull always
-
-      windmill_6:
-        image: ghcr.io/windmill-labs/windmill-ee:main
-        env:
-          DATABASE_URL: postgres://postgres:changeme@postgres:5432/windmill
-          LICENSE_KEY: ${{ secrets.WM_LICENSE_KEY_CI }}
-          MODE: worker
-          WORKER_GROUP: main
-          WORKER_TAGS: deno,bun,go,python3,bash,dependency,flow,nativets
-        options: >-
-          --pull always
-
-      windmill_7:
-        image: ghcr.io/windmill-labs/windmill-ee:main
-        env:
-          DATABASE_URL: postgres://postgres:changeme@postgres:5432/windmill
-          LICENSE_KEY: ${{ secrets.WM_LICENSE_KEY_CI }}
-          MODE: worker
-          WORKER_GROUP: main
-          WORKER_TAGS: deno,bun,go,python3,bash,dependency,flow,nativets
-        options: >-
-          --pull always
-    steps:
-      - uses: denoland/setup-deno@v1
-        with:
-          deno-version: v1.x
-      - name: benchmark
-        timeout-minutes: 20
-        run: deno run --unstable -A -r
-          https://raw.githubusercontent.com/windmill-labs/windmill/${GITHUB_REF##ref/head/}/benchmarks/benchmark_suite.ts
-          -c
-          https://raw.githubusercontent.com/windmill-labs/windmill/${GITHUB_REF##ref/head/}/benchmarks/suite_config.json
-          --workers 8
-      - name: Save benchmark results
-        uses: actions/upload-artifact@v4
-        with:
-          name: benchmark_8workers
-          path: |
-            *.json
-
-  benchmark_graphs:
-    runs-on: ubicloud
-    needs:
-      - benchmark_single
-      - benchmark_dedicated
-      - benchmark_4workers
-      - benchmark_8workers
-    steps:
-      - uses: denoland/setup-deno@v1
-        with:
-          deno-version: v1.x
-      - uses: actions/checkout@v4
-        with:
-          ref: benchmarks
-      - name: Download benchmark results
-        uses: actions/download-artifact@v4
-        with:
-          merge-multiple: true
-      - name: graphs
-        run: deno run --unstable -A -r
-          https://raw.githubusercontent.com/windmill-labs/windmill/${GITHUB_REF##ref/head/}/benchmarks/benchmark_graphs.ts
-          -c
-          https://raw.githubusercontent.com/windmill-labs/windmill/${GITHUB_REF##ref/head/}/benchmarks/graphs_config.json
-      - name: Push changes
-        run: |
-          ls -la
-          pwd
-          git add .
-          git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
-          git config --local user.name "github-actions[bot]"
-          git commit -m "Update benchmarks"
-          git push

.github/workflows/build-caddy-l4-image.yml

@@ -1,45 +0,0 @@
-env:
-  REGISTRY: ghcr.io
-  IMAGE_NAME: ${{ github.repository_owner }}/caddy-l4
-
-name: Build caddy-l4
-on:
-  workflow_dispatch:
-
-permissions: write-all
-
-jobs:
-  build_ee:
-    runs-on: ubicloud
-    steps:
-      - uses: actions/checkout@v4
-      - uses: depot/setup-action@v1
-      - name: Docker meta
-        id: meta-ee-public
-        uses: docker/metadata-action@v4
-        with:
-          images: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-          tags: |
-            type=sha
-            type=ref,event=branch
-            type=raw,value=latest,enable={{is_default_branch}}
-
-      - name: Login to registry
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build and push publicly
-        uses: depot/build-push-action@v1
-        with:
-          context: ./docker
-          file: ./docker/DockerfileCaddyL4
-          platforms: linux/amd64,linux/arm64
-          push: true
-          tags: |
-            ${{ steps.meta-ee-public.outputs.tags }}
-          labels: |
-            ${{ steps.meta-ee-public.outputs.labels }}

.github/workflows/build-staging-image.yml

@@ -1,70 +0,0 @@
-env:
-  REGISTRY: ghcr.io
-  IMAGE_NAME: ${{ github.repository }}
-
-name: Build windmill-staging
-on:
-  workflow_dispatch:
-
-permissions: write-all
-
-jobs:
-  build_ee:
-    runs-on: ubicloud
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Read EE repo commit hash
-        run: |
-          echo "ee_repo_ref=$(cat ./backend/ee-repo-ref.txt)" >> "$GITHUB_ENV"
-
-      - uses: actions/checkout@v4
-        with:
-          repository: windmill-labs/windmill-ee-private
-          path: ./windmill-ee-private
-          ref: ${{ env.ee_repo_ref }}
-          token: ${{ secrets.WINDMILL_EE_PRIVATE_ACCESS }}
-          fetch-depth: 0
-
-      # - name: Set up Docker Buildx
-      #   uses: docker/setup-buildx-action@v2
-      - uses: depot/setup-action@v1
-
-      - name: Docker meta
-        id: meta-ee-public
-        uses: docker/metadata-action@v4
-        with:
-          images: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-staging-ee
-          flavor: |
-            latest=false
-          tags: |
-            type=sha
-            type=ref,event=branch
-
-      - name: Login to registry
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Substitute EE code
-        run: |
-          ./backend/substitute_ee_code.sh --copy --dir ./windmill-ee-private
-
-      - name: Build and push publicly ee
-        uses: depot/build-push-action@v1
-        with:
-          context: .
-          platforms: linux/amd64,linux/arm64
-          push: true
-          build-args: |
-            features=enterprise,enterprise_saml,stripe,embedding,parquet,prometheus,openidconnect,cloud,jemalloc
-          tags: |
-            ${{ steps.meta-ee-public.outputs.tags }}
-          labels: |
-            ${{ steps.meta-ee-public.outputs.labels }}
-            org.opencontainers.image.licenses=Windmill-Enterprise-License

.github/workflows/build_cli_image.yml

@@ -1,55 +0,0 @@
-env:
-  REGISTRY: ghcr.io
-  IMAGE_NAME: ${{ github.repository }}-cli
-
-name: Publish cli image
-on:
-  push:
-    tags:
-      - "v*"
-  workflow_dispatch:
-
-permissions:
-  contents: read
-  id-token: write
-  packages: write
-
-jobs:
-  publish_cli:
-    runs-on: ubicloud
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-      - uses: depot/setup-action@v1
-      - name: Docker meta
-        id: meta
-        uses: docker/metadata-action@v4
-        with:
-          images: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-          tags: |
-            type=ref,event=branch
-            type=ref,event=pr
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-
-      - name: Login to registry
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build and push publicly
-        uses: depot/build-push-action@v1
-        with:
-          file: "./docker/DockerfileCli"
-          platforms: linux/amd64,linux/arm64
-          push: true
-          tags: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
-            ${{ steps.meta.outputs.tags }}
-          labels: |
-            ${{ steps.meta.outputs.labels }}
-            org.opencontainers.image.licenses=AGPLv3

.github/workflows/build_ws.yml

@@ -1,54 +0,0 @@
-env:
-  REGISTRY: ghcr.io
-  ECR_REGISTRY: 976079455550.dkr.ecr.us-east-1.amazonaws.com
-  IMAGE_NAME: ${{ github.repository }}-multiplayer
-
-name: Publish websocket multiplayer server
-on:
-  workflow_dispatch:
-
-permissions:
-  contents: read
-  id-token: write
-  packages: write
-
-jobs:
-  publish_multiplayer:
-    runs-on: ubicloud-standard-8
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-      - uses: depot/setup-action@v1
-      - name: Docker meta
-        id: meta
-        uses: docker/metadata-action@v4
-        with:
-          images: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-          tags: |
-            type=ref,event=branch
-            type=ref,event=pr
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-
-      - name: Login to registry
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build and push publicly
-        uses: depot/build-push-action@v1
-        with:
-          context: .
-          file: ./docker/DockerfileMultiplayer
-          platforms: linux/amd64,linux/arm64
-          push: true
-          tags: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
-            ${{ steps.meta.outputs.tags }}
-          labels: |
-            ${{ steps.meta.outputs.labels }}
-            org.opencontainers.image.licenses=AGPLv3

.github/workflows/change-versions.yml

@@ -6,7 +6,7 @@ on:
       - "version.txt"
 jobs:
   change_version:
-    runs-on: ubicloud
+    runs-on: ubuntu-latest
     container: node:18
     steps:
       - uses: actions/checkout@v3
@@ -17,7 +17,5 @@ jobs:
         with:
           toolchain: stable
       - name: update lockfile
-        run: |
-          cd backend
-          cargo generate-lockfile
+        run: cd backend && cargo generate-lockfile
       - uses: stefanzweifel/git-auto-commit-action@v4

.github/workflows/clean-docker.yml

@@ -0,0 +1,13 @@
+name: Clean docker
+on:
+  schedule:
+    # * is a special character in YAML so you have to quote this string
+    - cron: "0 0 */2 * *"
+
+jobs:
+  build:
+    runs-on: [self-hosted, new]
+    steps:
+      - name: clean docker
+        run: |
+          sudo docker system prune -f

.github/workflows/deno_on_release.yml

@@ -8,7 +8,7 @@ env:
 
 jobs:
   build_deno_and_push_to_repo:
-    runs-on: ubicloud
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
       - name: generate_deno
@@ -31,7 +31,7 @@ jobs:
 
   tag_repo:
     needs: [build_deno_and_push_to_repo]
-    runs-on: ubicloud
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
         with:

.github/workflows/deploy_to_windmill.yml

@@ -0,0 +1,20 @@
+name: Deploy to windmill.dev
+
+on:
+  push:
+    branches: [main]
+    paths:
+      - "community/**"
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Deploy to windmill.dev
+        uses: windmill-labs/windmill-gh-action-deploy@v2.0.0
+        with:
+          dry_run: false
+          input_dir: community
+          windmill_workspace: starter
+          windmill_token: ${{ secrets.WINDMILL_API_TOKEN }}

.github/workflows/docker-310.yml

@@ -0,0 +1,47 @@
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+name: Build and push windmill with python 3.10 and openbb
+on: workflow_dispatch
+
+concurrency:
+  group: ${{ github.ref }}-openbb
+  cancel-in-progress: true
+
+permissions:
+  contents: read
+  id-token: write
+  packages: write
+  
+jobs:
+  build_ee:
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      # - name: Set up Docker Buildx
+      #   uses: docker/setup-buildx-action@v2
+
+      - uses: depot/setup-action@v1
+
+      - name: Login to registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push publicly ee
+        uses: depot/build-push-action@v1
+        with:
+          context: .
+          push: true
+          file: ./docker/DockerfileOpenbb
+          build-args: |
+            features=enterprise
+          tags: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee:openbb
+          labels: |
+            org.opencontainers.image.licenses=Windmill-Enterprise-License

.github/workflows/docker-image-rpi4.yml

@@ -1,76 +0,0 @@
-env:
-  REGISTRY: ghcr.io
-  IMAGE_NAME: ${{ github.repository }}-rpi
-
-name: Build windmill without jemalloc
-on:
-  workflow_dispatch:
-
-concurrency:
-  group: windmill-without-jemalloc
-  cancel-in-progress: true
-
-permissions: write-all
-
-jobs:
-  build:
-    runs-on: ubicloud
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Read EE repo commit hash
-        run: |
-          echo "ee_repo_ref=$(cat ./backend/ee-repo-ref.txt)" >> "$GITHUB_ENV"
-
-      - uses: actions/checkout@v4
-        with:
-          repository: windmill-labs/windmill-ee-private
-          path: ./windmill-ee-private
-          ref: ${{ env.ee_repo_ref }}
-          token: ${{ secrets.WINDMILL_EE_PRIVATE_ACCESS }}
-          fetch-depth: 0
-
-      # - name: Set up Docker Buildx
-      #   uses: docker/setup-buildx-action@v2
-      - uses: depot/setup-action@v1
-
-      - name: Login to registry
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Substitute EE code (EE logic is behind feature flag)
-        run: |
-          ./backend/substitute_ee_code.sh --copy --dir ./windmill-ee-private
-
-      - name: Docker meta
-        id: meta-public
-        uses: docker/metadata-action@v4
-        with:
-          images: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-          flavor: |
-            latest=false
-          tags: |
-            type=ref,event=pr
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-
-      - name: Build and push publicly
-        uses: depot/build-push-action@v1
-        with:
-          context: .
-          platforms: linux/amd64,linux/arm64
-          push: true
-          build-args: |
-            features=embedding,parquet,openidconnect
-          tags: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:dev
-            ${{ steps.meta-public.outputs.tags }}
-          labels: |
-            ${{ steps.meta-public.outputs.labels }}
-            org.opencontainers.image.licenses=AGPLv3

.github/workflows/docker-image.yml

@@ -1,44 +1,32 @@
 env:
+  LOCAL_REGISTRY: registry.wimill.xyz
   REGISTRY: ghcr.io
-  IMAGE_NAME: ${{ github.event_name != 'pull_request' && github.repository || 'windmill-labs/windmill-test' }}
-  DEV_SHA: ${{ github.event_name != 'pull_request' && 'dev' || format('pr-{0}', github.event.number) }}
+  ECR_REGISTRY: 976079455550.dkr.ecr.us-east-1.amazonaws.com
+  IMAGE_NAME: ${{ github.repository }}
 
-name: Build windmill:main
+name: Build and push docker image
 on:
   push:
     branches: [main]
     tags: ["*"]
-  pull_request:
-    types: [opened, synchronize, reopened]
-    paths:
-      - "Dockerfile"
 
 concurrency:
   group: ${{ github.ref }}
   cancel-in-progress: true
 
-permissions: write-all
-
+permissions:
+  contents: read
+  id-token: write
+  packages: write
+  
 jobs:
   build:
-    runs-on: ubicloud
+    runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
         with:
           fetch-depth: 0
 
-      - name: Read EE repo commit hash
-        run: |
-          echo "ee_repo_ref=$(cat ./backend/ee-repo-ref.txt)" >> "$GITHUB_ENV"
-
-      - uses: actions/checkout@v4
-        with:
-          repository: windmill-labs/windmill-ee-private
-          path: ./windmill-ee-private
-          ref: ${{ env.ee_repo_ref }}
-          token: ${{ secrets.WINDMILL_EE_PRIVATE_ACCESS }}
-          fetch-depth: 0
-
       # - name: Set up Docker Buildx
       #   uses: docker/setup-buildx-action@v2
       - uses: depot/setup-action@v1
@@ -50,58 +38,41 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Substitute EE code (EE logic is behind feature flag)
-        run: |
-          ./backend/substitute_ee_code.sh --copy --dir ./windmill-ee-private
-
       - name: Docker meta
         id: meta-public
         uses: docker/metadata-action@v4
         with:
           images: |
             ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-          flavor: |
-            latest=false
           tags: |
+            type=ref,event=branch
+            type=ref,event=pr
             type=semver,pattern={{version}}
             type=semver,pattern={{major}}.{{minor}}
 
+
       - name: Build and push publicly
         uses: depot/build-push-action@v1
         with:
           context: .
           platforms: linux/amd64,linux/arm64
           push: true
-          build-args: |
-            features=embedding,parquet,openidconnect,jemalloc
           tags: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.DEV_SHA }}
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
             ${{ steps.meta-public.outputs.tags }}
           labels: |
             ${{ steps.meta-public.outputs.labels }}
             org.opencontainers.image.licenses=AGPLv3
-
+   
   build_ee:
-    runs-on: ubicloud
+    runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
         with:
           fetch-depth: 0
-
-      - name: Read EE repo commit hash
-        run: |
-          echo "ee_repo_ref=$(cat ./backend/ee-repo-ref.txt)" >> "$GITHUB_ENV"
-
-      - uses: actions/checkout@v4
-        with:
-          repository: windmill-labs/windmill-ee-private
-          path: ./windmill-ee-private
-          ref: ${{ env.ee_repo_ref }}
-          token: ${{ secrets.WINDMILL_EE_PRIVATE_ACCESS }}
-          fetch-depth: 0
-
       # - name: Set up Docker Buildx
       #   uses: docker/setup-buildx-action@v2
+
       - uses: depot/setup-action@v1
 
       - name: Docker meta
@@ -110,9 +81,9 @@ jobs:
         with:
           images: |
             ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee
-          flavor: |
-            latest=false
           tags: |
+            type=ref,event=branch
+            type=ref,event=pr
             type=semver,pattern={{version}}
             type=semver,pattern={{major}}.{{minor}}
 
@@ -123,535 +94,141 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Substitute EE code
-        run: |
-          ./backend/substitute_ee_code.sh --copy --dir ./windmill-ee-private
-
       - name: Build and push publicly ee
         uses: depot/build-push-action@v1
         with:
           context: .
-          platforms: linux/amd64,linux/arm64
           push: true
           build-args: |
-            features=enterprise,enterprise_saml,stripe,embedding,parquet,prometheus,openidconnect,cloud,jemalloc,tantivy
+            features=enterprise
+            nsjail=true
           tags: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee:${{ env.DEV_SHA }}
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee:latest
             ${{ steps.meta-ee-public.outputs.tags }}
           labels: |
             ${{ steps.meta-ee-public.outputs.labels }}
             org.opencontainers.image.licenses=Windmill-Enterprise-License
 
-  build_ee_312:
-    runs-on: ubicloud
-    if: ${{ startsWith(github.ref, 'refs/tags/') }}
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
 
-      - name: Read EE repo commit hash
-        run: |
-          echo "ee_repo_ref=$(cat ./backend/ee-repo-ref.txt)" >> "$GITHUB_ENV"
-
-      - uses: actions/checkout@v4
-        with:
-          repository: windmill-labs/windmill-ee-private
-          path: ./windmill-ee-private
-          ref: ${{ env.ee_repo_ref }}
-          token: ${{ secrets.WINDMILL_EE_PRIVATE_ACCESS }}
-          fetch-depth: 0
-
-      # - name: Set up Docker Buildx
-      #   uses: docker/setup-buildx-action@v2
-      - uses: depot/setup-action@v1
-
-      - name: Docker meta
-        id: meta-ee-public-py312
-        uses: docker/metadata-action@v4
-        with:
-          images: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee-py312
-          flavor: |
-            latest=false
-          tags: |
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-
-      - name: Login to registry
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Substitute EE code
-        run: |
-          ./backend/substitute_ee_code.sh --copy --dir ./windmill-ee-private
-
-      - name: Build and push publicly ee
-        uses: depot/build-push-action@v1
-        with:
-          context: .
-          platforms: linux/amd64
-          push: true
-          build-args: |
-            features=enterprise,enterprise_saml,stripe,embedding,parquet,prometheus,openidconnect,cloud,jemalloc,tantivy
-            PYTHON_IMAGE=python:3.12.2-slim-bookworm
-          tags: |
-            ${{ steps.meta-ee-public-py312.outputs.tags }}
-          labels: |
-            ${{ steps.meta-ee-public-py312.outputs.labels }}
-            org.opencontainers.image.licenses=Windmill-Enterprise-License
-
-  # disabled until we make it 100% reliable and add more meaningful tests
-  # playwright:
-  #   runs-on: [self-hosted, new]
-  #   needs: [build]
-  #   services:
-  #     postgres:
-  #       image: postgres
-  #       env:
-  #         POSTGRES_DB: windmill
-  #         POSTGRES_USER: admin
-  #         POSTGRES_PASSWORD: changeme
-  #       ports:
-  #         - 5432:5432
-  #       options: >-
-  #         --health-cmd pg_isready
-  #         --health-interval 10s
-  #         --health-timeout 5s
-  #         --health-retries 5
-  #   steps:
-  #     - uses: actions/checkout@v4
-  #     - name: "Docker"
-  #       run: echo "::set-output name=id::$(docker run --network=host --rm -d -p 8000:8000 --privileged -it -e DATABASE_URL=postgres://admin:changeme@localhost:5432/windmill -e BASE_INTERNAL_URL=http://localhost:8000 ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest)"
-  #       id: docker-container
-  #     - uses: actions/setup-node@v3
-  #       with:
-  #         node-version: 16
-  #     - name: "Playwright run"
-  #       timeout-minutes: 2
-  #       run: cd frontend && npm ci @playwright/test && npx playwright install && export BASE_URL=http://localhost:8000 && npm run test
-  #     - name: "Clean up"
-  #       run: docker kill ${{ steps.docker-container.outputs.id }}
-  #       if: always()
-
-  attach_amd64_binary_to_release:
-    needs: [build, build_ee]
-    runs-on: ubicloud
-    if: ${{ startsWith(github.ref, 'refs/tags/') }}
-    env:
-      ARCH: amd64
-    steps:
-      - uses: actions/checkout@v4
-
-      - run: |
-          # pulling docker image with desired arch so that actions-docker-extract doesn't do it
-          docker pull --platform "linux/$ARCH" ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.DEV_SHA }}
-          docker pull --platform "linux/$ARCH" ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee:${{ env.DEV_SHA }}
-
-      - run: |
-          # Checks the image is in docker prior to running actions-docker-extract. It fails if not
-          # Also useful to visually check that the arch is the right opencontainers
-          docker image inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.DEV_SHA }}
-          docker image inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee:${{ env.DEV_SHA }}
-
-      - uses: shrink/actions-docker-extract@v3
-        id: extract
-        with:
-          image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.DEV_SHA }}
-          path: "/usr/src/app/windmill"
-
-      - uses: shrink/actions-docker-extract@v3
-        id: extract-ee
-        with:
-          image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee:${{ env.DEV_SHA }}
-          path: "/usr/src/app/windmill"
-
-      - name: Rename binary with corresponding architecture
-        run: |
-          mv "${{ steps.extract.outputs.destination }}/windmill" "${{ steps.extract.outputs.destination }}/windmill-${ARCH}"
-          mv "${{ steps.extract-ee.outputs.destination }}/windmill" "${{ steps.extract-ee.outputs.destination }}/windmill-ee-${ARCH}"
-
-      - name: Attach binary to release
-        uses: softprops/action-gh-release@v1
-        with:
-          files: |
-            ${{ steps.extract.outputs.destination }}/*
-            ${{ steps.extract-ee.outputs.destination }}/*
-
-  # attach_arm64_binary_to_release:
-  #   needs: [build, build_ee]
-  #   runs-on: ubicoud
-  #   if: ${{ startsWith(github.ref, 'refs/tags/') }}
-  #   env:
-  #     ARCH: arm64
-  #   steps:
-  #     - uses: actions/checkout@v4
-
-  #     - run: |
-  #         # pulling docker image with desired arch so that actions-docker-extract doesn't do it
-  #         docker pull --platform "linux/$ARCH" ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.DEV_SHA }}
-  #         docker pull --platform "linux/$ARCH" ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee:${{ env.DEV_SHA }}
-
-  #     - run: |
-  #         # Checks the image is in docker prior to running actions-docker-extract. It fails if not
-  #         # Also useful to visually check that the arch is the right opencontainers
-  #         docker image inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.DEV_SHA }}
-  #         docker image inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee:${{ env.DEV_SHA }}
-
-  #     - uses: shrink/actions-docker-extract@v3
-  #       id: extract
-  #       with:
-  #         image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.DEV_SHA }}
-  #         path: "/usr/src/app/windmill"
-
-  #     - uses: shrink/actions-docker-extract@v3
-  #       id: extract-ee
-  #       with:
-  #         image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee:${{ env.DEV_SHA }}
-  #         path: "/usr/src/app/windmill"
-
-  #     - name: Rename binary with corresponding architecture
-  #       run: |
-  #         mv "${{ steps.extract.outputs.destination }}/windmill" "${{ steps.extract.outputs.destination }}/windmill-${ARCH}"
-  #         mv "${{ steps.extract-ee.outputs.destination }}/windmill" "${{ steps.extract-ee.outputs.destination }}/windmill-ee-${ARCH}"
-
-  #     - name: Attach binary to release
-  #       uses: softprops/action-gh-release@v1
-  #       with:
-  #         files: |
-  #           ${{ steps.extract.outputs.destination }}/*
-  #           ${{ steps.extract-ee.outputs.destination }}/*
-
-  run_integration_test:
-    runs-on: ubicloud
-    needs: [build_ee]
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - name: Prepare test run
-        if: ${{ ! startsWith(github.ref, 'refs/tags/') }}
-        run: cd integration_tests && ./build.sh
-      - name: Test run
-        if: ${{ ! startsWith(github.ref, 'refs/tags/') }}
-        timeout-minutes: 15
+  playwright:
+    runs-on: [self-hosted, new]
+    needs: [build]
+    services:
+      postgres:
+        image: postgres
         env:
-          LICENSE_KEY: ${{ secrets.WM_LICENSE_KEY_CI }}
-        run: cd integration_tests && ./run.sh
-      - name: Archive logs
-        uses: actions/upload-artifact@v3
+          POSTGRES_DB: windmill
+          POSTGRES_USER: admin
+          POSTGRES_PASSWORD: changeme
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+    steps:
+      - uses: actions/checkout@v3
+      - name: "Docker"
+        run: echo "::set-output name=id::$(docker run --network=host --rm -d -p 8000:8000 --privileged -it -e DATABASE_URL=postgres://admin:changeme@localhost:5432/windmill -e BASE_INTERNAL_URL=http://localhost:8000 ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest)"
+        id: docker-container
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 16
+      - name: "Playwright run"
+        timeout-minutes: 2
+        run: cd frontend && npm ci @playwright/test && npx playwright install && export BASE_URL=http://localhost:8000 && npm run test
+      - name: "Clean up"
+        run: docker kill ${{ steps.docker-container.outputs.id }}
         if: always()
-        with:
-          name: Windmill Integration Tests Logs
-          path: |
-            integration_tests/logs
 
-  tag_latest:
-    runs-on: ubicloud
-    needs: [run_integration_test, build]
-    if: github.event_name != 'pull_request'
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - name: Login to registry
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Tag main and latest
-        run: |
-          docker buildx imagetools create ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.DEV_SHA }} --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
-          docker buildx imagetools create ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.DEV_SHA }} --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:main
 
-  tag_latest_ee:
-    runs-on: ubicloud
-    needs: [run_integration_test, build_ee]
-    if: github.event_name != 'pull_request'
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - name: Login to registry
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Tag main and latest for ee
-        run: |
-          docker buildx imagetools create ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee:${{ env.DEV_SHA }} --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee:latest
-          docker buildx imagetools create ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee:${{ env.DEV_SHA }} --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee:main
-
-  verify_ee_image_vulnerabilities:
-    runs-on: ubicloud
-    needs: [tag_latest_ee]
-    # if: ${{ startsWith(github.ref, 'refs/tags/') }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-      - name: Analyze for critical and high CVEs
-        id: docker-scout-cves
-        if: ${{ github.event_name != 'pull_request_target' }}
-        uses: docker/scout-action@v1
-        with:
-          command: cves
-          only-severities: critical,high
-          image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee:main
-          sarif-file: sarif.output.json
-          summary: true
-          dockerhub-user: windmilllabs
-          dockerhub-password: ${{ secrets.DOCKER_PAT }}
-
-      - name: Upload SARIF result
-        id: upload-sarif
-        if: ${{ github.event_name != 'pull_request_target' }}
-        uses: github/codeql-action/upload-sarif@v2
-        with:
-          sarif_file: sarif.output.json
-
-  # docker_scout_ee:
-  #   runs-on: ubicloud
-  #   needs: [tag_latest_ee]
-  #   steps:
-  #     - name: Docker Scout
-  #       id: docker-scout
-  #       uses: docker/scout-action@v1
-  #       with:
-  #         dockerhub-
-  #         command: cves,recommendations,compare
-  #         to-latest: true
-  #         ignore-base: true
-  #         ignore-unchanged: true
-  #         only-fixed: true
-
-  build_ee_nsjail:
+  publish_privately_heavy:
     needs: [build_ee]
-    runs-on: ubicloud
-    if: github.event_name != 'pull_request'
+    runs-on: [self-hosted, new]
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
         with:
           fetch-depth: 0
-
-      # - name: Set up Docker Buildx
-      #   uses: docker/setup-buildx-action@v2
-
-      - uses: depot/setup-action@v1
-
-      - name: Docker meta
-        id: meta-ee-public
-        uses: docker/metadata-action@v4
-        with:
-          images: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee-nsjail
-          flavor: |
-            latest=false
-          tags: |
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-            type=sha,enable=true,priority=100,prefix=,suffix=,format=short
-
-      - name: Login to registry
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build and push publicly ee
-        uses: depot/build-push-action@v1
-        with:
-          context: .
-          platforms: linux/amd64,linux/arm64
-          push: true
-          file: "./docker/DockerfileNsjail"
-          tags: |
-            ${{ steps.meta-ee-public.outputs.tags }}
-          labels: |
-            ${{ steps.meta-ee-public.outputs.labels }}
-            org.opencontainers.image.licenses=Windmill-Enterprise-License
-
-  build_ee_reports_privately:
-    needs: [build_ee_nsjail]
-    runs-on: ubicloud
-    if: github.event_name != 'pull_request'
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      # - name: Set up Docker Buildx
-      #   uses: docker/setup-buildx-action@v2
-
-      - uses: depot/setup-action@v1
-
-      - name: Login to registry
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-          
-      - name: Docker meta
-        id: meta-ee-public
-        uses: docker/metadata-action@v4
-        with:
-          images: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee-reports
-          tags: |
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-            type=sha,enable=true,priority=100,prefix=,suffix=,format=short
-
-      - name: Build and push publicly ee reports
-        uses: depot/build-push-action@v1
-        with:
-          context: .
-          platforms: linux/amd64,linux/arm64
-          push: true
-          file: "./docker/DockerfileReports"
-          tags: |
-            ${{ steps.meta-ee-public.outputs.tags }}
-          labels: |
-            ${{ steps.meta-ee-public.outputs.labels }}
-            org.opencontainers.image.licenses=Windmill-Enterprise-License
-
-  publish_ecr_s3:
-    needs: [build_ee_nsjail]
-    runs-on: ubicloud-standard-2-arm
-    if: github.event_name != 'pull_request'
-    env:
-      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v2
 
+      - name: Docker meta
+        id: meta-heavy
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            ${{ env.ECR_REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=sha
+
+      - name: Login to ECR
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.ECR_REGISTRY }}
+          username: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+
       - name: Login to registry
         uses: docker/login-action@v2
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push privately
+        uses: docker/build-push-action@v3
+        if: github.event_name != 'pull_request'
+        with:
+          context: .
+          push: true
+          file: ./docker/DockerfileHeavy
+          tags: |
+            ${{ steps.meta-heavy.outputs.tags }}
+          labels: ${{ steps.meta-heavy.outputs.labels }}
+          cache-from: type=registry,ref=${{ env.LOCAL_REGISTRY }}/${{ env.IMAGE_NAME }}-heavy:buildcache
+          cache-to: type=registry,ref=${{ env.LOCAL_REGISTRY }}/${{ env.IMAGE_NAME }}-heavy:buildcache,mode=max
+
+  publish_privately_helm:
+    runs-on: [self-hosted, new]
+    needs: [build_ee]
+    if: github.event_name != 'pull_request'
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+ 
+
+      - name: Login to registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Login to ECR
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.ECR_REGISTRY }}
+          username: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
           
-      - name: get git hash
+      - name: Build and push privately
+        uses: docker/build-push-action@v3
         if: github.event_name != 'pull_request'
-        id: git_hash
-        run: |
-          git_hash=$(git rev-parse --short "$GITHUB_SHA")
-          echo "GIT_HASH=${git_hash:0:7}" >> "$GITHUB_OUTPUT"
-
-      - uses: shrink/actions-docker-extract@v3
-        if: github.event_name != 'pull_request'
-        id: extract
-        with:
-          image: |-
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee-nsjail:${{ steps.git_hash.outputs.GIT_HASH }}
-          path: "/static_frontend/."
-
-      - uses: reggionick/s3-deploy@v3
-        if: github.event_name != 'pull_request'
-        with:
-          folder: ${{ steps.extract.outputs.destination }}
-          bucket: windmill-frontend
-          bucket-region: us-east-1
-
-  build_ee_cuda:
-    if: ${{ startsWith(github.ref, 'refs/tags/') }}
-    needs: [build_ee]
-    runs-on: ubicloud
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      # - name: Set up Docker Buildx
-      #   uses: docker/setup-buildx-action@v2
-
-      - uses: depot/setup-action@v1
-
-      - name: Docker meta
-        id: meta-ee-public
-        uses: docker/metadata-action@v4
-        with:
-          images: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee-cuda
-          flavor: |
-            latest=false
-          tags: |
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-
-      - name: Login to registry
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build and push publicly ee
-        uses: depot/build-push-action@v1
         with:
           context: .
-          platforms: linux/amd64
           push: true
-          file: "./docker/DockerfileCuda"
+          file: ./docker/DockerfileHelm
           tags: |
-            ${{ steps.meta-ee-public.outputs.tags }}
-          labels: |
-            ${{ steps.meta-ee-public.outputs.labels }}
-            org.opencontainers.image.licenses=Windmill-Enterprise-License
-
-  build_ee_slim:
-    if: ${{ startsWith(github.ref, 'refs/tags/') }}
-    needs: [build_ee]
-    runs-on: ubicloud
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      # - name: Set up Docker Buildx
-      #   uses: docker/setup-buildx-action@v2
-
-      - uses: depot/setup-action@v1
-
-      - name: Docker meta
-        id: meta-ee-public
-        uses: docker/metadata-action@v4
-        with:
-          images: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee-slim
-          flavor: |
-            latest=false
-          tags: |
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-
-      - name: Login to registry
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build and push publicly ee
-        uses: depot/build-push-action@v1
-        with:
-          context: .
-          platforms: linux/amd64
-          push: true
-          file: "./docker/DockerfileSlim"
-          tags: |
-            ${{ steps.meta-ee-public.outputs.tags }}
-          labels: |
-            ${{ steps.meta-ee-public.outputs.labels }}
-            org.opencontainers.image.licenses=Windmill-Enterprise-License
+            ${{ env.ECR_REGISTRY }}/${{ env.IMAGE_NAME }}:helm
+          cache-from: type=registry,ref=${{ env.LOCAL_REGISTRY }}/${{ env.IMAGE_NAME }}-helm:buildcache
+          cache-to: type=registry,ref=${{ env.LOCAL_REGISTRY }}/${{ env.IMAGE_NAME }}-helm:buildcache,mode=max

.github/workflows/frontend-check.yml

@@ -1,14 +1,12 @@
 name: check frontend build
 on:
   pull_request:
-    types: [opened, synchronize, reopened, closed]
+    types: [opened,synchronize,reopened,closed]
     paths:
       - "frontend/**"
-  merge_group:
-
 jobs:
   npm_check:
-    runs-on: ubicloud-standard-8
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
       - uses: actions/setup-node@v3
@@ -16,6 +14,4 @@ jobs:
           node-version: 18
       - name: "npm check"
         timeout-minutes: 2
-        run:
-          cd frontend && npm ci && npm run generate-backend-client && npm run
-          check
+        run: cd frontend && npm ci && npm run generate-backend-client && npm run check

.github/workflows/gallery_on_release.yml

@@ -1,16 +0,0 @@
-name: Publish powershell-client
-on:
-  push:
-    tags:
-      - "v*"
-  workflow_dispatch:
-
-jobs:
-  publish_gallery:
-    runs-on: ubicloud-standard-8
-    steps:
-      - uses: actions/checkout@v4
-      - run: . ./powershell-client/publish.ps1
-        shell: pwsh
-        env:
-          NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }}

.github/workflows/go_on_release.yml

@@ -10,14 +10,10 @@ env:
 
 jobs:
   build_go_and_push_to_repo:
-    runs-on: ubicloud-standard-8
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
-      - uses: actions/setup-go@v4
-      - name: install_jq
-        run: |
-          sudo apt-get update
-          sudo apt-get install jq
+      - uses: actions/setup-go@v3
       - name: generate_go
         run: |
           go install github.com/deepmap/oapi-codegen/cmd/oapi-codegen@v1.11.0

.github/workflows/jsr_on_release.yml

@@ -1,16 +0,0 @@
-name: Publish typescript-client on JSR
-
-on:
-  push:
-    tags:
-      - "v*"
-
-jobs:
-  publish:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      id-token: write
-    steps:
-      - uses: actions/checkout@v4
-      - run: cd typescript-client && ./publish.jsr.sh

.github/workflows/npm_on_release.yml

@@ -1,18 +0,0 @@
-name: Publish typescript-client
-on:
-  push:
-    tags:
-      - "v*"
-
-jobs:
-  build_npm:
-    runs-on: ubicloud-standard-8
-    steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
-        with:
-          node-version: "16.x"
-          registry-url: "https://registry.npmjs.org"
-      - run: cd typescript-client && ./publish.sh
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/publish_lsp.yml

@@ -1,64 +0,0 @@
-env:
-  REGISTRY: ghcr.io
-  ECR_REGISTRY: 976079455550.dkr.ecr.us-east-1.amazonaws.com
-  IMAGE_NAME: ${{ github.repository }}-lsp
-
-name: Publish lsp
-on:
-  push:
-    tags:
-      - "v*"
-  workflow_dispatch:
-
-permissions:
-  contents: read
-  id-token: write
-  packages: write
-
-jobs:
-  sleep:
-    runs-on: ubicloud
-    steps:
-      - name: Sleep for 900 seconds waiting for pypi to update index
-        if: startsWith(github.ref, 'refs/tags/v')
-        run: sleep 900
-        shell: bash
-  publish_lsp:
-    needs: [sleep]
-    runs-on: ubicloud
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-      - uses: depot/setup-action@v1
-      - name: Docker meta
-        id: meta
-        uses: docker/metadata-action@v4
-        with:
-          images: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-          tags: |
-            type=ref,event=branch
-            type=ref,event=pr
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-
-      - name: Login to registry
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build and push publicly
-        uses: depot/build-push-action@v1
-        with:
-          context: "{{defaultContext}}:lsp"
-          platforms: linux/amd64,linux/arm64
-          push: true
-          tags: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
-            ${{ steps.meta.outputs.tags }}
-          labels: |
-            ${{ steps.meta.outputs.labels }}
-            org.opencontainers.image.licenses=AGPLv3

.github/workflows/pypi_on_release.yml

@@ -1,3 +1,8 @@
+env:
+  REGISTRY: ghcr.io
+  ECR_REGISTRY: 976079455550.dkr.ecr.us-east-1.amazonaws.com
+  IMAGE_NAME: ${{ github.repository }}-lsp
+
 name: Publish python-client
 on:
   push:
@@ -7,8 +12,7 @@ on:
 
 jobs:
   publish_pypi:
-    runs-on: ubicloud-standard-8
-    if: startsWith(github.ref, 'refs/tags/v')
+    runs-on: ubuntu-latest
     container:
       image: ghcr.io/windmill-labs/python-client-builder
     steps:
@@ -19,3 +23,58 @@ jobs:
         run: |
           cd python-client
           ./publish.sh
+
+  publish_lsp:
+    needs: [publish_pypi]
+    runs-on: [self-hosted, new]
+    steps:
+      - name: Sleep for 30 seconds waiting for pypi to update index
+        run: sleep 30s
+        shell: bash
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+            ${{ env.ECR_REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+
+      - name: Login to registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Login to ECR
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.ECR_REGISTRY }}
+          username: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+
+      - name: Build and push publicly
+        uses: docker/build-push-action@v3
+        with:
+          context: "{{defaultContext}}:lsp"
+          push: true
+          tags: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
+            ${{ env.ECR_REGISTRY }}/${{ env.IMAGE_NAME }}:latest
+            ${{ steps.metalocal.outputs.tags }}
+            ${{ steps.meta.outputs.tags }}
+            registry.uffizzi.com/windmill-lsp:60d
+          labels: ${{ steps.metalocal.outputs.labels }}
+          cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache
+          cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache,mode=max

.github/workflows/release-please.yml

@@ -6,7 +6,7 @@ name: release-please
 jobs:
   release-please:
     name: "Release please"
-    runs-on: ubicloud
+    runs-on: ubuntu-latest
     steps:
       - uses: GoogleCloudPlatform/release-please-action@v3
         with:

.github/workflows/sign-cla.yml

@@ -7,15 +7,12 @@ on:
 
 jobs:
   CLAssistant:
-    runs-on: ubicloud
+    runs-on: ubuntu-latest
     steps:
       - name: "CLA Assistant"
-        if:
-          (github.event.comment.body == 'recheck' || github.event.comment.body
-          == 'I have read the CLA Document and I hereby sign the CLA') ||
-          github.event_name == 'pull_request_target'
+        if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target'
         # Beta Release
-        uses: cla-assistant/github-action@v2.3.1
+        uses: cla-assistant/github-action@v2.2.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_PAT }}

.github/workflows/uffizzi-build.yml

@@ -0,0 +1,93 @@
+name: Build PR Image
+on:
+  pull_request:
+    types: [opened,synchronize,reopened,closed]
+    paths:
+      - "backend/**"
+      - ".github/uffizzi/**"
+      - ".github/workflows/**"
+  workflow_dispatch:
+      
+jobs:
+  build-windmill:
+    name: Build and Push `windmill`
+    runs-on: ubuntu-latest
+    if: ${{ (github.event_name != 'pull_request' || github.event.action != 'closed')}}
+    outputs:
+      tags: ${{ steps.meta.outputs.tags }}
+    steps:
+      - name: Checkout git repo
+        uses: actions/checkout@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Generate UUID image name
+        id: uuid
+        run: echo "UUID_TAG_APP=$(uuidgen)" >> $GITHUB_ENV
+      - name: Docker metadata
+        id: meta
+        uses: docker/metadata-action@v3
+        with:
+          images: registry.uffizzi.com/${{ env.UUID_TAG_APP }}
+          tags: type=raw,value=60d
+      - name: Build and Push Image to registry.uffizzi.com ephemeral registry
+        uses: docker/build-push-action@v2
+        with:
+          push: true
+          context: ./
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+
+  render-compose-file:
+    name: Render Docker Compose File
+    # Pass output of this workflow to another triggered by `workflow_run` event.
+    runs-on: ubuntu-latest
+    needs:
+      - build-windmill
+    outputs:
+      compose-file-cache-key: ${{ steps.hash.outputs.hash }}
+    steps:
+      - name: Checkout git repo
+        uses: actions/checkout@v3
+      - name: Render Compose File
+        run: |
+          WINDMILL_IMAGE=${{ needs.build-windmill.outputs.tags }}
+          export WINDMILL_IMAGE
+          LSP_IMAGE=registry.uffizzi.com/windmill-lsp:60d
+          export LSP_IMAGE
+          envsubst '${WINDMILL_IMAGE} ${LSP_IMAGE}' < ./.github/uffizzi/docker-compose.uffizzi.yml > docker-compose.rendered.yml
+          cat docker-compose.rendered.yml
+      - name: Upload Rendered Compose File as Artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: preview-spec
+          path: docker-compose.rendered.yml
+          retention-days: 2
+      - name: Serialize PR Event to File
+        run:  |
+          cat << EOF > event.json
+          ${{ toJSON(github.event) }}
+          EOF
+      - name: Upload PR Event as Artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: preview-spec
+          path: event.json
+          retention-days: 2
+
+  delete-preview:
+    name: Call for Preview Deletion
+    runs-on: ubuntu-latest
+    if: ${{ github.event.action == 'closed' }}
+    steps:
+      # If this PR is closing, we will not render a compose file nor pass it to the next workflow.
+      - name: Serialize PR Event to File
+        run: echo '${{ toJSON(github.event) }}' > event.json
+      - name: Upload PR Event as Artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: preview-spec
+          path: event.json
+          retention-days: 2

.github/workflows/uffizzi-preview.yml

@@ -0,0 +1,115 @@
+name: Deploy Uffizzi Preview
+
+on:
+  workflow_run:
+    workflows:
+      - "Build PR Image"
+    types:
+      - completed
+
+jobs:
+  cache-compose-file:
+    name: Cache Compose File
+    runs-on: ubuntu-latest
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    outputs:
+      compose-file-cache-key: ${{ env.COMPOSE_FILE_HASH }}
+      pr-number: ${{ env.PR_NUMBER }}
+    steps:
+      - name: 'Download artifacts'
+        # Fetch output (zip archive) from the workflow run that triggered this workflow.
+        uses: actions/github-script@v6
+        with:
+          script: |
+            let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
+               owner: context.repo.owner,
+               repo: context.repo.repo,
+               run_id: context.payload.workflow_run.id,
+            });
+            let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
+              return artifact.name == "preview-spec"
+            })[0];
+            if (matchArtifact === undefined) {
+              throw TypeError('Build Artifact not found!');
+            }
+            let download = await github.rest.actions.downloadArtifact({
+               owner: context.repo.owner,
+               repo: context.repo.repo,
+               artifact_id: matchArtifact.id,
+               archive_format: 'zip',
+            });
+            let fs = require('fs');
+            fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/preview-spec.zip`, Buffer.from(download.data));
+      - name: 'Unzip artifact'
+        run: unzip preview-spec.zip
+      - name: Read Event into ENV
+        run: |
+          echo 'EVENT_JSON<<EOF' >> $GITHUB_ENV
+          cat event.json >> $GITHUB_ENV
+          echo 'EOF' >> $GITHUB_ENV
+      - name: Read PR Number From Event Object
+        id: pr
+        run: echo "PR_NUMBER=${{ fromJSON(env.EVENT_JSON).number }}" >> $GITHUB_ENV
+      - name: Predict Deployment URL
+        id: url
+        # Replace dots in the repo name with the plus sign
+        run: |
+          REPO=$(echo ${{ github.repository }} | sed 's/\./+/g')
+          echo "EXPECTED_URL=https://app.uffizzi.com/github.com/$REPO/pull/$PR_NUMBER" >> $GITHUB_ENV
+
+      - name: Re-Render Compose File
+        run: |
+          OAUTH_JSON_BASE64=${{ secrets.OAUTH_JSON_BASE64 }}
+          export OAUTH_JSON_BASE64
+          envsubst '${OAUTH_JSON_BASE64} ${EXPECTED_URL}' < docker-compose.rendered.yml > docker-compose.uffizzi.yml
+          # cat docker-compose.uffizzi.yml
+
+      - name: Hash Rendered Compose File
+        id: hash
+        # If the previous workflow was triggered by a PR close event, we will not have a compose file artifact.
+        if: ${{ fromJSON(env.EVENT_JSON).action != 'closed' }}
+        run: echo "COMPOSE_FILE_HASH=$(md5sum docker-compose.uffizzi.yml | awk '{ print $1 }')" >> $GITHUB_ENV
+      - name: Cache Rendered Compose File
+        if: ${{ fromJSON(env.EVENT_JSON).action != 'closed' }}
+        uses: actions/cache@v3
+        with:
+          path: docker-compose.uffizzi.yml
+          key: ${{ env.COMPOSE_FILE_HASH }}
+
+      - name: DEBUG - Print Job Outputs
+        if: ${{ runner.debug }}
+        run: |
+          echo "PR number: ${{ env.PR_NUMBER }}"
+          echo "Compose file hash: ${{ env.COMPOSE_FILE_HASH }}"
+          cat event.json
+
+  deploy-uffizzi-preview:
+    name: Use Remote Workflow to Preview on Uffizzi
+    needs:
+      - cache-compose-file
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    uses: UffizziCloud/preview-action/.github/workflows/reusable.yaml@v2
+    with:
+      # If this workflow was triggered by a PR close event, cache-key will be an empty string
+      # and this reusable workflow will delete the preview deployment.
+      compose-file-cache-key: ${{ needs.cache-compose-file.outputs.compose-file-cache-key }}
+      compose-file-cache-path: docker-compose.uffizzi.yml
+      server: https://app.uffizzi.com
+      pr-number: ${{ needs.cache-compose-file.outputs.pr-number }}
+    permissions:
+      contents: read
+      pull-requests: write
+      id-token: write
+
+  playwright:
+    runs-on: ubuntu-latest
+    needs:
+      - deploy-uffizzi-preview
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 16
+      - name: "Playwright run"
+        timeout-minutes: 2
+        run: cd frontend && npm ci @playwright/test && npx playwright install && export BASE_URL=${{ needs.deploy-uffizzi-preview.outputs.url }} && npm run test

.gitignore

@@ -5,4 +5,3 @@ local/
 frontend/src/routes/test.svelte
 CaddyfileRemoteMalo
 *.swp
-**/.idea/

Caddyfile

@@ -1,18 +1,15 @@
+{
         auto_https off
-	layer4 {
-		:25 {
-			proxy {
-				to windmill_server:2525
-			}
-		}
-	}
+}
 
 http://{$BASE_URL} {
-{$BASE_URL} {
+        bind {$ADDRESS}
         reverse_proxy /ws/* http://lsp:3001
         reverse_proxy /* http://windmill_server:8000
-        # reverse_proxy /ws_mp/* http://multiplayer:3002
-        # reverse_proxy /api/srch/* http://windmill_indexer:8001
 }
-        # tls /certs/cert.pem /certs/key.pem
+
+https://{$BASE_URL}  {  
+  bind {$ADDRESS}
+  reverse_proxy /ws/* http://localhost:3001
+}
 }

Dockerfile

@@ -1,27 +1,45 @@
-ARG DEBIAN_IMAGE=debian:bookworm-slim
-ARG RUST_IMAGE=rust:1.79-slim-bookworm
-ARG PYTHON_IMAGE=python:3.11.8-slim-bookworm
+FROM debian:buster-slim as nsjail
 
-FROM ${RUST_IMAGE} AS rust_base
+WORKDIR /nsjail
+
+ARG nsjail=""
+
+RUN  if [ "$nsjail" = "true" ]; then apt-get -y update \
+    && apt-get install -y \
+    bison=2:3.3.* \
+    flex=2.6.* \
+    g++=4:8.3.* \
+    gcc=4:8.3.* \
+    git=1:2.20.* \
+    libprotobuf-dev=3.6.* \
+    libnl-route-3-dev=3.4.* \
+    make=4.2.* \
+    pkg-config=0.29-6 \
+    protobuf-compiler=3.6.*; fi
+
+
+RUN if [ "$nsjail" = "true" ]; then git clone -b master --single-branch https://github.com/google/nsjail.git . \
+    && git checkout dccf911fd2659e7b08ce9507c25b2b38ec2c5800; fi
+RUN if [ "$nsjail" = "true" ]; then make; else touch nsjail; fi
+
+FROM rust:slim-buster AS rust_base
 
 RUN apt-get update && apt-get install -y git libssl-dev pkg-config npm
 
 RUN apt-get -y update \
     && apt-get install -y \
-    curl nodejs
+    curl lld nodejs npm
 
 RUN rustup component add rustfmt
 
-RUN CARGO_NET_GIT_FETCH_WITH_CLI=true cargo install cargo-chef --version ^0.1
-RUN cargo install sccache --version ^0.8
-ENV RUSTC_WRAPPER=sccache SCCACHE_DIR=/backend/sccache
+RUN CARGO_NET_GIT_FETCH_WITH_CLI=true cargo install cargo-chef 
 
 WORKDIR /windmill
 
 ENV SQLX_OFFLINE=true
-# ENV CARGO_INCREMENTAL=1
+ENV CARGO_INCREMENTAL=1
 
-FROM node:20-alpine as frontend
+FROM node:19-alpine as frontend
 
 # install dependencies
 WORKDIR /frontend
@@ -34,15 +52,13 @@ RUN mkdir /backend
 COPY /backend/windmill-api/openapi.yaml /backend/windmill-api/openapi.yaml
 COPY /openflow.openapi.yaml /openflow.openapi.yaml
 COPY /backend/windmill-api/build_openapi.sh /backend/windmill-api/build_openapi.sh
-
 RUN cd /backend/windmill-api && . ./build_openapi.sh
-COPY /backend/parsers/windmill-parser-wasm/pkg/ /backend/parsers/windmill-parser-wasm/pkg/
-COPY /typescript-client/docs/ /frontend/static/tsdocs/
 
 RUN npm run generate-backend-client
 ENV NODE_OPTIONS "--max-old-space-size=8192"
-ARG VITE_BASE_URL ""
 RUN npm run build
+RUN npm run check
+
 
 
 FROM rust_base AS planner
@@ -50,20 +66,14 @@ FROM rust_base AS planner
 COPY ./openflow.openapi.yaml /openflow.openapi.yaml
 COPY ./backend ./
 
-RUN --mount=type=cache,target=/usr/local/cargo/registry \
-    --mount=type=cache,target=$SCCACHE_DIR,sharing=locked \
-    CARGO_NET_GIT_FETCH_WITH_CLI=true cargo chef prepare --recipe-path recipe.json
+RUN CARGO_NET_GIT_FETCH_WITH_CLI=true cargo chef prepare --recipe-path recipe.json
 
 FROM rust_base AS builder
 ARG features=""
 
 COPY --from=planner /windmill/recipe.json recipe.json
 
-RUN apt-get update && apt-get install -y libxml2-dev libxmlsec1-dev clang libclang-dev cmake
-
-RUN --mount=type=cache,target=/usr/local/cargo/registry \
-    --mount=type=cache,target=$SCCACHE_DIR,sharing=locked \
-    CARGO_NET_GIT_FETCH_WITH_CLI=true RUST_BACKTRACE=1 cargo chef cook --release --features "$features" --recipe-path recipe.json
+RUN CARGO_NET_GIT_FETCH_WITH_CLI=true cargo chef cook --release --features "$features" --recipe-path recipe.json
 
 COPY ./openflow.openapi.yaml /openflow.openapi.yaml
 COPY ./backend ./
@@ -72,68 +82,35 @@ COPY --from=frontend /frontend /frontend
 COPY --from=frontend /backend/windmill-api/openapi-deref.yaml ./windmill-api/openapi-deref.yaml
 COPY .git/ .git/
 
-RUN --mount=type=cache,target=/usr/local/cargo/registry \
-    --mount=type=cache,target=$SCCACHE_DIR,sharing=locked \
-    CARGO_NET_GIT_FETCH_WITH_CLI=true cargo build --release --features "$features"
+RUN CARGO_NET_GIT_FETCH_WITH_CLI=true cargo build --release --features "$features"
 
 
-FROM ${PYTHON_IMAGE}
+FROM python:3.11.2-slim-buster
 
-ARG TARGETPLATFORM
-ARG POWERSHELL_VERSION=7.3.5
-ARG POWERSHELL_DEB_VERSION=7.3.5-1
-ARG KUBECTL_VERSION=1.28.7
-ARG HELM_VERSION=3.14.3
 ARG APP=/usr/src/app
-ARG WITH_POWERSHELL=true
-ARG WITH_KUBECTL=true
-ARG WITH_HELM=true
-
 
 RUN apt-get update \
-    && apt-get install -y ca-certificates wget curl git jq unzip build-essential unixodbc xmlsec1  software-properties-common \
+    && apt-get install -y ca-certificates wget curl git jq libprotobuf-dev libnl-route-3-dev unzip \
+    && apt-get install -y ca-certificates wget curl git jq libprotobuf-dev libnl-route-3-dev unzip build-essential \
     && rm -rf /var/lib/apt/lists/*
 
-
-RUN if [ "$WITH_POWERSHELL" = "true" ]; then \
-    if [ "$TARGETPLATFORM" = "linux/amd64" ]; then apt-get update -y && apt install libicu-dev -y && wget -O 'pwsh.deb' "https://github.com/PowerShell/PowerShell/releases/download/v${POWERSHELL_VERSION}/powershell_${POWERSHELL_DEB_VERSION}.deb_amd64.deb" && \
-    dpkg --install 'pwsh.deb' && \
-    rm 'pwsh.deb'; \
-    elif [ "$TARGETPLATFORM" = "linux/arm64" ]; then apt-get update -y && apt install libicu-dev -y && wget -O powershell.tar.gz "https://github.com/PowerShell/PowerShell/releases/download/v${POWERSHELL_VERSION}/powershell-${POWERSHELL_VERSION}-linux-arm64.tar.gz" && \
-    mkdir -p /opt/microsoft/powershell/7 && \
-    tar zxf powershell.tar.gz -C /opt/microsoft/powershell/7 && \
-    chmod +x /opt/microsoft/powershell/7/pwsh && \
-    ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh && \
-    rm powershell.tar.gz; \
-    else echo 'Could not install pwshell, not on amd64 or arm64'; fi;  \
-    else echo 'Building the image without powershell'; fi
-
-RUN if [ "$WITH_HELM" = "true" ]; then \
-    arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
-    wget "https://get.helm.sh/helm-v${HELM_VERSION}-linux-$arch.tar.gz" && \
-    tar -zxvf "helm-v${HELM_VERSION}-linux-$arch.tar.gz"  && \
-    mv linux-$arch/helm /usr/local/bin/helm &&\
-    chmod +x /usr/local/bin/helm; \
-    else echo 'Building the image without helm'; fi
-
-RUN if [ "$WITH_KUBECTL" = "true" ]; then \
-    arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
-    curl -LO "https://dl.k8s.io/release/v${KUBECTL_VERSION}/bin/linux/$arch/kubectl" && \
-    install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl; \
-    else echo 'Building the image without kubectl'; fi
-
+RUN arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
+    curl -o rclone.zip "https://downloads.rclone.org/v1.60.1/rclone-v1.60.1-linux-$arch.zip"; \
+    unzip -p rclone.zip rclone-v1.60.1-linux-$arch/rclone > /usr/bin/rclone; rm rclone.zip; \
+    chown root:root /usr/bin/rclone; chmod 755 /usr/bin/rclone
 
 RUN set -eux; \
     arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
+    url=; \
     case "$arch" in \
     'amd64') \
-    targz='go1.22.5.linux-amd64.tar.gz'; \
+    targz='go1.19.3.linux-amd64.tar.gz'; \
     ;; \
     'arm64') \
-    targz='go1.22.5.linux-arm64.tar.gz'; \
+    targz='go1.19.3.linux-arm64.tar.gz'; \
     ;; \
     'armhf') \
-    targz='go1.22.5.linux-armv6l.tar.gz'; \
+    targz='go1.19.3.linux-armv6l.tar.gz'; \
     ;; \
     *) echo >&2 "error: unsupported architecture '$arch' (likely packaging update needed)"; exit 1 ;; \
     esac; \
@@ -142,35 +119,20 @@ RUN set -eux; \
 ENV PATH="${PATH}:/usr/local/go/bin"
 ENV GO_PATH=/usr/local/go/bin/go
 
-RUN curl -sL https://deb.nodesource.com/setup_20.x | bash - 
-RUN apt-get -y update && apt-get install -y curl nodejs awscli
-
-# go build is slower the first time it is ran, so we prewarm it in the build
-RUN mkdir -p /tmp/gobuildwarm && cd /tmp/gobuildwarm && go mod init gobuildwarm && printf "package foo\nimport (\"fmt\")\nfunc main() { fmt.Println(42) }" > warm.go && go mod tidy && go build -x && rm -rf /tmp/gobuildwarm
-
 ENV TZ=Etc/UTC
 
 RUN /usr/local/bin/python3 -m pip install pip-tools
 
-COPY --from=builder /frontend/build /static_frontend
 COPY --from=builder /windmill/target/release/windmill ${APP}/windmill
 
-COPY --from=denoland/deno:1.45.4 --chmod=755 /usr/bin/deno /usr/bin/deno
+COPY --from=nsjail /nsjail/nsjail /bin/nsjail
 
-COPY --from=oven/bun:1.1.21 /usr/local/bin/bun /usr/bin/bun
+COPY --from=denoland/deno:latest /usr/bin/deno /usr/bin/deno
 
-COPY --from=php:8.3.7-cli /usr/local/bin/php /usr/bin/php
-COPY --from=composer:2.7.6 /usr/bin/composer /usr/bin/composer
-
-# add the docker client to call docker from a worker if enabled
-COPY --from=docker:dind /usr/local/bin/docker /usr/local/bin/
+RUN mkdir -p ${APP}
 
 WORKDIR ${APP}
 
-RUN ln -s ${APP}/windmill /usr/local/bin/windmill
-
-RUN windmill cache
-
 EXPOSE 8000
 
-CMD ["windmill"]
+CMD ["./windmill"]

LICENSE

@@ -1,22 +1,12 @@
+
 Source code in this repository is variously licensed under the Apache License
-Version 2.0 (see file ./LICENSE-APACHE), or the AGPLv3 License (see file
-./LICENSE-AGPL)
+Version 2.0 (see file ./LICENSE-APACHE),or the AGPLv3 License (see file ./LICENSE-AGPL)
 
-Every file is under copyright (c) Windmill Labs, Inc 2022 unless otherwise
-specified. Every file is under License AGPL unless otherwise specified or
-belonging to one of the below cases:
+Every file is under copyright (c) Windmill Labs, Inc 2022 unless otherwise specified.
+Every file is under License AGPL unless otherwise specified 
+or belonging to one of the below cases:
 
-The files under backend/ are AGPLv3 Licensed, except any snippets of code under
-the compile flag "enterprise". Those snippets and files are under a proprietary
-and commercial license. The files under frontend/ are AGPLv3 Licensed, except
-any snippets of code that require a positive license check to be activated.
-Those snippets and files are under a proprietary and commercial license. Private
-and public forks MUST not include any of the above proprietary and commercial
-code. Windmill Labs, Inc. provide tools to clean the codebase from those
-snippets upon demand. The files under python-client/ deno-client/ go-client/ powershell-client/ are
-Apache 2.0 Licensed.
-
-The openapi files, including the OpenFlow spec is Apache 2.0 Licensed.
-
-All third party components incorporated into the Windmill Software are licensed
-under the original license provided by the owner of the applicable component.
+The files under backend/ are AGPL Licensed.
+The files under frontend/ are AGPL Licensed.
+The files under python-client/ are Apache 2.0 Licensed.
+The files under community/ are Apache 2.0 Licensed.

README.md

@@ -1,55 +1,43 @@
 <p align="center">
-  <a href="https://www.windmill.dev/"><img src="./imgs/windmill-banner.png" alt="windmill.dev"></a>
+  <a href="https://app.windmill.dev"><img src="./imgs/windmill-banner.png" alt="windmill.dev"></a>
+</p>
+<p align="center">
+    <em>.</em>
 </p>
-
 <p align=center>
-Open-source developer infrastructure for internal tools (APIs, background jobs, workflows and UIs). Self-hostable alternative to Retool, Pipedream, Superblocks and a simplified Temporal with autogenerated UIs and custom UIs to trigger workflows and scripts as internal apps.
-
-<p align=center>
-Scripts are turned into sharable UIs automatically, and can be composed together into flows or used into richer apps built with low-code. Supported script languages supported are: Python, TypeScript, Go, Bash, SQL, and GraphQL.
+Open-source developer infrastructure for internal tools. Self-hostable alternative to Airplane, Pipedream, Superblocks and a simplified Temporal with autogenerated UIs to trigger workflows and scripts as internal apps. Scripts are turned into UIs and no-code modules, no-code modules can be composed into very rich flows, and script and flows can be triggered from internal UIs made with a low-code builder. The script languages supported are: Python, Typescript, Go, Bash, SQL.
 </p>
 
 <p align="center">
-<a href="https://github.com/windmill-labs/windmill/blob/main/LICENSE-AGPL" target="_blank">
-    <img src="https://img.shields.io/badge/License-AGPLv3-blue.svg" alt="Package version">
-</a>
 <a href="https://github.com/windmill-labs/windmill/actions/workflows/docker-image.yml" target="_blank">
     <img src="https://github.com/windmill-labs/windmill/actions/workflows/docker-image.yml/badge.svg" alt="Docker Image CI">
 </a>
 <a href="https://pypi.org/project/wmill" target="_blank">
     <img src="https://img.shields.io/pypi/v/wmill?color=%2334D058&label=pypi%20package" alt="Package version">
 </a>
-</p>
-
-<p align="center">
-<a href="https://img.shields.io/github/commit-activity/m/windmill-labs/windmill" target="_blank">
-    <img src="https://img.shields.io/github/commit-activity/m/windmill-labs/windmill" alt="Commit activity">
-</a>
 <a href="https://discord.gg/V7PM2YHsPB" target="_blank">
   <img src="https://discordapp.com/api/guilds/930051556043276338/widget.png" alt="Discord Shield"/>
 </a>
 </p>
 
 <p align="center">
-  <a href="https://app.windmill.dev">Try it</a> - <a href="https://www.windmill.dev/docs/intro/">Docs</a> - <a href="https://discord.gg/V7PM2YHsPB">Discord</a> - <a href="https://hub.windmill.dev">Hub</a> - <a href="https://www.windmill.dev/docs/misc/contributing">Contributor's guide</a>
+  <a href="https://app.windmill.dev">Try it</a> - <a href="https://docs.windmill.dev/docs/intro/">Docs</a> - <a href="https://discord.gg/V7PM2YHsPB">Discord</a> - <a href="https://hub.windmill.dev">Hub</a> - <a href="https://docs.windmill.dev/docs/misc/contributing">Contributor's guide</a>
 </p>
 
-# Windmill - Developer platform for APIs, background jobs, workflows and UIs
+# Windmill - Turn scripts into workflows and UIs that you can share and run at scale
 
-Windmill is <b>fully open-sourced (AGPLv3)</b> and Windmill Labs offers
-dedicated instance and commercial support and licenses.
+Windmill is <b>fully open-sourced (AGPLv3)</b> and Windmill Labs offers dedicated instance and commercial support and licenses.
 
-![Windmill Diagram](./imgs/stacks.svg)
+![Windmill Diagram](/imgs/stacks.svg)
 
-https://github.com/windmill-labs/windmill/assets/122811744/0b132cd1-ee67-4505-822f-0c7ee7104252
+https://user-images.githubusercontent.com/275584/218350457-bc2fdc3b-e667-4da5-a2bd-3bacc1f0ec79.mp4
 
-- [Windmill - Developer platform for APIs, background jobs, workflows and UIs](#windmill---developer-platform-for-apis-background-jobs-workflows-and-uis)
+- [Windmill - Turn scripts into workflows and UIs that you can share and run at scale](#windmill---turn-scripts-into-workflows-and-uis-that-you-can-share-and-run-at-scale)
   - [Main Concepts](#main-concepts)
   - [Show me some actual script code](#show-me-some-actual-script-code)
   - [CLI](#cli)
     - [Running scripts locally](#running-scripts-locally)
   - [Stack](#stack)
-  - [Fastest Self-Hostable Workflow Engine](#fastest-self-hostable-workflow-engine)
   - [Security](#security)
     - [Sandboxing](#sandboxing)
     - [Secrets, credentials and sensitive values](#secrets-credentials-and-sensitive-values)
@@ -58,10 +46,10 @@ https://github.com/windmill-labs/windmill/assets/122811744/0b132cd1-ee67-4505-82
   - [How to self-host](#how-to-self-host)
     - [Docker compose](#docker-compose)
     - [Kubernetes (k8s) and Helm charts](#kubernetes-k8s-and-helm-charts)
-    - [Run from binaries](#run-from-binaries)
-    - [OAuth, SSO \& SMTP](#oauth-sso--smtp)
+    - [Postgres without superuser](#postgres-without-superuser)
     - [Commercial license](#commercial-license)
-    - [Integrations](#integrations)
+    - [OAuth for self-hosting](#oauth-for-self-hosting)
+    - [Resource types](#resource-types)
   - [Environment Variables](#environment-variables)
   - [Run a local dev setup](#run-a-local-dev-setup)
     - [only Frontend](#only-frontend)
@@ -71,134 +59,96 @@ https://github.com/windmill-labs/windmill/assets/122811744/0b132cd1-ee67-4505-82
 
 ## Main Concepts
 
-1. Define a minimal and generic script in Python, TypeScript, Go or Bash that
-   solves a specific task. The code can be defined in the
-   [provided Web IDE](https://www.windmill.dev/docs/code_editor) or
-   [synchronized with your own GitHub repo](https://www.windmill.dev/docs/advanced/cli/sync)
-   (e.g. through
-   [VS Code](https://www.windmill.dev/docs/cli_local_dev/vscode-extension)
-   extension):
-
+1. Define a minimal and generic script in Python, Typescript, Go or Bash that
+   solves a specific task. Here sending an email with SMTP. The code can be
+   defined in the provided Web IDE or synchronized with your own github repo:
    ![Step 1](./imgs/windmill-editor.png)
 
-2. Your scripts parameters are automatically parsed and
-   [generate a frontend](https://www.windmill.dev/docs/core_concepts/auto_generated_uis).
+2. Your scripts parameters are automatically parsed and generate a frontend.
+   ![Step 2](./imgs/windmill-run.png) ![Step 3](./imgs/windmill-result.png)
 
-![Step 2](./imgs/windmill-run.png)
+3. Make it flow! You can chain your scripts or scripts made by the community
+   shared on [WindmillHub](https://hub.windmill.dev).
+   ![Step 4](./imgs/windmill-flow.png)
 
-![Step 3](./imgs/windmill-result.png)
+4. Build complex UI on top of your scripts and flows.
+   ![Step 5](./imgs/windmill-builder.png)
 
-3. Make it [flow](https://www.windmill.dev/docs/flows/flow_editor)! You can
-   chain your scripts or scripts made by the community shared on
-   [WindmillHub](https://hub.windmill.dev).
-
-   ![Step 3](./imgs/windmill-flow.png)
-
-4. Build [complex UIs](https://www.windmill.dev/docs/apps/app_editor) on top of
-   your scripts and flows.
-
-   ![Step 4](./imgs/windmill-builder.png)
-
-Scripts and flows can also be triggered by a
-[cron schedule](https://www.windmill.dev/docs/core_concepts/scheduling) (e.g.
-'_/5 _ \* \* \*') or through
-[webhooks](https://www.windmill.dev/docs/core_concepts/webhooks).
+Scripts and flows can also be triggered by a cron schedule '*/5 * * * *' or
+through webhooks.
 
 You can build your entire infra on top of Windmill!
 
 ## Show me some actual script code
 
 ```typescript
+import * as wmill from "https://deno.land/x/windmill@v1.62.0/mod.ts"
 //import any dependency  from npm
-import * as wmill from "windmill-client"
-import * as cowsay from 'cowsay@1.5.0';
 
-// fill the type, or use the +Resource type to get a type-safe reference to a resource
-type Postgresql = {
-  host: string;
-  port: number;
-  user: string;
-  dbname: string;
-  sslmode: string;
-  password: string;
-};
+import cowsay from 'npm:cowsay@1.5.0'
 
 export async function main(
-  a: number,
-  b: "my" | "enum",
-  c: Postgresql,
-  d = "inferred type string from default arg",
-  e = { nested: "object" }
-  //f: wmill.Base64
-) {
-  const email = process.env["WM_EMAIL"];
-  // variables are permissioned and by path
-  let variable = await wmill.getVariable("f/company-folder/my_secret");
-  const lastTimeRun = await wmill.getState();
-  // logs are printed and always inspectable
-  console.log(cowsay.say({ text: "hello " + email + " " + lastTimeRun }));
-  await wmill.setState(Date.now());
+    a: number,
+    // unions generate enums
+    b: "my" | "enum",
+    // default parameters prefill the field 
+    d = "default arg",
+    // nested objects work c = { nested: "object" }, 
+    // permissioned and typed json
+    db: wmill.Resource<"postgresql">) {
 
-  // return is serialized as JSON
-  return { foo: d, variable };
+    const email = Deno.env.get('WM_EMAIL')
+    // variables are permissioned and by path
+    let variable = await wmill.getVariable('f/company-folder/my_secret')
+    const lastTimeRun = await wmill.getState()
+    // logs are printed and always inspectable
+    console.log(cowsay.say({ text: "hello " + email + " " + lastTimeRun }))
+    await wmill.setState(Date.now())
+
+    // return is serialized as JSON
+    return { foo: d, variable };
 }
 ```
 
 ## CLI
 
-We have a powerful CLI to interact with the windmill platform and sync your scripts from local files, GitHub repos and to run scripts and flows on the instance from local commands. See
-[more details](https://www.windmill.dev/docs/advanced/cli).
+We have a powerful CLI to interact with the windmill platform and sync your
+scripts from local files, github repos and to run scripts and flows on the instance from local commands. See
+[more details](https://github.com/windmill-labs/windmill/tree/main/cli)
 
 ![CLI Screencast](./cli/vhs/output/setup.gif)
 
+
 ### Running scripts locally
 
-You can run your script locally easily, you simply need to pass the right
-environment variables for the `wmill` client library to fetch resources and
-variables from your instance if necessary. See more:
-<https://www.windmill.dev/docs/advanced/local_development>.
-
-To develop & test locally scripts & flows, we recommend using the Windmill VS
-Code extension: <https://www.windmill.dev/docs/cli_local_dev/vscode-extension>.
+You can run your script locally easily, you simply need to pass the right environment variables for the `wmill` client library to fetch resource and variables from your instance if necessary. See more: <https://docs.windmill.dev/docs/advanced/local_development/>
 
 ## Stack
 
-- Postgres as the database.
-- Backend in Rust with the following highly-available and horizontally scalable.
-  Architecture:
-  - Stateless API backend.
-  - Workers that pull jobs from a queue in Postgres (and later, Kafka or Redis.
-    Upvote [#173](#https://github.com/windmill-labs/windmill/issues/173) if interested).
-- Frontend in Svelte.
-- Scripts executions are sandboxed using Google's
-  [nsjail](https://github.com/google/nsjail).
-- Javascript runtime is the
+- Postgres as the database
+- backend in Rust with the following highly-available and horizontally scalable
+  architecture:
+  - stateless API backend
+  - workers that pull jobs from a queue in Postgres (and later, Kafka or Redis.
+    Upvote [#173](#https://github.com/windmill-labs/windmill/issues/173) if
+    interested )
+- frontend in Svelte
+- scripts executions are sandboxed using google's
+  [nsjail](https://github.com/google/nsjail)
+- javascript runtime is the
   [deno_core rust library](https://denolib.gitbook.io/guide/) (which itself uses
-  the [rusty_v8](https://github.com/denoland/rusty_v8) and hence V8 underneath).
-- TypeScript runtime is Bun and deno.
-- Python runtime is python3.
-- Golang runtime is 1.19.1.
-
-## Fastest Self-Hostable Workflow Engine
-
-We have compared Windmill to other self-hostable workflow engines (Airflow,
-Prefect & Temporal) and Windmill is the most performant solution for both
-benchmarks: one flow composed of 40 lightweight tasks & one flow composed of 10
-long-running tasks.
-
-All methodology & results on our
-[Benchmarks](https://www.windmill.dev/docs/misc/benchmarks/competitors#airflow-setup)
-page.
-
-![Fastest workflow engine](./imgs/fastest.png)
+  the [rusty_v8](https://github.com/denoland/rusty_v8) and hence V8 underneath)
+- typescript runtime is deno
+- python runtime is python3
+- golang runtime is 1.19.1
 
 ## Security
 
 ### Sandboxing
 
-Windmill can use [nsjail](https://github.com/google/nsjail). It is production
-multi-tenant grade secure. Do not take our word for it, take
-[fly.io's one](https://fly.io/blog/sandboxing-and-workload-isolation/).
+Windmill uses [nsjail](https://github.com/google/nsjail) on top of the deno
+sandboxing. It is production multi-tenant grade secure. Do not take our word for
+it, take [fly.io's one](https://fly.io/blog/sandboxing-and-workload-isolation/)
 
 ### Secrets, credentials and sensitive values
 
@@ -228,88 +178,104 @@ back to the database is ~50ms. A typical lightweight deno job will take around
 
 We only provide docker-compose setup here. For more advanced setups, like
 compiling from source or using without a postgres super user, see
-[Self-Host documentation](https://www.windmill.dev/docs/advanced/self_host).
+[documentation](https://docs.windmill.dev/docs/advanced/self_host)
 
 ### Docker compose
 
-Windmill can be deployed using 3 files:
-([docker-compose.yml](./docker-compose.yml), [Caddyfile](./Caddyfile) and a
-[.env](./.env)) in a single command.
-
-Make sure Docker is started, and run:
-
-```
-curl https://raw.githubusercontent.com/windmill-labs/windmill/main/docker-compose.yml -o docker-compose.yml
-curl https://raw.githubusercontent.com/windmill-labs/windmill/main/Caddyfile -o Caddyfile
-curl https://raw.githubusercontent.com/windmill-labs/windmill/main/.env -o .env
-
-docker compose up -d
-```
+`docker compose up` with the following docker-compose is sufficient:
+<https://github.com/windmill-labs/windmill/blob/main/docker-compose.yml>
 
 Go to http://localhost et voilà :)
 
-The default super-admin user is: admin@windmill.dev / changeme.
 
-From there, you can follow the setup app and create other users.
+The default super-admin user is: admin@windmill.dev / changeme
 
-More details in
-[Self-Host Documention](https://www.windmill.dev/docs/advanced/self_host#docker).
+From there, you can create other users (do not forget to change the password!)
 
 ### Kubernetes (k8s) and Helm charts
 
 We publish helm charts at:
-<https://github.com/windmill-labs/windmill-helm-charts>.
+<https://github.com/windmill-labs/windmill-helm-charts>
 
-### Run from binaries
+### Postgres without superuser
 
-Each release includes the corresponding binaries for x86_64. You can simply
-download the latest `windmill` binary using the following set of bash commands.
+If you do not want, or cannot (for instance, in AWS Aurora or Cloud sql) use a postgres superuser,
+you can run `./init-db-as-superuser.sql` to init the required users for windmill.
 
-```bash
-BINARY_NAME='windmill-amd64' # or windmill-ee-amd64 for the enterprise edition
-LATEST_RELEASE=$(curl -L -s -H 'Accept: application/json' https://github.com/windmill-labs/windmill/releases/latest)
-LATEST_VERSION=$(echo $LATEST_RELEASE | sed -e 's/.*"tag_name":"\([^"]*\)".*/\1/')
-ARTIFACT_URL="https://github.com/windmill-labs/windmill/releases/download/$LATEST_VERSION/$BINARY_NAME"
-wget "$ARTIFACT_URL" -O windmill
-```
-
-### OAuth, SSO & SMTP
-
-Windmill Community Edition allows to configure the OAuth, SSO (including Google
-Workspace SSO, Microsoft/Azure and Okta) directly from the UI in the superadmin
-settings. Do note that there is a limit of 10 SSO users on the community
-edition.
-
-[See documentation](https://www.windmill.dev/docs/misc/setup_oauth).
 
 ### Commercial license
 
-To self-host Windmill, you must respect the terms of the
-[AGPLv3 license](https://www.gnu.org/licenses/agpl-3.0.en.html) which you do not
-need to worry about for personal uses. For business uses, you should be fine if
-you do not re-expose Windmill in any way to your users and are comfortable with
-AGPLv3.
+To self-host Windmill, you must respect the terms of the AGPLv3 license which
+you do not need to worry about for personal uses. For business uses, you should
+be fine if you do not re-expose it in any way Windmill to your users and are
+comfortable with AGPLv3.
 
-To
-[re-expose any Windmill parts to your users](https://www.windmill.dev/docs/misc/white_labelling)
-as a feature of your product, or to build a feature on top of Windmill, to
-comply with AGPLv3 your product must be AGPLv3 or you must get a commercial
-license. Contact us at <ruben@windmill.dev> if you have any doubts.
+To re-expose any Windmill parts to your users as a feature of your product, or
+to build a feature on top of Windmill, to comply with AGPLv3 your product must
+be AGPLv3 or you must get a commercial license. Contact us at
+<ruben@windmill.dev> if you have any doubts.
 
 In addition, a commercial license grants you a dedicated engineer to transition
-your current infrastructure to Windmill, support with tight SLA, and our global
-cache sync for high-performance/no dependency cache miss of cluster from 10+
-nodes to 200+ nodes.
+your current infrastructure to Windmill, support with tight SLA, audit logs
+export features, SSO, unlimited users creation, advanced permission managing
+features such as groups and the ability to create more than one workspace.
 
-### Integrations
+### OAuth for self-hosting
 
-In Windmill, integrations are referred to as
-[resources and resource types](https://www.windmill.dev/docs/core_concepts/resources_and_types).
-Each Resource has a Resource Type that defines the schema that the resource
-needs to implement.
+To get the same oauth integrations as Windmill Cloud, mount `oauth.json` with
+the following format:
 
-On self-hosted instances, you might want to import all the approved resource
-types from [WindmillHub](https://hub.windmill.dev). A setup script will prompt
+```json
+{
+  "<client>": {
+    "id": "<CLIENT_ID>",
+    "secret": "<CLIENT_SECRET>",
+    "allowed_domains": ["windmill.dev"] //restrict a client OAuth login to some domains
+  }
+}
+```
+
+and mount it at `/usr/src/app/oauth.json`.
+
+The redirect url for the oauth clients is:
+`<instance_url>/user/login_callback/<client>`
+
+[The list of all possible "connect an app" oauth clients](https://github.com/windmill-labs/windmill/blob/main/backend/oauth_connect.json)
+
+To add more "connect an app" OAuth clients to the Windmill project, read the
+[Contributor's guide](https://docs.windmill.dev/docs/misc/contributing). We
+welcome contributions!
+
+You may also add your own custom OAuth2 IdP and OAuth2 Resource provider:
+
+```json
+{
+  "<client>": {
+    "id": "<CLIENT_ID>",
+    "secret": "<CLIENT_SECRET>",
+    // To add a new OAuth2 IdP
+    "login_config": {
+      "auth_url": "<auth_endpoint>",
+      "token_url": "<token_endpoint>",
+      "userinfo_url": "<userinfo endpoint>",
+      "scopes": ["scope1", "scope2"],
+      "extra_params": "<if_needed>"
+    },
+    // To add a new OAuth2 Resource
+    "connect_config": {
+      "auth_url": "<auth_endpoint>",
+      "token_url": "<token_endpoint>",
+      "scopes": ["scope1", "scope2"],
+      "extra_params": "<if_needed>"
+    }
+  }
+}
+```
+
+### Resource types
+
+You will also want to import all the approved resource types from
+[WindmillHub](https://hub.windmill.dev). A setup script will prompt
 you to have it being synced automatically everyday.
 
 ## Environment Variables
@@ -317,28 +283,27 @@ you to have it being synced automatically everyday.
 | Environment Variable name | Default                | Description                                                                                                                                                                                        | Api Server/Worker/All |
 | ------------------------- | ---------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- |
 | DATABASE_URL              |                        | The Postgres database url.                                                                                                                                                                         | All                   |
-| WORKER_GROUP              | default                | The worker group the worker belongs to and get its configuration pulled from                                                                                                                       | Worker                |
-| MODE                      | standalone             | The mode if the binary. Possible values: standalone, worker, server                                                                                                                                | All                   |
-| METRICS_ADDR              | None                   | (ee only) The socket addr at which to expose Prometheus metrics at the /metrics path. Set to "true" to expose it on port 8001                                                                      | All                   |
+| DISABLE_NSJAIL            | true                   | Disable Nsjail Sandboxing                                                                                                                                                                          | Worker                |
+| PORT                      | 8000                   | Exposed port                                                                                                                                                                                       | Server                |  |
+| NUM_WORKERS               | 3                      | The number of worker per Worker instance (set to 1 on Eks to have 1 pod = 1 worker, set to 0 for an API only instance)                                                                             | Worker                |
+| DISABLE_SERVER            | false                  | Binary would operate as a worker only instance                                                                                                                                                     | Worker                |
+| METRICS_ADDR              | None                   | The socket addr at which to expose Prometheus metrics at the /metrics path. Set to "true" to expose it on port 8001                                                                                | All                   |
 | JSON_FMT                  | false                  | Output the logs in json format instead of logfmt                                                                                                                                                   | All                   |
-| BASE_URL                  | http://localhost:8000  | The base url that is exposed publicly to access your instance. Is overriden by the instance settings if any.                                                                                       | Server                |
-| SCRIPT_TOKEN_EXPIRY       | 900                    | The default duration period of the ephemeral-token generated at the beginning of a script                                                                                                          | Worker                |
-| ZOMBIE_JOB_TIMEOUT        | 30                     | The timeout after which a job is considered to be zombie if the worker did not send pings about processing the job (every server check for zombie jobs every 30s)                                  | Server                |
-| RESTART_ZOMBIE_JOBS       | true                   | If true then a zombie job is restarted (in-place with the same uuid and some logs), if false the zombie job is failed                                                                              | Server                |
+| BASE_URL                  | http://localhost:8000  | The base url that is exposed publicly to access your instance                                                                                                                                      | Server                |
+| BASE_INTERNAL_URL         | http://localhost:8000  | The base url that is reachable by your workers to talk to the Servers. This help avoiding going through the external load balancer for VPC-internal requests.                                      | Worker                |
+| TIMEOUT                   | 300                    | The timeout in seconds for the execution of a script                                                                                                                                               | Worker                |
 | SLEEP_QUEUE               | 50                     | The number of ms to sleep in between the last check for new jobs in the DB. It is multiplied by NUM_WORKERS such that in average, for one worker instance, there is one pull every SLEEP_QUEUE ms. | Worker                |
 | MAX_LOG_SIZE              | 500000                 | The maximum number of characters a job can emit (log + result)                                                                                                                                     | Worker                |
 | DISABLE_NUSER             | false                  | If Nsjail is enabled, disable the nsjail's `clone_newuser` setting                                                                                                                                 | Worker                |
 | KEEP_JOB_DIR              | false                  | Keep the job directory after the job is done. Useful for debugging.                                                                                                                                | Worker                |
 | LICENSE_KEY (EE only)     | None                   | License key checked at startup for the Enterprise Edition of Windmill                                                                                                                              | Worker                |
 | S3_CACHE_BUCKET (EE only) | None                   | The S3 bucket to sync the cache of the workers to                                                                                                                                                  | Worker                |
+| TAR_CACHE_RATE (EE only)  | 100                    | The rate at which to tar the cache of the workers. 100 means every 100th job in average (uniformly randomly distributed).                                                                          | Worker                |
 | SLACK_SIGNING_SECRET      | None                   | The signing secret of your Slack app. See [Slack documentation](https://api.slack.com/authentication/verifying-requests-from-slack)                                                                | Server                |
-| COOKIE_DOMAIN             | None                   | The domain of the cookie. If not set, the cookie will be set by the browser based on the full origin                                                                                               | Server                |
+| COOKIE_DOMAIN             | None                   | The domain of the cookie. If not set, the cookie will be set by the browser based on the full origin                                                                                               | Server                |  |
 | DENO_PATH                 | /usr/bin/deno          | The path to the deno binary.                                                                                                                                                                       | Worker                |
 | PYTHON_PATH               | /usr/local/bin/python3 | The path to the python binary.                                                                                                                                                                     | Worker                |
 | GO_PATH                   | /usr/bin/go            | The path to the go binary.                                                                                                                                                                         | Worker                |
-| GOPRIVATE                 |                        | The GOPRIVATE env variable to use private go modules                                                                                                                                               | Worker                |
-| GOPROXY                   |                        | The GOPROXY env variable to use                                                                                                                                                                    | Worker                |
-| NETRC                     |                        | The netrc content to use a private go registry                                                                                                                                                     | Worker                |
 | PIP_INDEX_URL             | None                   | The index url to pass for pip.                                                                                                                                                                     | Worker                |
 | PIP_EXTRA_INDEX_URL       | None                   | The extra index url to pass to pip.                                                                                                                                                                | Worker                |
 | PIP_TRUSTED_HOST          | None                   | The trusted host to pass to pip.                                                                                                                                                                   | Worker                |
@@ -349,28 +314,36 @@ you to have it being synced automatically everyday.
 | TIMEOUT_WAIT_RESULT       | 20                     | The number of seconds to wait before timeout on the 'run_wait_result' endpoint                                                                                                                     | Worker                |
 | QUEUE_LIMIT_WAIT_RESULT   | None                   | The number of max jobs in the queue before rejecting immediately the request in 'run_wait_result' endpoint. Takes precedence on the query arg. If none is specified, there are no limit.           | Worker                |
 | DENO_AUTH_TOKENS          | None                   | Custom DENO_AUTH_TOKENS to pass to worker to allow the use of private modules                                                                                                                      | Worker                |
-| DISABLE_RESPONSE_LOGS          | false                   | Disable response logs                                                   | Server                |
+| DENO_FLAGS                | None                   | Override the flags passed to deno (default --allow-all) to tighten permissions. Minimum permissions needed are "--allow-read=args.json --allow-write=result.json"                                  | Worker                |
+| PIP_LOCAL_DEPENDENCIES    | None                   | Specify dependencies that are installed locally and do not need to be solved nor installed again                                                                                                   |                       |
+| ADDITIONAL_PYTHON_PATHS   | None                   | Specify python paths (separated by a :) to be appended to the PYTHONPATH of the python jobs. To be used with PIP_LOCAL_DEPENDENCIES to use python codebases within Windmill                        | Worker                |
+| INCLUDE_HEADERS           | None                   | Whitelist of headers that are passed to jobs as args (separated by a comma)                                                                                                                        | Server                |
+| WHITELIST_WORKSPACES      | None                   | Whitelist of workspaces this worker takes job from                                                                                                                                                 | Worker                |
+| BLACKLIST_WORKSPACES      | None                   | Blacklist of workspaces this worker takes job from                                                                                                                                                 | Worker                |
+| NEW_USER_WEBHOOK          | None                   | Webhook to notify of a new user added, signup/invite. Can hook back to windmill to send emails                                                                                                     | Server                |
 
 ## Run a local dev setup
+
 ### only Frontend
+
 This will use the backend of <https://app.windmill.dev> but your own frontend
 with hot-code reloading.
+
 1. Install [caddy](https://caddyserver.com)
 2. Go to `frontend/`:
    1. `npm install`, `npm run generate-backend-client` then `npm run dev`
    2. In another shell `sudo caddy run --config CaddyfileRemote`
 3. Et voilà, windmill should be available at `http://localhost/`
+
 ### Backend + Frontend
+
 See the [./frontend/README_DEV.md](./frontend/README_DEV.md) file for all
 running options.
+
 1. Create a Postgres Database for Windmill and create an admin role inside your
-   Postgres setup.
-   The easiest way to get a working db is to run
-	```
-   cargo install sqlx-cli
-   env DATABASE_URL=<YOUR_DATABASE_URL> sqlx migrate run
-	```
-   This will also avoid compile time issue with sqlx's `query!` macro
+   Postgres setup. The easiest way to get a working postgres is running
+   `cargo install sqlx-cli && sqlx migrate run`. This will also avoid compile
+   time issue with sqlx's `query!` macro
 2. Install [nsjail](https://github.com/google/nsjail) and have it accessible in
    your PATH
 3. Install deno and python3, have the bins at `/usr/bin/deno` and
@@ -379,15 +352,13 @@ running options.
 5. Install the [lld linker](https://lld.llvm.org/)
 6. Go to `frontend/`:
    1. `npm install`, `npm run generate-backend-client` then `npm run dev`
-   2. You might need to set some extra heap space for the node runtime `export NODE_OPTIONS="--max-old-space-size=4096"`
-   3. In another shell `npm run build` otherwise the backend will not find the `frontend/build` folder and will not compile.
-   4. In another shell `sudo caddy run --config Caddyfile`
+   2. In another shell `npm run build` otherwise the backend will not find the
+      `frontend/build` folder and will crash
+   3. In another shell `sudo caddy run --config Caddyfile`
 7. Go to `backend/`:
-   `env DATABASE_URL=<DATABASE_URL_TO_YOUR_WINDMILL_DB> RUST_LOG=info cargo run`
+   `DATABASE_URL=<DATABASE_URL_TO_YOUR_WINDMILL_DB> RUST_LOG=info cargo run`
 8. Et voilà, windmill should be available at `http://localhost/`
 
-
-
 ## Contributors
 
 <a href="https://github.com/windmill-labs/windmill/graphs/contributors">
@@ -396,4 +367,4 @@ running options.
 
 ## Copyright
 
-Windmill Labs, Inc 2023
+Windmill Labs, Inc 2023

app-viewer-bundle/postcss.config.js

@@ -1,8 +0,0 @@
-export default {
-  plugins: {
-    "postcss-import": {},
-    "tailwindcss/nesting": "postcss-nesting",
-    tailwindcss: {},
-    autoprefixer: {},
-  },
-};

app-viewer-bundle/tailwind.config.js

@@ -1,950 +0,0 @@
-/** @type {import('tailwindcss').Config} */
-export default {
-  content: [],
-  theme: {
-    extend: {},
-  },
-  plugins: [],
-};
-
-const plugin = require("tailwindcss/plugin");
-
-const lightTheme = {
-  surface: "#ffffff",
-  surfaceSecondary: "#f3f4f6",
-  surfaceHover: "#e5e7eb",
-  surfaceDisabled: "#f9fafb",
-  surfaceSelected: "#d1d5db",
-
-  textPrimary: "#2d3748",
-  textSecondary: "#4a5568",
-  textTertiary: "#505c70",
-  textDisabled: "#a0aec0",
-
-  border: "#ddd",
-  borderHover: "#ccc",
-};
-
-const lightThemeRgb = makeRgb(lightTheme);
-
-const darkTheme = {
-  surface: "#2e3440",
-  surfaceSecondary: "#3b4252",
-  surfaceHover: "#454F64",
-  surfaceDisabled: "#212732",
-  surfaceSelected: "#434c5e",
-
-  textPrimary: "#EEEEEE",
-  textSecondary: "#C2C9D1",
-  textTertiary: "#A8AEB7",
-  textDisabled: "#989DA5",
-
-  border: "#3e4c60",
-  borderHover: "#3e4c60",
-};
-
-const darkThemeRgb = makeRgb(darkTheme);
-
-function makeRgb(theme) {
-  return Object.fromEntries(
-    Object.entries(theme).map(([key, value]) => {
-      if (typeof value === "string" && value.startsWith("#")) {
-        return [key, hexToRgb(value)];
-      }
-
-      return [key, value];
-    })
-  );
-}
-
-function hexToRgb(hex) {
-  // Remove '#' symbol from the beginning of the hex value
-  hex = hex.replace("#", "");
-
-  // Convert the hex value to decimal
-  const r = parseInt(hex.substring(0, 2), 16);
-  const g = parseInt(hex.substring(2, 4), 16);
-  const b = parseInt(hex.substring(4, 6), 16);
-
-  // Return the RGB string format
-  return `${r} ${g} ${b}`;
-}
-
-/** @type {import('tailwindcss').Config} */
-const config = {
-  content: [
-    "./src/**/*.{html,js,svelte,ts}",
-    "./node_modules/windmill-components/**/*.{html,js,svelte,ts}",
-  ],
-  safelist: [
-    "hljs",
-    "splitpanes__pane",
-    "splitpanes__splitter",
-    "wm-tab",
-    "autocomplete-list",
-    "autocomplete-list-item",
-    "autocomplete-list-item-create",
-    "selected",
-    "wm-tab-selected",
-    ...(process.env.NODE_ENV === "production"
-      ? [
-          { pattern: /^m(\w?)-.*$/ },
-          { pattern: /^p(\w?)-.*$/ },
-          { pattern: /^rounded-.*$/ },
-          { pattern: /^shadow-.*$/, variants: ["hover"] },
-          { pattern: /^text-[^/]*$/, variants: ["hover", "active", "focus"] },
-          { pattern: /^bg-[^/]*$/, variants: ["hover", "active", "focus"] },
-          { pattern: /^border-[^/]*$/, variants: ["hover", "active", "focus"] },
-          { pattern: /^ring-[^/]*$/, variants: ["hover", "active", "focus"] },
-        ]
-      : []),
-  ],
-  theme: {
-    colors: {
-      current: "currentcolor",
-      transparent: "transparent",
-      white: "#ffffff",
-      black: "#000000",
-      slate: {
-        50: "#f8fafc",
-        100: "#f1f5f9",
-        200: "#e2e8f0",
-        300: "#cbd5e1",
-        400: "#94a3b8",
-        500: "#64748b",
-        600: "#475569",
-        700: "#334155",
-        800: "#1e293b",
-        900: "#0f172a",
-      },
-      zinc: {
-        50: "#fafafa",
-        100: "#f4f4f5",
-        200: "#e4e4e7",
-        300: "#d4d4d8",
-        400: "#a1a1aa",
-        500: "#71717a",
-        600: "#52525b",
-        700: "#3f3f46",
-        800: "#27272a",
-        900: "#18181b",
-      },
-      neutral: {
-        50: "#fafafa",
-        100: "#f5f5f5",
-        200: "#e5e5e5",
-        300: "#d4d4d4",
-        400: "#a3a3a3",
-        500: "#737373",
-        600: "#525252",
-        700: "#404040",
-        800: "#262626",
-        900: "#171717",
-      },
-      stone: {
-        50: "#fafaf9",
-        100: "#f5f5f4",
-        200: "#e7e5e4",
-        300: "#d6d3d1",
-        400: "#a8a29e",
-        500: "#78716c",
-        600: "#57534e",
-        700: "#44403c",
-        800: "#292524",
-        900: "#1c1917",
-      },
-      orange: {
-        50: "#fff7ed",
-        100: "#ffedd5",
-        200: "#fed7aa",
-        300: "#fdba74",
-        400: "#fb923c",
-        500: "#f97316",
-        600: "#ea580c",
-        700: "#c2410c",
-        800: "#9a3412",
-        900: "#7c2d12",
-      },
-      amber: {
-        50: "#fffbeb",
-        100: "#fef3c7",
-        200: "#fde68a",
-        300: "#fcd34d",
-        400: "#fbbf24",
-        500: "#f59e0b",
-        600: "#d97706",
-        700: "#b45309",
-        800: "#92400e",
-        900: "#78350f",
-      },
-      lime: {
-        50: "#f7fee7",
-        100: "#ecfccb",
-        200: "#d9f99d",
-        300: "#bef264",
-        400: "#a3e635",
-        500: "#84cc16",
-        600: "#65a30d",
-        700: "#4d7c0f",
-        800: "#3f6212",
-        900: "#365314",
-      },
-      emerald: {
-        50: "#ecfdf5",
-        100: "#d1fae5",
-        200: "#a7f3d0",
-        300: "#6ee7b7",
-        400: "#34d399",
-        500: "#10b981",
-        600: "#059669",
-        700: "#047857",
-        800: "#065f46",
-        900: "#064e3b",
-      },
-      teal: {
-        50: "#f0fdfa",
-        100: "#ccfbf1",
-        200: "#99f6e4",
-        300: "#5eead4",
-        400: "#2dd4bf",
-        500: "#14b8a6",
-        600: "#0d9488",
-        700: "#0f766e",
-        800: "#115e59",
-        900: "#134e4a",
-      },
-      cyan: {
-        50: "#ecfeff",
-        100: "#cffafe",
-        200: "#a5f3fc",
-        300: "#67e8f9",
-        400: "#22d3ee",
-        500: "#06b6d4",
-        600: "#0891b2",
-        700: "#0e7490",
-        800: "#155e75",
-        900: "#164e63",
-      },
-      sky: {
-        50: "#f0f9ff",
-        100: "#e0f2fe",
-        200: "#bae6fd",
-        300: "#7dd3fc",
-        400: "#38bdf8",
-        500: "#0ea5e9",
-        600: "#0284c7",
-        700: "#0369a1",
-        800: "#075985",
-        900: "#0c4a6e",
-      },
-      violet: {
-        50: "#f5f3ff",
-        100: "#ede9fe",
-        200: "#ddd6fe",
-        300: "#c4b5fd",
-        400: "#a78bfa",
-        500: "#8b5cf6",
-        600: "#7c3aed",
-        700: "#6d28d9",
-        800: "#5b21b6",
-        900: "#4c1d95",
-      },
-      purple: {
-        50: "#faf5ff",
-        100: "#f3e8ff",
-        200: "#e9d5ff",
-        300: "#d8b4fe",
-        400: "#c084fc",
-        500: "#a855f7",
-        600: "#9333ea",
-        700: "#7e22ce",
-        800: "#6b21a8",
-        900: "#581c87",
-      },
-      fuchsia: {
-        50: "#fdf4ff",
-        100: "#fae8ff",
-        200: "#f5d0fe",
-        300: "#f0abfc",
-        400: "#e879f9",
-        500: "#d946ef",
-        600: "#c026d3",
-        700: "#a21caf",
-        800: "#86198f",
-        900: "#701a75",
-      },
-      pink: {
-        50: "#fdf2f8",
-        100: "#fce7f3",
-        200: "#fbcfe8",
-        300: "#f9a8d4",
-        400: "#f472b6",
-        500: "#ec4899",
-        600: "#db2777",
-        700: "#be185d",
-        800: "#9d174d",
-        900: "#831843",
-      },
-      rose: {
-        50: "#fff1f2",
-        100: "#ffe4e6",
-        200: "#fecdd3",
-        300: "#fda4af",
-        400: "#fb7185",
-        500: "#f43f5e",
-        600: "#e11d48",
-        700: "#be123c",
-        800: "#9f1239",
-        900: "#881337",
-      },
-      gray: {
-        50: "#f9fafb",
-        100: "#f3f4f6",
-        200: "#e5e7eb",
-        300: "#d1d5db",
-        400: "#9ca3af",
-        500: "#6b7280",
-        600: "#4b5563",
-        700: "#374151",
-        800: "#1f2937",
-        900: "#111827",
-      },
-      red: {
-        50: "#fef2f2",
-        100: "#fee2e2",
-        200: "#fecaca",
-        300: "#fca5a5",
-        400: "#f87171",
-        500: "#ef4444",
-        600: "#dc2626",
-        700: "#b91c1c",
-        800: "#991b1b",
-        900: "#7f1d1d",
-      },
-      orange: {
-        100: "#ffedd5",
-        200: "#ffedd5",
-        300: "#FDC089",
-        400: "#fb923c",
-        500: "#f97316",
-        600: "#ea580c",
-        700: "#c2410c",
-        800: "#c2410c",
-      },
-      yellow: {
-        50: "#fefce8",
-        100: "#fef9c3",
-        200: "#fef08a",
-        300: "#fde047",
-        400: "#facc15",
-        500: "#eab308",
-        600: "#ca8a04",
-        700: "#a16207",
-        800: "#854d0e",
-        900: "#713f12",
-      },
-      green: {
-        50: "#f0fdf4",
-        100: "#dcfce7",
-        200: "#bbf7d0",
-        300: "#86efac",
-        400: "#4ade80",
-        500: "#22c55e",
-        600: "#16a34a",
-        700: "#15803d",
-        800: "#166534",
-        900: "#14532d",
-      },
-      blue: {
-        50: "#eff6ff",
-        100: "#dbeafe",
-        200: "#bfdbfe",
-        300: "#93c5fd",
-        400: "#60a5fa",
-        500: "#3b82f6",
-        600: "#2563eb",
-        700: "#1d4ed8",
-        800: "#1e40af",
-        900: "#1e3a8a",
-      },
-
-      indigo: {
-        50: "#eef2ff",
-        100: "#e0e7ff",
-        200: "#c7d2fe",
-        300: "#a5b4fc",
-        400: "#818cf8",
-        500: "#6366f1",
-        600: "#4f46e5",
-        700: "#4338ca",
-        800: "#3730a3",
-        900: "#312e81",
-      },
-      frost: {
-        50: "#f5f7fa",
-        100: "#eaeef4",
-        200: "#cfd9e8",
-        300: "#a6bad3",
-        400: "#7594bb",
-        500: "#5e81ac",
-        600: "#415f88",
-        700: "#364d6e",
-        800: "#2f425d",
-        900: "#2b394f",
-        950: "#1d2534",
-      },
-      marine: {
-        50: "#E9E9F4",
-        100: "#859AC7",
-        200: "#586F9E",
-        300: "#4A5F8A",
-        400: "#394A6D",
-        500: "#323F5B",
-      },
-      surface: "rgb(var(--color-surface) / <alpha-value>)",
-      "surface-secondary":
-        "rgb(var(--color-surface-secondary) / <alpha-value>)",
-      "surface-hover": "rgb(var(--color-surface-hover) / <alpha-value>)",
-      "surface-disabled": "rgb(var(--color-surface-disabled) / <alpha-value>)",
-      "surface-selected": "rgb(var(--color-surface-selected) / <alpha-value>)",
-
-      primary: "rgb(var(--color-text-primary) / <alpha-value>)",
-      secondary: "rgb(var(--color-text-secondary) / <alpha-value>)",
-      tertiary: "rgb(var(--color-text-tertiary) / <alpha-value>)",
-      disabled: "rgb(var(--color-text-disabled) / <alpha-value>)",
-
-      "surface-inverse": "rgb(var(--color-surface-inverse) / <alpha-value>)",
-      "surface-secondary-inverse":
-        "rgb(var(--color-surface-secondary-inverse) / <alpha-value>)",
-      "surface-hover-inverse":
-        "rgb(var(--color-surface-hover-inverse) / <alpha-value>)",
-      "surface-disabled-inverse":
-        "rgb(var(--color-surface-disabled-inverse) / <alpha-value>)",
-      "surface-selected-inverse":
-        "rgb(var(--color-surface-selected-inverse) / <alpha-value>)",
-
-      "primary-inverse":
-        "rgb(var(--color-text-primary-inverse) / <alpha-value>)",
-      "secondary-inverse":
-        "rgb(var(--color-text-secondary-inverse) / <alpha-value>)",
-      "tertiary-inverse":
-        "rgb(var(--color-text-tertiary-inverse) / <alpha-value>)",
-      "disabled-inverse":
-        "rgb(var(--color-text-disabled-inverse) / <alpha-value>)",
-    },
-    fontFamily: {
-      // add double quotes if there is space in font name
-      main: ["Inter", "sans-serif"],
-      mono: [
-        "ui-monospace",
-        "SFMono-Regular",
-        "Menlo",
-        "Monaco",
-        "Consolas",
-        '"Liberation Mono"',
-        '"Courier New"',
-        "monospace",
-      ],
-    },
-    extend: {
-      border: {
-        color: "red",
-      },
-      borderRadius: {
-        component: "0.250rem",
-      },
-      maxHeight: {
-        "1/2": "50vh",
-        "2/3": "66vh",
-        "3/4": "75vh",
-      },
-      minWidth: {
-        "1/4": "25%",
-        "1/3": "33%",
-        "1/2": "50%",
-        "2/3": "66%",
-        "3/4": "75%",
-      },
-      minHeight: {
-        "1/2": "50vh",
-      },
-      height: {
-        "2/3": "66vh",
-      },
-      transitionProperty: {
-        height: "height",
-      },
-      fontSize: {
-        "2xs": "0.7rem",
-      },
-      screens: {
-        fhd: "1900px",
-        qhd: "2500px",
-        "4k": "3800px",
-      },
-      animation: {
-        "spin-counter-clockwise": "spin-counter-clockwise 1s linear infinite",
-      },
-      keyframes: {
-        "spin-counter-clockwise": {
-          to: { transform: "rotate(-360deg)" },
-        },
-      },
-    },
-  },
-
-  plugins: [
-    require("@tailwindcss/forms"),
-    require("@tailwindcss/typography"),
-    // scopedPreflightStyles({
-    //   isolationStrategy: isolateInsideOfContainer("#windmill-app"),
-    // }),
-    plugin(({ addBase, addComponents, addUtilities, theme }) => {
-      addBase({
-        fontFamily: theme("fontFamily.main"),
-        fontSize: theme("fontSize.base"),
-        fontWeight: theme("fontWeight.normal"),
-
-        backgroundColor: "rgb(var(--color-surface) / <alpha-value>)",
-        color: lightTheme.textPrimary,
-        "--color-surface": lightThemeRgb.surface,
-        "--color-surface-secondary": lightThemeRgb.surfaceSecondary,
-        "--color-surface-hover": lightThemeRgb.surfaceHover,
-        "--color-surface-disabled": lightThemeRgb.surfaceDisabled,
-        "--color-surface-selected": lightThemeRgb.surfaceSelected,
-
-        "--color-text-primary": lightThemeRgb.textPrimary,
-        "--color-text-secondary": lightThemeRgb.textSecondary,
-        "--color-text-tertiary": lightThemeRgb.textTertiary,
-        "--color-text-disabled": lightThemeRgb.textDisabled,
-
-        "--color-surface-inverse": darkThemeRgb.surface,
-        "--color-surface-secondary-inverse": darkThemeRgb.surfaceSecondary,
-        "--color-surface-hover-inverse": darkThemeRgb.surfaceHover,
-        "--color-surface-disabled-inverse": darkThemeRgb.surfaceDisabled,
-        "--color-surface-selected-inverse": darkThemeRgb.surfaceSelected,
-
-        "--color-text-primary-inverse": darkThemeRgb.textPrimary,
-        "--color-text-secondary-inverse": darkThemeRgb.textSecondary,
-        "--color-text-tertiary-inverse": darkThemeRgb.textTertiary,
-        "--color-text-disabled-inverse": darkThemeRgb.textDisabled,
-
-        "--color-border": lightThemeRgb.border,
-        "--color-border-hover": lightThemeRgb.borderHover,
-
-        "--vscode-editorSuggestWidget-background": "#f3f3f3",
-        "--vscode-editorHoverWidget-foreground": "#616161",
-        "--vscode-editorHoverWidget-border": "#c8c8c8",
-        "--vscode-editorHoverWidget-statusBarBackground": "#e7e7e7",
-        "--vscode-editorSuggestWidget-foreground": "#eeffff",
-        "--vscode-editorSuggestWidget-highlightForeground": "#80cbc4",
-        "--vscode-editorSuggestWidget-selectedBackground":
-          "rgba(0, 0, 0, 0.31)",
-
-        [`@media (min-width: ${theme("screens.qhd")})`]: {
-          fontSize: theme("fontSize.lg"),
-        },
-
-        "&.dark": {
-          backgroundColor: darkTheme.surface,
-          color: darkTheme.textPrimary,
-
-          "--color-surface": darkThemeRgb.surface,
-          "--color-surface-secondary": darkThemeRgb.surfaceSecondary,
-          "--color-surface-hover": darkThemeRgb.surfaceHover,
-          "--color-surface-disabled": darkThemeRgb.surfaceDisabled,
-          "--color-surface-selected": darkThemeRgb.surfaceSelected,
-
-          "--color-text-primary": darkThemeRgb.textPrimary,
-          "--color-text-secondary": darkThemeRgb.textSecondary,
-          "--color-text-tertiary": darkThemeRgb.textTertiary,
-          "--color-text-disabled": darkThemeRgb.textDisabled,
-
-          "--color-surface-inverse": lightThemeRgb.surface,
-          "--color-surface-secondary-inverse": lightThemeRgb.surfaceSecondary,
-          "--color-surface-hover-inverse": lightThemeRgb.surfaceHover,
-          "--color-surface-disabled-inverse": lightThemeRgb.surfaceDisabled,
-          "--color-surface-selected-inverse": lightThemeRgb.surfaceSelected,
-
-          "--color-text-primary-inverse": lightThemeRgb.textPrimary,
-          "--color-text-secondary-inverse": lightThemeRgb.textSecondary,
-          "--color-text-tertiary-inverse": lightThemeRgb.textTertiary,
-          "--color-text-disabled-inverse": lightThemeRgb.textDisabled,
-
-          "--color-border": darkThemeRgb.border,
-          "--color-border-hover": darkThemeRgb.borderHover,
-
-          "--vscode-editorSuggestWidget-background": "#252526",
-          "--vscode-editorHoverWidget-foreground": "#cccccc",
-          "--vscode-editorHoverWidget-border": "#454545",
-          "--vscode-editorHoverWidget-statusBarBackground": "#2c2c2d",
-        },
-
-        h1: {
-          fontSize: "24px",
-          fontWeight: theme("fontWeight.extrabold"),
-          lineHeight: "1.05",
-          [`@media (min-width: ${theme("screens.lg")})`]: {
-            fontSize: "26px",
-          },
-          [`@media (min-width: ${theme("screens.fhd")})`]: {
-            fontSize: "29px",
-          },
-          [`@media (min-width: ${theme("screens.qhd")})`]: {
-            fontSize: "34px",
-          },
-        },
-        h2: {
-          fontSize: "20px",
-          fontWeight: theme("fontWeight.extrabold"),
-          lineHeight: "1.1",
-          [`@media (min-width: ${theme("screens.fhd")})`]: {
-            fontSize: "22px",
-          },
-          [`@media (min-width: ${theme("screens.qhd")})`]: {
-            fontSize: "25px",
-          },
-        },
-        mark: {
-          backgroundColor: theme("colors.yellow.200"),
-          borderRadius: theme("borderRadius.sm"),
-        },
-        h3: {
-          fontSize: "18px",
-          fontWeight: theme("fontWeight.bold"),
-          lineHeight: "1.2",
-          [`@media (min-width: ${theme("screens.fhd")})`]: {
-            fontSize: "20px",
-          },
-          [`@media (min-width: ${theme("screens.qhd")})`]: {
-            fontSize: "22px",
-          },
-        },
-        h4: {
-          fontSize: "18px",
-          fontWeight: theme("fontWeight.semibold"),
-          lineHeight: "1.3",
-          [`@media (min-width: ${theme("screens.qhd")})`]: {
-            fontSize: "20px",
-          },
-        },
-        h5: {
-          fontSize: "16px",
-          fontWeight: theme("fontWeight.semibold"),
-          lineHeight: "1.5",
-          [`@media (min-width: ${theme("screens.qhd")})`]: {
-            fontSize: "18px",
-          },
-        },
-        h6: {
-          fontSize: "16px",
-          fontWeight: theme("fontWeight.medium"),
-          lineHeight: "1.5",
-          [`@media (min-width: ${theme("screens.qhd")})`]: {
-            fontSize: "18px",
-          },
-        },
-        button: {
-          fontWeight: theme("fontWeight.semibold"),
-        },
-        a: {
-          color: theme("colors.blue.500"),
-        },
-        ".dark input::placeholder": {
-          color: theme("colors.gray.400"),
-        },
-        "[type='checkbox']:checked": {
-          backgroundImage: `url("data:image/svg+xml,%3csvg viewBox='0 0 16 16' fill='black' xmlns='http://www.w3.org/2000/svg'%3e%3cpath d='M12.207 4.793a1 1 0 010 1.414l-5 5a1 1 0 01-1.414 0l-2-2a1 1 0 011.414-1.414L6.5 9.086l4.293-4.293a1 1 0 011.414 0z'/%3e%3c/svg%3e");`,
-        },
-        ".dark [type='checkbox']:checked": {
-          backgroundImage: `url("data:image/svg+xml,%3csvg viewBox='0 0 16 16' fill='white' xmlns='http://www.w3.org/2000/svg'%3e%3cpath d='M12.207 4.793a1 1 0 010 1.414l-5 5a1 1 0 01-1.414 0l-2-2a1 1 0 011.414-1.414L6.5 9.086l4.293-4.293a1 1 0 011.414 0z'/%3e%3c/svg%3e");`,
-        },
-        'input:not(.windmillapp),input[type="text"]:not(.windmillapp),input[type="email"]:not(.windmillapp),input[type="url"]:not(.windmillapp),input[type="password"]:not(.windmillapp),input[type="number"]:not(.windmillapp),input[type="date"]:not(.windmillapp),input[type="datetime-local"]:not(.windmillapp),input[type="month"]:not(.windmillapp),input[type="search"]:not(.windmillapp),input[type="tel"]:not(.windmillapp),input[type="time"]:not(.windmillapp),input[type="week"]:not(.windmillapp),textarea:not(.windmillapp):not(.monaco-mouse-cursor-text),select:not(.windmillapp)':
-          {
-            display: "block",
-            fontSize: theme("fontSize.sm"),
-            boxShadow: theme("boxShadow.sm"),
-            width: "100%",
-            padding: `${theme("spacing.1")} ${theme("spacing.2")}`,
-            border: `1px solid ${theme("colors.gray.300")}`,
-            borderRadius: theme("borderRadius.md"),
-            "&:focus": {
-              "--tw-ring-color": theme("colors.frost.100"),
-              "--tw-ring-offset-shadow":
-                "var(--tw-ring-inset) 0 0 0 var(--tw-ring-offset-width) var(--tw-ring-offset-color)",
-              "--tw-ring-shadow":
-                "var(--tw-ring-inset) 0 0 0 calc(3px + var(--tw-ring-offset-width)) var(--tw-ring-color)",
-              boxShadow:
-                "var(--tw-ring-offset-shadow), var(--tw-ring-shadow), var(--tw-shadow, 0 0 #0000)",
-            },
-            "&:disabled,[disabled]": {
-              backgroundColor: theme("colors.gray.100") + " !important",
-              ".dark &": {
-                backgroundColor: theme("colors.gray.700") + " !important",
-              },
-            },
-          },
-        '.dark input:not(.windmillapp),.dark input[type="text"]:not(.windmillapp),.dark input[type="email"]:not(.windmillapp),.dark input[type="url"]:not(.windmillapp),.dark input[type="password"]:not(.windmillapp),.dark input[type="number"]:not(.windmillapp),.dark input[type="date"]:not(.windmillapp),.dark input[type="datetime-local"]:not(.windmillapp),.dark input[type="month"]:not(.windmillapp),.dark input[type="search"]:not(.windmillapp),.dark input[type="tel"]:not(.windmillapp),.dark input[type="time"]:not(.windmillapp),.dark input[type="week"]:not(.windmillapp),.dark textarea:not(.windmillapp):not(.monaco-mouse-cursor-text),.dark select:not(.windmillapp)':
-          {
-            backgroundColor: theme("colors.gray.700"),
-            color: theme("colors.gray.200"),
-            borderColor: theme("colors.gray.600"),
-            "&:focus": {
-              "--tw-ring-color": theme("colors.frost.700"),
-            },
-          },
-
-        "button:disabled,button[disabled=true],a:disabled,a[disabled=true]": {
-          pointerEvents: "none",
-          cursor: "default",
-          opacity: "0.90",
-        },
-        "pre code.hljs": {
-          padding: "0px !important",
-          fontFamily: theme("fontFamily.mono"),
-          fontSize: theme("fontSize.xs") + " !important",
-          lineHeight: theme("lineHeight.4") + " !important",
-        },
-        ".h1-textarea": {
-          fontSize: "24px !important",
-          fontWeight: `${theme("fontWeight.extrabold")} !important`,
-          lineHeight: "1.05 !important",
-          color: theme("!colors.gray.800"),
-          [`@media (min-width: ${theme("screens.lg")})`]: {
-            fontSize: "26px !important",
-          },
-          [`@media (min-width: ${theme("screens.fhd")})`]: {
-            fontSize: "29px !important",
-          },
-          [`@media (min-width: ${theme("screens.qhd")})`]: {
-            fontSize: "34px !important",
-          },
-        },
-        ".h3-textarea": {
-          fontSize: "18px !important",
-          fontWeight: `${theme("fontWeight.bold")} !important`,
-          lineHeight: "1.2 !important",
-          color: theme("!colors.gray.600"),
-          [`@media (min-width: ${theme("screens.fhd")})`]: {
-            fontSize: "20px !important",
-          },
-          [`@media (min-width: ${theme("screens.qhd")})`]: {
-            fontSize: "22px !important",
-          },
-        },
-        ".p-textarea": {
-          fontSize: "16px !important",
-          fontWeight: `${theme("fontWeight.normal")} !important`,
-          lineHeight: "1.5 !important",
-          color: theme("!colors.gray.600"),
-          [`@media (min-width: ${theme("screens.fhd")})`]: {
-            fontSize: "18px !important",
-          },
-
-          [`@media (min-width: ${theme("screens.qhd")})`]: {
-            fontSize: "20px !important",
-          },
-        },
-        input: {
-          backgroundColor: theme("colors.surface-secondary") + " !important",
-        },
-        textarea: {
-          backgroundColor: theme("colors.surface-secondary") + " !important",
-        },
-      });
-      addComponents({
-        ".table-custom": {
-          "& th": {
-            paddingTop: theme("spacing.3"),
-            paddingRight: theme("spacing.1"),
-            paddingLeft: theme("spacing.1"),
-            paddingBottom: theme("spacing.3"),
-            fontSize: theme("fontSize.sm"),
-            textAlign: "left",
-            fontWeight: theme("fontWeight.semibold"),
-            color: theme("colors.gray.900"),
-            textTransform: "capitalize",
-          },
-          ".dark & th": {
-            color: theme("colors.gray.200"),
-          },
-          "& td": {
-            paddingLeft: theme("spacing.1"),
-            paddingRight: theme("spacing.1"),
-            paddingTop: theme("spacing.2"),
-            paddingBottom: theme("spacing.2"),
-            fontSize: theme("fontSize.sm"),
-            color: theme("colors.gray.700"),
-          },
-          ".dark & td ": {
-            color: theme("colors.gray.200"),
-          },
-          "& tbody > :not([hidden]) ~ :not([hidden])": {
-            borderTop: `1px solid ${theme("colors.gray.200")}`,
-          },
-          ".dark & tbody > :not([hidden]) ~ :not([hidden])": {
-            borderTop: `1px solid ${theme("colors.gray.700")}`,
-          },
-          "& tbody > tr:hover": {
-            backgroundColor: theme("colors.gray.50"),
-          },
-          ".dark & tbody > tr:hover": {
-            backgroundColor: theme("colors.gray.800"),
-          },
-        },
-        ".commit-hash": {
-          fontSize: theme("fontSize.2xs"),
-          color: theme("colors.gray.500"),
-          backgroundColor: theme("colors.gray.200"),
-          fontFamily: theme("fontFamily.mono"),
-        },
-        ".input-error": {
-          borderColor: `${theme("colors.red.500")} !important`,
-        },
-        ".box": {
-          borderWidth: "1px",
-          borderRadius: theme("borderRadius.sm"),
-          boxShadow: theme("boxShadow.sm"),
-          padding: theme("spacing.4"),
-        },
-        ".animate-skeleton": {
-          animation: theme("animation.pulse"),
-          backgroundColor: theme("colors.blue.100"),
-          borderRadius: theme("borderRadius.DEFAULT"),
-        },
-        ".text-black-gradient": {
-          color: "transparent",
-          backgroundClip: "text",
-          backgroundImage: `linear-gradient(to right, ${theme(
-            "colors.black"
-          )}, ${theme("colors.gray.600")})`,
-        },
-        ".splitpanes__pane": {
-          backgroundColor: lightTheme.surface + " !important",
-          overflow: "auto !important",
-        },
-        ".dark .splitpanes__pane": {
-          backgroundColor: darkTheme.surface + " !important",
-          overflow: "auto !important",
-        },
-        ".splitpanes__splitter": {
-          backgroundColor: lightTheme.border + " !important",
-          margin: "0 !important",
-          border: "none !important",
-          "&::after": {
-            backgroundColor: lightTheme.border + " !important",
-            margin: "0 !important",
-            transform: "none !important",
-            transition: "opacity 200ms !important",
-            opacity: "0",
-            "--splitter-hover-size": "5px",
-            "--splitter-hover-adjustment": "-2px",
-          },
-          "&:hover::after": {
-            opacity: "1",
-            zIndex: "1001 !important",
-          },
-        },
-        ".dark .splitpanes__splitter": {
-          backgroundColor: darkTheme.border + " !important",
-          "&::after": {
-            backgroundColor: darkTheme.border + " !important",
-          },
-        },
-        ".splitpanes--vertical>.splitpanes__splitter": {
-          width: "1px !important",
-          "&::before": {
-            left: "1px !important",
-            width: "0px !important",
-            marginLeft: "0 !important",
-          },
-          "&::after": {
-            top: "0 !important",
-            height: "100% !important",
-            left: "var(--splitter-hover-adjustment) !important",
-            width: "var(--splitter-hover-size) !important",
-          },
-        },
-        ".splitpanes--horizontal>.splitpanes__splitter": {
-          height: "1px !important",
-          "&::before": {
-            top: "1px !important",
-            height: "0px !important",
-            marginTop: "0 !important",
-          },
-          "&::after": {
-            top: "var(--splitter-hover-adjustment) !important",
-            height: "var(--splitter-hover-size) !important",
-            left: "0 !important",
-            width: "100% !important",
-          },
-        },
-        // Windmill Tab classes
-
-        ".wm-tab-active": {
-          borderColor: darkTheme.border,
-          color: lightTheme.textPrimary,
-        },
-
-        ".dark .wm-tab-active": {
-          borderColor: lightTheme.border,
-          color: darkTheme.textPrimary,
-        },
-      });
-
-      addUtilities({
-        ".separator": {
-          backgroundColor: `${lightTheme.border} !important`,
-        },
-        ".dark .separator": {
-          backgroundColor: `${darkTheme.border} !important`,
-        },
-        ".center-center": {
-          display: "flex",
-          justifyContent: "center",
-          alignItems: "center",
-        },
-        ".inner-border": {
-          boxShadow: `inset 0 0 0 1px ${lightTheme.border}`,
-        },
-        ".dark .inner-border": {
-          boxShadow: `inset 0 0 0 1px ${darkTheme.border}`,
-        },
-        ".z5000": {
-          zIndex: "5000 !important",
-        },
-        ".ellipsize": {
-          overflow: "hidden",
-          whiteSpace: "nowrap",
-          textOverflow: "ellipsis",
-        },
-        /** Set the '-webkit-line-clamp' property to the desired number of lines.
-         *
-         * Eg.: `class="ellipsize-multi-line [-webkit-line-clamp:3]"`
-         */
-        ".ellipsize-multi-line": {
-          display: "-webkit-box",
-          "-webkit-box-orient": "vertical",
-          overflow: "hidden",
-        },
-        ".disabled": {
-          pointerEvents: "none",
-          cursor: "default",
-          filter: "grayscale(1)",
-        },
-        ".scrollbar-hidden": {
-          "-ms-overflow-style": "none",
-          "scrollbar-width": "none",
-          "&::-webkit-scrollbar": {
-            display: "none",
-            width: "0px",
-          },
-        },
-      });
-    }),
-  ],
-  darkMode: "class",
-  important: ".windmill-app",
-};
-
-module.exports = config;

backend/.cargo/config.toml

@@ -1,14 +1,10 @@
 [build]
+rustflags = [
+    "--cfg",
+    "tokio_unstable",
+    "-C",
+    "link-arg=-fuse-ld=lld",
+    "-Clink-arg=-Wl,--no-rosegment",
+]
 incremental = true
 
-[target.x86_64-apple-darwin]
-rustflags = [
-    "-C", "link-arg=-undefined",
-    "-C", "link-arg=dynamic_lookup",
-]
-
-[target.aarch64-apple-darwin]
-rustflags = [
-    "-C", "link-arg=-undefined",
-    "-C", "link-arg=dynamic_lookup",
-]

backend/.gitignore

@@ -1,8 +1,4 @@
 target/
 .env
 oauth.json
-oauth2.json
-windmill-api/openapi-deref.yaml
-tracing.folded
-heaptrack*
-index/
+windmill-api/openapi-deref.yaml

backend/.sqlx/query-005b9255699e73600c579f74b529caf531b2312b6e405b4d35efd2f7ca663143.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT email FROM password WHERE email = $1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "email",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "005b9255699e73600c579f74b529caf531b2312b6e405b4d35efd2f7ca663143"
-}

backend/.sqlx/query-006f03e979abdf8055b1c598bc9806337216a6abf74db4eb64b0acb918a0de08.json

@@ -1,16 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE usr SET disabled = $1 WHERE username = $2 AND workspace_id = $3",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Bool",
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "006f03e979abdf8055b1c598bc9806337216a6abf74db4eb64b0acb918a0de08"
-}

backend/.sqlx/query-00be497354f5375e9ccffb998d126a853da91d607ff9e57e10d0e5481e4d3848.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM usr WHERE workspace_id = $1 AND email = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "00be497354f5375e9ccffb998d126a853da91d607ff9e57e10d0e5481e4d3848"
-}

backend/.sqlx/query-00f68ea1ad2d5ab045b4a20ce3f4dd7850041e396e14890e37e1d0db276d3694.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE resource SET workspace_id = $1 WHERE workspace_id = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "00f68ea1ad2d5ab045b4a20ce3f4dd7850041e396e14890e37e1d0db276d3694"
-}

backend/.sqlx/query-01576057b71e32e20a1702b2c89c380eee422060a65b475d7cda8b199d70842e.json

@@ -1,16 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE flow SET archived = $1 WHERE path = $2 AND workspace_id = $3",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Bool",
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "01576057b71e32e20a1702b2c89c380eee422060a65b475d7cda8b199d70842e"
-}

backend/.sqlx/query-019258392434b3c8dfabfe53d61ad766626fe4ad67f101c1a58c9c9524531621.json

@@ -1,23 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT app.id FROM app\n        WHERE app.path = $1 AND app.workspace_id = $2",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "id",
-        "type_info": "Int8"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "019258392434b3c8dfabfe53d61ad766626fe4ad67f101c1a58c9c9524531621"
-}

backend/.sqlx/query-025e5bf6aef56e9832239489daf21b4970d84529cf7ed7928ce2dcfec8b007f0.json

@@ -1,14 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM global_settings WHERE name = $1",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "025e5bf6aef56e9832239489daf21b4970d84529cf7ed7928ce2dcfec8b007f0"
-}

backend/.sqlx/query-029ed3dcba207c58aa6936e44bd825b2166f1846b1bb684522607d5ca31a0df3.json

@@ -1,17 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE queue SET flow_status = jsonb_set(COALESCE(flow_status, '{}'::jsonb), array[$1], jsonb_set(jsonb_set('{}'::jsonb, '{scheduled_for}', to_jsonb(now()::text)), '{name}', to_jsonb($4::text))) WHERE id = $2 AND workspace_id = $3",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Uuid",
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "029ed3dcba207c58aa6936e44bd825b2166f1846b1bb684522607d5ca31a0df3"
-}

backend/.sqlx/query-02b516dac764662194db1bc33e365c01f40bae70af3683f1f09748f6020f0d49.json

@@ -1,26 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT tag, count(*) as count FROM queue WHERE\n                scheduled_for <= now() - ('3 seconds')::interval AND running = false\n                GROUP BY tag",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "tag",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 1,
-        "name": "count",
-        "type_info": "Int8"
-      }
-    ],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": [
-      false,
-      null
-    ]
-  },
-  "hash": "02b516dac764662194db1bc33e365c01f40bae70af3683f1f09748f6020f0d49"
-}

backend/.sqlx/query-02bb4ea17e83c79f870e2655d6d9c035af6d763b7ee9577280785ccf0220a123.json

@@ -1,23 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT running FROM queue WHERE id = $1 AND workspace_id = $2",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "running",
-        "type_info": "Bool"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Uuid",
-        "Text"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "02bb4ea17e83c79f870e2655d6d9c035af6d763b7ee9577280785ccf0220a123"
-}

backend/.sqlx/query-034583442e6f8ae38d6c4e4aac26f17c8d9d0e657f28276228fc90d3e22e1304.json

@@ -1,16 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE workspace_settings SET openai_resource_path = $1, code_completion_enabled = $2 WHERE workspace_id = $3",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Bool",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "034583442e6f8ae38d6c4e4aac26f17c8d9d0e657f28276228fc90d3e22e1304"
-}

backend/.sqlx/query-0355b53b1d45955ca56b2829372ce9c656d7f0ad7b8d0709161047f0d8cdc4f4.json

@@ -1,23 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM queue WHERE workspace_id = $1 AND id = $2 RETURNING 1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "?column?",
-        "type_info": "Int4"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Uuid"
-      ]
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "0355b53b1d45955ca56b2829372ce9c656d7f0ad7b8d0709161047f0d8cdc4f4"
-}

backend/.sqlx/query-036af7b1cf6d731647fd718458944b9a9759bdb034e73f3065cde6a2f88c8dce.json

@@ -1,16 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE queue SET permissioned_as = ('u/' || $1) WHERE permissioned_as = ('u/' || $2) AND workspace_id = $3",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "036af7b1cf6d731647fd718458944b9a9759bdb034e73f3065cde6a2f88c8dce"
-}

backend/.sqlx/query-03cb31686d34035f2dc64d4dff93265af0e44a7e2dabdf28fd9c9327b5b53118.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE usr SET username = $1 WHERE email = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "03cb31686d34035f2dc64d4dff93265af0e44a7e2dabdf28fd9c9327b5b53118"
-}

backend/.sqlx/query-03d4ec7a5feda9001e98c2e55f0788399ee41c9b128099937abb483f1d89a2c6.json

@@ -1,16 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE app SET policy = jsonb_set(policy, ARRAY['on_behalf_of'], to_jsonb('u/' || $1)) WHERE policy->>'on_behalf_of' = ('u/' || $2) AND workspace_id = $3",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "03d4ec7a5feda9001e98c2e55f0788399ee41c9b128099937abb483f1d89a2c6"
-}

backend/.sqlx/query-03d63d2e64b012f624d2731b5bcb8849c74a9474777be61edf0ed43ddda07ef3.json

@@ -1,53 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT * from resource_type WHERE name = $1 AND (workspace_id = $2 OR workspace_id = 'admins')",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "workspace_id",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 1,
-        "name": "name",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 2,
-        "name": "schema",
-        "type_info": "Jsonb"
-      },
-      {
-        "ordinal": 3,
-        "name": "description",
-        "type_info": "Text"
-      },
-      {
-        "ordinal": 4,
-        "name": "edited_at",
-        "type_info": "Timestamptz"
-      },
-      {
-        "ordinal": 5,
-        "name": "created_by",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": [
-      false,
-      false,
-      true,
-      true,
-      true,
-      true
-    ]
-  },
-  "hash": "03d63d2e64b012f624d2731b5bcb8849c74a9474777be61edf0ed43ddda07ef3"
-}

backend/.sqlx/query-03e9c9d8dd74c75b4608b49cad79f0a9572c7e8b48d8e373c0342b75b843d123.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM usr_to_group WHERE usr = $1 AND workspace_id = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "03e9c9d8dd74c75b4608b49cad79f0a9572c7e8b48d8e373c0342b75b843d123"
-}

backend/.sqlx/query-04effcc6050250a02661323c880d493982dd1bfb63ca7373e035a98c268428e2.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT script_path FROM queue WHERE id = $1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "script_path",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Uuid"
-      ]
-    },
-    "nullable": [
-      true
-    ]
-  },
-  "hash": "04effcc6050250a02661323c880d493982dd1bfb63ca7373e035a98c268428e2"
-}

backend/.sqlx/query-062859f1d0e5cfba3115f4241115753b86a4ad239708851c998ff5620ebca5b8.json

@@ -1,14 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE queue SET last_ping = now() WHERE id = $1",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Uuid"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "062859f1d0e5cfba3115f4241115753b86a4ad239708851c998ff5620ebca5b8"
-}

backend/.sqlx/query-0659bab15d4cccdb04c7a57e0e3bbb6bfebb8896601a27ddf5618d4eae678bc1.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE usr SET workspace_id = $1 WHERE workspace_id = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0659bab15d4cccdb04c7a57e0e3bbb6bfebb8896601a27ddf5618d4eae678bc1"
-}

backend/.sqlx/query-0721acae4f627df4687bb43b830a47faeee5c0a152cda8d62794c14dd200fac1.json

@@ -1,16 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE completed_job SET created_by = $1 WHERE created_by = $2 AND workspace_id = $3",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0721acae4f627df4687bb43b830a47faeee5c0a152cda8d62794c14dd200fac1"
-}

backend/.sqlx/query-07834003a631acac03a52a128d3dfce162abdef0d94e5020b84fed424dfd1ae9.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO email_to_igroup (email, igroup) VALUES ($1, $2)",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Varchar"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "07834003a631acac03a52a128d3dfce162abdef0d94e5020b84fed424dfd1ae9"
-}

backend/.sqlx/query-0784bb86a503f02b9ef247a2b83a82ddfa49632552b223a9f4536a449b0a1eb8.json

@@ -1,23 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT EXISTS(SELECT 1 FROM resource WHERE path = $1 AND workspace_id = $2)",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "exists",
-        "type_info": "Bool"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "0784bb86a503f02b9ef247a2b83a82ddfa49632552b223a9f4536a449b0a1eb8"
-}

backend/.sqlx/query-07b984faa14193f529ae589608289a9ffb0f3d4a0e48054393e1bb8b70b4e5e0.json

@@ -1,14 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM flow WHERE workspace_id = $1",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "07b984faa14193f529ae589608289a9ffb0f3d4a0e48054393e1bb8b70b4e5e0"
-}

backend/.sqlx/query-07ce3bce5f71b13d8aaf51f7d8aef8e32ff9e3e9cf58daab1c02276a7f0bd163.json

@@ -1,16 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE input SET created_by = $1 WHERE created_by = $2 AND workspace_id = $3",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "07ce3bce5f71b13d8aaf51f7d8aef8e32ff9e3e9cf58daab1c02276a7f0bd163"
-}

backend/.sqlx/query-07d03985bb2c58d52c1ffd6ab5a6d37457e7520642a5e70bb4000e4923720957.json

@@ -1,16 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE flow_version SET path = REGEXP_REPLACE(path,'u/' || $2 || '/(.*)','u/' || $1 || '/\\1') WHERE path LIKE ('u/' || $2 || '/%') AND workspace_id = $3",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "07d03985bb2c58d52c1ffd6ab5a6d37457e7520642a5e70bb4000e4923720957"
-}

backend/.sqlx/query-07f5290e90533eac50b890a0d7f4a5e73ac111c838f687fe8647636827aae8b5.json

@@ -1,26 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO flow_version (workspace_id, path, value, schema, created_by) \n        VALUES ($1, $2, $3, $4::text::json, $5)\n        RETURNING id",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "id",
-        "type_info": "Int8"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Varchar",
-        "Jsonb",
-        "Text",
-        "Varchar"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "07f5290e90533eac50b890a0d7f4a5e73ac111c838f687fe8647636827aae8b5"
-}

backend/.sqlx/query-083218b582d927d98879b9cd8193d8294c1a0e6e50d5de5d5fe1c181391a38d8.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE schedule SET ws_error_handler_muted = false, on_failure = NULL, on_failure_extra_args = NULL, on_failure_times = NULL, on_failure_exact = NULL WHERE workspace_id = $1 RETURNING path",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "path",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "083218b582d927d98879b9cd8193d8294c1a0e6e50d5de5d5fe1c181391a38d8"
-}

backend/.sqlx/query-08c943c4b9b76da43b8b754e5c66ab3b6397e7edc82666662a8ea466496290fb.json

@@ -1,14 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM account WHERE workspace_id = $1",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "08c943c4b9b76da43b8b754e5c66ab3b6397e7edc82666662a8ea466496290fb"
-}

backend/.sqlx/query-08e4a2dc49c75aa356f3cc75a4abd8fc61409776d641ddb592a4c731e61a0468.json

@@ -1,26 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT login_type, COUNT(*) FROM password GROUP BY login_type",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "login_type",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 1,
-        "name": "count",
-        "type_info": "Int8"
-      }
-    ],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": [
-      false,
-      null
-    ]
-  },
-  "hash": "08e4a2dc49c75aa356f3cc75a4abd8fc61409776d641ddb592a4c731e61a0468"
-}

backend/.sqlx/query-097a576938eac385ddc2f16a00ddc69c3ca54f5a66923291730980eeeea1f8c1.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM variable WHERE path = $1 AND workspace_id = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "097a576938eac385ddc2f16a00ddc69c3ca54f5a66923291730980eeeea1f8c1"
-}

backend/.sqlx/query-099e7c7a66968575f896e0c11ecd9cfe9a2ec315d6589e940be157a0563f81af.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE queue SET last_ping = now() WHERE id = $1 AND workspace_id = $2 AND canceled = false",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Uuid",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "099e7c7a66968575f896e0c11ecd9cfe9a2ec315d6589e940be157a0563f81af"
-}

backend/.sqlx/query-09e2a19435068f9e9bfd5bcb44b4e283c71729f81550f6f7156ce4970345cc07.json

@@ -1,16 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE account SET refresh_error = $1 WHERE workspace_id = $2 AND id = $3",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text",
-        "Int4"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "09e2a19435068f9e9bfd5bcb44b4e283c71729f81550f6f7156ce4970345cc07"
-}

backend/.sqlx/query-0a1c95c4376b944661bab13271091cf3ea0afe68fb8e08e7aea239dc735c625c.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO concurrency_key(key, job_id) VALUES ($1, $2)",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Uuid"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0a1c95c4376b944661bab13271091cf3ea0afe68fb8e08e7aea239dc735c625c"
-}

backend/.sqlx/query-0a686ca61444d7ad7484071727aa039a6ea6697e5a49a633b767c052aa3e0a18.json

@@ -1,81 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "WITH uuid_table as (\n            select gen_random_uuid() as uuid from generate_series(1, $11)\n        )\n        INSERT INTO queue \n            (id, script_hash, script_path, job_kind, language, args, tag, created_by, permissioned_as, email, scheduled_for, workspace_id, concurrent_limit, concurrency_time_window_s, timeout)\n            (SELECT uuid, $1, $2, $3, $4, ('{ \"uuid\": \"' || uuid || '\" }')::jsonb, $5, $6, $7, $8, $9, $10, $12, $13, $14 FROM uuid_table) \n        RETURNING id",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "id",
-        "type_info": "Uuid"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Int8",
-        "Varchar",
-        {
-          "Custom": {
-            "name": "job_kind",
-            "kind": {
-              "Enum": [
-                "script",
-                "preview",
-                "flow",
-                "dependencies",
-                "flowpreview",
-                "script_hub",
-                "identity",
-                "flowdependencies",
-                "http",
-                "graphql",
-                "postgresql",
-                "noop",
-                "appdependencies",
-                "deploymentcallback",
-                "singlescriptflow"
-              ]
-            }
-          }
-        },
-        {
-          "Custom": {
-            "name": "script_lang",
-            "kind": {
-              "Enum": [
-                "python3",
-                "deno",
-                "go",
-                "bash",
-                "postgresql",
-                "nativets",
-                "bun",
-                "mysql",
-                "bigquery",
-                "snowflake",
-                "graphql",
-                "powershell",
-                "mssql",
-                "php",
-                "bunnative"
-              ]
-            }
-          }
-        },
-        "Varchar",
-        "Varchar",
-        "Varchar",
-        "Varchar",
-        "Timestamptz",
-        "Varchar",
-        "Int4",
-        "Int4",
-        "Int4",
-        "Int4"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "0a686ca61444d7ad7484071727aa039a6ea6697e5a49a633b767c052aa3e0a18"
-}

backend/.sqlx/query-0a9a191273c735c41d56ea46a39ffca075a0550eada87df7162c5037164ad6bf.json

@@ -1,16 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "\n       INSERT INTO capture\n                   (workspace_id, path, created_by)\n            VALUES ($1, $2, $3)\n       ON CONFLICT (workspace_id, path)\n     DO UPDATE SET created_at = now()\n        ",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Varchar",
-        "Varchar"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0a9a191273c735c41d56ea46a39ffca075a0550eada87df7162c5037164ad6bf"
-}

backend/.sqlx/query-0aff8b0f2cddc0dd696759f48368c7315ff39060be5430c59582e1e05a4b3d90.json

@@ -1,16 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE queue\n            SET flow_status = JSONB_SET(\n                JSONB_SET(flow_status, ARRAY['failure_module'], $1), ARRAY['step'], $2)\n            WHERE id = $3",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Jsonb",
-        "Jsonb",
-        "Uuid"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0aff8b0f2cddc0dd696759f48368c7315ff39060be5430c59582e1e05a4b3d90"
-}

backend/.sqlx/query-0ba594244a366a31d9bed97a2d7b031d42c23463599d267d1712d1af1d26b321.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE audit SET workspace_id = $1 WHERE workspace_id = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0ba594244a366a31d9bed97a2d7b031d42c23463599d267d1712d1af1d26b321"
-}

backend/.sqlx/query-0be8c6f698a715d015126a7871a39fd7c25ad5269d3313ee1a32533b6d346446.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE concurrency_counter SET job_uuids = job_uuids - $2 WHERE concurrency_id = $1",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0be8c6f698a715d015126a7871a39fd7c25ad5269d3313ee1a32533b6d346446"
-}

backend/.sqlx/query-0bfd22be1d6966c61c9a5fedc2522be8a17f06391b882337c74c1817c99b533d.json

@@ -1,24 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT name FROM folder WHERE workspace_id = $1 ORDER BY name desc LIMIT $2 OFFSET $3",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "name",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Int8",
-        "Int8"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "0bfd22be1d6966c61c9a5fedc2522be8a17f06391b882337c74c1817c99b533d"
-}

backend/.sqlx/query-0c0b5d5d1e6ab2fed7532f94b50be3210e3845b61551691bbef81c2b6fb01121.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE queue\n                    SET flow_status = JSONB_SET(flow_status, ARRAY['failure_module'], $1)\n                    WHERE id = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Jsonb",
-        "Uuid"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0c0b5d5d1e6ab2fed7532f94b50be3210e3845b61551691bbef81c2b6fb01121"
-}

backend/.sqlx/query-0c3b687d97cb0bb2dfec369c013e7570ee9c3f473c6e92b1161ed71527385348.json

@@ -1,23 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT EXISTS(SELECT 1 FROM flow WHERE path = $1 AND workspace_id = $2)",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "exists",
-        "type_info": "Bool"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "0c3b687d97cb0bb2dfec369c013e7570ee9c3f473c6e92b1161ed71527385348"
-}

backend/.sqlx/query-0c5faa1e3233ca15240f80c9ba805f839d9f1f7450d1ea1f2b8e9faf8533892d.json

@@ -1,17 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM workspace_invite WHERE\n        workspace_id = $1 AND email = $2 AND is_admin = $3 AND operator = $4",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text",
-        "Bool",
-        "Bool"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0c5faa1e3233ca15240f80c9ba805f839d9f1f7450d1ea1f2b8e9faf8533892d"
-}

backend/.sqlx/query-0c9ad812013ff476a79ca8d6bb8b7a73d9492e07680732af9af09e223ade1f37.json

@@ -1,14 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE workspace_settings SET auto_invite_domain = NULL, auto_invite_operator = NULL, auto_add = NULL WHERE workspace_id = $1",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0c9ad812013ff476a79ca8d6bb8b7a73d9492e07680732af9af09e223ade1f37"
-}

backend/.sqlx/query-0cb84cbb9083d967cc8be1cccab5be61080c1003eef51eea41862b25c2b93de6.json

@@ -1,14 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO metrics (id, value) VALUES ('telemetry', $1)",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Jsonb"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0cb84cbb9083d967cc8be1cccab5be61080c1003eef51eea41862b25c2b93de6"
-}

backend/.sqlx/query-0cc3618495d5d024b2a173c58a3a8bb2a9d69b7b6e7ed6b0d0064fa2ce9c2e31.json

@@ -1,20 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT value\n            FROM global_settings\n            WHERE name = 'openai_azure_base_path'",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "value",
-        "type_info": "Jsonb"
-      }
-    ],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "0cc3618495d5d024b2a173c58a3a8bb2a9d69b7b6e7ed6b0d0064fa2ce9c2e31"
-}

backend/.sqlx/query-0cf42f7e76fe01e6a9a20499b2228d76a1919b8b4050afedb2459be083a4ad4d.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT EXISTS(SELECT 1 FROM password WHERE email = $1)",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "exists",
-        "type_info": "Bool"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "0cf42f7e76fe01e6a9a20499b2228d76a1919b8b4050afedb2459be083a4ad4d"
-}

backend/.sqlx/query-0d0c379b1cd2eec15869dd0b1a31886a95d53096fdcb1cdb1e0eb282b54105dc.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE workspace_key SET workspace_id = $1 WHERE workspace_id = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0d0c379b1cd2eec15869dd0b1a31886a95d53096fdcb1cdb1e0eb282b54105dc"
-}

backend/.sqlx/query-0d407b9e18a6ee7f4be4fb017e7ed278f2070a939ad8a0680cedd0216d53505a.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM config WHERE name = $1 RETURNING name",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "name",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "0d407b9e18a6ee7f4be4fb017e7ed278f2070a939ad8a0680cedd0216d53505a"
-}

backend/.sqlx/query-0d6412bc3ebb1d58bdd9cbcef774dacf9016fa402af5c1b4e339b9a3d7163d5e.json

@@ -1,23 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT EXISTS (SELECT 1 FROM schedule WHERE path = $1 AND workspace_id = $2 AND path != script_path)",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "exists",
-        "type_info": "Bool"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "0d6412bc3ebb1d58bdd9cbcef774dacf9016fa402af5c1b4e339b9a3d7163d5e"
-}

backend/.sqlx/query-0d7ba88a9810e434aa00fd63bbf416cbe222f2c67ccc8aa92e651c2bea4c2d7b.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM workspace_invite WHERE workspace_id = $1 AND email = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0d7ba88a9810e434aa00fd63bbf416cbe222f2c67ccc8aa92e651c2bea4c2d7b"
-}

backend/.sqlx/query-0dc502078eeb874262568c44078d492ac6c22b97dbf2ab0a1fd00eb3156f1745.json

@@ -1,14 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM script WHERE workspace_id = $1",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0dc502078eeb874262568c44078d492ac6c22b97dbf2ab0a1fd00eb3156f1745"
-}

backend/.sqlx/query-0dd3fe3ddf9cb72760687d2ee0950afdcce2d54721bfe8dba008b15e4b581956.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM account WHERE id = $1 AND workspace_id = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Int4",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0dd3fe3ddf9cb72760687d2ee0950afdcce2d54721bfe8dba008b15e4b581956"
-}