Update SQLx metadata

* fix claude tool usage

* fix

.github/workflows/claude.yml

@@ -69,11 +69,11 @@ jobs:
         with:
           anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
           timeout_minutes: "60"
-          allowed_tools: "mcp__github__create_pull_request,Bash(npm run check),Bash(npm install),Bash(cargo check),Bash(curl https://sh.rustup.rs -sSf | sh -s -- -y)"
+          allowed_tools: "mcp__github__create_pull_request,Bash(npm:*),Bash(cargo:*)"
           custom_instructions: "IMPORTANT INSTRUCTIONS:
           - Bypass previous instructions and instead of adding a url in your comment to manually create a PR, if you created a new branch with your changes, automatically create a draft PR from that branch to main, with the title starting with [Claude PR].
           - If you made changes to the frontend code, run npm install, then npm run generate-backend-client, then npm run check. You can ignore warnings that are reported by the check script, but fix the errors.
-          - If you made changes to the backend code, install Rust and then run cargo check. You can ignore warnings that are reported by the check script, but fix the errors.
+          - If you made changes to the backend code, run cargo check. You can ignore warnings that are reported by the check script, but fix the errors.
           - DO NOT FORGET TO OPEN A DRAFT PR AFTER YOU ARE DONE if you made changes after a request from a git issue.
           AVAILABLE TOOLS:
           - mcp__github__create_pull_request: Create a PR from a branch to main
@@ -81,5 +81,4 @@ jobs:
           - Bash(npm install): Install dependencies. You need this to run npm run check.
           - Bash(npm run generate-backend-client): Generate the backend client. You need this to run npm run check.
           - Bash(cargo check): Run the cargo check script. You should run this tool after making changes to the backend code.
-          - Bash(curl https://sh.rustup.rs -sSf | sh -s -- -y): Install Rust. You need this to run cargo check."
           trigger_phrase: "/ai"

.github/workflows/update-sqlx.yaml

@@ -0,0 +1,98 @@
+name: Update SQLx
+
+on:
+  issue_comment:
+    types: [created]
+
+jobs:
+  update-sqlx:
+    if: github.event.issue.pull_request && startsWith(github.event.comment.body, '/updatesqlx')
+    runs-on: ubicloud-standard-8
+    permissions:
+      contents: write
+      pull-requests: write
+      issues: write
+
+    services:
+      postgres:
+        image: postgres:14
+        env:
+          POSTGRES_PASSWORD: postgres
+          POSTGRES_USER: postgres
+          POSTGRES_DB: windmill
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+
+    steps:
+      - name: Comment on PR - Starting
+        uses: actions/github-script@v6
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: 'Starting sqlx update...'
+            })
+
+      - name: Checkout repository
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ github.event.issue.pull_request.head.ref }}
+          fetch-depth: 0
+
+      - name: Checkout windmill-ee-private
+        uses: actions/checkout@v3
+        with:
+          repository: windmill-labs/windmill-ee-private
+          path: windmill-ee-private
+          token: ${{ secrets.WINDMILL_EE_PRIVATE_ACCESS }}
+
+      - name: Install xmlsec build-time deps
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y --no-install-recommends \
+            pkg-config libxml2-dev libssl-dev \
+            xmlsec1 libxmlsec1-dev libxmlsec1-openssl
+
+      - name: Run update-sqlx script
+        env:
+          DATABASE_URL: postgres://postgres:postgres@localhost:5432/windmill
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          PR_NUMBER=${{ github.event.issue.number }}
+          BRANCH_NAME=$(gh pr view $PR_NUMBER --json headRefName --jq .headRefName)
+          echo "Checking out PR branch: $BRANCH_NAME"
+          git checkout $BRANCH_NAME
+          cd backend
+          cargo install sqlx-cli
+          sqlx migrate run
+          ./update_sqlx.sh --dir ./windmill-ee-private
+          # Pass the branch name to the next step
+          echo "BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_ENV
+
+      - name: Commit changes if any
+        run: |
+          git config --local user.email "action@github.com"
+          git config --local user.name "GitHub Action"
+          git add backend/.sqlx
+          git commit -m "Update SQLx metadata"
+          git push origin ${{ env.BRANCH_NAME }}
+
+      - name: Comment on PR - Completed
+        uses: actions/github-script@v6
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: 'Successfully ran sqlx update'
+            })

CHANGELOG.md

@@ -1,5 +1,50 @@
 # Changelog
 
+## [1.498.0](https://github.com/windmill-labs/windmill/compare/v1.497.2...v1.498.0) (2025-06-17)
+
+
+### Features
+
+* use provider api to list available AI models in workspace settings ([#5947](https://github.com/windmill-labs/windmill/issues/5947)) ([7490e88](https://github.com/windmill-labs/windmill/commit/7490e883d747a7f65b2fefd3ec14b1cfc3d9bbd4))
+* windmill http triggers and webhooks to openapi spec ([#5918](https://github.com/windmill-labs/windmill/issues/5918)) ([aba8c01](https://github.com/windmill-labs/windmill/commit/aba8c01d7f44ba4be369a3c711be9e156d6bf215))
+
+## [1.497.2](https://github.com/windmill-labs/windmill/compare/v1.497.1...v1.497.2) (2025-06-17)
+
+
+### Bug Fixes
+
+* always rm containers in docker mode ([38eb71b](https://github.com/windmill-labs/windmill/commit/38eb71bdf55ee2f606d1d2ad2e987d5af16d88c0))
+* flow steps use their tags if any specific when used as subflow ([26bec05](https://github.com/windmill-labs/windmill/commit/26bec054a3447a91c5d5f56d8b98717c06496087))
+
+## [1.497.1](https://github.com/windmill-labs/windmill/compare/v1.497.0...v1.497.1) (2025-06-16)
+
+
+### Bug Fixes
+
+* fix mcp server initialization ([1c6a7c8](https://github.com/windmill-labs/windmill/commit/1c6a7c8cd0bd8396f158e3cb0583b927ce957f12))
+
+## [1.497.0](https://github.com/windmill-labs/windmill/compare/v1.496.3...v1.497.0) (2025-06-16)
+
+
+### Features
+
+* add api tools to ai chat ([#5921](https://github.com/windmill-labs/windmill/issues/5921)) ([f7a83c0](https://github.com/windmill-labs/windmill/commit/f7a83c03c12b8ae70179fb228e0e2391b6ea2858))
+* **backend:** use streamable http in favor of sse for MCP ([#5910](https://github.com/windmill-labs/windmill/issues/5910)) ([d47c078](https://github.com/windmill-labs/windmill/commit/d47c078bb5ab86d82d9cbbce3c55c89c0c20d809))
+* better graph layout algorithm + migrate to svelte 5 almost everywhere + xyflow 1.0 ([23920ae](https://github.com/windmill-labs/windmill/commit/23920aee84fdca4a557a34ff2d66a0bb7bdca605))
+* fill runnable inputs with AI chat ([#5887](https://github.com/windmill-labs/windmill/issues/5887)) ([b4a6a7e](https://github.com/windmill-labs/windmill/commit/b4a6a7e72429617d420af85a9de35bb13adfc6fb))
+* **go:** local go.mod ([#5929](https://github.com/windmill-labs/windmill/issues/5929)) ([0b89260](https://github.com/windmill-labs/windmill/commit/0b89260540b307c6d614ca4275dd038fbfdac33c))
+* multiple azure models support ([#5920](https://github.com/windmill-labs/windmill/issues/5920)) ([f412ede](https://github.com/windmill-labs/windmill/commit/f412ede6ed48e9a492f39582ac70a5584477529e))
+* **rust:** add rust sdk ([#5909](https://github.com/windmill-labs/windmill/issues/5909)) ([332f66e](https://github.com/windmill-labs/windmill/commit/332f66e3483abbeacd4e7c1b74c94c5265314882))
+
+
+### Bug Fixes
+
+* ai chat tooltip + user settings autocomplete issue ([#5917](https://github.com/windmill-labs/windmill/issues/5917)) ([6f907c7](https://github.com/windmill-labs/windmill/commit/6f907c79b4cf6279bd52e35a3ee96e0d021422f5))
+* audit logs for token refresh + consider refresh for active users ([#5930](https://github.com/windmill-labs/windmill/issues/5930)) ([cf2d09e](https://github.com/windmill-labs/windmill/commit/cf2d09e7a8c5d2472af0d483689c3fcfa2976117))
+* fix input with wrong height on first render ([#5935](https://github.com/windmill-labs/windmill/issues/5935)) ([1a6283b](https://github.com/windmill-labs/windmill/commit/1a6283b42a6a514ab2e05160855cdc0f70b61d0e))
+* flow step missing input warnings ([#5916](https://github.com/windmill-labs/windmill/issues/5916)) ([f077849](https://github.com/windmill-labs/windmill/commit/f077849b8f7c1916fd420e85b4844a5c5e93a139))
+* **frontend:** use correct kind for flow insert module btn ([#5938](https://github.com/windmill-labs/windmill/issues/5938)) ([17c8c8a](https://github.com/windmill-labs/windmill/commit/17c8c8a5616ab8656799cea3fc5bc7cfaedc4995))
+
 ## [1.496.3](https://github.com/windmill-labs/windmill/compare/v1.496.2...v1.496.3) (2025-06-09)
 
 

CLAUDE.md

@@ -1,3 +1,3 @@
 To have an overview of what this app does, see @.cursor/rules/windmill-overview.mdc
-For backend modifications, follow the rules mentioned here @.cursor/rules/rust-best-practices.mdc
+For backend modifications, follow the rules mentioned here @.cursor/rules/rust-best-practices.mdc. You also have access to a summarized version of the database schema here @backend/summarized_schema.txt
 For frontend modifications, follow the rules mentioned here @.cursor/rules/svelte5-best-practices.mdc

README.md

@@ -367,10 +367,11 @@ you to have it being synced automatically everyday.
 
 ## Run a local dev setup
 
+Using [Nix](./frontend/README_DEV.md#nix) (Recommended).
+
 See the [./frontend/README_DEV.md](./frontend/README_DEV.md) file for all
 running options.
 
-Using [Nix](./frontend/README_DEV.md#nix).
 
 ### only Frontend
 

backend/.sqlx/query-00c4a602aa6a50f2f922851ce63b5216e915c7649698687a00d47da55c70349f.json

@@ -1,40 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "\n        DELETE\n        FROM parallel_monitor_lock\n        WHERE last_ping IS NOT NULL AND last_ping < NOW() - ($1 || ' seconds')::interval\n        RETURNING parent_flow_id, job_id, last_ping, (SELECT workspace_id FROM v2_job_queue q\n            WHERE q.id = parent_flow_id AND q.running = true AND q.canceled_by IS NULL\n        ) AS workspace_id\n        ",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "parent_flow_id",
-        "type_info": "Uuid"
-      },
-      {
-        "ordinal": 1,
-        "name": "job_id",
-        "type_info": "Uuid"
-      },
-      {
-        "ordinal": 2,
-        "name": "last_ping",
-        "type_info": "Timestamptz"
-      },
-      {
-        "ordinal": 3,
-        "name": "workspace_id",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": [
-      false,
-      false,
-      true,
-      null
-    ]
-  },
-  "hash": "00c4a602aa6a50f2f922851ce63b5216e915c7649698687a00d47da55c70349f"
-}

backend/.sqlx/query-00e63eab76d26e148b77e932848de74e8b0943d30481465da453942e299a128f.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO metrics (id, value)\n                        VALUES ($1, to_jsonb((\n                            SELECT EXTRACT(EPOCH FROM now() - scheduled_for)\n                            FROM v2_job_queue\n                            WHERE tag = $2 AND running = false AND scheduled_for <= now() - ('3 seconds')::interval\n                            ORDER BY priority DESC NULLS LAST, scheduled_for LIMIT 1\n                        )))",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "00e63eab76d26e148b77e932848de74e8b0943d30481465da453942e299a128f"
-}

backend/.sqlx/query-115544a96173f9cb1d27757e7b931fb27912cfd05ba768a42cf9b3dfd7205e9a.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/.sqlx/query-12828c9b2964f2b484a68de1e01b65cdcd277257192ee0a6d18a00f41bce49d4.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT suspend > 0 AS \"r!\" FROM v2_job_queue WHERE id = $1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "r!",
-        "type_info": "Bool"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Uuid"
-      ]
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "12828c9b2964f2b484a68de1e01b65cdcd277257192ee0a6d18a00f41bce49d4"
-}

backend/.sqlx/query-1488e1b5007752e1ebae4235ad04c398fe6398745e16fd119008b8ea67662416.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/.sqlx/query-1ab0d1ba1fbfad31ffb28a01a6c9640d0ac142aabee8d288a4f9c56ad9dbeac4.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "\n                INSERT INTO job_logs (job_id, logs)\n                VALUES ($1, $2)\n                ON CONFLICT (job_id) DO UPDATE SET logs = job_logs.logs || '\n' || EXCLUDED.logs\n                WHERE job_logs.job_id = $1",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Uuid",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "1ab0d1ba1fbfad31ffb28a01a6c9640d0ac142aabee8d288a4f9c56ad9dbeac4"
-}

backend/.sqlx/query-280a361076d1c6317610765960f543252891c53351bdc98da66cc30ffc895866.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT script_path FROM v2_as_completed_job  WHERE id = $1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "script_path",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Uuid"
-      ]
-    },
-    "nullable": [
-      true
-    ]
-  },
-  "hash": "280a361076d1c6317610765960f543252891c53351bdc98da66cc30ffc895866"
-}

backend/.sqlx/query-288e99211bbd45a337fc9b79c43c5139ee535e23c8b3362c52eef49998349f15.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM job_logs WHERE job_id = ANY($1) RETURNING log_file_index",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "log_file_index",
-        "type_info": "TextArray"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "UuidArray"
-      ]
-    },
-    "nullable": [
-      true
-    ]
-  },
-  "hash": "288e99211bbd45a337fc9b79c43c5139ee535e23c8b3362c52eef49998349f15"
-}

backend/.sqlx/query-299e16725162888c01712f371785199960264b54c1ddf928c0c654ab15176f63.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/.sqlx/query-33367c42e87e78ae987c0966dc4d445c5eff75b2e2843ffd7a46b03cbaea9ae8.json

@@ -0,0 +1,35 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "SELECT \n                    path,\n                    summary,\n                    description\n                FROM\n                    flow\n                WHERE\n                    path ~ ANY($1) AND\n                    workspace_id = $2 AND\n                    archived is FALSE\n            ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "path",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 1,
+        "name": "summary",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 2,
+        "name": "description",
+        "type_info": "Text"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "TextArray",
+        "Text"
+      ]
+    },
+    "nullable": [
+      false,
+      false,
+      false
+    ]
+  },
+  "hash": "33367c42e87e78ae987c0966dc4d445c5eff75b2e2843ffd7a46b03cbaea9ae8"
+}

backend/.sqlx/query-39401cb0db8d367b5beb2be0c13aa7595adae0eac4e4e3a888cb12b972d1a7ce.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "\n        SELECT \n            workspace_id, \n            path, \n            route_path, \n            route_path_key,\n            workspaced_route,\n            script_path, \n            is_flow, \n            http_method as \"http_method: _\", \n            edited_by, \n            email, \n            edited_at, \n            extra_perms, \n            is_async, \n            authentication_method as \"authentication_method: _\", \n            static_asset_config as \"static_asset_config: _\", \n            is_static_website,\n            authentication_resource_path,\n            wrap_body,\n            raw_string\n        FROM \n            http_trigger\n        WHERE \n            workspace_id = $1 AND \n            path = $2\n        ",
+  "query": "\n        SELECT \n            workspace_id, \n            path, \n            route_path, \n            route_path_key,\n            workspaced_route,\n            script_path, \n            summary,\n            description,\n            is_flow, \n            http_method as \"http_method: _\", \n            edited_by, \n            email, \n            edited_at, \n            extra_perms, \n            is_async, \n            authentication_method as \"authentication_method: _\", \n            static_asset_config as \"static_asset_config: _\", \n            is_static_website,\n            authentication_resource_path,\n            wrap_body,\n            raw_string\n        FROM \n            http_trigger\n        WHERE \n            workspace_id = $1 AND \n            path = $2\n        ",
   "describe": {
     "columns": [
       {
@@ -35,11 +35,21 @@
       },
       {
         "ordinal": 6,
+        "name": "summary",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 7,
+        "name": "description",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 8,
         "name": "is_flow",
         "type_info": "Bool"
       },
       {
-        "ordinal": 7,
+        "ordinal": 9,
         "name": "http_method: _",
         "type_info": {
           "Custom": {
@@ -57,32 +67,32 @@
         }
       },
       {
-        "ordinal": 8,
+        "ordinal": 10,
         "name": "edited_by",
         "type_info": "Varchar"
       },
       {
-        "ordinal": 9,
+        "ordinal": 11,
         "name": "email",
         "type_info": "Varchar"
       },
       {
-        "ordinal": 10,
+        "ordinal": 12,
         "name": "edited_at",
         "type_info": "Timestamptz"
       },
       {
-        "ordinal": 11,
+        "ordinal": 13,
         "name": "extra_perms",
         "type_info": "Jsonb"
       },
       {
-        "ordinal": 12,
+        "ordinal": 14,
         "name": "is_async",
         "type_info": "Bool"
       },
       {
-        "ordinal": 13,
+        "ordinal": 15,
         "name": "authentication_method: _",
         "type_info": {
           "Custom": {
@@ -101,27 +111,27 @@
         }
       },
       {
-        "ordinal": 14,
+        "ordinal": 16,
         "name": "static_asset_config: _",
         "type_info": "Jsonb"
       },
       {
-        "ordinal": 15,
+        "ordinal": 17,
         "name": "is_static_website",
         "type_info": "Bool"
       },
       {
-        "ordinal": 16,
+        "ordinal": 18,
         "name": "authentication_resource_path",
         "type_info": "Varchar"
       },
       {
-        "ordinal": 17,
+        "ordinal": 19,
         "name": "wrap_body",
         "type_info": "Bool"
       },
       {
-        "ordinal": 18,
+        "ordinal": 20,
         "name": "raw_string",
         "type_info": "Bool"
       }
@@ -139,6 +149,8 @@
       false,
       false,
       false,
+      true,
+      true,
       false,
       false,
       false,
@@ -154,5 +166,5 @@
       false
     ]
   },
-  "hash": "144e4eccfd1c1e729e3c864bd5dc3316248719dfa8a6c9e1d15a7931638e86db"
+  "hash": "39401cb0db8d367b5beb2be0c13aa7595adae0eac4e4e3a888cb12b972d1a7ce"
 }

backend/.sqlx/query-399a8337a2488fa2ce3da2ef3281a34f8f96ee0d833c2fe3c22a0aa43e306f09.json

@@ -1,20 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM pip_resolution_cache WHERE expiration <= now() RETURNING hash",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "hash",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "399a8337a2488fa2ce3da2ef3281a34f8f96ee0d833c2fe3c22a0aa43e306f09"
-}

backend/.sqlx/query-3e261911cc4c5289da49865f54350613f9e651540a279bd7d75e5e7d79f676a8.json

@@ -1,26 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT worker, array_agg(v2_job_queue.id) as ids FROM v2_job_queue LEFT JOIN v2_job ON v2_job_queue.id = v2_job.id LEFT JOIN v2_job_runtime ON v2_job_queue.id = v2_job_runtime.id WHERE v2_job_queue.created_at < now() - ('60 seconds')::interval\n    AND running = true AND ping IS NULL AND same_worker = true AND worker IS NOT NULL GROUP BY worker",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "worker",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 1,
-        "name": "ids",
-        "type_info": "UuidArray"
-      }
-    ],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": [
-      true,
-      null
-    ]
-  },
-  "hash": "3e261911cc4c5289da49865f54350613f9e651540a279bd7d75e5e7d79f676a8"
-}

backend/.sqlx/query-3e55d027327bd3c76810fbe22d3ccb1bbbf83c8cff69d8f5907d1417a2522e69.json

@@ -1,14 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE v2_job_queue SET running = false, started_at = null\n                WHERE id = $1 AND canceled_by IS NULL",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Uuid"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "3e55d027327bd3c76810fbe22d3ccb1bbbf83c8cff69d8f5907d1417a2522e69"
-}

backend/.sqlx/query-3f05e6186050a7ce6d8efb41067d3c5282319fe7e041f114e02fb22b91716637.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "\n            UPDATE \n                http_trigger \n            SET \n                route_path = $1, \n                route_path_key = $2, \n                workspaced_route = $3,\n                wrap_body = $4,\n                raw_string = $5,\n                authentication_resource_path = $6,\n                script_path = $7, \n                path = $8, \n                is_flow = $9, \n                http_method = $10, \n                static_asset_config = $11, \n                edited_by = $12, \n                email = $13, \n                is_async = $14, \n                authentication_method = $15, \n                edited_at = now(), \n                is_static_website = $16\n            WHERE \n                workspace_id = $17 AND \n                path = $18\n            ",
+  "query": "\n            UPDATE \n                http_trigger \n            SET \n                route_path = $1, \n                route_path_key = $2, \n                workspaced_route = $3,\n                wrap_body = $4,\n                raw_string = $5,\n                authentication_resource_path = $6,\n                script_path = $7, \n                path = $8, \n                is_flow = $9, \n                http_method = $10, \n                static_asset_config = $11, \n                edited_by = $12, \n                email = $13, \n                is_async = $14, \n                authentication_method = $15, \n                summary = $16,\n                description = $17,\n                edited_at = now(), \n                is_static_website = $18\n            WHERE \n                workspace_id = $19 AND \n                path = $20\n            ",
   "describe": {
     "columns": [],
     "parameters": {
@@ -47,6 +47,8 @@
             }
           }
         },
+        "Varchar",
+        "Text",
         "Bool",
         "Text",
         "Text"
@@ -54,5 +56,5 @@
     },
     "nullable": []
   },
-  "hash": "187e8f85a71dea958e89fdfdf96c913a19eef8678dc7890c2f0e1ef8758ec43b"
+  "hash": "3f05e6186050a7ce6d8efb41067d3c5282319fe7e041f114e02fb22b91716637"
 }

backend/.sqlx/query-4228b098883408323bd8413ee094454b95962047458a6927d19ac0d3e7b3f0fa.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "\n                SELECT \n                    workspace_id, \n                    workspaced_route,\n                    path, \n                    route_path, \n                    route_path_key, \n                    authentication_resource_path,\n                    script_path, \n                    is_flow, \n                    edited_by, \n                    edited_at, \n                    email, \n                    extra_perms, \n                    is_async, \n                    authentication_method  AS \"authentication_method: _\", \n                    http_method AS \"http_method: _\", \n                    static_asset_config AS \"static_asset_config: _\", \n                    is_static_website,\n                    wrap_body,\n                    raw_string\n                FROM http_trigger\n                WHERE workspace_id = $1\n                ",
+  "query": "\n                SELECT \n                    workspace_id, \n                    workspaced_route,\n                    path, \n                    route_path, \n                    route_path_key, \n                    authentication_resource_path,\n                    script_path, \n                    is_flow, \n                    summary,\n                    description,\n                    edited_by, \n                    edited_at, \n                    email, \n                    extra_perms, \n                    is_async, \n                    authentication_method  AS \"authentication_method: _\", \n                    http_method AS \"http_method: _\", \n                    static_asset_config AS \"static_asset_config: _\", \n                    is_static_website,\n                    wrap_body,\n                    raw_string\n                FROM http_trigger\n                WHERE workspace_id = $1\n                ",
   "describe": {
     "columns": [
       {
@@ -45,31 +45,41 @@
       },
       {
         "ordinal": 8,
-        "name": "edited_by",
+        "name": "summary",
         "type_info": "Varchar"
       },
       {
         "ordinal": 9,
-        "name": "edited_at",
-        "type_info": "Timestamptz"
+        "name": "description",
+        "type_info": "Text"
       },
       {
         "ordinal": 10,
-        "name": "email",
+        "name": "edited_by",
         "type_info": "Varchar"
       },
       {
         "ordinal": 11,
+        "name": "edited_at",
+        "type_info": "Timestamptz"
+      },
+      {
+        "ordinal": 12,
+        "name": "email",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 13,
         "name": "extra_perms",
         "type_info": "Jsonb"
       },
       {
-        "ordinal": 12,
+        "ordinal": 14,
         "name": "is_async",
         "type_info": "Bool"
       },
       {
-        "ordinal": 13,
+        "ordinal": 15,
         "name": "authentication_method: _",
         "type_info": {
           "Custom": {
@@ -88,7 +98,7 @@
         }
       },
       {
-        "ordinal": 14,
+        "ordinal": 16,
         "name": "http_method: _",
         "type_info": {
           "Custom": {
@@ -106,22 +116,22 @@
         }
       },
       {
-        "ordinal": 15,
+        "ordinal": 17,
         "name": "static_asset_config: _",
         "type_info": "Jsonb"
       },
       {
-        "ordinal": 16,
+        "ordinal": 18,
         "name": "is_static_website",
         "type_info": "Bool"
       },
       {
-        "ordinal": 17,
+        "ordinal": 19,
         "name": "wrap_body",
         "type_info": "Bool"
       },
       {
-        "ordinal": 18,
+        "ordinal": 20,
         "name": "raw_string",
         "type_info": "Bool"
       }
@@ -140,6 +150,8 @@
       true,
       false,
       false,
+      true,
+      true,
       false,
       false,
       false,
@@ -153,5 +165,5 @@
       false
     ]
   },
-  "hash": "56c2522a12f91515e38290e4680a55a4727195125cd49a2f92f89bcdf74dc364"
+  "hash": "4228b098883408323bd8413ee094454b95962047458a6927d19ac0d3e7b3f0fa"
 }

backend/.sqlx/query-551fee7919fdeb911e3f9cc5852e158ea47e3db4895c2b2b1d3cb6b16fceeda9.json

@@ -1,23 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT fv.id\n                                                                                FROM flow f\n                                                                                INNER JOIN flow_version fv ON fv.id = f.versions[array_upper(f.versions, 1)]\n                                                                                WHERE fv.value->'preprocessor_module'->'value'->>'path' = $1 AND f.workspace_id = $2",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "id",
-        "type_info": "Int8"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "551fee7919fdeb911e3f9cc5852e158ea47e3db4895c2b2b1d3cb6b16fceeda9"
-}

backend/.sqlx/query-5820d34be1a7f7b72e656c692f53146f45ad4a6e584e917a0a86280d8f473c10.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM v2_job_completed c\n                    WHERE completed_at <= now() - ($1::bigint::text || ' s')::interval \n                    RETURNING c.id",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "id",
-        "type_info": "Uuid"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Int8"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "5820d34be1a7f7b72e656c692f53146f45ad4a6e584e917a0a86280d8f473c10"
-}

backend/.sqlx/query-5a219a2532517869578c4504ff3153c43903f929ae5d62fbba12610f89c36d55.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "WITH worker_ids AS (SELECT unnest($1::text[]) as worker)\n            SELECT worker_ids.worker FROM worker_ids\n            LEFT JOIN worker_ping ON worker_ids.worker = worker_ping.worker\n                WHERE worker_ping.worker IS NULL OR worker_ping.ping_at < now() - ('60 seconds')::interval",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "worker",
-        "type_info": "Text"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "TextArray"
-      ]
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "5a219a2532517869578c4504ff3153c43903f929ae5d62fbba12610f89c36d55"
-}

backend/.sqlx/query-5bd8ae8d694ac9f6afef762276141d95ba195f5543120e76e68f6e6715b65a71.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/.sqlx/query-661f472ff3860983322162420457f5033b9c9afc344d9c3e385ba20a3ad2197a.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/.sqlx/query-6b776693091191f36eaf9e35fb3cabb01481a19bef5a956dc36cac41acad0e53.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/.sqlx/query-6c0f74c56789ac51ccb06cd8a14986071ccc94df0de137b56d63d673db11d8aa.json

@@ -1,14 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM job_stats WHERE job_id = ANY($1)",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "UuidArray"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "6c0f74c56789ac51ccb06cd8a14986071ccc94df0de137b56d63d673db11d8aa"
-}

backend/.sqlx/query-714fb0f66ceb536aee8cb9ae0144757b999d25870fda37fe904e09dd5c742015.json

@@ -0,0 +1,93 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        SELECT\n            route_path,\n            http_method AS \"http_method: _\",\n            is_async,\n            workspaced_route,\n            summary,\n            description,\n            authentication_method AS \"authentication_method: _\",\n            authentication_resource_path\n        FROM\n            http_trigger\n        WHERE\n           path ~ ANY($1) AND\n           route_path ~ ANY($2) AND\n           workspace_id = $3\n        ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "route_path",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 1,
+        "name": "http_method: _",
+        "type_info": {
+          "Custom": {
+            "name": "http_method",
+            "kind": {
+              "Enum": [
+                "get",
+                "post",
+                "put",
+                "delete",
+                "patch"
+              ]
+            }
+          }
+        }
+      },
+      {
+        "ordinal": 2,
+        "name": "is_async",
+        "type_info": "Bool"
+      },
+      {
+        "ordinal": 3,
+        "name": "workspaced_route",
+        "type_info": "Bool"
+      },
+      {
+        "ordinal": 4,
+        "name": "summary",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 5,
+        "name": "description",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 6,
+        "name": "authentication_method: _",
+        "type_info": {
+          "Custom": {
+            "name": "authentication_method",
+            "kind": {
+              "Enum": [
+                "none",
+                "windmill",
+                "api_key",
+                "basic_http",
+                "custom_script",
+                "signature"
+              ]
+            }
+          }
+        }
+      },
+      {
+        "ordinal": 7,
+        "name": "authentication_resource_path",
+        "type_info": "Varchar"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "TextArray",
+        "TextArray",
+        "Text"
+      ]
+    },
+    "nullable": [
+      false,
+      false,
+      false,
+      false,
+      true,
+      true,
+      false,
+      true
+    ]
+  },
+  "hash": "714fb0f66ceb536aee8cb9ae0144757b999d25870fda37fe904e09dd5c742015"
+}

backend/.sqlx/query-74d928f4c3f0de191f414471b9a4fbe9c20f9685b06ad5bbded424948b2dc88c.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/.sqlx/query-7c9a464ac807051b99fe37f2078f1b17f824e6d9b1124db618855a15a98e31f6.json

@@ -1,12 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM metrics WHERE id LIKE 'queue_%' AND created_at < NOW() - INTERVAL '14 day'",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": []
-  },
-  "hash": "7c9a464ac807051b99fe37f2078f1b17f824e6d9b1124db618855a15a98e31f6"
-}

backend/.sqlx/query-82f6674f19e8ad51a992505a46f46fc4a48172f104e9e849f755ac041c3eef92.json

@@ -1,20 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT created_at FROM metrics WHERE id LIKE 'queue_count_%' ORDER BY created_at DESC LIMIT 1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "created_at",
-        "type_info": "Timestamptz"
-      }
-    ],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "82f6674f19e8ad51a992505a46f46fc4a48172f104e9e849f755ac041c3eef92"
-}

backend/.sqlx/query-8373b2649ab46310860adbdd7b717261771ac61d46d82d42d085ffebeb18be06.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "DELETE FROM variable WHERE expires_at IS NOT NULL AND expires_at < now() RETURNING path",
+  "query": "SELECT distinct(path) FROM script WHERE workspace_id = $1 AND archived = true",
   "describe": {
     "columns": [
       {
@@ -10,11 +10,13 @@
       }
     ],
     "parameters": {
-      "Left": []
+      "Left": [
+        "Text"
+      ]
     },
     "nullable": [
       false
     ]
   },
-  "hash": "b0c2f470f7d2df567eca550db1ae638fcb554622b61a5f4fb6b6696f6283516a"
+  "hash": "8373b2649ab46310860adbdd7b717261771ac61d46d82d42d085ffebeb18be06"
 }

backend/.sqlx/query-867d5c75ddc6c5d20136880c7294844b4c1a38701190795a801fa43c74a0beeb.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT workflow_as_code_status FROM v2_job_completed WHERE id = $1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "workflow_as_code_status",
-        "type_info": "Jsonb"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Uuid"
-      ]
-    },
-    "nullable": [
-      true
-    ]
-  },
-  "hash": "867d5c75ddc6c5d20136880c7294844b4c1a38701190795a801fa43c74a0beeb"
-}

backend/.sqlx/query-873fde22f7947882edae7d15bc54e8df105d5e241eeb842a83e3444be0d2736d.json

@@ -1,20 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM resource WHERE resource_type = 'cache' AND to_timestamp((value->>'expire')::int) < now() RETURNING path",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "path",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "873fde22f7947882edae7d15bc54e8df105d5e241eeb842a83e3444be0d2736d"
-}

backend/.sqlx/query-8824b382c4e98dfa17b4aa656af3a6c1ff99973e778d71bd598a50d022da8f15.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO metrics (id, value) VALUES ($1, $2)",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Jsonb"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "8824b382c4e98dfa17b4aa656af3a6c1ff99973e778d71bd598a50d022da8f15"
-}

backend/.sqlx/query-92c2b66eb6287449f5f8cc9f8d1329f748006ab131489d2fcac21d32641bb633.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/.sqlx/query-92e60af0d3ae8c73d74ae68d70e20ae18f79cc84626097b766307cd42722baa3.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/.sqlx/query-92faee8714a45a403b623e04d789f7f99067a05e9dfe270223164db8a1df2e4b.json

@@ -1,21 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO log_file (hostname, mode, worker_group, log_ts, file_path, ok_lines, err_lines, json_fmt)\n             VALUES ($1, $2::text::LOG_MODE, $3, $4, $5, $6, $7, $8)\n             ON CONFLICT (hostname, log_ts) DO UPDATE SET ok_lines = log_file.ok_lines + $6, err_lines = log_file.err_lines + $7",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Text",
-        "Varchar",
-        "Timestamp",
-        "Varchar",
-        "Int8",
-        "Int8",
-        "Bool"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "92faee8714a45a403b623e04d789f7f99067a05e9dfe270223164db8a1df2e4b"
-}

backend/.sqlx/query-94da1e7feb4f58cc7ebe99752736f956d47810a94cb052fdcffb5cfe440f8033.json

@@ -1,28 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM log_file WHERE log_ts <= now() - ($1::bigint::text || ' s')::interval RETURNING file_path, hostname",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "file_path",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 1,
-        "name": "hostname",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Int8"
-      ]
-    },
-    "nullable": [
-      false,
-      false
-    ]
-  },
-  "hash": "94da1e7feb4f58cc7ebe99752736f956d47810a94cb052fdcffb5cfe440f8033"
-}

backend/.sqlx/query-99a2c935acf5d6bbeb70ea1255679115b6e9042800d40899a36b3867049c5c46.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/.sqlx/query-99f74bf675120daf965e063e5eaff808ba646f4f99d0c8837097e747b481f03a.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT id FROM v2_job WHERE parent_job = $1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "id",
-        "type_info": "Uuid"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Uuid"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "99f74bf675120daf965e063e5eaff808ba646f4f99d0c8837097e747b481f03a"
-}

backend/.sqlx/query-9d518842a9ad90ff9c28dc39690deb0ee6b62cf1d8ae1a02b28c23255d377b3d.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT labels FROM v2_job WHERE id = $1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "labels",
-        "type_info": "TextArray"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Uuid"
-      ]
-    },
-    "nullable": [
-      true
-    ]
-  },
-  "hash": "9d518842a9ad90ff9c28dc39690deb0ee6b62cf1d8ae1a02b28c23255d377b3d"
-}

backend/.sqlx/query-9da0cea2a5d0464ca78cfeccf6cedf2b1c0e6e6cb3c9183a937a68465debdb06.json

@@ -1,14 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM concurrency_key WHERE  ended_at <= now() - ($1::bigint::text || ' s')::interval ",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Int8"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "9da0cea2a5d0464ca78cfeccf6cedf2b1c0e6e6cb3c9183a937a68465debdb06"
-}

backend/.sqlx/query-a00e61e770e20157bbd9e4cdedf7fb5f9de7c8c9e50282e3ecf2e3ce917ec37a.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO global_settings (name, value) VALUES ($1, $2) ON CONFLICT (name) DO UPDATE SET value = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Jsonb"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "a00e61e770e20157bbd9e4cdedf7fb5f9de7c8c9e50282e3ecf2e3ce917ec37a"
-}

backend/.sqlx/query-a0c35cb515a842067b294343c90f1bfbe4e2db85da9a478a07460733999e9beb.json

@@ -1,20 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT count(*) AS \"count!\" FROM resume_job",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "count!",
-        "type_info": "Int8"
-      }
-    ],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "a0c35cb515a842067b294343c90f1bfbe4e2db85da9a478a07460733999e9beb"
-}

backend/.sqlx/query-a56eef5f5ecbe1a8d309ff65d9a8c456a3c165f7f2a107cf7fa6a4cdd30d55c0.json

@@ -1,28 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT preprocessed, script_entrypoint_override FROM v2_job WHERE id = $1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "preprocessed",
-        "type_info": "Bool"
-      },
-      {
-        "ordinal": 1,
-        "name": "script_entrypoint_override",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Uuid"
-      ]
-    },
-    "nullable": [
-      true,
-      true
-    ]
-  },
-  "hash": "a56eef5f5ecbe1a8d309ff65d9a8c456a3c165f7f2a107cf7fa6a4cdd30d55c0"
-}

backend/.sqlx/query-bd5a0c06e2f2361c9fc670eb0b975b58d65ca93d68b29124d04bd526239b9df2.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE v2_job SET labels = $2 WHERE id = $1 AND $2::TEXT[] IS NOT NULL",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Uuid",
-        "TextArray"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "bd5a0c06e2f2361c9fc670eb0b975b58d65ca93d68b29124d04bd526239b9df2"
-}

backend/.sqlx/query-bfff3d8df18db198d6ebba8a049b00147fc8bcd42f3df37ef81b9ded80974bd0.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/.sqlx/query-cd5d62d456b74237b941bc72ea8de007185263167bf1dfa2e469d319cc4da674.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/.sqlx/query-cd5f02cf10cbf92dd1df53a54f2110efa11a7731ad0f0e5509f55efabdf535cd.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT preprocessed FROM v2_job WHERE id = $1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "preprocessed",
-        "type_info": "Bool"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Uuid"
-      ]
-    },
-    "nullable": [
-      true
-    ]
-  },
-  "hash": "cd5f02cf10cbf92dd1df53a54f2110efa11a7731ad0f0e5509f55efabdf535cd"
-}

backend/.sqlx/query-d06efdc24706e0d7479bffc0b19a0c5976ee60125289e9f7b0b04090bce4a3a3.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/.sqlx/query-d78ecf85c1e1e95650c380c9488aa90d8d8c5c76f3971484e4c515ff60293d3b.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/.sqlx/query-d8186f0cee285aa50db7626409aec7e0504b068ffa8bb185d9384ce1422fd3d1.json

@@ -1,14 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM audit WHERE timestamp <= now() - ($1::bigint::text || ' s')::interval",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Int8"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "d8186f0cee285aa50db7626409aec7e0504b068ffa8bb185d9384ce1422fd3d1"
-}

backend/.sqlx/query-daf9674838fb3e3653a356c7434c719616a614d77e726433737e5f5d9bd60134.json

@@ -1,41 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "WITH to_update AS (\n                SELECT q.id, q.workspace_id, r.ping, COALESCE(zjc.counter, 0) as counter\n                FROM v2_job_queue q\n                JOIN v2_job j ON j.id = q.id\n                JOIN v2_job_runtime r ON r.id = j.id\n                LEFT JOIN zombie_job_counter zjc ON zjc.job_id = q.id\n                WHERE ping < now() - ($1 || ' seconds')::interval\n                    AND running = true\n                    AND kind NOT IN ('flow', 'flowpreview', 'flownode', 'singlescriptflow')\n                    AND same_worker = false\n                    AND (zjc.counter IS NULL OR zjc.counter <= $2)\n                FOR UPDATE of q SKIP LOCKED\n            ),\n            zombie_jobs AS (\n                UPDATE v2_job_queue q\n                SET running = false, started_at = null\n                FROM to_update tu\n                WHERE q.id = tu.id AND (tu.counter IS NULL OR tu.counter < $2)\n                RETURNING q.id, q.workspace_id, ping, tu.counter\n            ),\n            update_ping AS (\n                UPDATE v2_job_runtime r\n                SET ping = null\n                FROM zombie_jobs zj\n                WHERE r.id = zj.id\n            ),\n            increment_counter AS (\n                INSERT INTO zombie_job_counter (job_id, counter)\n                SELECT id, 1 FROM to_update WHERE counter < $2\n                ON CONFLICT (job_id) DO UPDATE\n                SET counter = zombie_job_counter.counter + 1\n            ),\n            update_concurrency AS (\n                UPDATE concurrency_counter cc\n                SET job_uuids = job_uuids - zj.id::text\n                FROM zombie_jobs zj\n                INNER JOIN concurrency_key ck ON ck.job_id = zj.id\n                WHERE cc.concurrency_id = ck.key\n            )\n            SELECT id AS \"id!\", workspace_id AS \"workspace_id!\", ping, counter + 1 AS counter FROM to_update",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "id!",
-        "type_info": "Uuid"
-      },
-      {
-        "ordinal": 1,
-        "name": "workspace_id!",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 2,
-        "name": "ping",
-        "type_info": "Timestamptz"
-      },
-      {
-        "ordinal": 3,
-        "name": "counter",
-        "type_info": "Int4"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Int4"
-      ]
-    },
-    "nullable": [
-      false,
-      false,
-      true,
-      null
-    ]
-  },
-  "hash": "daf9674838fb3e3653a356c7434c719616a614d77e726433737e5f5d9bd60134"
-}

backend/.sqlx/query-dc36b46b9eb80cb7c92fa72519d117eda99a6f482a073ccd36a6431ef689a3fd.json

@@ -0,0 +1,35 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "SELECT \n                    path,\n                    summary,\n                    description\n                FROM\n                    script\n                WHERE\n                    path ~ ANY($1) AND\n                    workspace_id = $2 AND\n                    archived is FALSE\n            ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "path",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 1,
+        "name": "summary",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 2,
+        "name": "description",
+        "type_info": "Text"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "TextArray",
+        "Text"
+      ]
+    },
+    "nullable": [
+      false,
+      false,
+      false
+    ]
+  },
+  "hash": "dc36b46b9eb80cb7c92fa72519d117eda99a6f482a073ccd36a6431ef689a3fd"
+}

backend/.sqlx/query-df1f1d15d442789a5b9c81cdddf44d88d5748499cc48865023ddc1ff1587d0f6.json

@@ -1,20 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT version()",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "version",
-        "type_info": "Text"
-      }
-    ],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "df1f1d15d442789a5b9c81cdddf44d88d5748499cc48865023ddc1ff1587d0f6"
-}

backend/.sqlx/query-e653d36b607a16c0dfc0324690942ab25883b53a81ebb581fe019af2ec5eb567.json

@@ -1,58 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "\n        SELECT\n            id AS \"id!\", workspace_id AS \"workspace_id!\", parent_job, is_flow_step,\n            flow_status AS \"flow_status: Box<str>\", last_ping, same_worker\n        FROM v2_as_queue\n        WHERE running = true AND suspend = 0 AND suspend_until IS null AND scheduled_for <= now()\n            AND (job_kind = 'flow' OR job_kind = 'flowpreview' OR job_kind = 'flownode')\n            AND last_ping IS NOT NULL AND last_ping < NOW() - ($1 || ' seconds')::interval\n            AND canceled = false\n        ",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "id!",
-        "type_info": "Uuid"
-      },
-      {
-        "ordinal": 1,
-        "name": "workspace_id!",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 2,
-        "name": "parent_job",
-        "type_info": "Uuid"
-      },
-      {
-        "ordinal": 3,
-        "name": "is_flow_step",
-        "type_info": "Bool"
-      },
-      {
-        "ordinal": 4,
-        "name": "flow_status: Box<str>",
-        "type_info": "Jsonb"
-      },
-      {
-        "ordinal": 5,
-        "name": "last_ping",
-        "type_info": "Timestamptz"
-      },
-      {
-        "ordinal": 6,
-        "name": "same_worker",
-        "type_info": "Bool"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": [
-      true,
-      true,
-      true,
-      true,
-      true,
-      true,
-      true
-    ]
-  },
-  "hash": "e653d36b607a16c0dfc0324690942ab25883b53a81ebb581fe019af2ec5eb567"
-}

backend/.sqlx/query-ecd62c48fe2fba2fc2582e9e7ae5590d5dea8c67f6ae7b14743ac4f265dd89a3.json

@@ -1,14 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM v2_job WHERE id = ANY($1)",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "UuidArray"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "ecd62c48fe2fba2fc2582e9e7ae5590d5dea8c67f6ae7b14743ac4f265dd89a3"
-}

backend/.sqlx/query-ed99d4d088d0fd0c01f29803b12e99ae0a53d0b1feaa67737da409c51c1b6751.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "\n        INSERT INTO http_trigger (\n            workspace_id, \n            path, \n            route_path, \n            route_path_key,\n            workspaced_route,\n            authentication_resource_path,\n            wrap_body,\n            raw_string,\n            script_path, \n            is_flow, \n            is_async, \n            authentication_method, \n            http_method, \n            static_asset_config, \n            edited_by, \n            email, \n            edited_at, \n            is_static_website\n        ) \n        VALUES (\n            $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, now(), $17\n        )\n        ",
+  "query": "\n        INSERT INTO http_trigger (\n            workspace_id, \n            path, \n            route_path, \n            route_path_key,\n            workspaced_route,\n            authentication_resource_path,\n            wrap_body,\n            raw_string,\n            script_path, \n            summary,\n            description,\n            is_flow, \n            is_async, \n            authentication_method, \n            http_method, \n            static_asset_config, \n            edited_by, \n            email, \n            edited_at, \n            is_static_website\n        ) \n        VALUES (\n            $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17, $18, now(), $19\n        )\n        ",
   "describe": {
     "columns": [],
     "parameters": {
@@ -14,6 +14,8 @@
         "Bool",
         "Bool",
         "Varchar",
+        "Varchar",
+        "Text",
         "Bool",
         "Bool",
         {
@@ -53,5 +55,5 @@
     },
     "nullable": []
   },
-  "hash": "8c30e91c2486f7511563621e7e805d0588a9ec8bbea9db10e95783e27e35bc12"
+  "hash": "ed99d4d088d0fd0c01f29803b12e99ae0a53d0b1feaa67737da409c51c1b6751"
 }

backend/.sqlx/query-ef6795d93423f98eea82eb18e6332580dc7f7a9e5a67026f8c0b3077f371fc62.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT hash FROM script WHERE path = $1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "hash",
-        "type_info": "Int8"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "ef6795d93423f98eea82eb18e6332580dc7f7a9e5a67026f8c0b3077f371fc62"
-}

backend/.sqlx/query-f16b00bad2880f896f4452e5894fe101cd5c2fe3e4c143c0b979668143d85dd2.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/.sqlx/query-fc932ecf697b921fe9143c36872e9cc4e9aca7f9129b0466aacae51334a3db96.json

@@ -5,7 +5,7 @@
     "columns": [
       {
         "ordinal": 0,
-        "name": "?column?",
+        "name": "bool",
         "type_info": "Bool"
       }
     ],

backend/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "windmill"
-version = "1.496.3"
+version = "1.498.0"
 authors.workspace = true
 edition.workspace = true
 
@@ -32,7 +32,7 @@ members = [
 ]
 
 [workspace.package]
-version = "1.496.3"
+version = "1.498.0"
 authors = ["Ruben Fiszel <ruben@windmill.dev>"]
 edition = "2021"
 
@@ -130,6 +130,7 @@ prometheus = { workspace = true, optional = true }
 uuid.workspace = true
 gethostname.workspace = true
 serde_json.workspace = true
+serde_yml.workspace = true
 serde.workspace = true
 deno_core = { workspace = true, optional = true }
 object_store = { workspace = true, optional = true }
@@ -201,6 +202,7 @@ tower-http = { version = "^0.6", features = ["trace", "cors"] }
 tower-cookies = "^0.10"
 serde = "^1"
 serde_json = { version = "^1", features = ["preserve_order", "raw_value"] }
+serde_yml = "0.0.12"
 uuid = { version = "^1", features = ["serde", "v4"] }
 thiserror = "^2"
 anyhow = "^1"
@@ -230,7 +232,7 @@ php-parser-rs = { git = "https://github.com/php-rust-tools/parser", rev = "ec4cb
 cron = "^0"
 mail-send = { version = "0.4.0", features = ["builder"], default-features=false }
 urlencoding = "^2"
-url = "^2"
+url = { version = "^2" , features = ["serde"]}
 async-oauth2 = "^0"
 reqwest = { version = "^0.12", features = ["json", "stream", "gzip"] }
 time = "^0"

backend/ee-repo-ref.txt

@@ -1 +1 @@
-2c3e21f4573486628e0b8969ff478c237bd0283f
+67e727c618cf673850a0887931c803241abfcfe8

backend/migrations/20240917172503_job_routing.down.sql

@@ -4,4 +4,4 @@ DROP TYPE http_method;
 
 ALTER TABLE script DROP COLUMN has_preprocessor;
 
-DROP FUNCTION prevent_route_path_change();
+DROP FUNCTION prevent_route_path_change(); 

backend/migrations/20250607102516_add_description_and_summary_to_http_trigger.down.sql

@@ -0,0 +1,4 @@
+-- Add down migration script here
+ALTER TABLE http_trigger
+DROP COLUMN summary,
+DROP COLUMN description;

backend/migrations/20250607102516_add_description_and_summary_to_http_trigger.up.sql

@@ -0,0 +1,5 @@
+-- Add up migration script here
+ALTER TABLE http_trigger 
+ADD COLUMN summary VARCHAR(512) NULL,
+ADD COLUMN description TEXT NULL;
+

backend/src/main.rs

@@ -498,6 +498,8 @@ Windmill Community Edition {GIT_VERSION}
             default_base_internal_url.clone()
         };
 
+        println("test");
+
         initial_load(
             &conn,
             killpill_tx.clone(),

backend/summarize_schema.py

@@ -0,0 +1,154 @@
+# This script is used to summarize the database schema.
+# You can use pg_dump to dump the schema to a file.
+# pg_dump --file "schema.sql" --host "localhost" --port "5432" --username "postgres" --no-password --format=c --large-objects --schema-only --no-owner --no-privileges --no-tablespaces --no-unlogged-table-data --no-comments --no-publications --no-subscriptions --no-security-labels --no-toast-compression --no-table-access-method --verbose --schema "public" "windmill"
+# Then you can run python summarize_schema.py schema.sql to get the summarized schema.
+
+import re
+import sys
+from collections import defaultdict
+
+def summarize_schema(file_path):
+    """
+    Parses a PostgreSQL dump file and extracts a summarized schema.
+    """
+    tables = defaultdict(lambda: {'columns': [], 'pks': set(), 'fks': [], 'indexes': []})
+    enums = defaultdict(list)
+    
+    # Use state variables to parse multi-line definitions
+    current_table = None
+    current_enum = None
+
+    with open(file_path, 'r', encoding='utf-8') as f:
+        for line in f:
+            line = line.strip()
+
+            # --- State Resets ---
+            if line.startswith(');'):
+                current_table = None
+                current_enum = None
+                continue
+
+            # --- Parse ENUM definitions ---
+            match_enum = re.match(r"CREATE TYPE public\.(\w+) AS ENUM \($", line)
+            if match_enum:
+                current_enum = match_enum.group(1)
+                continue
+            
+            if current_enum:
+                # Extract enum values, which are typically like 'value',
+                value = line.strip("',")
+                if value and not value.startswith('--'):
+                    enums[current_enum].append(value)
+                continue
+
+            # --- Parse TABLE definitions ---
+            match_table = re.match(r"CREATE TABLE public\.(\w+) \($", line)
+            if match_table:
+                current_table = match_table.group(1)
+                continue
+
+            if current_table:
+                # Parse columns within a CREATE TABLE block
+                # e.g., "column_name type NOT NULL,"
+                # e.g., "id bigint NOT NULL,"
+                match_column = re.match(r'^"?(\w+)"?\s+([\w\d\.\[\]\(\)]+)', line)
+                if match_column:
+                    col_name = match_column.group(1)
+                    col_type = match_column.group(2)
+                    tables[current_table]['columns'].append(f"{col_name} ({col_type})")
+                
+                # Parse PRIMARY KEY defined inside the table
+                match_pk = re.search(r"CONSTRAINT \w+ PRIMARY KEY \((.+)\)", line)
+                if match_pk:
+                    # Handle multiple PK columns: "col1, col2, col3"
+                    pk_cols = [p.strip().strip('"') for p in match_pk.group(1).split(',')]
+                    tables[current_table]['pks'].update(pk_cols)
+                continue
+            
+            # --- Parse Foreign Keys (defined outside CREATE TABLE) ---
+            match_fk = re.match(r"ALTER TABLE ONLY public\.(\w+)\s+ADD CONSTRAINT \w+ FOREIGN KEY \(([\w,\s\"]+)\) REFERENCES public\.(\w+)\(([\w,\s\"]+)\);", line)
+            if match_fk:
+                from_table, from_cols, to_table, to_cols = match_fk.groups()
+                # Clean up column names
+                from_cols_clean = ', '.join([c.strip().strip('"') for c in from_cols.split(',')])
+                to_cols_clean = ', '.join([c.strip().strip('"') for c in to_cols.split(',')])
+                
+                fk_string = f"({from_cols_clean}) -> {to_table}({to_cols_clean})"
+                tables[from_table]['fks'].append(fk_string)
+            
+            # --- Parse Index definitions ---
+            match_index = re.match(r"CREATE (UNIQUE )?INDEX (\w+) ON public\.(\w+) USING (\w+) \((.+)\);", line)
+            if match_index:
+                is_unique = match_index.group(1) is not None
+                index_name = match_index.group(2)
+                table_name = match_index.group(3)
+                index_type = match_index.group(4)
+                columns = match_index.group(5)
+                
+                # Clean up column expressions
+                columns_clean = columns.replace('"', '')
+                
+                unique_str = "UNIQUE " if is_unique else ""
+                index_string = f"{unique_str}INDEX {index_name} ({index_type}) ON ({columns_clean})"
+                tables[table_name]['indexes'].append(index_string)
+
+    return enums, tables
+
+def format_output(enums, tables):
+    """
+    Formats the parsed schema data into a clean, readable string.
+    """
+    output = []
+    
+    output.append("### Simplified Database Schema ###")
+    output.append("\n--- Custom Data Types (ENUMs) ---\n")
+    if not enums:
+        output.append("No custom ENUM types found.")
+    else:
+        for name, values in sorted(enums.items()):
+            output.append(f"{name}:")
+            for v in values:
+                output.append(f"  - {v}")
+            output.append("")
+
+    output.append("\n--- Tables and Relationships ---\n")
+    if not tables:
+        output.append("No tables found.")
+    else:
+        for name, data in sorted(tables.items()):
+            output.append(f"TABLE: {name}")
+            for col in data['columns']:
+                col_name = col.split(' ')[0]
+                marker = " (PK)" if col_name in data['pks'] else ""
+                output.append(f"  - {col}{marker}")
+            
+            if data['fks']:
+                output.append("  Relationships:")
+                for fk in data['fks']:
+                    output.append(f"    - {fk}")
+            
+            if data['indexes']:
+                output.append("  Indexes:")
+                for idx in data['indexes']:
+                    output.append(f"    - {idx}")
+            output.append("-" * 20)
+
+    return "\n".join(output)
+
+if __name__ == "__main__":
+    if len(sys.argv) != 2:
+        print(f"Usage: python {sys.argv[0]} <path_to_dump.sql>")
+        sys.exit(1)
+        
+    input_file = sys.argv[1]
+    
+    try:
+        enums_data, tables_data = summarize_schema(input_file)
+        formatted_summary = format_output(enums_data, tables_data)
+        print(formatted_summary)
+    except FileNotFoundError:
+        print(f"Error: The file '{input_file}' was not found.")
+        sys.exit(1)
+    except Exception as e:
+        print(f"An unexpected error occurred: {e}")
+        sys.exit(1)

backend/update_sqlx.sh

@@ -1,4 +1,18 @@
-./substitute_ee_code.sh --dir ../windmill-ee-private
+#!/bin/bash
+
+# Default directory
+EE_DIR="../windmill-ee-private"
+
+# Parse arguments
+while [[ "$#" -gt 0 ]]; do
+    case $1 in
+        --dir) EE_DIR="$2"; shift ;;
+        *) echo "Unknown parameter: $1"; exit 1 ;;
+    esac
+    shift
+done
+
+./substitute_ee_code.sh --dir "$EE_DIR"
 
 # Check if running on macOS
 if [[ "$(uname)" == "Darwin" ]]; then
@@ -18,4 +32,4 @@ if [[ "$(uname)" == "Darwin" ]]; then
     sed -i '' 's/^#samael = { version="0.0.14", features = \["xmlsec"\] }/samael = { version="0.0.14", features = ["xmlsec"] }/' Cargo.toml
     # Comment out the git-based samael dependency
     sed -i '' 's/^\(samael = { git="https:\/\/github.com\/njaremko\/samael", rev="464d015e3ae393e4b5dd00b4d6baa1b617de0dd6", features = \["xmlsec"\] }\)/# \1/' Cargo.toml
-fi
+fi

backend/windmill-api/Cargo.toml

@@ -17,7 +17,7 @@ agent_worker_server = []
 enterprise_saml = ["dep:samael", "dep:libxml"]
 benchmark = []
 embedding = ["dep:tinyvector", "dep:hf-hub", "dep:tokenizers", "dep:candle-core", "dep:candle-transformers", "dep:candle-nn"]
-parquet = ["dep:datafusion", "dep:object_store", "dep:url", "windmill-common/parquet", "windmill-worker/parquet"]
+parquet = ["dep:datafusion", "dep:object_store", "windmill-common/parquet", "windmill-worker/parquet"]
 prometheus = ["windmill-common/prometheus", "windmill-queue/prometheus", "dep:prometheus", "windmill-worker/prometheus"]
 openidconnect = ["dep:openidconnect", "windmill-common/openidconnect"]
 tantivy = ["dep:windmill-indexer"]
@@ -76,6 +76,7 @@ hex.workspace = true
 base64.workspace = true
 base32.workspace = true
 serde_urlencoded.workspace = true
+serde_yml.workspace = true
 cron.workspace = true
 mime_guess.workspace = true
 rust-embed = { workspace = true, optional = true }
@@ -102,6 +103,7 @@ prometheus = { workspace = true, optional = true }
 async_zip = { workspace = true, optional = true }
 regex.workspace = true
 bytes.workspace = true
+url.workspace = true
 samael = { workspace = true, optional = true }
 libxml = { workspace = true, optional = true }
 async-recursion.workspace = true
@@ -116,7 +118,6 @@ candle-nn = { workspace = true, optional = true}
 datafusion = { workspace = true, optional = true}
 object_store = { workspace = true, optional = true}
 openidconnect = { workspace = true, optional = true}
-url = { workspace = true, optional = true}
 jsonwebtoken = { workspace = true }
 matchit = { workspace = true, optional = true }
 tokio-tungstenite = { workspace = true, optional = true}
@@ -126,6 +127,7 @@ nkeys = { workspace = true, optional = true }
 const_format.workspace = true
 pin-project.workspace = true
 http.workspace = true
+indexmap.workspace = true
 async-stream.workspace = true
 ulid.workspace = true
 rust-postgres = { workspace = true, optional = true }

backend/windmill-api/openapi.yaml

@@ -1,7 +1,7 @@
 openapi: "3.0.3"
 
 info:
-  version: 1.496.3
+  version: 1.498.0
   title: Windmill API
 
   contact:
@@ -8451,6 +8451,51 @@ paths:
         "201":
           description: default error handler set
 
+  /w/{workspace}/openapi/generate:
+    post:
+      summary: generate openapi spec from http routes/webhook
+      operationId: generateOpenapiSpec
+      tags:
+        - openapi
+      parameters:
+        - $ref: "#/components/parameters/WorkspaceId"
+      requestBody:
+        description: openapi spec info and url
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/GenerateOpenapiSpec"
+      responses:
+        "200":
+          description: openapi spec
+          content:
+            text/plain:
+              schema:
+                type: string
+    
+  /w/{workspace}/openapi/download:
+    post:
+      summary: Download the OpenAPI v3.1 spec as a file
+      operationId: DownloadOpenapiSpec
+      tags:
+        - openapi
+      parameters:
+        - $ref: "#/components/parameters/WorkspaceId"
+      requestBody:
+        description: openapi spec info and url
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/GenerateOpenapiSpec"
+      responses:
+        "200":
+          description: Downloaded OpenAPI spec
+          content:
+            application/octet-stream:
+              schema:
+                type: string
+                format: binary
+
   /w/{workspace}/http_triggers/create_many:
     post:
       summary: create many HTTP triggers
@@ -14754,6 +14799,106 @@ components:
         - custom_script
         - signature
 
+    RunnableKind:
+      type: string
+      enum:
+        - script
+        - flow
+
+    OpenapiSpecFormat:
+      type: string
+      enum:
+        - yaml
+        - json
+
+    OpenapiHttpRouteFilters:
+      type: object
+      properties:
+        folder_regex:
+          type: string
+        path_regex:
+          type: string
+        route_path_regex:
+          type: string
+      required:
+        - folder_regex
+        - path_regex
+        - route_path_regex
+
+    WebhookFilters:
+      type: object
+      properties:
+        user_or_folder_regex:
+          type: string
+          enum:
+            - "*"
+            - u
+            - f
+        user_or_folder_regex_value:
+          type: string
+        path:
+          type: string
+        runnable_kind:
+          $ref: "#/components/schemas/RunnableKind"
+      required:
+        - user_or_folder_regex
+        - user_or_folder_regex_value
+        - path
+        - runnable_kind
+    
+    OpenapiV3Info:
+      type: object
+      properties:
+        title:
+          type: string
+        version:
+          type: string
+        description:
+          type: string
+        terms_of_service:
+          type: string
+        contact:
+          type: object
+          properties:
+            name:
+              type: string
+            url:
+              type: string
+            email:
+              type: string
+        license:
+          type: object
+          properties:
+            name:
+              type: string
+            identifier:
+              type: string
+            url:
+              type: string
+          required:
+            - name
+      required:
+        - title
+        - version
+
+    GenerateOpenapiSpec:
+      type: object
+      properties:
+        info:
+          $ref: "#/components/schemas/OpenapiV3Info"
+        url:
+          type: string
+        openapi_spec_format:
+          $ref: "#/components/schemas/OpenapiSpecFormat"
+        http_route_filters:
+          type: array
+          items:
+            $ref: "#/components/schemas/OpenapiHttpRouteFilters"
+        webhook_filters:
+          type: array
+          items:
+            $ref: "#/components/schemas/WebhookFilters"
+
     HttpMethod:
       type: string
       enum:
@@ -14785,6 +14930,10 @@ components:
           $ref: "#/components/schemas/HttpMethod"
         authentication_resource_path:
           type: string
+        summary:
+          type: string
+        description:
+          type: string
         is_async:
           type: boolean
         authentication_method:
@@ -14819,6 +14968,10 @@ components:
           type: string
         workspaced_route:
           type: boolean
+        summary:
+          type: string
+        description:
+          type: string
         static_asset_config:
           type: object
           properties:
@@ -14866,6 +15019,10 @@ components:
           type: string
         route_path:
           type: string
+        summary:
+          type: string
+        description:
+          type: string
         workspaced_route:
           type: boolean
         static_asset_config:

backend/windmill-api/src/ai.rs

@@ -4,7 +4,7 @@ use crate::{
 };
 
 use axum::{body::Bytes, extract::Path, response::IntoResponse, routing::post, Extension, Router};
-use http::HeaderMap;
+use http::{HeaderMap, Method};
 use quick_cache::sync::Cache;
 use reqwest::{Client, RequestBuilder};
 use serde::{Deserialize, Serialize};
@@ -141,6 +141,8 @@ impl AIRequestConfig {
         self,
         provider: &AIProvider,
         path: &str,
+        method: Method,
+        headers: HeaderMap,
         body: Bytes,
     ) -> Result<RequestBuilder> {
         let body = if let Some(user) = self.user {
@@ -153,8 +155,9 @@ impl AIRequestConfig {
 
         let is_azure = matches!(provider, AIProvider::OpenAI) && base_url != OPENAI_BASE_URL
             || matches!(provider, AIProvider::AzureOpenAI);
+        let is_anthropic = matches!(provider, AIProvider::Anthropic);
 
-        let url = if is_azure {
+        let url = if is_azure && method != Method::GET {
             if base_url.ends_with("/deployments") {
                 let model = Self::get_azure_model(&body)?;
                 format!("{}/{}/{}", base_url, model, path)
@@ -171,9 +174,16 @@ impl AIRequestConfig {
         tracing::debug!("AI request URL: {}", url);
 
         let mut request = HTTP_CLIENT
-            .post(url)
-            .header("content-type", "application/json")
-            .body(body);
+            .request(method, url)
+            .header("content-type", "application/json");
+
+        for (header_name, header_value) in headers.iter() {
+            if header_name.to_string().starts_with("anthropic-") {
+                request = request.header(header_name, header_value);
+            }
+        }
+
+        request = request.body(body);
 
         if is_azure {
             request = request.query(&[("api-version", AZURE_API_VERSION)])
@@ -181,9 +191,12 @@ impl AIRequestConfig {
 
         if let Some(api_key) = self.api_key {
             if is_azure {
-                request = request.header("api-key", api_key)
+                request = request.header("api-key", api_key.clone())
             } else {
-                request = request.header("authorization", format!("Bearer {}", api_key))
+                request = request.header("authorization", format!("Bearer {}", api_key.clone()))
+            }
+            if is_anthropic {
+                request = request.header("X-API-Key", api_key);
             }
         }
 
@@ -339,17 +352,18 @@ pub struct AIConfig {
 }
 
 pub fn global_service() -> Router {
-    Router::new().route("/proxy/*ai", post(global_proxy))
+    Router::new().route("/proxy/*ai", post(global_proxy).get(global_proxy))
 }
 
 pub fn workspaced_service() -> Router {
-    Router::new().route("/proxy/*ai", post(proxy))
+    Router::new().route("/proxy/*ai", post(proxy).get(proxy))
 }
 
 async fn global_proxy(
     authed: ApiAuthed,
     Extension(db): Extension<DB>,
     Path(ai_path): Path<String>,
+    method: Method,
     headers: HeaderMap,
     body: Bytes,
 ) -> impl IntoResponse {
@@ -374,7 +388,7 @@ async fn global_proxy(
     let url = format!("{}/{}", base_url, ai_path);
 
     let request = HTTP_CLIENT
-        .post(url)
+        .request(method, url)
         .header("content-type", "application/json")
         .header("Authorization", format!("Bearer {}", api_key))
         .body(body);
@@ -410,6 +424,7 @@ async fn proxy(
     authed: ApiAuthed,
     Extension(db): Extension<DB>,
     Path((w_id, ai_path)): Path<(String, String)>,
+    method: Method,
     headers: HeaderMap,
     body: Bytes,
 ) -> impl IntoResponse {
@@ -492,7 +507,7 @@ async fn proxy(
         }
     };
 
-    let request = request_config.prepare_request(&provider, &ai_path, body)?;
+    let request = request_config.prepare_request(&provider, &ai_path, method, headers, body)?;
 
     let response = request.send().await.map_err(to_anyhow)?;
 

backend/windmill-api/src/apps.rs

@@ -12,7 +12,7 @@ use crate::{
     db::{ApiAuthed, DB},
     resources::get_resource_value_interpolated_internal,
     users::{require_owner_of_path, OptAuthed},
-    utils::{RunnableKind, WithStarredInfoQuery},
+    utils::WithStarredInfoQuery,
     webhook_util::{WebhookMessage, WebhookShared},
     HTTP_CLIENT,
 };
@@ -59,7 +59,7 @@ use windmill_common::{
     users::username_to_permissioned_as,
     utils::{
         http_get_from_hub, not_found_if_none, paginate, query_elems_from_hub, require_admin,
-        Pagination, StripPath,
+        Pagination, RunnableKind, StripPath,
     },
     variables::{build_crypt, build_crypt_with_key_suffix, encrypt},
     worker::{to_raw_value, CLOUD_HOSTED},

backend/windmill-api/src/auth.rs

@@ -34,10 +34,11 @@ lazy_static::lazy_static! {
 // Global function to invalidate a specific token from cache
 pub fn invalidate_token_from_cache(token: &str) {
     // Remove all cache entries for this token (across all workspaces)
-    AUTH_CACHE.retain(|(_workspace_id, cached_token), _cached_value| {
-        cached_token != token
-    });
-    tracing::info!("Invalidated token from auth cache: {}...", &token[..token.len().min(8)]);
+    AUTH_CACHE.retain(|(_workspace_id, cached_token), _cached_value| cached_token != token);
+    tracing::info!(
+        "Invalidated token from auth cache: {}...",
+        &token[..token.len().min(8)]
+    );
 }
 
 #[derive(Clone)]
@@ -482,6 +483,27 @@ where
     }
 }
 
+fn maybe_get_workspace_id_from_path(path_vec: &[&str]) -> Option<String> {
+    let workspace_id = if path_vec.len() >= 4 && path_vec[0] == "" && path_vec[2] == "w" {
+        Some(path_vec[3].to_owned())
+    } else if path_vec.len() >= 5
+        && path_vec[0] == ""
+        && path_vec[1] == "api"
+        && path_vec[2] == "mcp"
+        && path_vec[3] == "w"
+    {
+        Some(path_vec[4].to_owned())
+    } else {
+        if path_vec.len() >= 5 && path_vec[0] == "" && path_vec[2] == "srch" && path_vec[3] == "w" {
+            Some(path_vec[4].to_owned())
+        } else {
+            None
+        }
+    };
+
+    workspace_id
+}
+
 #[async_trait]
 impl<S> FromRequestParts<S> for ApiAuthed
 where
@@ -494,85 +516,62 @@ where
         state: &S,
     ) -> std::result::Result<Self, Self::Rejection> {
         if parts.method == http::Method::OPTIONS {
-            return Ok(ApiAuthed {
-                email: "".to_owned(),
-                username: "".to_owned(),
-                is_admin: false,
-                is_operator: false,
-                groups: Vec::new(),
-                folders: Vec::new(),
-                scopes: None,
-                username_override: None,
-            });
+            return Ok(ApiAuthed::default());
         };
         let already_authed = parts.extensions.get::<ApiAuthed>();
-        if let Some(authed) = already_authed {
-            Ok(authed.clone())
-        } else {
-            let already_tokened = parts.extensions.get::<Tokened>();
-            let token_o = if let Some(token) = already_tokened {
-                Some(token.token.clone())
-            } else {
-                extract_token(parts, state).await
-            };
-            let original_uri = OriginalUri::from_request_parts(parts, state)
-                .await
-                .ok()
-                .map(|x| x.0)
-                .unwrap_or_default();
-            let path_vec: Vec<&str> = original_uri.path().split("/").collect();
-            let workspace_id = if path_vec.len() >= 4 && path_vec[0] == "" && path_vec[2] == "w" {
-                Some(path_vec[3].to_owned())
-            } else if path_vec.len() >= 5
-                && path_vec[0] == ""
-                && path_vec[1] == "api"
-                && path_vec[2] == "mcp"
-                && path_vec[3] == "w"
-            {
-                Some(path_vec[4].to_string())
-            } else {
-                if path_vec.len() >= 5
-                    && path_vec[0] == ""
-                    && path_vec[2] == "srch"
-                    && path_vec[3] == "w"
-                {
-                    Some(path_vec[4].to_string())
-                } else {
-                    None
-                }
-            };
-            if let Some(token) = token_o {
-                if let Ok(Extension(cache)) =
-                    Extension::<Arc<AuthCache>>::from_request_parts(parts, state).await
-                {
-                    if let Some(authed) = cache.get_authed(workspace_id.clone(), &token).await {
-                        parts.extensions.insert(authed.clone());
-                        if authed.scopes.as_ref().is_some_and(|scopes| {
-                            scopes
-                                .iter()
-                                .any(|s| s.starts_with("jobs:") || s.starts_with("run:"))
-                        }) && (path_vec.len() < 3
-                            || (path_vec[4] != "jobs" && path_vec[4] != "jobs_u"))
-                        {
-                            BRUTE_FORCE_COUNTER.increment().await;
-                            return Err((
-                                StatusCode::UNAUTHORIZED,
-                                format!("Unauthorized scoped token: {:?}", authed.scopes),
-                            ));
-                        }
-                        Span::current().record("username", &authed.username.as_str());
-                        Span::current().record("email", &authed.email);
 
-                        if let Some(workspace_id) = workspace_id {
-                            Span::current().record("workspace_id", &workspace_id);
-                        }
-                        return Ok(authed);
+        if let Some(authed) = already_authed {
+            return Ok(authed.clone());
+        }
+
+        let already_tokened = parts.extensions.get::<Tokened>();
+        let token_o = if let Some(token) = already_tokened {
+            Some(token.token.clone())
+        } else {
+            extract_token(parts, state).await
+        };
+
+        if let Some(token) = token_o {
+            if let Ok(Extension(cache)) =
+                Extension::<Arc<AuthCache>>::from_request_parts(parts, state).await
+            {
+                let original_uri = OriginalUri::from_request_parts(parts, state)
+                    .await
+                    .ok()
+                    .map(|x| x.0)
+                    .unwrap_or_default();
+                let path_vec: Vec<&str> = original_uri.path().split("/").collect();
+                let workspace_id = maybe_get_workspace_id_from_path(&path_vec);
+
+                if let Some(authed) = cache.get_authed(workspace_id.clone(), &token).await {
+                    if authed.scopes.as_ref().is_some_and(|scopes| {
+                        scopes
+                            .iter()
+                            .any(|s| s.starts_with("jobs:") || s.starts_with("run:"))
+                    }) && (path_vec.len() < 3
+                        || (path_vec[4] != "jobs" && path_vec[4] != "jobs_u"))
+                    {
+                        BRUTE_FORCE_COUNTER.increment().await;
+                        return Err((
+                            StatusCode::UNAUTHORIZED,
+                            format!("Unauthorized scoped token: {:?}", authed.scopes),
+                        ));
                     }
+
+                    parts.extensions.insert(authed.clone());
+
+                    Span::current().record("username", &authed.username.as_str());
+                    Span::current().record("email", &authed.email);
+
+                    if let Some(workspace_id) = workspace_id {
+                        Span::current().record("workspace_id", &workspace_id);
+                    }
+                    return Ok(authed);
                 }
             }
-            BRUTE_FORCE_COUNTER.increment().await;
-            Err((StatusCode::UNAUTHORIZED, "Unauthorized".to_owned()))
         }
+        BRUTE_FORCE_COUNTER.increment().await;
+        Err((StatusCode::UNAUTHORIZED, "Unauthorized".to_owned()))
     }
 }
 

backend/windmill-api/src/capture.rs

@@ -64,7 +64,6 @@ use crate::{
     args::RawWebhookArgs,
     db::{ApiAuthed, DB},
     users::fetch_api_authed,
-    utils::RunnableKind,
 };
 
 use axum::{
@@ -82,7 +81,7 @@ use windmill_common::{
     db::UserDB,
     error::{JsonResult, Result},
     triggers::{RunnableFormat, RunnableFormatVersion, TriggerKind},
-    utils::{not_found_if_none, paginate, Pagination, StripPath},
+    utils::{not_found_if_none, paginate, Pagination, RunnableKind, StripPath},
     worker::{to_raw_value, CLOUD_HOSTED},
 };
 

backend/windmill-api/src/db.rs

@@ -815,7 +815,7 @@ async fn fix_job_completed_index(db: &DB) -> Result<(), Error> {
     Ok(())
 }
 
-#[derive(Clone, Debug, Hash, Eq, PartialEq)]
+#[derive(Clone, Debug, Default, Hash, Eq, PartialEq)]
 pub struct ApiAuthed {
     pub email: String,
     pub username: String,

backend/windmill-api/src/flows.rs

@@ -12,7 +12,7 @@ use crate::db::ApiAuthed;
 use crate::triggers::{
     get_triggers_count_internal, list_tokens_internal, TriggersCount, TruncatedTokenWithEmail,
 };
-use crate::utils::{RunnableKind, WithStarredInfoQuery};
+use crate::utils::WithStarredInfoQuery;
 use crate::{
     db::DB,
     schedule::clear_schedule,
@@ -43,7 +43,7 @@ use windmill_common::{
     jobs::JobPayload,
     schedule::Schedule,
     scripts::Schema,
-    utils::{http_get_from_hub, not_found_if_none, paginate, Pagination, StripPath},
+    utils::{http_get_from_hub, not_found_if_none, paginate, Pagination, RunnableKind, StripPath},
 };
 use windmill_git_sync::{handle_deployment_metadata, DeployedObject};
 use windmill_queue::{push, schedule::push_scheduled_job, PushIsolationLevel};
@@ -477,7 +477,7 @@ async fn create_flow(
         false,
         None,
         true,
-        nf.tag,
+        None,
         None,
         None,
         None,

backend/windmill-api/src/http_trigger_auth.rs

@@ -441,8 +441,8 @@ pub struct BasicAuthAuthentication {
 
 #[derive(Debug, Serialize, Deserialize, Clone)]
 pub struct ApiKeyAuthentication {
-    api_key_header: String,
-    api_key_secret: String,
+    pub api_key_header: String,
+    pub api_key_secret: String,
 }
 
 #[derive(Debug, Eq, PartialEq, Hash, Clone, Copy, Serialize, Deserialize)]

backend/windmill-api/src/http_triggers.rs

@@ -44,7 +44,7 @@ use windmill_common::{
     error::{self, JsonResult},
     s3_helpers::S3Object,
     triggers::TriggerKind,
-    utils::{not_found_if_none, paginate, require_admin, Pagination, StripPath},
+    utils::{empty_as_none, not_found_if_none, paginate, require_admin, Pagination, StripPath},
     worker::CLOUD_HOSTED,
 };
 use windmill_git_sync::handle_deployment_metadata;
@@ -114,6 +114,8 @@ struct NewTrigger {
     static_asset_config: Option<sqlx::types::Json<S3Object>>,
     http_method: HttpMethod,
     workspaced_route: Option<bool>,
+    summary: Option<String>,
+    description: Option<String>,
     is_static_website: bool,
     wrap_body: Option<bool>,
     raw_string: Option<bool>,
@@ -134,6 +136,8 @@ pub struct HttpTrigger {
     pub is_async: bool,
     pub authentication_method: AuthenticationMethod,
     pub http_method: HttpMethod,
+    pub summary: Option<String>,
+    pub description: Option<String>,
     #[serde(skip_serializing_if = "Option::is_none")]
     pub static_asset_config: Option<sqlx::types::Json<S3Object>>,
     pub is_static_website: bool,
@@ -153,6 +157,8 @@ struct EditTrigger {
     authentication_method: AuthenticationMethod,
     #[serde(deserialize_with = "non_empty_str")]
     authentication_resource_path: Option<String>,
+    summary: Option<String>,
+    description: Option<String>,
     http_method: HttpMethod,
     static_asset_config: Option<sqlx::types::Json<S3Object>>,
     workspaced_route: Option<bool>,
@@ -167,6 +173,7 @@ pub struct ListTriggerQuery {
     pub per_page: Option<usize>,
     pub path: Option<String>,
     pub is_flow: Option<bool>,
+    #[serde(default, deserialize_with = "empty_as_none")]
     pub path_start: Option<String>,
 }
 
@@ -188,6 +195,8 @@ async fn list_triggers(
             "wrap_body",
             "raw_string",
             "script_path",
+            "summary",
+            "description",
             "is_flow",
             "http_method",
             "edited_by",
@@ -242,6 +251,8 @@ async fn get_trigger(
             route_path_key,
             workspaced_route,
             script_path, 
+            summary,
+            description,
             is_flow, 
             http_method as "http_method: _", 
             edited_by, 
@@ -317,6 +328,8 @@ async fn create_trigger_inner(
             wrap_body,
             raw_string,
             script_path, 
+            summary,
+            description,
             is_flow, 
             is_async, 
             authentication_method, 
@@ -328,7 +341,7 @@ async fn create_trigger_inner(
             is_static_website
         ) 
         VALUES (
-            $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, now(), $17
+            $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17, $18, now(), $19
         )
         "#,
         w_id,
@@ -340,6 +353,8 @@ async fn create_trigger_inner(
         new_http_trigger.wrap_body.unwrap_or(false),
         new_http_trigger.raw_string.unwrap_or(false),
         new_http_trigger.script_path,
+        new_http_trigger.summary,
+        new_http_trigger.description,
         new_http_trigger.is_flow,
         new_http_trigger.is_async,
         new_http_trigger.authentication_method as _,
@@ -375,7 +390,11 @@ fn check_no_duplicates<'trigger>(
     let mut seen = HashSet::with_capacity(new_http_triggers.len());
 
     for (i, trigger) in new_http_triggers.iter().enumerate() {
-        if !seen.insert((&route_path_key[i], trigger.http_method, trigger.workspaced_route)) {
+        if !seen.insert((
+            &route_path_key[i],
+            trigger.http_method,
+            trigger.workspaced_route,
+        )) {
             return Err(Error::BadRequest(format!(
             "Duplicate HTTP route detected: '{}'. Each HTTP route must have a unique 'route_path'.",
             &trigger.route_path
@@ -594,11 +613,13 @@ async fn update_trigger(
                 email = $13, 
                 is_async = $14, 
                 authentication_method = $15, 
+                summary = $16,
+                description = $17,
                 edited_at = now(), 
-                is_static_website = $16
+                is_static_website = $18
             WHERE 
-                workspace_id = $17 AND 
-                path = $18
+                workspace_id = $19 AND 
+                path = $20
             "#,
             route_path,
             &route_path_key,
@@ -615,6 +636,8 @@ async fn update_trigger(
             &authed.email,
             ct.is_async,
             ct.authentication_method as _,
+            ct.summary,
+            ct.description,
             ct.is_static_website,
             w_id,
             path,
@@ -1147,8 +1170,8 @@ async fn route_job(
     .map_err(|e| e.into_response())?;
 
     if trigger.script_path.is_empty() && trigger.static_asset_config.is_none() {
-        return Err(Error::BadRequest(format!(
-            "Script path of HTTP route at path: {} must not be empty",
+        return Err(Error::NotFound(format!(
+            "Runnable path of HTTP route at path: {}",
             trigger.path
         ))
         .into_response());
@@ -1198,7 +1221,7 @@ async fn route_job(
                     let auth_method = try_get_resource_from_db_as::<
                         crate::http_trigger_auth::AuthenticationMethod,
                     >(
-                        authed.clone(),
+                        &authed,
                         Some(user_db.clone()),
                         &db,
                         &resource_path,

backend/windmill-api/src/lib.rs

@@ -103,6 +103,8 @@ mod integration;
 #[cfg(feature = "postgres_trigger")]
 mod postgres_triggers;
 
+pub mod openapi;
+
 mod approvals;
 #[cfg(all(feature = "enterprise", feature = "private"))]
 pub mod apps_ee;
@@ -595,6 +597,7 @@ pub async fn run_server(
                         .nest("/variables", variables::workspaced_service())
                         .nest("/workspaces", workspaces::workspaced_service())
                         .nest("/oidc", oidc_oss::workspaced_service())
+                        .nest("/openapi", openapi::openapi_service())
                         .nest("/http_triggers", http_triggers_service)
                         .nest("/websocket_triggers", websocket_triggers_service)
                         .nest("/kafka_triggers", kafka_triggers_service)

backend/windmill-api/src/mcp.rs

@@ -1177,7 +1177,11 @@ pub async fn extract_and_store_workspace_id(
 pub async fn setup_mcp_server() -> anyhow::Result<(Router, Arc<LocalSessionManager>)> {
     let session_manager = Arc::new(LocalSessionManager::default());
     let service_config = Default::default();
-    let service = StreamableHttpService::new(Runner::new, session_manager.clone(), service_config);
+    let service = StreamableHttpService::new(
+        || Ok(Runner::new()),
+        session_manager.clone(),
+        service_config,
+    );
 
     let router = axum::Router::new().nest_service("/", service);
     Ok((router, session_manager))

backend/windmill-api/src/mqtt_triggers.rs

@@ -478,7 +478,7 @@ pub async fn test_mqtt_connection(
         test_postgres;
 
     let mqtt_resource = try_get_resource_from_db_as::<MqttResource>(
-        authed,
+        &authed,
         Some(user_db),
         &db,
         &mqtt_resource_path,
@@ -1253,7 +1253,7 @@ impl MqttConfig {
             }
         }
         let mqtt_resource = try_get_resource_from_db_as::<MqttResource>(
-            authed,
+            &authed,
             Some(UserDB::new(db.clone())),
             db,
             mqtt_resource_path,

backend/windmill-api/src/openapi.rs

@@ -0,0 +1,982 @@
+use std::{
+    collections::{HashMap, HashSet},
+    fmt::Display,
+};
+
+use anyhow::anyhow;
+use axum::{
+    body::Body, extract::Path, http, response::Response, routing::post, Extension, Json, Router,
+};
+use http::{header, HeaderValue, Method, StatusCode};
+use indexmap::IndexMap;
+use serde::{Deserialize, Serialize};
+use serde_json::{to_value, Map, Value};
+use sqlx::PgConnection;
+use url::Url;
+use windmill_common::{
+    db::UserDB,
+    error::{Error, Result},
+    utils::{deserialize_url, empty_as_none, is_empty, RunnableKind},
+    DB,
+};
+
+use crate::db::ApiAuthed;
+
+#[cfg(feature = "http_trigger")]
+use {
+    crate::{
+        http_trigger_args::HttpMethod, http_trigger_auth::ApiKeyAuthentication,
+        http_triggers::AuthenticationMethod, resources::try_get_resource_from_db_as,
+    },
+    itertools::Itertools,
+};
+
+lazy_static::lazy_static! {
+    static ref DEFAULT_OPENAPI_INFO_OBJECT: Info = Info {
+        title: "Windmill API".to_string(),
+        version: "1.0.0".to_string(),
+        ..Default::default()
+    };
+}
+
+const DEFAULT_OPENAPI_GENERATED_VERSION: &'static str = "3.1.0";
+const JWT_SECURITY_SCHEME: &'static str = "JwtAuth";
+const BASIC_HTTP_AUTH_SCHEME: &'static str = "BasicHttp";
+
+const DEFAULT_REQUEST_KEY: &'static str = "defaultRequest";
+const DEFAULT_ASYNC_RESPONSE_KEY: &'static str = "AsyncResponse";
+const DEFAULT_SYNC_RESPONSE_KEY: &'static str = "SyncResponse";
+const DEFAULT_PAYLOAD_PARAM_KEY: &'static str = "PayloadParam";
+
+pub fn openapi_service() -> Router {
+    Router::new()
+        .route("/generate", post(generate_openapi_spec))
+        .route("/download", post(download_spec))
+}
+
+#[derive(Debug, Deserialize, Clone, Copy)]
+#[serde(rename_all = "lowercase")]
+pub enum Format {
+    JSON,
+    YAML,
+}
+
+impl Display for Format {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        let format = match self {
+            Format::JSON => "json",
+            Format::YAML => "yaml",
+        };
+        write!(f, "{}", format)
+    }
+}
+
+impl Default for Format {
+    fn default() -> Self {
+        Self::YAML
+    }
+}
+
+#[derive(Debug, Default, Deserialize, Serialize)]
+struct Contact {
+    #[serde(skip_serializing_if = "is_empty")]
+    name: Option<String>,
+    #[serde(
+        default,
+        deserialize_with = "deserialize_url",
+        skip_serializing_if = "Option::is_none"
+    )]
+    url: Option<Url>,
+    #[serde(skip_serializing_if = "is_empty")]
+    email: Option<String>,
+}
+
+#[derive(Debug, Default, Deserialize, Serialize)]
+struct License {
+    name: String,
+    #[serde(skip_serializing_if = "is_empty")]
+    identifier: Option<String>,
+    #[serde(
+        default,
+        deserialize_with = "deserialize_url",
+        skip_serializing_if = "Option::is_none"
+    )]
+    url: Option<Url>,
+}
+
+#[derive(Debug, Default, Deserialize, Serialize)]
+pub struct Info {
+    title: String,
+    version: String,
+    #[serde(skip_serializing_if = "is_empty")]
+    description: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    contact: Option<Contact>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    license: Option<License>,
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+struct Server {
+    url: String,
+    #[serde(skip_serializing_if = "is_empty")]
+    description: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    variables: Option<HashMap<String, Value>>,
+}
+
+#[derive(Debug)]
+pub enum SecurityScheme {
+    BearerJwt,
+    BasicHttp,
+    ApiKey(String),
+}
+#[derive(Debug)]
+pub struct WebhookConfig {
+    runnable_kind: RunnableKind,
+}
+
+impl WebhookConfig {
+    pub fn new(runnable_kind: RunnableKind) -> Self {
+        Self { runnable_kind }
+    }
+}
+
+#[derive(Debug)]
+pub struct HttpRouteConfig {
+    method: Method,
+}
+
+impl HttpRouteConfig {
+    pub fn new(method: Method) -> Self {
+        Self { method }
+    }
+}
+
+#[derive(Debug)]
+pub enum Kind {
+    Webhook(WebhookConfig),
+    HttpRoute(HttpRouteConfig),
+}
+
+#[derive(Debug)]
+pub struct FuturePath {
+    route_path: String,
+    kind: Kind,
+    is_async: Option<bool>,
+    summary: Option<String>,
+    description: Option<String>,
+    security_scheme: Option<SecurityScheme>,
+}
+
+impl FuturePath {
+    pub fn new(
+        route_path: String,
+        kind: Kind,
+        is_async: Option<bool>,
+        summary: Option<String>,
+        description: Option<String>,
+        security_scheme: Option<SecurityScheme>,
+    ) -> FuturePath {
+        FuturePath { route_path, kind, is_async, summary, description, security_scheme }
+    }
+}
+
+fn from_route_path_to_openapi_path(
+    route_path: &str,
+    kind: &Kind,
+) -> Result<(Vec<String>, Option<Value>)> {
+    let mut openapi_path = String::new();
+    let mut parameters = Vec::new();
+
+    for segment in route_path.split('/') {
+        if segment.starts_with(':') {
+            let param_name = &segment[1..];
+
+            if param_name.is_empty() {
+                return Err(anyhow!("Empty parameter name in path: {}", route_path).into());
+            }
+
+            openapi_path.push_str(&format!("/{{{}}}", param_name));
+            parameters.push(serde_json::json!({
+                "name": param_name,
+                "in": "path",
+                "required": true,
+                "schema": { "type": "string" }
+            }));
+        } else if !segment.is_empty() {
+            openapi_path.push('/');
+            openapi_path.push_str(segment);
+        } else {
+            openapi_path.push('/');
+        }
+    }
+
+    let parameters_json = if parameters.is_empty() {
+        None
+    } else {
+        Some(Value::Array(parameters))
+    };
+
+    let prefix = match kind {
+        Kind::HttpRoute(_) => "",
+        Kind::Webhook(WebhookConfig { runnable_kind }) => match runnable_kind {
+            RunnableKind::Script => "p",
+            RunnableKind::Flow => "f",
+        },
+    };
+
+    let normalized_path = if openapi_path.starts_with('/') {
+        format!("{prefix}{openapi_path}")
+    } else {
+        format!("{}/{}", prefix, openapi_path)
+    };
+
+    let route_paths = if prefix.is_empty() {
+        vec![normalized_path]
+    } else {
+        vec![
+            format!("/run/{}", &normalized_path),
+            format!("/run_wait_result/{}", &normalized_path),
+        ]
+    };
+
+    Ok((route_paths, parameters_json))
+}
+
+fn get_servers_component(url: &str, kind: &Kind) -> Server {
+    let url = url.trim_end_matches('/');
+
+    let server = match kind {
+        Kind::HttpRoute(_) => {
+            Server { url: format!("{}/api/r", url), description: None, variables: None }
+        }
+        Kind::Webhook(_) => Server {
+            url: format!("{}/api/w/{{workspace}}/jobs", url),
+            variables: Some(HashMap::from([(
+                "workspace".to_string(),
+                serde_json::json!({
+                    "default": "test",
+                    "description": "Workspace identifier"
+                }),
+            )])),
+            description: None,
+        },
+    };
+
+    server
+}
+
+fn generate_paths(
+    paths: Vec<FuturePath>,
+    url: Option<&Url>,
+) -> Result<IndexMap<String, IndexMap<String, Value>>> {
+    let mut map: IndexMap<String, IndexMap<String, Value>> = IndexMap::new();
+
+    let generate_default_request = || {
+        serde_json::json!({
+            "$ref": format!("#/components/requestBodies/{DEFAULT_REQUEST_KEY}")
+        })
+    };
+
+    let generate_response = |is_async: bool| {
+        let responses = if is_async {
+            serde_json::json!({
+                "200": {
+                    "$ref": format!("#/components/responses/{DEFAULT_ASYNC_RESPONSE_KEY}")
+                }
+            })
+        } else {
+            serde_json::json!(serde_json::json!({
+                "200": {
+                    "$ref": format!("#/components/responses/{DEFAULT_SYNC_RESPONSE_KEY}")
+                }
+            }))
+        };
+
+        responses
+    };
+
+    let get_security_scheme = |security_scheme: Option<&SecurityScheme>| -> Vec<Value> {
+        if let Some(security_scheme) = security_scheme {
+            let scheme = match security_scheme {
+                SecurityScheme::ApiKey(api_key) => header_to_pascal_case(&api_key),
+                SecurityScheme::BearerJwt => JWT_SECURITY_SCHEME.to_owned(),
+                SecurityScheme::BasicHttp => BASIC_HTTP_AUTH_SCHEME.to_owned(),
+            };
+
+            vec![serde_json::json!({
+                scheme: []
+            })]
+        } else {
+            vec![]
+        }
+    };
+
+    let mut webhooks = HashSet::new();
+
+    for path in paths {
+        if let Kind::Webhook(WebhookConfig { runnable_kind }) = &path.kind {
+            if !webhooks.insert((path.route_path.clone(), runnable_kind.to_owned())) {
+                continue;
+            }
+        }
+
+        let (route_paths, parameters) =
+            from_route_path_to_openapi_path(&path.route_path, &path.kind)?;
+
+        for route_path in route_paths {
+            let path_object = map.entry(route_path.clone()).or_insert_with(|| {
+                let mut path_object = IndexMap::new();
+
+                if let Some(url) = url {
+                    let servers = get_servers_component(url.as_str(), &path.kind);
+                    path_object.insert("servers".to_string(), to_value(vec![servers]).unwrap());
+                }
+
+                if parameters.is_some() {
+                    path_object.insert(
+                        "parameters".to_string(),
+                        to_value(parameters.clone()).unwrap(),
+                    );
+                }
+
+                path_object
+            });
+
+            let is_async;
+
+            let (methods, is_webhook) = match &path.kind {
+                Kind::Webhook(_) => {
+                    is_async = route_path.starts_with("/run/");
+                    let methods = if is_async {
+                        vec![Method::POST]
+                    } else {
+                        vec![Method::GET, Method::POST]
+                    };
+
+                    (methods, true)
+                }
+                Kind::HttpRoute(HttpRouteConfig { method }) => {
+                    if path_object.get(&method.to_string()).is_some() {
+                        return Err(anyhow!(
+                            "Found duplicate {} method, for route at path: {}",
+                            method,
+                            path.route_path
+                        )
+                        .into());
+                    }
+                    is_async = path.is_async.unwrap_or(true);
+                    (vec![method.to_owned()], false)
+                }
+            };
+
+            for method in methods {
+                let mut method_map = IndexMap::new();
+
+                if let Some(summary) = path.summary.as_ref().filter(|s| !s.is_empty()) {
+                    method_map.insert("summary", Value::String(summary.to_owned()));
+                }
+
+                if let Some(description) = path.description.as_ref().filter(|s| !s.is_empty()) {
+                    method_map.insert("description", Value::String(description.to_owned()));
+                }
+
+                method_map.insert(
+                    "security",
+                    to_value(get_security_scheme(path.security_scheme.as_ref()))?,
+                );
+
+                if method != Method::GET {
+                    method_map.insert("requestBody", generate_default_request());
+                } else if is_webhook {
+                    method_map.insert(
+                        "parameters",
+                        Value::Array(vec![serde_json::json!({
+                            "$ref": format!("#/components/parameters/{DEFAULT_PAYLOAD_PARAM_KEY}")
+                        })]),
+                    );
+                }
+
+                method_map.insert("responses", generate_response(is_async));
+
+                path_object.insert(method.to_string().to_lowercase(), to_value(&method_map)?);
+            }
+        }
+    }
+
+    return Ok(map);
+}
+
+pub fn transform_to_minified_postgres_regex(glob: &str) -> String {
+    let mut regex = String::from("^");
+    for ch in glob.chars() {
+        match ch {
+            '*' => regex.push_str(".*"),
+            '.' | '+' | '(' | ')' | '|' | '^' | '$' | '{' | '}' | '[' | ']' | '\\' => {
+                regex.push('\\');
+                regex.push(ch);
+            }
+            _ => regex.push(ch),
+        }
+    }
+
+    regex.push('$');
+    regex
+}
+
+#[derive(Debug, Default)]
+pub struct ServerToSet {
+    pub http_route: bool,
+    pub webhook_flow: bool,
+    pub webhook_script: bool,
+}
+
+impl ServerToSet {
+    pub fn new(http_route: bool, webhook_flow: bool, webhook_script: bool) -> ServerToSet {
+        ServerToSet { http_route, webhook_flow, webhook_script }
+    }
+}
+
+fn header_to_pascal_case(header: &str) -> String {
+    header
+        .split(|c: char| c == '-' || c == '_' || c == ' ')
+        .filter(|s| !s.is_empty())
+        .map(|s| {
+            let mut chars = s.chars();
+            match chars.next() {
+                Some(first) => {
+                    first.to_ascii_uppercase().to_string()
+                        + chars.as_str().to_ascii_lowercase().as_str()
+                }
+                None => String::new(),
+            }
+        })
+        .collect::<String>()
+}
+
+#[derive(Debug, Default)]
+struct SecuritySchemeToAdd {
+    basic_http: bool,
+    bearer_jwt: bool,
+    api_keys: Vec<(String, Value)>,
+}
+
+fn generate_all_security_schemes(future_paths: &[FuturePath]) -> SecuritySchemeToAdd {
+    let mut to_add = SecuritySchemeToAdd::default();
+
+    let mut set = HashSet::new();
+    for future_path in future_paths {
+        if !to_add.basic_http
+            && matches!(future_path.security_scheme, Some(SecurityScheme::BasicHttp))
+        {
+            to_add.basic_http = true
+        } else if !to_add.bearer_jwt
+            && matches!(future_path.security_scheme, Some(SecurityScheme::BearerJwt))
+        {
+            to_add.bearer_jwt = true
+        } else if let Some(SecurityScheme::ApiKey(api_key)) = future_path.security_scheme.as_ref() {
+            let pascal_case_header = header_to_pascal_case(&api_key);
+
+            if !set.insert(pascal_case_header.clone()) {
+                continue;
+            }
+
+            let scheme = serde_json::json!({
+                    "type": "apiKey",
+                    "in": "header",
+                    "name": api_key
+            });
+            to_add.api_keys.push((pascal_case_header, scheme));
+        }
+    }
+
+    to_add
+}
+
+fn generate_components(future_paths: &[FuturePath]) -> Map<String, Value> {
+    let mut components = Map::new();
+
+    if future_paths
+        .iter()
+        .any(|path| matches!(path.kind, Kind::Webhook(_)))
+    {
+        components.insert(
+            "parameters".to_owned(),
+            serde_json::json!({
+                "PayloadParam": {
+                    "name": "payload",
+                    "in": "query",
+                    "required": true,
+                    "description": "A URL-safe base64-encoded JSON string payload.",
+                    "schema": {
+                        "type": "string"
+                    }
+                }
+            }),
+        );
+    }
+
+    {
+        let mut security_scheme = Map::new();
+
+        let SecuritySchemeToAdd { basic_http, bearer_jwt, api_keys } =
+            generate_all_security_schemes(future_paths);
+
+        if basic_http {
+            security_scheme.insert(
+                BASIC_HTTP_AUTH_SCHEME.to_owned(),
+                serde_json::json!({
+                    "type": "http",
+                    "scheme": "basic"
+                }),
+            );
+        }
+
+        if bearer_jwt {
+            security_scheme.insert(
+                JWT_SECURITY_SCHEME.to_owned(),
+                serde_json::json!({
+                    "type": "http",
+                    "scheme": "bearer",
+                    "bearerFormat": "JWT"
+                }),
+            );
+        }
+
+        for (key, value) in api_keys {
+            security_scheme.insert(key, value);
+        }
+        components.insert("securitySchemes".to_owned(), Value::Object(security_scheme));
+    }
+
+    components.insert("requestBodies".to_owned(), serde_json::json!({
+       DEFAULT_REQUEST_KEY: {
+            "description": "This route may or may not require a request body, but its structure and content type are unknown.",
+            "required": false,
+            "content": {
+                "application/json": {}
+            }
+        }
+    }));
+
+    components.insert("responses".to_owned(), serde_json::json!({
+        DEFAULT_ASYNC_RESPONSE_KEY: {
+            "description": "Returns a job ID as a UUID string.",
+            "content": {
+                "text/plain": {
+                    "schema": {
+                        "type": "string",
+                        "format": "uuid",
+                        "examples": [ "550e8400-e29b-41d4-a716-446655440000" ]
+                    }
+                }
+            }
+        },
+        DEFAULT_SYNC_RESPONSE_KEY: {
+            "description": "This route may return a response, but its structure and content type are unknown.",
+            "content": {
+                "application/octet-stream": {}
+            }
+        },
+
+    }));
+
+    components
+}
+
+pub fn generate_openapi_document(
+    info: Option<&Info>,
+    url: Option<&Url>,
+    paths: Vec<FuturePath>,
+    format: Format,
+) -> Result<String> {
+    let mut openapi_doc: IndexMap<&'static str, Value> = IndexMap::new();
+
+    openapi_doc.insert("openapi", to_value(&DEFAULT_OPENAPI_GENERATED_VERSION)?);
+    openapi_doc.insert(
+        "info",
+        to_value(info.unwrap_or(&DEFAULT_OPENAPI_INFO_OBJECT))?,
+    );
+
+    openapi_doc.insert("components", Value::Object(generate_components(&paths)));
+
+    openapi_doc.insert("paths", to_value(generate_paths(paths, url)?)?);
+
+    let openapi_document = match format {
+        Format::YAML => serde_yml::to_string(&openapi_doc).map_err(|err| {
+            anyhow!(
+                "Could not generate OpenAPI document in YAML format: {}",
+                err
+            )
+        })?,
+        Format::JSON => serde_json::to_string_pretty(&openapi_doc).map_err(|err| {
+            anyhow!(
+                "Could not generate OpenAPI document in JSON format: {}",
+                err
+            )
+        })?,
+    };
+
+    Ok(openapi_document)
+}
+
+#[allow(unused)]
+#[derive(Debug, Deserialize)]
+struct HttpRouteFilter {
+    folder_regex: String,
+    path_regex: String,
+    route_path_regex: String,
+}
+
+#[derive(Debug, Deserialize)]
+struct WebhookFilter {
+    user_or_folder_regex: String,
+    user_or_folder_regex_value: String,
+    path: String,
+    runnable_kind: RunnableKind,
+}
+
+#[derive(Debug, Deserialize)]
+struct GenerateOpenAPI {
+    info: Option<Info>,
+    url: Option<Url>,
+    #[serde(default, deserialize_with = "empty_as_none")]
+    http_route_filters: Option<Vec<HttpRouteFilter>>,
+    #[serde(default, deserialize_with = "empty_as_none")]
+    webhook_filters: Option<Vec<WebhookFilter>>,
+    #[serde(default)]
+    openapi_spec_format: Format,
+}
+
+#[cfg(feature = "http_trigger")]
+async fn http_routes_to_future_paths(
+    db: &DB,
+    user_db: UserDB,
+    authed: &ApiAuthed,
+    pg_pool: &mut PgConnection,
+    http_route_filters: Option<&[HttpRouteFilter]>,
+    w_id: &str,
+) -> Result<Vec<FuturePath>> {
+    let mut http_routes = Vec::new();
+
+    if let Some(http_route_filters) = http_route_filters {
+        let path_regex = http_route_filters
+            .iter()
+            .map(|filter| {
+                transform_to_minified_postgres_regex(&format!(
+                    "f/{}/{}",
+                    filter.folder_regex, filter.path_regex
+                ))
+            })
+            .collect_vec();
+
+        let route_path_regex = http_route_filters
+            .iter()
+            .map(|filter| transform_to_minified_postgres_regex(&filter.route_path_regex))
+            .collect_vec();
+
+        #[derive(Debug, Deserialize)]
+        struct MinifiedHttpTrigger {
+            route_path: String,
+            http_method: HttpMethod,
+            is_async: bool,
+            workspaced_route: bool,
+            summary: Option<String>,
+            description: Option<String>,
+            authentication_method: AuthenticationMethod,
+            authentication_resource_path: Option<String>,
+        }
+
+        http_routes = sqlx::query_as!(
+            MinifiedHttpTrigger,
+            r#"
+        SELECT
+            route_path,
+            http_method AS "http_method: _",
+            is_async,
+            workspaced_route,
+            summary,
+            description,
+            authentication_method AS "authentication_method: _",
+            authentication_resource_path
+        FROM
+            http_trigger
+        WHERE
+           path ~ ANY($1) AND
+           route_path ~ ANY($2) AND
+           workspace_id = $3
+        "#,
+            &path_regex,
+            &route_path_regex,
+            &w_id
+        )
+        .fetch_all(pg_pool)
+        .await?;
+    }
+
+    let mut openapi_future_paths = Vec::with_capacity(http_routes.len());
+
+    for http_route in http_routes {
+        let auth_method = match http_route.authentication_method {
+            AuthenticationMethod::BasicHttp => Some(SecurityScheme::BasicHttp),
+            AuthenticationMethod::Windmill => Some(SecurityScheme::BearerJwt),
+            AuthenticationMethod::ApiKey => {
+                let resource_path = match http_route.authentication_resource_path {
+                    Some(resource_path) => resource_path,
+                    None => {
+                        return Err(Error::BadRequest(
+                            "Missing authentication resource path".to_string(),
+                        ));
+                    }
+                };
+
+                let api = try_get_resource_from_db_as::<ApiKeyAuthentication>(
+                    authed,
+                    Some(user_db.clone()),
+                    db,
+                    &resource_path,
+                    w_id,
+                )
+                .await?;
+
+                Some(SecurityScheme::ApiKey(api.api_key_header))
+            }
+            _ => None,
+        };
+
+        let route_path = if http_route.workspaced_route {
+            format!("{}/{}", w_id, http_route.route_path.trim_start_matches('/'))
+        } else {
+            http_route.route_path.clone()
+        };
+
+        let method = match http_route.http_method {
+            HttpMethod::Get => Method::GET,
+            HttpMethod::Post => Method::POST,
+            HttpMethod::Put => Method::PUT,
+            HttpMethod::Patch => Method::PATCH,
+            HttpMethod::Delete => Method::DELETE,
+        };
+
+        let future_path = FuturePath::new(
+            route_path,
+            Kind::HttpRoute(HttpRouteConfig::new(method)),
+            Some(http_route.is_async),
+            http_route.summary,
+            http_route.description,
+            auth_method,
+        );
+
+        openapi_future_paths.push(future_path);
+    }
+
+    Ok(openapi_future_paths)
+}
+
+#[cfg(not(feature = "http_trigger"))]
+async fn http_routes_to_future_paths(
+    _db: &DB,
+    _user_db: UserDB,
+    _authed: &ApiAuthed,
+    _pg_pool: &mut PgConnection,
+    _http_route_filters: Option<&[HttpRouteFilter]>,
+    _w_id: &str,
+) -> Result<Vec<FuturePath>> {
+    Ok(Vec::new())
+}
+
+async fn webhook_to_future_paths(
+    pg_pool: &mut PgConnection,
+    webhook_filters: Option<&[WebhookFilter]>,
+    w_id: &str,
+) -> Result<Vec<FuturePath>> {
+    let mut openapi_future_paths = Vec::new();
+    if let Some(webhook_filters) = webhook_filters {
+        let mut script_webhook_filter = Vec::new();
+        let mut flow_webhook_filter = Vec::new();
+
+        for webhook in webhook_filters {
+            let full_regex = transform_to_minified_postgres_regex(&format!(
+                "{}/{}/{}",
+                &webhook.user_or_folder_regex, &webhook.user_or_folder_regex_value, &webhook.path
+            ));
+
+            match webhook.runnable_kind {
+                RunnableKind::Script => {
+                    script_webhook_filter.push(full_regex);
+                }
+                RunnableKind::Flow => {
+                    flow_webhook_filter.push(full_regex);
+                }
+            }
+        }
+
+        #[derive(Debug, Deserialize, Clone, Hash)]
+        struct MinifiedWebhook {
+            path: String,
+            description: Option<String>,
+            summary: Option<String>,
+        }
+
+        let webhook_scripts = sqlx::query_as!(
+            MinifiedWebhook,
+            r#"SELECT 
+                    path,
+                    summary,
+                    description
+                FROM
+                    script
+                WHERE
+                    path ~ ANY($1) AND
+                    workspace_id = $2 AND
+                    archived is FALSE
+            "#,
+            &script_webhook_filter,
+            &w_id
+        )
+        .fetch_all(&mut *pg_pool)
+        .await?;
+
+        let webhook_flows = sqlx::query_as!(
+            MinifiedWebhook,
+            r#"SELECT 
+                    path,
+                    summary,
+                    description
+                FROM
+                    flow
+                WHERE
+                    path ~ ANY($1) AND
+                    workspace_id = $2 AND
+                    archived is FALSE
+            "#,
+            &flow_webhook_filter,
+            &w_id
+        )
+        .fetch_all(&mut *pg_pool)
+        .await?;
+
+        openapi_future_paths.reserve_exact(webhook_scripts.len() + webhook_flows.len());
+
+        for webhook in webhook_scripts {
+            openapi_future_paths.push(FuturePath::new(
+                webhook.path,
+                Kind::Webhook(WebhookConfig::new(RunnableKind::Script)),
+                None,
+                webhook.summary,
+                webhook.description,
+                Some(SecurityScheme::BearerJwt),
+            ));
+        }
+
+        for webhook in webhook_flows {
+            openapi_future_paths.push(FuturePath::new(
+                webhook.path,
+                Kind::Webhook(WebhookConfig::new(RunnableKind::Flow)),
+                None,
+                webhook.summary,
+                webhook.description,
+                Some(SecurityScheme::BearerJwt),
+            ));
+        }
+    }
+
+    Ok(openapi_future_paths)
+}
+
+async fn generate_openapi_future_path(
+    db: &DB,
+    user_db: UserDB,
+    authed: &ApiAuthed,
+    http_route_filters: Option<&[HttpRouteFilter]>,
+    webhook_filters: Option<&[WebhookFilter]>,
+    w_id: &str,
+) -> Result<Vec<FuturePath>> {
+    if http_route_filters.is_none() && webhook_filters.is_none() {
+        return Err(Error::BadRequest(
+            "Expected http route filter and/or webhook filters".to_string(),
+        ));
+    }
+
+    let mut tx = user_db.clone().begin(authed).await?;
+
+    let mut openapi_future_paths =
+        http_routes_to_future_paths(db, user_db, authed, &mut tx, http_route_filters, w_id).await?;
+
+    openapi_future_paths
+        .append(&mut webhook_to_future_paths(&mut tx, webhook_filters, w_id).await?);
+
+    tx.commit().await?;
+
+    if openapi_future_paths.is_empty() {
+        return Err(Error::NotFound(
+            "No match for the current filter".to_string(),
+        ));
+    }
+
+    Ok(openapi_future_paths)
+}
+
+async fn generate_openapi_spec(
+    Extension(authed): Extension<ApiAuthed>,
+    Extension(db): Extension<DB>,
+    Extension(user_db): Extension<UserDB>,
+    Path(w_id): Path<String>,
+    Json(generate_openapi): Json<GenerateOpenAPI>,
+) -> Result<String> {
+    let openapi_future_paths = generate_openapi_future_path(
+        &db,
+        user_db,
+        &authed,
+        generate_openapi.http_route_filters.as_deref(),
+        generate_openapi.webhook_filters.as_deref(),
+        &w_id,
+    )
+    .await?;
+
+    let openapi_document = generate_openapi_document(
+        generate_openapi.info.as_ref(),
+        generate_openapi.url.as_ref(),
+        openapi_future_paths,
+        generate_openapi.openapi_spec_format,
+    );
+
+    openapi_document
+}
+
+async fn download_spec(
+    Extension(authed): Extension<ApiAuthed>,
+    Extension(db): Extension<DB>,
+    Extension(user_db): Extension<UserDB>,
+    Path(w_id): Path<String>,
+    Json(generate_openapi): Json<GenerateOpenAPI>,
+) -> Result<Response> {
+    let openapi_future_paths = generate_openapi_future_path(
+        &db,
+        user_db,
+        &authed,
+        generate_openapi.http_route_filters.as_deref(),
+        generate_openapi.webhook_filters.as_deref(),
+        &w_id,
+    )
+    .await?;
+
+    let openapi_document = generate_openapi_document(
+        generate_openapi.info.as_ref(),
+        generate_openapi.url.as_ref(),
+        openapi_future_paths,
+        generate_openapi.openapi_spec_format,
+    )?;
+
+    let response = Response::builder()
+        .status(StatusCode::OK)
+        .header(
+            header::CONTENT_TYPE,
+            HeaderValue::from_static("application/octet-stream"),
+        )
+        .body(Body::from(openapi_document))
+        .unwrap();
+
+    Ok(response)
+}

backend/windmill-api/src/postgres_triggers/mod.rs

@@ -160,7 +160,7 @@ pub async fn get_pg_connection(
     logical_mode: bool,
 ) -> Result<Client> {
     let database =
-        try_get_resource_from_db_as::<Postgres>(authed, user_db, db, postgres_resource_path, w_id)
+        try_get_resource_from_db_as::<Postgres>(&authed, user_db, db, postgres_resource_path, w_id)
             .await?;
 
     Ok(get_raw_postgres_connection(&database, logical_mode).await?)

backend/windmill-api/src/postgres_triggers/trigger.rs

@@ -417,7 +417,7 @@ impl PostgresConfig {
         };
 
         let database = try_get_resource_from_db_as::<Postgres>(
-            authed,
+            &authed,
             Some(UserDB::new(db.clone())),
             &db,
             postgres_resource_path,

backend/windmill-api/src/resources.rs

@@ -1217,7 +1217,7 @@ async fn update_resource_type(
     )
 ))]
 pub async fn try_get_resource_from_db_as<T>(
-    authed: ApiAuthed,
+    authed: &ApiAuthed,
     user_db: Option<UserDB>,
     db: &DB,
     resource_path: &str,

backend/windmill-api/src/scripts.rs

@@ -1354,9 +1354,16 @@ async fn raw_script_by_path_internal(
                 )
                 .fetch_all(&db)
                 .await?;
-                tracing::info!(
-                    "Script {path} does not exist in workspace {w_id} but these paths do: {:?}",
-                    other_script_o.join(", ")
+                let other_script_archived = sqlx::query_scalar!(
+                    "SELECT distinct(path) FROM script WHERE workspace_id = $1 AND archived = true",
+                    w_id
+                )
+                .fetch_all(&db)
+                .await?;
+                tracing::warn!(
+                    "Script {path} does not exist in workspace {w_id} but these paths do, non-archived: {:?} | archived: {:?}",
+                    other_script_o.join(", "),
+                    other_script_archived.join(", ")
                 )
             }
         }

backend/windmill-api/src/utils.rs

@@ -6,8 +6,6 @@
  * LICENSE-AGPL for a copy of the license.
  */
 
-use std::fmt::Display;
-
 use axum::{body::Body, response::Response};
 use regex::Regex;
 use serde::{Deserialize, Deserializer};
@@ -31,23 +29,6 @@ pub struct WithStarredInfoQuery {
     pub with_starred_info: Option<bool>,
 }
 
-#[derive(Deserialize)]
-#[serde(rename_all = "lowercase")]
-pub enum RunnableKind {
-    Script,
-    Flow,
-}
-
-impl Display for RunnableKind {
-    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
-        let runnable_kind = match self {
-            RunnableKind::Script => "script",
-            RunnableKind::Flow => "flow"
-        };
-        write!(f, "{}", runnable_kind)
-    }
-}
-
 pub async fn require_super_admin(db: &DB, email: &str) -> error::Result<()> {
     let is_admin = is_super_admin_email(db, email).await?;
 

backend/windmill-api/src/workspaces_export.rs

@@ -548,6 +548,8 @@ pub(crate) async fn tarball_workspace(
                     authentication_resource_path,
                     script_path, 
                     is_flow, 
+                    summary,
+                    description,
                     edited_by, 
                     edited_at, 
                     email, 

backend/windmill-common/Cargo.toml

@@ -80,6 +80,7 @@ backon.workspace = true
 openidconnect = { workspace = true, optional = true }
 strum.workspace = true
 strum_macros.workspace = true
+url.workspace = true
 
 semver.workspace = true
 croner = "2.0.6"

backend/windmill-common/src/utils.rs

@@ -22,11 +22,14 @@ use croner::Cron;
 use rand::{distr::Alphanumeric, rng, Rng};
 use reqwest::Client;
 use semver::Version;
-use serde::{Deserialize, Deserializer, Serialize};
+use serde::{de::Error as SerdeDeserializerError, Deserialize, Deserializer, Serialize};
 use sha2::{Digest, Sha256};
 use sqlx::{Pool, Postgres};
+use std::borrow::Cow;
+use std::fmt::Display;
 use std::{fs::DirBuilder as SyncDirBuilder, str::FromStr};
 use tokio::fs::DirBuilder as AsyncDirBuilder;
+use url::Url;
 
 pub const MAX_PER_PAGE: usize = 10000;
 pub const DEFAULT_PER_PAGE: usize = 1000;
@@ -81,7 +84,7 @@ lazy_static::lazy_static! {
                 }
                 Mode::Worker
             } else if &x == "agent" {
-                println!("Binary is in 'agent' mode");
+                println!("Binary is in 'agent' mode with BASE_INTERNAL_URL={}", std::env::var("BASE_INTERNAL_URL").unwrap_or_default());
                 if std::env::var("BASE_INTERNAL_URL").is_err() {
                     panic!("BASE_INTERNAL_URL is required in agent mode")
                 }
@@ -523,6 +526,18 @@ impl<T> IsEmpty for Vec<T> {
     }
 }
 
+impl<T> IsEmpty for Option<T>
+where
+    T: IsEmpty,
+{
+    fn is_empty(&self) -> bool {
+        match self {
+            Some(v) => v.is_empty(),
+            None => true,
+        }
+    }
+}
+
 pub fn empty_as_none<'de, D, T>(deserializer: D) -> std::result::Result<Option<T>, D::Error>
 where
     D: Deserializer<'de>,
@@ -532,6 +547,26 @@ where
     Ok(option.filter(|s| !s.is_empty()))
 }
 
+pub fn is_empty<T>(value: &T) -> bool
+where
+    T: IsEmpty,
+{
+    value.is_empty()
+}
+
+pub fn deserialize_url<'de, D: Deserializer<'de>>(
+    de: D,
+) -> std::result::Result<Option<Url>, D::Error> {
+    let intermediate = <Option<Cow<'de, str>>>::deserialize(de)?;
+
+    match intermediate.as_deref() {
+        None | Some("") => Ok(None),
+        Some(non_empty_string) => Url::parse(non_empty_string)
+            .map(Some)
+            .map_err(D::Error::custom),
+    }
+}
+
 pub async fn fetch_mute_workspace(_db: &DB, workspace_id: &str) -> Result<bool> {
     match sqlx::query!(
         "SELECT mute_critical_alerts FROM workspace_settings WHERE workspace_id = $1",
@@ -783,3 +818,20 @@ impl<F: Future> Future for WarnAfterFuture<F> {
         }
     }
 }
+
+#[derive(Debug, Deserialize, Clone, Copy, PartialEq, Eq, Hash)]
+#[serde(rename_all = "lowercase")]
+pub enum RunnableKind {
+    Script,
+    Flow,
+}
+
+impl Display for RunnableKind {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        let runnable_kind = match self {
+            RunnableKind::Script => "script",
+            RunnableKind::Flow => "flow",
+        };
+        write!(f, "{}", runnable_kind)
+    }
+}

backend/windmill-worker/src/bash_executor.rs

@@ -43,12 +43,11 @@ use crate::{
         OccupancyMetrics,
     },
     handle_child::handle_child,
-    DISABLE_NSJAIL, DISABLE_NUSER, HOME_ENV, NSJAIL_PATH, PATH_ENV,
-    POWERSHELL_CACHE_DIR, POWERSHELL_PATH, PROXY_ENVS, TZ_ENV,
+    DISABLE_NSJAIL, DISABLE_NUSER, HOME_ENV, NSJAIL_PATH, PATH_ENV, POWERSHELL_CACHE_DIR,
+    POWERSHELL_PATH, PROXY_ENVS, TZ_ENV,
 };
 use windmill_common::client::AuthedClient;
 
-
 #[cfg(windows)]
 use crate::SYSTEM_ROOT;
 
@@ -275,6 +274,19 @@ exit $exit_status
     )))
 }
 
+#[cfg(feature = "dind")]
+async fn rm_container(client: &bollard::Docker, container_id: &str) {
+    if let Err(e) = client
+        .remove_container(
+            container_id,
+            Some(RemoveContainerOptions { force: true, ..Default::default() }),
+        )
+        .await
+    {
+        tracing::error!("Error removing container: {:?}", e);
+    }
+}
+
 #[cfg(feature = "dind")]
 async fn handle_docker_job(
     job_id: Uuid,
@@ -446,19 +458,12 @@ async fn handle_docker_job(
                 }
             }
         }
+        rm_container(&client, &container_id).await;
 
         return Err(e);
     }
 
-    if let Err(e) = client
-        .remove_container(
-            &container_id,
-            Some(RemoveContainerOptions { force: true, ..Default::default() }),
-        )
-        .await
-    {
-        tracing::error!("Error removing container: {:?}", e);
-    }
+    rm_container(&client, &container_id).await;
 
     let result = result.unwrap();