release(cli): 1.32.2 (#3544)

Co-authored-by: dbarrosop <dbarrosop@users.noreply.github.com>

.github/PULL_REQUEST_TEMPLATE.md

@@ -32,6 +32,7 @@ Where `PKG` is:
 - `mintlify-openapi`: For changes to the Mintlify OpenAPI tool
 - `nhost-js`: For changes to the Nhost JavaScript SDK
 - `nixops`: For changes to the NixOps
+- `storage`: For changes to the Nhost Storage
 
 Where `SUMMARY` is a short description of what the PR does.
 

.github/actions/cache-nix/action.yml

@@ -0,0 +1,15 @@
+name: 'Cache Nix to S3'
+description: 'Copy Nix store to S3-backed cache'
+inputs:
+  NIX_CACHE_PRIV_KEY:
+    description: 'Nix cache private key'
+    required: true
+
+runs:
+  using: 'composite'
+  steps:
+    - name: "Cache build"
+      shell: bash
+      run: |
+        nix store sign --key-file <(echo "${{ inputs.NIX_CACHE_PRIV_KEY }}") --all
+        nix copy --to 's3://nhost-nix-cache?region=eu-central-1' --substitute-on-destination --all

.github/actions/setup-nix/action.yml

@@ -0,0 +1,51 @@
+name: 'Setup Nix'
+description: 'Install Nix and setup caching for Nhost projects'
+inputs:
+  NAME:
+    description: 'Project name for cache key'
+    required: true
+  NIX_CACHE_PUB_KEY:
+    description: 'Nix cache public key'
+    required: true
+  GITHUB_TOKEN:
+    description: 'GitHub token for Nix access'
+    required: true
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Install Nix
+      uses: cachix/install-nix-action@v31
+      with:
+        install_url: "https://releases.nixos.org/nix/nix-2.28.4/install"
+        install_options: "--no-daemon"
+        extra_nix_config: |
+          experimental-features = nix-command flakes
+          sandbox = false
+          access-tokens = github.com=${{ inputs.GITHUB_TOKEN }}
+          substituters = https://cache.nixos.org/?priority=40 s3://nhost-nix-cache?region=eu-central-1&priority=50
+          trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= ${{ inputs.NIX_CACHE_PUB_KEY }}
+          keep-env-derivations = true
+          keep-outputs = true
+
+    - name: Restore and save Nix store
+      uses: nix-community/cache-nix-action@v6
+      with:
+        primary-key: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('**/*.nix', '**/flake.lock') }}
+        restore-prefixes-first-match: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}}-
+        gc-max-store-size-linux: 2G
+        purge: true
+        purge-prefixes: nix-${{ inputs.NAME }}-
+        purge-created: 0
+        purge-last-accessed: 0
+        purge-primary-key: never
+
+    # - name: "Verify if nixops is pre-built"
+    #   id: verify-nixops-build
+    #   run: |
+    #     export drvPath=$(make build-nixops-dry-run)
+    #     echo "Derivation path: $drvPath"
+    #     nix path-info --store s3://nhost-nix-cache\?region=eu-central-1 $drvPath \
+    #       || (echo "Wait until nixops is already built and cached and run again" && exit 1)
+    #   if: ${{ inputs.NAME != 'nixops' }}
+

.github/actions/validate-pr-title/action.yaml

@@ -0,0 +1,41 @@
+---
+name: "Validate PR Title"
+description: "Validates that PR title follows the required format: TYPE(PKG): SUMMARY"
+inputs:
+  pr_title:
+    description: "The PR title to validate"
+    required: true
+runs:
+  using: "composite"
+  steps:
+    - name: "Validate PR title format"
+      shell: bash
+      run: |
+        PR_TITLE="${{ inputs.pr_title }}"
+
+        echo "Validating PR title: $PR_TITLE"
+
+        # Define valid types and packages
+        VALID_TYPES="feat|fix|chore"
+        VALID_PKGS="ci|cli|codegen|dashboard|deps|docs|examples|mintlify-openapi|nhost-js|nixops|storage"
+
+        # Check if title matches the pattern TYPE(PKG): SUMMARY
+        if [[ ! "$PR_TITLE" =~ ^(${VALID_TYPES})\((${VALID_PKGS})\):\ .+ ]]; then
+          echo "❌ PR title does not follow the required format!"
+          echo ""
+          echo "Expected format: TYPE(PKG): SUMMARY"
+          echo ""
+          echo "Valid TYPEs:"
+          echo "  - feat:   mark this pull request as a feature"
+          echo "  - fix:    mark this pull request as a bug fix"
+          echo "  - chore:  mark this pull request as a maintenance item"
+          echo ""
+          echo "Valid PKGs:"
+          echo "  - ci, cli, codegen, dashboard, deps, docs, examples,"
+          echo "  - mintlify-openapi, nhost-js, nixops, storage"
+          echo ""
+          echo "Example: feat(cli): add new command for database migrations"
+          exit 1
+        fi
+
+        echo "✅ PR title is valid!"

.github/dependabot.yaml

@@ -0,0 +1,14 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    open-pull-requests-limit: 10
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "04:00"
+    commit-message:
+      prefix: "chore(ci)"
+    labels:
+      - "dependencies"
+      - "github_actions"
+      - "chore"

.github/workflows/ci_create_release.yaml

@@ -24,30 +24,12 @@ jobs:
       with:
         fetch-depth: 0
 
-    - uses: cachix/install-nix-action@v31
+    - name: Setup Nix with Cache
+      uses: ./.github/actions/setup-nix
       with:
-        install_url: "https://releases.nixos.org/nix/nix-2.28.4/install"
-        install_options: "--no-daemon"
-        extra_nix_config: |
-          experimental-features = nix-command flakes
-          sandbox = false
-          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-          substituters = https://cache.nixos.org/?priority=40 s3://nhost-nix-cache?region=eu-central-1&priority=50
-          trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= ${{ secrets.NIX_CACHE_PUB_KEY }}
-          keep-env-derivations = true
-          keep-outputs = true
-
-    - name: Restore and save Nix store
-      uses: nix-community/cache-nix-action@v6
-      with:
-        primary-key: nix-cliff-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('**/*.nix', '**/flake.lock') }}
-        restore-prefixes-first-match: nix-cliff-${{ runner.os }}-${{ runner.arch }}}-
-        gc-max-store-size-linux: 2G
-        purge: true
-        purge-prefixes: nix-cliff-
-        purge-created: 0
-        purge-last-accessed: 0
-        purge-primary-key: never
+        NAME: ${{ inputs.NAME }}
+        NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     - name: "Extract project and version from PR title"
       id: extract

.github/workflows/ci_release.yaml

@@ -36,9 +36,8 @@ jobs:
   cli:
     needs: extract-project
     if: needs.extract-project.outputs.project == 'cli'
-    uses: ./.github/workflows/cli_release.yaml
+    uses: ./.github/workflows/cli_wf_release.yaml
     with:
-      NAME: dashboard
       GIT_REF: ${{ github.sha }}
       VERSION: ${{ needs.extract-project.outputs.version }}
     secrets:
@@ -52,9 +51,8 @@ jobs:
   dashboard:
     needs: extract-project
     if: needs.extract-project.outputs.project == '@nhost/dashboard'
-    uses: ./.github/workflows/dashboard_release.yaml
+    uses: ./.github/workflows/dashboard_wf_release.yaml
     with:
-      NAME: dashboard
       GIT_REF: ${{ github.sha }}
       VERSION: ${{ needs.extract-project.outputs.version }}
     secrets:
@@ -83,3 +81,17 @@ jobs:
       NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
       NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
       DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK_PRODUCTION }}
+
+  storage:
+    needs: extract-project
+    if: needs.extract-project.outputs.project == 'storage'
+    uses: ./.github/workflows/storage_wf_release.yaml
+    with:
+      GIT_REF: ${{ github.sha }}
+      VERSION: ${{ needs.extract-project.outputs.version }}
+    secrets:
+      AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
+      NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
+      NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
+      DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+      DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}

.github/workflows/ci_update_changelog.yaml

@@ -13,7 +13,7 @@ jobs:
 
     strategy:
       matrix:
-        project: [cli, dashboard, packages/nhost-js]
+        project: [cli, dashboard, packages/nhost-js, services/storage]
 
     permissions:
       id-token: write
@@ -27,30 +27,12 @@ jobs:
       with:
         fetch-depth: 0
 
-    - uses: cachix/install-nix-action@v31
+    - name: Setup Nix with Cache
+      uses: ./.github/actions/setup-nix
       with:
-        install_url: "https://releases.nixos.org/nix/nix-2.28.4/install"
-        install_options: "--no-daemon"
-        extra_nix_config: |
-          experimental-features = nix-command flakes
-          sandbox = false
-          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-          substituters = https://cache.nixos.org/?priority=40 s3://nhost-nix-cache?region=eu-central-1&priority=50
-          trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= ${{ secrets.NIX_CACHE_PUB_KEY }}
-          keep-env-derivations = true
-          keep-outputs = true
-
-    - name: Restore and save Nix store
-      uses: nix-community/cache-nix-action@v6
-      with:
-        primary-key: nix-cliff-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('**/*.nix', '**/flake.lock') }}
-        restore-prefixes-first-match: nix-cliff-${{ runner.os }}-${{ runner.arch }}}-
-        gc-max-store-size-linux: 2G
-        purge: true
-        purge-prefixes: nix-cliff-${{ runner.os }}-
-        purge-created: 0
-        purge-last-accessed: 0
-        purge-primary-key: never
+        NAME: ${{ inputs.NAME }}
+        NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     - name: "Get next version"
       id: version

.github/workflows/cli_checks.yaml

@@ -27,6 +27,10 @@ on:
     branches:
       - main
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.pull_request.number) || format('push-{0}', github.sha) }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 jobs:
   check-permissions:
     runs-on: ubuntu-latest
@@ -70,7 +74,7 @@ jobs:
       NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
 
   test_cli_build:
-    uses: ./.github/workflows/cli_test_new_project.yaml
+    uses: ./.github/workflows/cli_wf_test_new_project.yaml
     needs:
       - check-permissions
       - build_artifacts

.github/workflows/cli_wf_release.yaml

@@ -3,9 +3,6 @@ name: "cli: release"
 on:
   workflow_call:
     inputs:
-      NAME:
-        required: true
-        type: string
       GIT_REF:
         required: true
         type: string
@@ -71,35 +68,17 @@ jobs:
         ref: ${{ inputs.GIT_REF }}
 
     - name: Configure aws
-      uses: aws-actions/configure-aws-credentials@v4
+      uses: aws-actions/configure-aws-credentials@v5
       with:
         role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-actions-nhost-${{ github.event.repository.name }}
         aws-region: eu-central-1
 
-    - uses: cachix/install-nix-action@v31
+    - name: Setup Nix with Cache
+      uses: ./.github/actions/setup-nix
       with:
-        install_url: "https://releases.nixos.org/nix/nix-2.28.4/install"
-        install_options: "--no-daemon"
-        extra_nix_config: |
-          experimental-features = nix-command flakes
-          sandbox = false
-          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-          substituters = https://cache.nixos.org/?priority=40 s3://nhost-nix-cache?region=eu-central-1&priority=50
-          trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= ${{ secrets.NIX_CACHE_PUB_KEY }}
-          keep-env-derivations = true
-          keep-outputs = true
-
-    - name: Restore and save Nix store
-      uses: nix-community/cache-nix-action@v6
-      with:
-        primary-key: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('**/*.nix', '**/flake.lock') }}
-        restore-prefixes-first-match: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}}-
-        gc-max-store-size-linux: 2G
-        purge: true
-        purge-prefixes: nix-${{ inputs.NAME }}-
-        purge-created: 0
-        purge-last-accessed: 0
-        purge-primary-key: never
+        NAME: cli
+        NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     - name: Compute common env vars
       id: vars
@@ -136,8 +115,8 @@ jobs:
           --clobber "${{ github.ref_name }}" \
           ./upload/* checksums.txt
 
-    - name: "Cache build"
-      run: |
-        nix store sign --key-file <(echo "${{ secrets.NIX_CACHE_PRIV_KEY }}") --all
-        find /nix/store -maxdepth 1 -name "*-*" -type d | xargs -n 25 nix copy --to s3://nhost-nix-cache\?region=eu-central-1
+    - name: "Store Nix cache"
+      uses: ./.github/actions/cache-nix
+      with:
+        NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
       if: always()

.github/workflows/cli_wf_test_new_project.yaml

@@ -50,35 +50,17 @@ jobs:
         comment_on_pr: false
 
     - name: Configure aws
-      uses: aws-actions/configure-aws-credentials@v4
+      uses: aws-actions/configure-aws-credentials@v5
       with:
         role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-actions-nhost-${{ github.event.repository.name }}
         aws-region: eu-central-1
 
-    - uses: cachix/install-nix-action@v31
+    - name: Setup Nix with Cache
+      uses: ./.github/actions/setup-nix
       with:
-        install_url: "https://releases.nixos.org/nix/nix-2.28.4/install"
-        install_options: "--no-daemon"
-        extra_nix_config: |
-          experimental-features = nix-command flakes
-          sandbox = false
-          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-          substituters = https://cache.nixos.org/?priority=40 s3://nhost-nix-cache?region=eu-central-1&priority=50
-          trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= ${{ secrets.NIX_CACHE_PUB_KEY }}
-          keep-env-derivations = true
-          keep-outputs = true
-
-    - name: Restore and save Nix store
-      uses: nix-community/cache-nix-action@v6
-      with:
-        primary-key: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('**/*.nix', '**/flake.lock') }}
-        restore-prefixes-first-match: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}}-
-        gc-max-store-size-linux: 2G
-        purge: true
-        purge-prefixes: nix-${{ inputs.NAME }}-
-        purge-created: 0
-        purge-last-accessed: 0
-        purge-primary-key: never
+        NAME: ${{ inputs.NAME }}
+        NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     - name: "Get artifacts"
       uses: actions/download-artifact@v5
@@ -108,9 +90,8 @@ jobs:
         /home/runner/_work/nhost/nhost/cli/result/bin/cli up --down-on-error
         /home/runner/_work/nhost/nhost/cli/result/bin/cli down --volumes
 
-    - name: "Cache build"
-      run: |
-        nix store sign --key-file <(echo "${{ secrets.NIX_CACHE_PRIV_KEY }}") --all
-        find /nix/store -maxdepth 1 -name "*-*" -type d | xargs -n 25 nix copy --to s3://nhost-nix-cache\?region=eu-central-1
+    - name: "Store Nix cache"
+      uses: ./.github/actions/cache-nix
+      with:
+        NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
       if: always()
-

.github/workflows/codegen_checks.yaml

@@ -25,6 +25,10 @@ on:
     branches:
       - main
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.pull_request.number) || format('push-{0}', github.sha) }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 jobs:
   check-permissions:
     runs-on: ubuntu-latest

.github/workflows/dashboard_checks.yaml

@@ -32,6 +32,10 @@ on:
     branches:
       - main
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.pull_request.number) || format('push-{0}', github.sha) }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 jobs:
   check-permissions:
     runs-on: ubuntu-latest
@@ -59,6 +63,7 @@ jobs:
       VERCEL_TEAM_ID: ${{ secrets.DASHBOARD_VERCEL_TEAM_ID }}
       VERCEL_PROJECT_ID: ${{ secrets.DASHBOARD_STAGING_VERCEL_PROJECT_ID }}
       VERCEL_DEPLOY_TOKEN: ${{ secrets.DASHBOARD_VERCEL_DEPLOY_TOKEN }}
+      TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
 
 
   build_artifacts:
@@ -71,6 +76,7 @@ jobs:
       GIT_REF: ${{ github.sha }}
       VERSION: 0.0.0-dev # we use a fixed version here to avoid unnecessary rebuilds
       DOCKER: true
+      OS_MATRIX: '["blacksmith-2vcpu-ubuntu-2404"]'
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
       NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
@@ -93,7 +99,7 @@ jobs:
 
 
   e2e_staging:
-    uses: ./.github/workflows/wf_dashboard_e2e_staging.yaml
+    uses: ./.github/workflows/dashboard_wf_e2e_staging.yaml
     needs:
       - check-permissions
       - deploy-vercel

.github/workflows/dashboard_release_staging.yaml

@@ -4,6 +4,32 @@ on:
   push:
     branches:
       - main
+    paths:
+      - '.github/workflows/wf_build_artifacts.yaml'
+      - '.github/workflows/wf_check.yaml'
+      - '.github/workflows/dashboard_checks.yaml'
+
+      # common build
+      - 'flake.nix'
+      - 'flake.lock'
+      - 'nixops/**'
+      - 'build/**'
+
+      # common javascript
+      - ".npmrc"
+      - ".prettierignore"
+      - ".prettierrc.js"
+      - "audit-ci.jsonc"
+      - "package.json"
+      - "pnpm-workspace.yaml"
+      - "pnpm-lock.yaml"
+      - "turbo.json"
+
+      # dashboard
+      - "dashboard/**"
+
+      # nhost-js
+      - packages/nhost-js/**
 
 jobs:
   deploy-vercel:
@@ -19,4 +45,5 @@ jobs:
       VERCEL_TEAM_ID: ${{ secrets.DASHBOARD_VERCEL_TEAM_ID }}
       VERCEL_PROJECT_ID: ${{ secrets.DASHBOARD_STAGING_VERCEL_PROJECT_ID }}
       VERCEL_DEPLOY_TOKEN: ${{ secrets.DASHBOARD_VERCEL_DEPLOY_TOKEN }}
+      TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
       DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK_STAGING }}

.github/workflows/dashboard_wf_e2e_staging.yaml

@@ -59,6 +59,10 @@ on:
       PLAYWRIGHT_REPORT_ENCRYPTION_KEY:
         required: true
 
+concurrency:
+  group: dashboard-e2e-staging
+  cancel-in-progress: false
+
 env:
   NEXT_PUBLIC_ENV: dev
   NEXT_TELEMETRY_DISABLED: 1
@@ -101,35 +105,17 @@ jobs:
         comment_on_pr: false
 
     - name: Configure aws
-      uses: aws-actions/configure-aws-credentials@v4
+      uses: aws-actions/configure-aws-credentials@v5
       with:
         role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-actions-nhost-${{ github.event.repository.name }}
         aws-region: eu-central-1
 
-    - uses: cachix/install-nix-action@v31
+    - name: Setup Nix with Cache
+      uses: ./.github/actions/setup-nix
       with:
-        install_url: "https://releases.nixos.org/nix/nix-2.28.4/install"
-        install_options: "--no-daemon"
-        extra_nix_config: |
-          experimental-features = nix-command flakes
-          sandbox = false
-          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-          substituters = https://cache.nixos.org/?priority=40 s3://nhost-nix-cache?region=eu-central-1&priority=50
-          trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= ${{ secrets.NIX_CACHE_PUB_KEY }}
-          keep-env-derivations = true
-          keep-outputs = true
-
-    - name: Restore and save Nix store
-      uses: nix-community/cache-nix-action@v6
-      with:
-        primary-key: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('**/*.nix', '**/flake.lock') }}
-        restore-prefixes-first-match: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}}-
-        gc-max-store-size-linux: 2G
-        purge: true
-        purge-prefixes: nix-${{ inputs.NAME }}-
-        purge-created: 0
-        purge-last-accessed: 0
-        purge-primary-key: never
+        NAME: ${{ inputs.NAME }}
+        NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     - name: Start CLI
       run: |
@@ -162,8 +148,8 @@ jobs:
         path: dashboard/playwright-report.tar.gz.enc
         retention-days: 1
 
-    - name: "Cache build"
-      run: |
-        nix store sign --key-file <(echo "${{ secrets.NIX_CACHE_PRIV_KEY }}") --all
-        find /nix/store -maxdepth 1 -name "*-*" -type d | xargs -n 25 nix copy --to s3://nhost-nix-cache\?region=eu-central-1
+    - name: "Store Nix cache"
+      uses: ./.github/actions/cache-nix
+      with:
+        NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
       if: always()

.github/workflows/dashboard_wf_release.yaml

@@ -4,9 +4,6 @@ name: 'dashboard: release'
 on:
   workflow_call:
     inputs:
-      NAME:
-        required: true
-        type: string
       GIT_REF:
         required: true
         type: string
@@ -49,6 +46,7 @@ jobs:
       VERCEL_TEAM_ID: ${{ secrets.VERCEL_TEAM_ID }}
       VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }}
       VERCEL_DEPLOY_TOKEN: ${{ secrets.VERCEL_DEPLOY_TOKEN }}
+      TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
       DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }}
 
   build_artifacts:
@@ -100,6 +98,7 @@ jobs:
           committer: GitHub <noreply@github.com>
           author: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com>
           body: |
-            This PR bumps the Nhost Dashboard Docker image to version ${{ needs.version.outputs.dashboardVersion }}.
+            This PR bumps the Nhost Dashboard Docker image to version ${{ inputs.VERSION }}.
           branch: bump-dashboard-version
+          base: main
           delete-branch: true

.github/workflows/docs_checks.yaml

@@ -31,6 +31,10 @@ on:
     branches:
       - main
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.pull_request.number) || format('push-{0}', github.sha) }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 jobs:
   check-permissions:
     runs-on: ubuntu-latest

.github/workflows/examples_demos_checks.yaml

@@ -41,6 +41,10 @@ on:
     branches:
       - main
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.pull_request.number) || format('push-{0}', github.sha) }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 jobs:
   check-permissions:
     runs-on: ubuntu-latest
@@ -77,6 +81,7 @@ jobs:
       GIT_REF: ${{ github.sha }}
       VERSION: 0.0.0-dev # we use a fixed version here to avoid unnecessary rebuilds
       DOCKER: false
+      OS_MATRIX: '["blacksmith-2vcpu-ubuntu-2404"]'
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
       NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}

.github/workflows/examples_guides_checks.yaml

@@ -41,6 +41,10 @@ on:
     branches:
       - main
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.pull_request.number) || format('push-{0}', github.sha) }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 jobs:
   check-permissions:
     runs-on: ubuntu-latest
@@ -77,6 +81,7 @@ jobs:
       GIT_REF: ${{ github.sha }}
       VERSION: 0.0.0-dev # we use a fixed version here to avoid unnecessary rebuilds
       DOCKER: false
+      OS_MATRIX: '["blacksmith-2vcpu-ubuntu-2404"]'
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
       NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}

.github/workflows/examples_tutorials_checks.yaml

@@ -41,6 +41,10 @@ on:
     branches:
       - main
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.pull_request.number) || format('push-{0}', github.sha) }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 jobs:
   check-permissions:
     runs-on: ubuntu-latest
@@ -77,6 +81,7 @@ jobs:
       GIT_REF: ${{ github.sha }}
       VERSION: 0.0.0-dev # we use a fixed version here to avoid unnecessary rebuilds
       DOCKER: false
+      OS_MATRIX: '["blacksmith-2vcpu-ubuntu-2404"]'
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
       NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}

.github/workflows/gen_ai_review.yaml

@@ -7,7 +7,7 @@ on:
 jobs:
   pr_agent_job:
     if: ${{ github.event.sender.type != 'Bot' }}
-    runs-on: ubuntu-latest
+    runs-on: blacksmith-2vcpu-ubuntu-2404
     timeout-minutes: 10
     permissions:
       issues: write
@@ -16,12 +16,11 @@ jobs:
     steps:
       - name: PR Agent action step
         id: pragent
-        uses: Codium-ai/pr-agent@v0.26
+        uses: Codium-ai/pr-agent@v0.30
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           OPENAI_KEY: ${{ secrets.OPENAI_API_KEY }}
           ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
-          config.max_model_tokens: 100000
-          config.model: "anthropic/claude-3-5-sonnet-20240620"
-          config.model_turbo: "anthropic/claude-3-5-sonnet-20240620"
-          ignore.glob: "['pnpm-lock.yaml','**/pnpm-lock.yaml']"
+          config.model: ${{ vars.GEN_AI_MODEL }}
+          config.model_turbo: $${{ vars.GEN_AI_MODEL_TURBO }}
+          ignore.glob: "['pnpm-lock.yaml','**/pnpm-lock.yaml', 'vendor/**','**/client_gen.go','**/models_gen.go','**/generated.go','**/*.gen.go']"

.github/workflows/gen_codeql-analysis.yml

@@ -1,8 +1,6 @@
 name: "CodeQL"
 
 on:
-  push: {}
-  pull_request: {}
   schedule:
     - cron: '20 23 * * 3'
 
@@ -18,7 +16,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'javascript' ]
+        language: [ 'javascript', 'go' ]
         # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
         # Learn more about CodeQL language support at https://git.io/codeql-language-support
 
@@ -28,7 +26,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -39,7 +37,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
+      uses: github/codeql-action/autobuild@v3
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -53,4 +51,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3

.github/workflows/gen_schedule_update_deps.yaml

@@ -18,12 +18,12 @@ jobs:
       uses: actions/checkout@v5
 
     - name: Configure aws
-      uses: aws-actions/configure-aws-credentials@v4
+      uses: aws-actions/configure-aws-credentials@v5
       with:
         role-to-assume: arn:aws:iam::${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}:role/github-actions-nhost-${{ github.event.repository.name }}
         aws-region: eu-central-1
 
-    - uses: nixbuild/nix-quick-install-action@v26
+    - uses: nixbuild/nix-quick-install-action@v34
       with:
         nix_version: 2.16.2
         nix_conf: |
@@ -51,7 +51,7 @@ jobs:
         "
 
     - name: Create Pull Request
-      uses: peter-evans/create-pull-request@v6
+      uses: peter-evans/create-pull-request@v7
       with:
         token: ${{ secrets.GITHUB_TOKEN }}
         commit-message: Update dependencies

.github/workflows/nhost-js_checks.yaml

@@ -38,6 +38,10 @@ on:
     branches:
       - main
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.pull_request.number) || format('push-{0}', github.sha) }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 jobs:
   check-permissions:
     runs-on: ubuntu-latest

.github/workflows/nixops_checks.yaml

@@ -17,6 +17,10 @@ on:
     branches:
       - main
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.pull_request.number) || format('push-{0}', github.sha) }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 jobs:
   check-permissions:
     runs-on: ubuntu-latest

.github/workflows/storage_checks.yaml

@@ -0,0 +1,84 @@
+---
+name: "storage: check and build"
+on:
+  # pull_request_target:
+  pull_request:
+    paths:
+      - '.github/workflows/storage_checks.yaml'
+      - '.github/workflows/wf_check.yaml'
+      - '.github/workflows/wf_build_artifacts.yaml'
+
+      # common build
+      - 'flake.nix'
+      - 'flake.lock'
+      - 'nixops/**'
+      - 'build/**'
+
+      # common go
+      - '.golangci.yaml'
+      - 'go.mod'
+      - 'go.sum'
+      - 'vendor/**'
+
+      # storage
+      - 'services/storage/**'
+  push:
+    branches:
+      - main
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.pull_request.number) || format('push-{0}', github.sha) }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
+jobs:
+  check-permissions:
+    runs-on: ubuntu-latest
+    steps:
+      - run: |
+          echo "github.event_name: ${{ github.event_name }}"
+          echo "github.event.pull_request.author_association: ${{ github.event.pull_request.author_association }}"
+      - name: "This task will run and fail if user has no permissions and label safe_to_test isn't present"
+        if: "github.event_name == 'pull_request_target' && ! ( contains(github.event.pull_request.labels.*.name, 'safe_to_test') || contains(fromJson('[\"OWNER\", \"MEMBER\", \"COLLABORATOR\"]'), github.event.pull_request.author_association) )"
+        run: |
+          exit 1
+
+  tests:
+    uses: ./.github/workflows/wf_check.yaml
+    needs:
+      - check-permissions
+    with:
+      NAME: storage
+      PATH: services/storage
+      GIT_REF: ${{ github.sha }}
+
+    secrets:
+      AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
+      NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
+      NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
+      NHOST_PAT: ${{ secrets.NHOST_PAT }}
+
+  build_artifacts:
+    uses: ./.github/workflows/wf_build_artifacts.yaml
+    needs:
+      - check-permissions
+    with:
+      NAME: storage
+      PATH: services/storage
+      GIT_REF: ${{ github.sha }}
+      VERSION: 0.0.0-dev # we use a fixed version here to avoid unnecessary rebuilds
+      DOCKER: true
+    secrets:
+      AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
+      NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
+      NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
+
+  remove_label:
+    runs-on: ubuntu-latest
+    needs:
+      - check-permissions
+    steps:
+      - uses: actions-ecosystem/action-remove-labels@v1
+        with:
+          labels: |
+            safe_to_test
+    if: contains(github.event.pull_request.labels.*.name, 'safe_to_test')

.github/workflows/storage_wf_release.yaml

@@ -0,0 +1,60 @@
+---
+name: "storage: release"
+on:
+  workflow_call:
+    inputs:
+      GIT_REF:
+        required: true
+        type: string
+      VERSION:
+        required: true
+        type: string
+    secrets:
+      AWS_ACCOUNT_ID:
+        required: true
+      NIX_CACHE_PUB_KEY:
+        required: true
+      NIX_CACHE_PRIV_KEY:
+        required: true
+      DOCKER_USERNAME:
+        required: true
+      DOCKER_PASSWORD:
+        required: true
+
+jobs:
+  build_artifacts:
+    uses: ./.github/workflows/wf_build_artifacts.yaml
+    with:
+      NAME: storage
+      PATH: services/storage
+      GIT_REF: ${{ inputs.GIT_REF }}
+      VERSION: ${{ inputs.VERSION }}
+      DOCKER: true
+    secrets:
+      AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
+      NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
+      NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
+
+  push-docker-hub:
+    uses: ./.github/workflows/wf_docker_push_image.yaml
+    needs:
+      - build_artifacts
+    with:
+      NAME: storage
+      PATH: services/storage
+      VERSION: ${{ inputs.VERSION }}
+    secrets:
+      DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+      DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+
+  push-docker-ecr:
+    uses: ./.github/workflows/wf_docker_push_image_ecr.yaml
+    needs:
+      - build_artifacts
+    with:
+      NAME: storage
+      PATH: services/storage
+      VERSION: ${{ inputs.VERSION }}
+    secrets:
+      AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
+      CONTAINER_REGISTRY: ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.eu-central-1.amazonaws.com

.github/workflows/wf_build_artifacts.yaml

@@ -17,6 +17,10 @@ on:
       DOCKER:
         type: boolean
         required: true
+      OS_MATRIX:
+        type: string
+        required: false
+        default: '["blacksmith-4vcpu-ubuntu-2404-arm", "blacksmith-2vcpu-ubuntu-2404"]'
     secrets:
       AWS_ACCOUNT_ID:
         required: true
@@ -37,7 +41,7 @@ jobs:
 
     strategy:
       matrix:
-        os: [blacksmith-4vcpu-ubuntu-2404-arm, blacksmith-2vcpu-ubuntu-2404]
+        os: ${{ fromJSON(inputs.OS_MATRIX) }}
       fail-fast: true
 
     runs-on: ${{ matrix.os }}
@@ -49,45 +53,24 @@ jobs:
       with:
         ref: ${{ inputs.GIT_REF }}
 
+    - name: "Validate PR title"
+      uses: ./.github/actions/validate-pr-title
+      with:
+        pr_title: ${{ github.event.pull_request.title }}
+      if: ${{ github.event_name == 'pull_request' }}
+
     - name: Configure aws
-      uses: aws-actions/configure-aws-credentials@v4
+      uses: aws-actions/configure-aws-credentials@v5
       with:
         role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-actions-nhost-${{ github.event.repository.name }}
         aws-region: eu-central-1
 
-    - uses: cachix/install-nix-action@v31
+    - name: Setup Nix with Cache
+      uses: ./.github/actions/setup-nix
       with:
-        install_url: "https://releases.nixos.org/nix/nix-2.28.4/install"
-        install_options: "--no-daemon"
-        extra_nix_config: |
-          experimental-features = nix-command flakes
-          sandbox = false
-          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-          substituters = https://cache.nixos.org/?priority=40 s3://nhost-nix-cache?region=eu-central-1&priority=50
-          trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= ${{ secrets.NIX_CACHE_PUB_KEY }}
-          keep-env-derivations = true
-          keep-outputs = true
-
-    - name: Restore and save Nix store
-      uses: nix-community/cache-nix-action@v6
-      with:
-        primary-key: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('**/*.nix', '**/flake.lock') }}
-        restore-prefixes-first-match: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}}-
-        gc-max-store-size-linux: 2G
-        purge: true
-        purge-prefixes: nix-${{ inputs.NAME }}-
-        purge-created: 0
-        purge-last-accessed: 0
-        purge-primary-key: never
-
-    # - name: "Verify if nixops is pre-built"
-    #   id: verify-nixops-build
-    #   run: |
-    #     export drvPath=$(make build-nixops-dry-run)
-    #     echo "Derivation path: $drvPath"
-    #     nix path-info --store s3://nhost-nix-cache\?region=eu-central-1 $drvPath \
-    #       || (echo "Wait until nixops is already built and cached and run again" && exit 1)
-    #   if: ${{ inputs.NAME != 'nixops' }}
+        NAME: ${{ inputs.NAME }}
+        NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     - name: Compute common env vars
       id: vars
@@ -124,8 +107,8 @@ jobs:
         retention-days: 7
       if: ${{ ( inputs.DOCKER ) }}
 
-    - name: "Cache build"
-      run: |
-        nix store sign --key-file <(echo "${{ secrets.NIX_CACHE_PRIV_KEY }}") --all
-        find /nix/store -maxdepth 1 -name "*-*" -type d | xargs -n 25 nix copy --to s3://nhost-nix-cache\?region=eu-central-1
+    - name: "Store Nix cache"
+      uses: ./.github/actions/cache-nix
+      with:
+        NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
       if: always()

.github/workflows/wf_check.yaml

@@ -44,50 +44,29 @@ jobs:
       with:
         ref: ${{ inputs.GIT_REF }}
 
+    - name: "Validate PR title"
+      uses: ./.github/actions/validate-pr-title
+      with:
+        pr_title: ${{ github.event.pull_request.title }}
+      if: ${{ github.event_name == 'pull_request' }}
+
     - name: Collect Workflow Telemetry
       uses: catchpoint/workflow-telemetry-action@v2
       with:
         comment_on_pr: false
 
     - name: Configure aws
-      uses: aws-actions/configure-aws-credentials@v4
+      uses: aws-actions/configure-aws-credentials@v5
       with:
         role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-actions-nhost-${{ github.event.repository.name }}
         aws-region: eu-central-1
 
-    - uses: cachix/install-nix-action@v31
+    - name: Setup Nix with Cache
+      uses: ./.github/actions/setup-nix
       with:
-        install_url: "https://releases.nixos.org/nix/nix-2.28.4/install"
-        install_options: "--no-daemon"
-        extra_nix_config: |
-          experimental-features = nix-command flakes
-          sandbox = false
-          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-          substituters = https://cache.nixos.org/?priority=40 s3://nhost-nix-cache?region=eu-central-1&priority=50
-          trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= ${{ secrets.NIX_CACHE_PUB_KEY }}
-          keep-env-derivations = true
-          keep-outputs = true
-
-    - name: Restore and save Nix store
-      uses: nix-community/cache-nix-action@v6
-      with:
-        primary-key: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('**/*.nix', '**/flake.lock') }}
-        restore-prefixes-first-match: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}}-
-        gc-max-store-size-linux: 2G
-        purge: true
-        purge-prefixes: nix-${{ inputs.NAME }}-
-        purge-created: 0
-        purge-last-accessed: 0
-        purge-primary-key: never
-
-    # - name: "Verify if nixops is pre-built"
-    #   id: verify-nixops-build
-    #   run: |
-    #     export drvPath=$(make build-nixops-dry-run)
-    #     echo "Derivation path: $drvPath"
-    #     nix path-info --store s3://nhost-nix-cache\?region=eu-central-1 $drvPath \
-    #       || (echo "Wait until nixops is already built and cached and run again" && exit 1)
-    #   if: ${{ inputs.NAME != 'nixops' }}
+        NAME: ${{ inputs.NAME }}
+        NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     - name: "Verify if we need to build"
       id: verify-build
@@ -109,8 +88,8 @@ jobs:
       run: make check
       if: ${{ steps.verify-build.outputs.BUILD_NEEDED == 'yes' }}
 
-    - name: "Cache build"
-      run: |
-        nix store sign --key-file <(echo "${{ secrets.NIX_CACHE_PRIV_KEY }}") --all
-        find /nix/store -maxdepth 1 -name "*-*" -type d | xargs -n 25 nix copy --to s3://nhost-nix-cache\?region=eu-central-1
+    - name: "Store Nix cache"
+      uses: ./.github/actions/cache-nix
+      with:
+        NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
       if: always()

.github/workflows/wf_deploy_vercel.yaml

@@ -27,6 +27,8 @@ on:
         required: true
       DISCORD_WEBHOOK:
         required: false
+      TURBO_TOKEN:
+        required: true
 
     outputs:
       preview-url:
@@ -52,41 +54,25 @@ jobs:
         ref: ${{ inputs.GIT_REF }}
 
     - name: Configure aws
-      uses: aws-actions/configure-aws-credentials@v4
+      uses: aws-actions/configure-aws-credentials@v5
       with:
         role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-actions-nhost-${{ github.event.repository.name }}
         aws-region: eu-central-1
 
-    - uses: cachix/install-nix-action@v31
+    - name: Setup Nix with Cache
+      uses: ./.github/actions/setup-nix
       with:
-        install_url: "https://releases.nixos.org/nix/nix-2.28.4/install"
-        install_options: "--no-daemon"
-        extra_nix_config: |
-          experimental-features = nix-command flakes
-          sandbox = false
-          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-          substituters = https://cache.nixos.org/?priority=40 s3://nhost-nix-cache?region=eu-central-1&priority=50
-          trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= ${{ secrets.NIX_CACHE_PUB_KEY }}
-          keep-env-derivations = true
-          keep-outputs = true
-
-    - name: Restore and save Nix store
-      uses: nix-community/cache-nix-action@v6
-      with:
-        primary-key: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('**/*.nix', '**/flake.lock') }}
-        restore-prefixes-first-match: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}}-
-        gc-max-store-size-linux: 2G
-        purge: true
-        purge-prefixes: nix-${{ inputs.NAME }}-
-        purge-created: 0
-        purge-last-accessed: 0
-        purge-primary-key: never
+        NAME: ${{ inputs.NAME }}
+        NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     - name: Trigger Vercel deployment
       id: deploy
       env:
         VERCEL_ORG_ID: ${{ secrets.VERCEL_TEAM_ID }}
         VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }}
+        TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
+        TURBO_TEAM: nhost
       run: |
         TARGET_OPTS="--target=${{ inputs.ENVIRONMENT }}"
         echo "Deploying to: ${{ inputs.ENVIRONMENT }}..."

.github/workflows/wf_docker_push_image.yaml

@@ -33,7 +33,7 @@ jobs:
 
     steps:
       - name: "Check out repository"
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0
           submodules: true

.github/workflows/wf_docker_push_image_ecr.yaml

@@ -0,0 +1,84 @@
+---
+on:
+  workflow_call:
+    inputs:
+      NAME:
+        type: string
+        required: true
+      PATH:
+        type: string
+        required: true
+      VERSION:
+        type: string
+        required: true
+
+    secrets:
+      AWS_ACCOUNT_ID:
+        required: true
+      CONTAINER_REGISTRY:
+        required: true
+
+jobs:
+  push-to-registry:
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+
+    permissions:
+      id-token: write
+      contents: write
+
+    defaults:
+      run:
+        working-directory: ${{ inputs.PATH }}
+
+    steps:
+      - name: "Check out repository"
+        uses: actions/checkout@v5
+        with:
+          fetch-depth: 0
+          submodules: true
+
+      - name: Configure aws
+        uses: aws-actions/configure-aws-credentials@v5
+        with:
+          role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-actions-nhost-${{ github.event.repository.name }}
+          aws-region: eu-central-1
+
+      - name: "Login to Amazon ECR"
+        uses: aws-actions/amazon-ecr-login@v2
+        with:
+          mask-password: 'true'
+
+      - name: "Compute common env vars"
+        id: vars
+        run: |
+          echo "VERSION=$(make get-version VER=${{ inputs.VERSION }})" >> $GITHUB_OUTPUT
+
+      - name: "Get artifacts"
+        uses: actions/download-artifact@v5
+        with:
+          path: ~/artifacts
+
+      - name: "Inspect artifacts"
+        run: find ~/artifacts
+
+      - name: "Push docker image to docker hub"
+        run: |
+          export NAME=${{ inputs.NAME }}
+          export VERSION=${{ steps.vars.outputs.VERSION }}
+          export CONTAINER_REGISTRY=${{ secrets.CONTAINER_REGISTRY }}
+          export CONTAINER_NAME=$CONTAINER_REGISTRY/$NAME
+
+          for ARCH in "x86_64" "aarch64"; do
+            skopeo copy --insecure-policy \
+              dir:/home/runner/artifacts/${{ inputs.NAME }}-docker-image-$ARCH-$VERSION \
+              docker-daemon:$CONTAINER_NAME:$VERSION-$ARCH
+            docker push $CONTAINER_NAME:$VERSION-$ARCH
+          done
+
+          docker manifest create \
+            $CONTAINER_NAME:$VERSION \
+            --amend $CONTAINER_NAME:$VERSION-x86_64 \
+            --amend $CONTAINER_NAME:$VERSION-aarch64
+
+          docker manifest push $CONTAINER_NAME:$VERSION

.github/workflows/wf_release_npm.yaml

@@ -42,35 +42,17 @@ jobs:
       uses: actions/checkout@v5
 
     - name: Configure aws
-      uses: aws-actions/configure-aws-credentials@v4
+      uses: aws-actions/configure-aws-credentials@v5
       with:
         role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-actions-nhost-${{ github.event.repository.name }}
         aws-region: eu-central-1
 
-    - uses: cachix/install-nix-action@v31
+    - name: Setup Nix with Cache
+      uses: ./.github/actions/setup-nix
       with:
-        install_url: "https://releases.nixos.org/nix/nix-2.28.4/install"
-        install_options: "--no-daemon"
-        extra_nix_config: |
-          experimental-features = nix-command flakes
-          sandbox = false
-          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-          substituters = https://cache.nixos.org/?priority=40 s3://nhost-nix-cache?region=eu-central-1&priority=50
-          trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= ${{ secrets.NIX_CACHE_PUB_KEY }}
-          keep-env-derivations = true
-          keep-outputs = true
-
-    - name: Restore and save Nix store
-      uses: nix-community/cache-nix-action@v6
-      with:
-        primary-key: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('**/*.nix', '**/flake.lock') }}
-        restore-prefixes-first-match: nix-${{ inputs.NAME }}-${{ runner.os }}-${{ runner.arch }}}-
-        gc-max-store-size-linux: 2G
-        purge: true
-        purge-prefixes: nix-${{ inputs.NAME }}-
-        purge-created: 0
-        purge-last-accessed: 0
-        purge-primary-key: never
+        NAME: ${{ inputs.NAME }}
+        NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     - name: "Build package"
       run: make build

.golangci.yaml

@@ -26,6 +26,7 @@ linters:
       - legacy
       - std-error-handling
     rules:
+      # general rules
       - linters:
           - funlen
           - ireturn
@@ -40,10 +41,26 @@ linters:
           - ireturn
           - lll
         path: schema\.resolvers\.go
+
+      # storage service specific rules
+      - linters:
+          - gochecknoglobals
+          - gochecknoinits
+        path: services/storage/cmd/
+      - linters:
+          - gochecknoglobals
+        path: services/storage/cmd/controller/version.go
+      - linters:
+          - funlen
+          - ireturn
+          - exhaustruct
+        path: services/storage/.*_test\.go
+
     paths:
       - third_party$
       - builtin$
       - examples$
+
 formatters:
   enable:
     - gofmt

DEVELOPERS.md

@@ -98,64 +98,3 @@ You can run the e2e tests with the following command from the repository root:
 ```sh
 $ pnpm e2e
 ```
-
-## Changesets
-
-If you've made changes to the packages, you must describe those changes so that they can be reflected in the next release.
-We use [changesets](https://github.com/changesets/changesets) to support our versioning and release workflows. When you submit a pull request, a bot checks if changesets are present, and if not, it asks you to add them.
-
-To create a changeset, run the following command from the repository root:
-
-```sh
-$ pnpm changeset
-```
-
-This command will guide you through the process of creating a changeset. It will create a file in the `.changeset` directory.
-
-You can take a look at the changeset documentation: [How to add a changeset](https://github.com/changesets/changesets/blob/main/docs/adding-a-changeset.md).
-
-### Selecting the Version
-
-When you create a changeset, you will be asked to select the version of the package that you are bumping. The versioning scheme is as follows:
-
-- **major**
-  - For breaking changes (e.g: changing the function signature, etc.)
-  - Should be avoided as much as possible as it will require users to update their code. Instead, consider supporting both the old and the new API simultaneously for a while.
-  - For example: `v1.5.8` -> `v2.0.0`
-- **minor**
-  - For new features (e.g: adding a new page to the dashboard, etc.)
-  - For example: `v1.5.8` -> `v1.6.0`
-- **patch**
-  - For bug fixes (e.g: fixing a typo, etc.)
-  - For example: `v1.5.8` -> `v1.5.9`
-
-### Writing Good Changesets
-
-A concise summary that describes the changes should be added to each PR. This summary will be used as the changeset description.
-
-The following structure is used for describing changes:
-
-- **The type of the change**:
-
-  - fix
-  - feat
-  - chore
-  - docs
-
-- **The scope of the change** (_broader scopes (e.g: dashboard, hasura-storage-js, etc.) are not recommended as GitHub Releases already contain which project is being bumped_):
-
-  - projects
-  - deployments
-  - deps
-  - etc.
-
-- **A short summary of the changes that were made**
-
-**Examples:**
-
-- `fix(deployments): use correct timestamp for deployment details`
-- `chore(deps): bump @types/react to v18.2.8`
-- `feat(secrets): enable secrets`
-- etc.
-
-You can always take a look at examples of changesets in the [GitHub Releases section](https://github.com/nhost/nhost/releases).

cli/.github/PULL_REQUEST_TEMPLATE.md

@@ -1,20 +0,0 @@
-## Description
-<!--
-Use one of the following title prefix to categorize the pull request:
-feat:   mark this pull request as a feature
-fix:    mark this pull request as a bug fix
-chore:  mark this pull request as a maintenance item
-
-To auto merge this pull request when it was approved
-by another member of the organization: set the label `auto-merge`
--->
-## Problem
-A short description of the problem this PR is addressing.
-
-## Solution
-A short description of the chosen method to resolve the problem
-with an overview of the logic and implementation details when needed.
-
-## Notes
-Other notes that you want to share but do not fit into _Problem_ or _Solution_.
-

cli/.github/cert.sh

@@ -1,36 +0,0 @@
-#!/bin/bash
-
-set -euo pipefail
-
-mkdir -p /tmp/letsencrypt
-
-echo "Generating SSL certificate for hostnames: local.nhost.run, local.graphql.nhost.run, local.auth.nhost.run, local.storage.nhost.run, local.functions.nhost.run, local.mail.nhost.run"
-docker run --rm \
-  --name certbot \
-  -e AWS_ACCESS_KEY_ID \
-  -e AWS_SECRET_ACCESS_KEY \
-  -e AWS_SESSION_TOKEN \
-  -e AWS_REGION \
-  -v /tmp/letsencrypt:/etc/letsencrypt \
-  -v /tmp/letsencrypt:/var/lib/letsencrypt \
-  certbot/dns-route53 certonly --dns-route53 --dns-route53-propagation-seconds 60 \
-    -d local.auth.nhost.run \
-    -d local.dashboard.nhost.run \
-    -d local.db.nhost.run \
-    -d local.functions.nhost.run \
-    -d local.graphql.nhost.run \
-    -d local.hasura.nhost.run \
-    -d local.mailhog.nhost.run \
-    -d local.storage.nhost.run \
-    -d *.auth.local.nhost.run \
-    -d *.dashboard.local.nhost.run \
-    -d *.db.local.nhost.run \
-    -d *.functions.local.nhost.run \
-    -d *.graphql.local.nhost.run \
-    -d *.hasura.local.nhost.run \
-    -d *.mailhog.local.nhost.run \
-    -d *.storage.local.nhost.run \
-    -m 'admin@nhost.io' --non-interactive --agree-tos --server https://acme-v02.api.letsencrypt.org/directory
-
-sudo cp /tmp/letsencrypt/live/local.db.nhost.run/fullchain.pem ssl/.ssl/
-sudo cp /tmp/letsencrypt/live/local.db.nhost.run/privkey.pem ssl/.ssl/

cli/.github/labeler.yml

@@ -1,8 +0,0 @@
-labels:
-  'feature':
-    - '^(?i:feat)'
-    - '^(?i:feature)'
-  'fix':
-    - '^(?i:fix)'
-  'chore':
-    - '^(?i:chore)'

cli/.github/release-drafter.yml

@@ -1,39 +0,0 @@
-name-template: 'v$RESOLVED_VERSION'
-tag-template: 'v$RESOLVED_VERSION'
-categories:
-  - title: '🚀 Features'
-    label: 'feature'
-  - title: '🐛 Bug Fixes'
-    label: 'fix'
-  - title: '🧰 Maintenance'
-    label: 'chore'
-change-template: '- $TITLE @$AUTHOR (#$NUMBER)'
-change-title-escapes: '\<*_&' # You can add # and @ to disable mentions, and add ` to disable code blocks.
-version-resolver:
-  major:
-    labels:
-      - 'major'
-  minor:
-    labels:
-      - 'minor'
-  patch:
-    labels:
-      - 'patch'
-  default: patch
-autolabeler:
-  - label: 'feature'
-    title:
-      - '/^feat/i'
-      - '/^feature/i'
-  - label: 'fix'
-    title:
-      - '/^fix/i'
-  - label: 'chore'
-    title:
-      - '/^chore/i'
-prerelease: true
-template: |
-  ## Changes
-
-  $CHANGES
-

cli/.github/stale.yml

@@ -1,16 +0,0 @@
-# Configuration for probot-stale - https://github.com/probot/stale
-
-daysUntilStale: 180
-daysUntilClose: 7
-limitPerRun: 30
-onlyLabels: []
-exemptLabels: []
-
-exemptProjects: false
-exemptMilestones: false
-exemptAssignees: false
-staleLabel: stale
-markComment: >
-  This issue has been automatically marked as stale because it has not had
-  recent activity. It will be closed if no further activity occurs. Thank you
-  for your contributions.

cli/.github/workflows/assign_labels.yml

@@ -1,17 +0,0 @@
-# this workflow will run on all pull requests opened but in the context of the base of the pull request.
-on:
-  pull_request_target:
-    types: [opened]
-
-name: "assign labels"
-jobs:
-  # labeler will label pull requests based on their title.
-  # the configuration is at .github/labeler.yml.
-  label_pull_request:
-    runs-on: ubuntu-latest
-    steps:
-      -
-        name: Label Pull Request
-        uses: jimschubert/labeler-action@v2
-        with:
-          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

cli/.github/workflows/build-cert-weekly.yaml.disabled

@@ -1,53 +0,0 @@
----
-name: "build certificate weekly"
-on:
-  schedule:
-    - cron: '0 0 * * 1'
-
-jobs:
-  run:
-    runs-on: ubuntu-latest
-
-    permissions:
-      id-token: write
-      contents: read
-
-    steps:
-    - name: Check out repository
-      uses: actions/checkout@v3
-      with:
-        fetch-depth: 0
-
-    - name: Configure aws
-      uses: aws-actions/configure-aws-credentials@v2
-      with:
-        role-to-assume: arn:aws:iam::796351718684:role/github-actions-nhost-cli
-        aws-region: eu-central-1
-
-    - name: fetch let's encrypt cert
-      id: certs
-      run: |
-        .github/cert.sh
-
-        echo "CERT_FULL_CHAIN<<EOF" >> $GITHUB_OUTPUT
-        sudo cat /tmp/letsencrypt/live/local.db.nhost.run/fullchain.pem >> "$GITHUB_OUTPUT"
-        echo EOF >> $GITHUB_OUTPUT
-
-        echo "CERT_PRIV_KEY<<EOF" >> $GITHUB_OUTPUT
-        sudo cat /tmp/letsencrypt/live/local.db.nhost.run/privkey.pem >> "$GITHUB_OUTPUT"
-        echo EOF >> $GITHUB_OUTPUT
-      shell: bash
-
-    - uses: hmanzur/actions-set-secret@v2.0.0
-      with:
-        name: 'CERT_FULL_CHAIN'
-        value: "${{ steps.certs.outputs.CERT_FULL_CHAIN }}"
-        repository: nhost/cli
-        token: ${{ secrets.GH_PAT }}
-
-    - uses: hmanzur/actions-set-secret@v2.0.0
-      with:
-        name: 'CERT_PRIV_KEY'
-        value: "${{ steps.certs.outputs.CERT_PRIV_KEY }}"
-        repository: nhost/cli
-        token: ${{ secrets.GH_PAT }}

cli/.github/workflows/checks.yaml

@@ -1,27 +0,0 @@
----
-name: "check and build"
-on:
-  pull_request:
-  push:
-    branches:
-      - main
-
-jobs:
-  tests:
-    uses: ./.github/workflows/wf_check.yaml
-    secrets:
-      NHOST_PAT: ${{ secrets.NHOST_PAT }}
-
-  build_artifacts:
-    strategy:
-      fail-fast: true
-      matrix:
-        GOOS: ["darwin", "linux"]
-        GOARCH: ["amd64", "arm64"]
-    uses: ./.github/workflows/wf_build_artifacts.yaml
-    with:
-      GOOS: ${{ matrix.GOOS }}
-      GOARCH: ${{ matrix.GOARCH }}
-      VERSION: ${{ github.sha }}
-    secrets:
-      NHOST_PAT: ${{ secrets.NHOST_PAT }}

cli/.github/workflows/codeql-analysis.yml

@@ -1,56 +0,0 @@
-name: "CodeQL"
-
-on:
-  push: {}
-  pull_request: {}
-  schedule:
-    - cron: '20 23 * * 3'
-
-jobs:
-  analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'go' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
-        # Learn more about CodeQL language support at https://git.io/codeql-language-support
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2

cli/.github/workflows/gen_ai_review.yaml

@@ -1,27 +0,0 @@
----
-name: "gen: AI review"
-on:
-  pull_request:
-    types: [opened, reopened, ready_for_review]
-  issue_comment:
-jobs:
-  pr_agent_job:
-    if: ${{ github.event.sender.type != 'Bot' }}
-    runs-on: ubuntu-latest
-    timeout-minutes: 10
-    permissions:
-      issues: write
-      pull-requests: write
-    name: Run pr agent on every pull request, respond to user comments
-    steps:
-      - name: PR Agent action step
-        id: pragent
-        uses: Codium-ai/pr-agent@v0.29
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          OPENAI_KEY: ${{ secrets.OPENAI_API_KEY }}
-          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
-          config.max_model_tokens: 100000
-          config.model: "anthropic/claude-sonnet-4-20250514"
-          config.model_turbo: "anthropic/claude-sonnet-4-20250514"
-          ignore.glob: "['vendor/**','**/client_gen.go','**/models_gen.go','**/generated.go','**/*.gen.go']"

cli/.github/workflows/gen_schedule_update_deps.yaml

@@ -1,91 +0,0 @@
----
-name: "gen: update depenendencies"
-on:
-  schedule:
-    - cron: '0 2 1 2,5,8,11 *'
-
-jobs:
-  run:
-    runs-on: ubuntu-latest
-
-    permissions:
-      id-token: write
-      contents: write
-      pull-requests: write
-
-    steps:
-    - name: Check out repository
-      uses: actions/checkout@v4
-      with:
-        fetch-depth: 0
-
-    - name: Configure aws
-      uses: aws-actions/configure-aws-credentials@v4
-      with:
-        role-to-assume: arn:aws:iam::${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}:role/github-actions-nhost-${{ github.event.repository.name }}
-        aws-region: eu-central-1
-
-    - uses: nixbuild/nix-quick-install-action@v26
-      with:
-        nix_version: 2.16.2
-        nix_conf: |
-          experimental-features = nix-command flakes
-          sandbox = false
-          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-          substituters = https://cache.nixos.org/?priority=40 s3://nhost-nix-cache?region=eu-central-1&priority=50
-          trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= ${{ secrets.NIX_CACHE_PUB_KEY }}
-
-    - name: Cache nix store
-      uses: actions/cache@v4
-      with:
-        path: /nix
-        key: nix-update-deps-${{ hashFiles('flakes.nix', 'flake.lock') }}
-
-    - name: Update nix flakes
-      run: nix flake update
-
-    - uses: shaunco/ssh-agent@git-repo-mapping
-      with:
-        ssh-private-key: |
-          ${{ secrets.NHOST_BE_DEPLOY_SSH_PRIVATE_KEY}}
-        repo-mappings: |
-          github.com/nhost/be
-
-    - name: Update golang dependencies
-      run: |
-        export GOPRIVATE=github.com/nhost/be
-        nix develop -c bash -c "
-          go mod tidy
-          go get -u $(cat go.mod | grep nhost\/be | tr ' ' '@') ./...
-          go mod tidy
-          go mod vendor
-        "
-
-    - name: Create Pull Request
-      uses: peter-evans/create-pull-request@v6
-      with:
-        token: ${{ secrets.GITHUB_TOKEN }}
-        commit-message: Update dependencies
-        committer: GitHub <noreply@github.com>
-        author: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com>
-        signoff: false
-        branch: automated/update-deps
-        delete-branch: true
-        title: '[Scheduled] Update dependencies'
-        body: |
-          Dependencies updated
-
-          Note - If you see this PR and the checks haven't run, close and reopen the PR. See https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#triggering-further-workflow-runs
-        labels: |
-          dependencies
-        draft: false
-
-    - name: "Cache nix store on s3"
-      run: |
-        echo ${{ secrets.NIX_CACHE_PRIV_KEY }} > cache-priv-key.pem
-        nix build .\#devShells.x86_64-linux.default
-        nix store sign --key-file cache-priv-key.pem --all
-        nix copy --to s3://nhost-nix-cache\?region=eu-central-1 .\#devShells.x86_64-linux.default
-
-    - run: rm cache-priv-key.pem
-      if: always()

cli/.github/workflows/release.yaml

@@ -1,35 +0,0 @@
----
-name: "release"
-on:
-  release:
-    types: [published]
-
-jobs:
-  tests:
-    uses: ./.github/workflows/wf_check.yaml
-    secrets:
-      NHOST_PAT: ${{ secrets.NHOST_PAT }}
-
-  build_artifacts:
-    strategy:
-      matrix:
-        GOOS: ["darwin", "linux"]
-        GOARCH: ["amd64", "arm64"]
-    uses: ./.github/workflows/wf_build_artifacts.yaml
-    with:
-      GOOS: ${{ matrix.GOOS }}
-      GOARCH: ${{ matrix.GOARCH }}
-      VERSION: ${{ github.ref_name }}
-    secrets:
-      NHOST_PAT: ${{ secrets.NHOST_PAT }}
-
-  publish:
-    uses: ./.github/workflows/wf_publish.yaml
-    needs:
-      - tests
-      - build_artifacts
-    with:
-      VERSION: ${{ github.ref_name }}
-    secrets:
-      DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
-      DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}

cli/.github/workflows/release_drafter.yml

@@ -1,17 +0,0 @@
-name: "release drafter"
-on:
-  push:
-    branches:
-      - main
-
-jobs:
-  # draft your next release notes as pull requests are merged into "master"
-  # the configuration is at /.github/release-drafter.yml.
-  update_release_draft:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: release-drafter/release-drafter@v5
-        with:
-          config-name: release-drafter.yml
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

cli/.github/workflows/wf_build_artifacts.yaml

@@ -1,89 +0,0 @@
----
-on:
-  workflow_call:
-    inputs:
-      GIT_REF:
-        type: string
-        required: false
-      VERSION:
-        type: string
-        required: true
-      GOOS:
-        type: string
-        required: true
-      GOARCH:
-        type: string
-        required: true
-    secrets:
-      NHOST_PAT:
-        required: true
-
-jobs:
-  artifacts:
-    runs-on: ubuntu-latest
-
-    permissions:
-      id-token: write
-      contents: write
-
-    steps:
-    - name: "Check out repository"
-      uses: actions/checkout@v4
-      with:
-        fetch-depth: 0
-        ref: ${{ inputs.GIT_REF }}
-        submodules: true
-
-    - uses: cachix/install-nix-action@v27
-      with:
-        install_url: "https://releases.nixos.org/nix/nix-2.22.3/install"
-        install_options: "--no-daemon"
-        extra_nix_config: |
-          experimental-features = nix-command flakes
-          sandbox = false
-          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-          substituters = https://cache.nixos.org/?priority=40
-          trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
-
-    - name: Compute common env vars
-      id: vars
-      run: |
-        echo "VERSION=$(make get-version VERSION=${{ inputs.VERSION }})" >> $GITHUB_OUTPUT
-
-    - name: "Build artifact"
-      run: |
-        make build ARCH=${{ inputs.GOARCH }} OS=${{ inputs.GOOS }}
-        find -L result -type f -exec cp {} nhost-cli \;
-
-    - name: "Push artifact to artifact repository"
-      uses: actions/upload-artifact@v4
-      with:
-        name: cli-${{ steps.vars.outputs.VERSION }}-${{ inputs.GOOS }}-${{ inputs.GOARCH }}
-        path: nhost-cli
-        retention-days: 7
-
-    - name: "Build docker-image"
-      run: |
-        make build-docker-image ARCH=${{ inputs.GOARCH }}
-      if: ${{ ( inputs.GOOS == 'linux' ) }}
-
-    - name: "Create a new project"
-      run: |
-        export NHOST_DOMAIN=staging.nhost.run
-        export NHOST_CONFIGSERVER_IMAGE=nhost/cli:${{ steps.vars.outputs.VERSION }}
-
-        mkdir new-project
-        cd new-project
-        ../nhost-cli login --pat ${{ secrets.NHOST_PAT }}
-        ../nhost-cli init
-        ../nhost-cli up --down-on-error
-        ../nhost-cli down
-      if: ${{ ( inputs.GOOS == 'linux' && inputs.GOARCH == 'amd64' ) }}
-
-    - name: "Push docker-image to artifact repository"
-      uses: actions/upload-artifact@v4
-      with:
-        name: cli-docker-image-${{ steps.vars.outputs.VERSION }}-${{ inputs.GOOS }}-${{ inputs.GOARCH }}
-        path: result
-        retention-days: 7
-      if: ${{ ( inputs.GOOS == 'linux' ) }}

cli/.github/workflows/wf_check.yaml

@@ -1,42 +0,0 @@
----
-on:
-  workflow_call:
-    inputs:
-      GIT_REF:
-        type: string
-        required: false
-    secrets:
-      NHOST_PAT:
-        required: true
-
-jobs:
-  tests:
-    runs-on: ubuntu-latest
-
-    permissions:
-      id-token: write
-      contents: write
-
-    steps:
-    - name: "Check out repository"
-      uses: actions/checkout@v4
-      with:
-        fetch-depth: 0
-        ref: ${{ inputs.GIT_REF }}
-        submodules: true
-
-    - uses: cachix/install-nix-action@v27
-      with:
-        install_url: "https://releases.nixos.org/nix/nix-2.22.3/install"
-        install_options: "--no-daemon"
-        extra_nix_config: |
-          experimental-features = nix-command flakes
-          sandbox = false
-          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-          substituters = https://cache.nixos.org/?priority=40
-          trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
-
-    - name: "Run checks"
-      run: |
-        export NHOST_PAT=${{ secrets.NHOST_PAT }}
-        make check

cli/.github/workflows/wf_publish.yaml

@@ -1,93 +0,0 @@
----
-on:
-  workflow_call:
-    inputs:
-      VERSION:
-        type: string
-        required: true
-    secrets:
-      DOCKER_USERNAME:
-        required: true
-      DOCKER_PASSWORD:
-        required: true
-
-name: release
-jobs:
-  release:
-    runs-on: ubuntu-latest
-
-    permissions:
-      id-token: write
-      contents: write
-
-    steps:
-      - name: "Check out repository"
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          ref: ${{ inputs.GIT_REF }}
-          submodules: true
-
-      - name: Compute common env vars
-        id: vars
-        run: |
-          echo "VERSION=$(make get-version VERSION=${{ inputs.VERSION }})" >> $GITHUB_OUTPUT
-
-      - name: "Get artifacts"
-        uses: actions/download-artifact@v4
-        with:
-          path: ~/artifacts
-
-      - name: Login to DockerHub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-
-      - name: Upload docker images
-        shell: bash
-        run: |
-          export VERSION=${{ steps.vars.outputs.VERSION }}
-          export CONTAINER_NAME=nhost/cli
-
-          skopeo copy --insecure-policy \
-            dir:/home/runner/artifacts/cli-docker-image-$VERSION-linux-amd64 \
-            docker-daemon:$CONTAINER_NAME:$VERSION-amd64
-          docker push $CONTAINER_NAME:$VERSION-amd64
-
-          skopeo copy --insecure-policy \
-            dir:/home/runner/artifacts/cli-docker-image-$VERSION-linux-arm64 \
-            docker-daemon:$CONTAINER_NAME:$VERSION-arm64
-          docker push $CONTAINER_NAME:$VERSION-arm64
-
-          docker manifest create \
-              $CONTAINER_NAME:$VERSION \
-              --amend $CONTAINER_NAME:$VERSION-amd64 \
-              --amend $CONTAINER_NAME:$VERSION-arm64
-          docker manifest push $CONTAINER_NAME:$VERSION
-
-      - name: Upload assets
-        shell: bash
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          export VERSION=${{ steps.vars.outputs.VERSION }}
-
-          mkdir upload
-
-          find ~/artifacts -type f -name "nhost-cli" -exec bash -c 'chmod +x "$0" && mv "$0" "${0//nhost-cli/cli}"' {} \;
-
-          tar cvzf upload/cli-$VERSION-darwin-amd64.tar.gz -C ~/artifacts/cli-$VERSION-darwin-amd64 cli
-          tar cvzf upload/cli-$VERSION-darwin-arm64.tar.gz -C ~/artifacts/cli-$VERSION-darwin-arm64 cli
-          tar cvzf upload/cli-$VERSION-linux-amd64.tar.gz -C ~/artifacts/cli-$VERSION-linux-amd64 cli
-          tar cvzf upload/cli-$VERSION-linux-arm64.tar.gz -C ~/artifacts/cli-$VERSION-linux-arm64 cli
-
-          cd upload
-          find . -type f -exec sha256sum {} + > ../checksums.txt
-          cd ..
-
-          cat checksums.txt
-
-          gh release upload \
-            --clobber "${{ github.ref_name }}" \
-            ./upload/* checksums.txt

cli/CHANGELOG.md

@@ -0,0 +1,17 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## [cli@1.32.2] - 2025-10-01
+
+### ⚙️ Miscellaneous Tasks
+
+- *(cli)* Remove hasura- prefix from auth/storage images (#3538)
+
+## [cli@1.32.1] - 2025-09-29
+
+### ⚙️ Miscellaneous Tasks
+
+- *(ci)* Minor improvements to the ci (#3527)
+- *(cli)* Update schema (#3529)
+

cli/README.md

@@ -12,9 +12,9 @@ It's recommended to use the Nhost CLI and the [Nhost GitHub Integration](https:/
 
 - [Nhost Dashboard](https://github.com/nhost/nhost/tree/main/dashboard)
 - [Postgres Database](https://www.postgresql.org/)
-- [Hasura's GraphQL Engine](https://github.com/hasura/graphql-engine)
-- [Hasura Auth](https://github.com/nhost/hasura-auth)
-- [Hasura Storage](https://github.com/nhost/hasura-storage)
+- [GraphQL Engine](https://github.com/hasura/graphql-engine)
+- [Auth](https://github.com/nhost/nhost/main/auth)
+- [Storage](https://github.com/nhost/nhost/main/storage)
 - [Nhost Serverless Functions](https://github.com/nhost/functions)
 - [Minio S3](https://github.com/minio/minio)
 - [Mailhog](https://github.com/mailhog/MailHog)

cli/cmd/dev/cloud.go

@@ -56,7 +56,7 @@ func CommandCloud() *cli.Command {
 			&cli.StringFlag{ //nolint:exhaustruct
 				Name:    flagDashboardVersion,
 				Usage:   "Dashboard version to use",
-				Value:   "nhost/dashboard:2.33.0",
+				Value:   "nhost/dashboard:2.38.0",
 				EnvVars: []string{"NHOST_DASHBOARD_VERSION"},
 			},
 			&cli.StringFlag{ //nolint:exhaustruct

cli/cmd/dev/up.go

@@ -111,7 +111,7 @@ func CommandUp() *cli.Command { //nolint:funlen
 			&cli.StringFlag{ //nolint:exhaustruct
 				Name:    flagDashboardVersion,
 				Usage:   "Dashboard version to use",
-				Value:   "nhost/dashboard:2.33.0",
+				Value:   "nhost/dashboard:2.38.0",
 				EnvVars: []string{"NHOST_DASHBOARD_VERSION"},
 			},
 			&cli.StringFlag{ //nolint:exhaustruct

cli/cmd/software/version.go

@@ -111,11 +111,11 @@ func CheckVersions(
 
 	checkServiceVersion(
 		ce, graphql.SoftwareTypeEnumAuth, *cfg.GetAuth().GetVersion(), swv,
-		"https://github.com/nhost/hasura-auth/releases",
+		"https://github.com/nhost/nhost/releases",
 	)
 	checkServiceVersion(
 		ce, graphql.SoftwareTypeEnumStorage, *cfg.GetStorage().GetVersion(), swv,
-		"https://github.com/nhost/hasura-storage/releases",
+		"https://github.com/nhost/nhost/releases",
 	)
 	checkServiceVersion(
 		ce, graphql.SoftwareTypeEnumPostgreSQL, *cfg.GetPostgres().GetVersion(), swv,

cli/dockercompose/auth.go

@@ -67,7 +67,7 @@ func auth( //nolint:funlen
 	}
 
 	svc := &Service{
-		Image: "nhost/hasura-auth:" + *cfg.Auth.Version,
+		Image: "nhost/auth:" + *cfg.Auth.Version,
 		DependsOn: map[string]DependsOn{
 			"graphql": {
 				Condition: "service_healthy",

cli/dockercompose/auth_test.go

@@ -10,7 +10,7 @@ import (
 func expectedAuth() *Service {
 	//nolint:lll
 	return &Service{
-		Image:   "nhost/hasura-auth:0.31.0",
+		Image:   "nhost/auth:0.31.0",
 		Command: nil,
 		DependsOn: map[string]DependsOn{
 			"graphql":  {Condition: "service_healthy"},
@@ -231,7 +231,7 @@ func TestAuth(t *testing.T) {
 			exposePort: 0,
 			expected: func() *Service {
 				svc := expectedAuth()
-				svc.Image = "nhost/hasura-auth:0.21.3"
+				svc.Image = "nhost/auth:0.21.3"
 				svc.Labels["traefik.http.middlewares.replace-auth.replacepathregex.regex"] = "/v1(/|$$)(.*)"
 				svc.Labels["traefik.http.middlewares.replace-auth.replacepathregex.replacement"] = "/$$2"
 				svc.Labels["traefik.http.routers.auth.middlewares"] = "replace-auth"

cli/dockercompose/storage.go

@@ -49,7 +49,7 @@ func storage( //nolint:funlen
 	}
 
 	return &Service{
-		Image: "nhost/hasura-storage:" + *cfg.GetStorage().GetVersion(),
+		Image: "nhost/storage:" + *cfg.GetStorage().GetVersion(),
 		DependsOn: map[string]DependsOn{
 			"minio": {
 				Condition: "service_started",

cli/dockercompose/storage_test.go

@@ -9,7 +9,7 @@ import (
 
 func expectedStorage() *Service {
 	return &Service{
-		Image: "nhost/hasura-storage:0.2.5",
+		Image: "nhost/storage:0.2.5",
 		DependsOn: map[string]DependsOn{
 			"graphql":  {Condition: "service_healthy"},
 			"minio":    {Condition: "service_started"},

dashboard/.eslintrc.js

@@ -9,6 +9,7 @@ module.exports = {
     project: './tsconfig.json',
   },
   ignorePatterns: [
+    'src/utils/hasura-api/generated/',
     '**/.eslintrc.js',
     '**/prettier.config.js',
     '**/next.config.js',

dashboard/CHANGELOG.md

@@ -1,3 +1,37 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## [@nhost/dashboard@2.38.2] - 2025-09-30
+
+### 🐛 Bug Fixes
+
+- *(dashboard)* Update remote schemas url tooltip (#3540)
+
+## [@nhost/dashboard@2.38.1] - 2025-09-30
+
+### 🐛 Bug Fixes
+
+- *(dashboard)* Delay generating auth service url when creating users (#3530)
+
+
+### ⚙️ Miscellaneous Tasks
+
+- *(ci)* Bump aws-actions/configure-aws-credentials from 4 to 5 (#3522)
+
+## [@nhost/dashboard@2.38.0] - 2025-09-29
+
+### 🚀 Features
+
+- *(dashboard)* Add remote schemas (#3299)
+- *(dashboard)* Datatable column header redesign (#3500)
+
+
+### ⚙️ Miscellaneous Tasks
+
+- *(ci)* Add e2e remote schema name repository variable to CI workflow (#3502)
+- *(dashboard)* Fix defects in basetable form and add comment to columns (#3475)
+
 # @nhost/dashboard
 
 ## 2.37.0

dashboard/e2e/database/create-table.test.ts

@@ -101,6 +101,12 @@ test('should create a table with nullable columns', async ({
   await expect(
     page.getByRole('link', { name: tableName, exact: true }),
   ).toBeVisible();
+  await page
+    .locator(`li:has-text("${tableName}") #table-management-menu button`)
+    .click();
+  await page.getByText('Edit Table').click();
+  expect(page.locator('h2:has-text("Edit Table")')).toBeVisible();
+  expect(page.locator('div[data-testid="id"]')).toBeVisible();
 });
 
 test('should create a table with an identity column', async ({
@@ -116,15 +122,15 @@ test('should create a table with an identity column', async ({
     name: tableName,
     primaryKeys: ['id'],
     columns: [
-      { name: 'id', type: 'int4' },
+      { name: 'id', type: 'uuid', defaultValue: 'gen_random_uuid()' },
       { name: 'title', type: 'text', nullable: true },
       { name: 'description', type: 'text', nullable: true },
+      { name: 'identity_column', type: 'int4' },
     ],
   });
 
-  // await page.getByRole('button', { name: /identity/i }).click();
   await page.getByLabel('Identity').click();
-  await page.getByRole('option', { name: /id/i }).click();
+  await page.getByRole('option', { name: /identity_column/i }).click();
 
   // create table
   await page.getByRole('button', { name: /create/i }).click();
@@ -136,6 +142,17 @@ test('should create a table with an identity column', async ({
   await expect(
     page.getByRole('link', { name: tableName, exact: true }),
   ).toBeVisible();
+  await page
+    .locator(`li:has-text("${tableName}") #table-management-menu button`)
+    .click();
+  await page.getByText('Edit Table').click();
+  expect(page.locator('h2:has-text("Edit Table")')).toBeVisible();
+  expect(
+    page.locator('button#identityColumnIndex :has-text("identity_column")'),
+  ).toBeVisible();
+  expect(page.locator('[id="columns.3.defaultValue"]')).toBeDisabled();
+  expect(page.locator('[name="columns.3.isNullable"]')).toBeDisabled();
+  expect(page.locator('[name="columns.3.isUnique"]')).toBeDisabled();
 });
 
 test('should create table with foreign key constraint', async ({
@@ -292,4 +309,11 @@ test('should be able to create a table with a composite key', async ({
   await expect(
     page.getByRole('link', { name: tableName, exact: true }),
   ).toBeVisible();
+
+  await page
+    .locator(`li:has-text("${tableName}") #table-management-menu button`)
+    .click();
+  await page.getByText('Edit Table').click();
+  expect(page.locator('div[data-testid="id"]')).toBeVisible();
+  expect(page.locator('div[data-testid="second_id"]')).toBeVisible();
 });

dashboard/e2e/env.ts

@@ -44,3 +44,9 @@ export const TEST_PERSONAL_ORG_SLUG = process.env.NHOST_TEST_PERSONAL_ORG_SLUG!;
 const freeUserEmails = process.env.NHOST_TEST_FREE_USER_EMAILS!;
 
 export const TEST_FREE_USER_EMAILS: string[] = JSON.parse(freeUserEmails);
+
+/**
+ * Name of the remote schema serverless function to test against.
+ */
+export const TEST_PROJECT_REMOTE_SCHEMA_NAME =
+  process.env.NHOST_TEST_PROJECT_REMOTE_SCHEMA_NAME!;

dashboard/e2e/remote-schemas/create-remote-schema.test.ts

@@ -0,0 +1,64 @@
+import {
+  TEST_ORGANIZATION_SLUG,
+  TEST_PROJECT_REMOTE_SCHEMA_NAME,
+  TEST_PROJECT_SUBDOMAIN,
+} from '@/e2e/env';
+import { expect, test } from '@/e2e/fixtures/auth-hook';
+import { faker } from '@faker-js/faker';
+import { snakeCase } from 'snake-case';
+
+const REMOTE_SCHEMA_TEST_URL = `https://${TEST_PROJECT_SUBDOMAIN}.functions.eu-central-1.staging.nhost.run/v1/${TEST_PROJECT_REMOTE_SCHEMA_NAME}`;
+
+test.describe('Remote Schemas', () => {
+  test.beforeEach(async ({ authenticatedNhostPage: page }) => {
+    const remoteSchemasRoute = `/orgs/${TEST_ORGANIZATION_SLUG}/projects/${TEST_PROJECT_SUBDOMAIN}/graphql/remote-schemas`;
+    await page.goto(remoteSchemasRoute);
+    await page.waitForURL(remoteSchemasRoute);
+  });
+
+  test('should create and delete a remote schema from URL', async ({
+    authenticatedNhostPage: page,
+  }) => {
+    await page.getByRole('button', { name: /add remote schema/i }).click();
+    await expect(page.getByText(/create a new remote schema/i)).toBeVisible();
+
+    const schemaName = snakeCase(`e2e ${faker.lorem.words(2)}`);
+
+    await page.getByPlaceholder(/remote schema name/i).fill(schemaName);
+    await page
+      .getByPlaceholder(/graphql-service\.example\.com/i)
+      .fill(REMOTE_SCHEMA_TEST_URL);
+
+    await page.getByRole('button', { name: /create/i }).click();
+
+    await page.waitForSelector(
+      'div:has-text("The remote schema has been created successfully.")',
+    );
+
+    const detailsUrl = `/orgs/${TEST_ORGANIZATION_SLUG}/projects/${TEST_PROJECT_SUBDOMAIN}/graphql/remote-schemas/${schemaName}`;
+    await page.waitForURL(detailsUrl);
+
+    await expect(
+      page.getByRole('link', { name: schemaName, exact: true }),
+    ).toBeVisible();
+
+    const schemaLink = page.getByRole('link', {
+      name: schemaName,
+      exact: true,
+    });
+
+    await schemaLink.hover();
+    await page
+      .getByRole('listitem')
+      .filter({ hasText: schemaName })
+      .getByRole('button')
+      .click();
+
+    await page.getByRole('menuitem', { name: /delete remote schema/i }).click();
+    await page.getByRole('button', { name: /^delete$/i }).click();
+
+    await expect(
+      page.getByRole('link', { name: schemaName, exact: true }),
+    ).toHaveCount(0);
+  });
+});

dashboard/package.json

@@ -10,9 +10,11 @@
     "start": "next start",
     "lint": "next lint --max-warnings 0",
     "test": "vitest --run",
+    "test:watch": "vitest",
     "generate": "echo 'This needs to be fixed.'",
     "codegen": "DOTENV_CONFIG_PATH=./.env.local graphql-codegen -r dotenv/config --config graphql.config.yaml --errors-only",
     "codegen-graphite": "graphql-codegen --config graphite.graphql.config.yaml --errors-only",
+    "codegen-hasura-api": "orval --config src/utils/hasura-api/orval.config.ts",
     "format": "prettier --write \"src/**/*.{js,ts,tsx,jsx,json,md}\" --plugin-search-dir=.",
     "storybook": "start-storybook -p 6006 -s public",
     "build-storybook": "build-storybook",
@@ -59,6 +61,7 @@
     "@radix-ui/react-select": "^2.1.2",
     "@radix-ui/react-separator": "^1.1.0",
     "@radix-ui/react-slot": "^1.1.1",
+    "@radix-ui/react-switch": "^1.2.6",
     "@radix-ui/react-tabs": "^1.1.3",
     "@radix-ui/react-tooltip": "^1.1.2",
     "@segment/analytics-next": "^1.77.0",
@@ -194,6 +197,7 @@
     "msw": "^1.3.5",
     "msw-storybook-addon": "^1.10.0",
     "node-fetch": "^3.3.2",
+    "orval": "^7.11.2",
     "postcss": "^8.4.38",
     "prettier": "^3.4.2",
     "prettier-plugin-organize-imports": "^4.1.0",

dashboard/playwright.config.ts

@@ -6,13 +6,14 @@ dotenv.config({ path: path.resolve(__dirname, '.env.test') });
 
 export default defineConfig({
   testDir: './e2e',
+  maxFailures: 1,
   timeout: 120 * 1000,
   expect: {
     timeout: 10000,
   },
   fullyParallel: false,
   forbidOnly: !!process.env.CI,
-  retries: process.env.CI ? 2 : 0,
+  retries: 2,
   workers: 1,
   reporter: 'html',
   use: {

dashboard/src/components/layout/AuthenticatedLayout/AuthenticatedLayout.tsx

@@ -64,7 +64,11 @@ export default function AuthenticatedLayout({
     router.push('/orgs/local/projects/local');
   }, [isPlatform, router]);
 
-  if ((isPlatform && isLoading) || isSigningOut) {
+  if (
+    (isPlatform && isLoading) ||
+    isSigningOut ||
+    (isPlatform && !isAuthenticated)
+  ) {
     return (
       <BaseLayout className="h-full" {...props}>
         <Header className="flex max-h-[59px] flex-auto py-1" />

dashboard/src/components/layout/Header/BreadcrumbNav.tsx

@@ -10,6 +10,7 @@ import {
 import { useRouter } from 'next/router';
 import OrgPagesComboBox from './OrgPagesComboBox';
 import OrgsComboBox from './OrgsComboBox';
+import ProjectGraphQLPagesComboBox from './ProjectGraphQLPagesComboBox';
 import ProjectPagesComboBox from './ProjectPagesComboBox';
 import ProjectsComboBox from './ProjectsComboBox';
 import ProjectSettingsPagesComboBox from './ProjectSettingsPagesComboBox';
@@ -25,6 +26,7 @@ export default function BreadcrumbNav() {
   // Identify project and settings pages based on the URL pattern
   const projectPage = pathSegments[3] || null;
   const isSettingsPage = pathSegments[5] === 'settings';
+  const isGraphQLPage = pathSegments[5] === 'graphql';
 
   const showBreadcrumbs = !['/', '/orgs/verify'].includes(route);
 
@@ -81,6 +83,21 @@ export default function BreadcrumbNav() {
                 </BreadcrumbItem>
               </>
             )}
+
+            {isGraphQLPage && (
+              <>
+                <BreadcrumbSeparator>
+                  <Slash
+                    strokeWidth={3.5}
+                    className="text-muted-foreground/50"
+                  />
+                </BreadcrumbSeparator>
+
+                <BreadcrumbItem>
+                  <ProjectGraphQLPagesComboBox />
+                </BreadcrumbItem>
+              </>
+            )}
           </>
         )}
       </BreadcrumbList>

dashboard/src/components/layout/Header/ProjectGraphQLPagesComboBox.tsx

@@ -0,0 +1,135 @@
+import { Button } from '@/components/ui/v3/button';
+import {
+  Command,
+  CommandEmpty,
+  CommandGroup,
+  CommandInput,
+  CommandItem,
+  CommandList,
+} from '@/components/ui/v3/command';
+
+import {
+  Popover,
+  PopoverContent,
+  PopoverTrigger,
+} from '@/components/ui/v3/popover';
+import { cn } from '@/lib/utils';
+import { Check, ChevronsUpDown } from 'lucide-react';
+import { useRouter } from 'next/router';
+import { useEffect, useMemo, useState } from 'react';
+
+type Option = {
+  value: string;
+  label: string;
+  route: string;
+};
+
+const projectGraphQLPages = [
+  {
+    name: 'Playground',
+    slug: 'playground',
+    route: '',
+  },
+  {
+    name: 'Remote Schemas',
+    slug: 'remote-schemas',
+    route: 'remote-schemas',
+  },
+].map((item) => ({
+  label: item.name,
+  value: item.slug,
+  route: item.route,
+}));
+
+export default function ProjectGraphQLPagesComboBox() {
+  const {
+    query: { orgSlug, appSubdomain },
+    push,
+    asPath,
+  } = useRouter();
+
+  const pathSegments = useMemo(() => asPath.split('/'), [asPath]);
+  const isGraphQLPage = pathSegments.includes('graphql');
+  const graphQLPageFromUrl = isGraphQLPage
+    ? pathSegments[6] || 'playground'
+    : null;
+
+  const selectedGraphQLPageFromUrl = projectGraphQLPages.find(
+    (item) => item.value === graphQLPageFromUrl,
+  );
+  const [selectedGraphQLPage, setSelectedGraphQLPage] = useState<Option | null>(
+    null,
+  );
+
+  useEffect(() => {
+    if (selectedGraphQLPageFromUrl) {
+      setSelectedGraphQLPage({
+        label: selectedGraphQLPageFromUrl.label,
+        value: selectedGraphQLPageFromUrl.value,
+        route: selectedGraphQLPageFromUrl.route,
+      });
+    }
+  }, [selectedGraphQLPageFromUrl]);
+
+  const options: Option[] = projectGraphQLPages.map((page) => ({
+    label: page.label,
+    value: page.value,
+    route: page.route,
+  }));
+
+  const [open, setOpen] = useState(false);
+
+  return (
+    <Popover open={open} onOpenChange={setOpen}>
+      <PopoverTrigger asChild>
+        <Button
+          variant="ghost"
+          size="sm"
+          className="justify-start gap-2 bg-background text-foreground hover:bg-accent dark:hover:bg-muted"
+        >
+          {selectedGraphQLPage ? (
+            <div>{selectedGraphQLPage.label}</div>
+          ) : (
+            <>Select a page</>
+          )}
+          <ChevronsUpDown className="h-5 w-5 text-muted-foreground" />
+        </Button>
+      </PopoverTrigger>
+      <PopoverContent className="p-0" side="bottom" align="start">
+        <Command>
+          <CommandInput placeholder="Select a page..." />
+          <CommandList>
+            <CommandEmpty>No results found.</CommandEmpty>
+            <CommandGroup>
+              {options.map((option) => (
+                <CommandItem
+                  key={option.value}
+                  value={option.label}
+                  onSelect={() => {
+                    setSelectedGraphQLPage(option);
+                    setOpen(false);
+                    push(
+                      `/orgs/${orgSlug}/projects/${appSubdomain}/graphql/${option.route}/`,
+                    );
+                  }}
+                >
+                  <Check
+                    className={cn(
+                      'mr-2 h-4 w-4',
+                      selectedGraphQLPage?.value === option.value
+                        ? 'opacity-100'
+                        : 'opacity-0',
+                    )}
+                  />
+                  <div className="flex flex-row items-center gap-2">
+                    <span className="max-w-52 truncate">{option.label}</span>
+                  </div>
+                </CommandItem>
+              ))}
+            </CommandGroup>
+          </CommandList>
+        </Command>
+      </PopoverContent>
+    </Popover>
+  );
+}

dashboard/src/components/layout/MainNav/NavTree.tsx

@@ -160,12 +160,24 @@ const projectSettingsPages = [
   { name: 'Configuration Editor', slug: 'editor', route: 'editor' },
 ];
 
+const projectGraphQLPages = [
+  {
+    name: 'Playground',
+    slug: 'playground',
+    route: 'graphql',
+  },
+  {
+    name: 'Remote Schemas',
+    slug: 'remote-schemas',
+    route: 'graphql/remote-schemas',
+  },
+];
+
 const createOrganization = (org: Org) => {
   const isNotPlatform = !getIsPlatform();
   const configServerVariableNotSet = getConfigServerUrl() === '';
   const shouldDisableSettings = isNotPlatform && configServerVariableNotSet;
   const shouldDisableGraphite = shouldDisableSettings;
-
   const result = {};
 
   result[org.slug] = {
@@ -243,13 +255,22 @@ const createOrganization = (org: Org) => {
       result[`${org.slug}-${_app.subdomain}-${_page.slug}`] = {
         index: `${org.slug}-${_app.subdomain}-${_page.slug}`,
         canMove: false,
-        isFolder: _page.name === 'Settings' && !shouldDisableSettings,
-        children:
-          _page.name === 'Settings' && !shouldDisableSettings
-            ? projectSettingsPages.map(
-                (p) => `${org.slug}-${_app.subdomain}-settings-${p.slug}`,
-              )
-            : undefined,
+        isFolder:
+          (_page.name === 'Settings' && !shouldDisableSettings) ||
+          _page.name === 'GraphQL',
+        children: (() => {
+          if (_page.name === 'Settings' && !shouldDisableSettings) {
+            return projectSettingsPages.map(
+              (p) => `${org.slug}-${_app.subdomain}-settings-${p.slug}`,
+            );
+          }
+          if (_page.name === 'GraphQL') {
+            return projectGraphQLPages.map(
+              (p) => `${org.slug}-${_app.subdomain}-graphql-${p.slug}`,
+            );
+          }
+          return undefined;
+        })(),
         data: {
           name: _page.name,
           icon: _page.icon,
@@ -285,6 +306,20 @@ const createOrganization = (org: Org) => {
         canRename: false,
       };
     });
+
+    projectGraphQLPages.forEach((p) => {
+      result[`${org.slug}-${_app.subdomain}-graphql-${p.slug}`] = {
+        index: `${org.slug}-${_app.subdomain}-graphql-${p.slug}`,
+        canMove: false,
+        isFolder: false,
+        children: undefined,
+        data: {
+          name: p.name,
+          targetUrl: `/orgs/${org.slug}/projects/${_app.subdomain}/${p.route}`,
+        },
+        canRename: false,
+      };
+    });
   });
 
   result[`${org.slug}-settings`] = {
@@ -436,6 +471,12 @@ export default function NavTree() {
                   return;
                 }
 
+                if (item.data.name === 'GraphQL' && item.isFolder) {
+                  if (!context.isExpanded) {
+                    context.toggleExpandedState();
+                  }
+                }
+
                 if (item.data.type !== 'org') {
                   context.focusItem();
                 }

dashboard/src/components/ui/v2/Autocomplete/Autocomplete.tsx

@@ -17,7 +17,7 @@ import MaterialAutocomplete, {
   autocompleteClasses as materialAutocompleteClasses,
 } from '@mui/material/Autocomplete';
 import clsx from 'clsx';
-import type { ForwardedRef } from 'react';
+import type { DetailedHTMLProps, ForwardedRef, HTMLProps } from 'react';
 import { forwardRef, useEffect, useState } from 'react';
 
 export interface AutocompleteOption<TValue = string> {
@@ -81,6 +81,9 @@ export interface AutocompleteProps<
      * Props passed to the input component.
      */
     input?: Partial<Omit<InputProps, 'ref'>>;
+    inputRoot?: Partial<
+      DetailedHTMLProps<HTMLProps<HTMLInputElement>, HTMLInputElement>
+    > & { 'data-testid'?: string };
     /**
      * Props passed to the input's `FormControl` component.
      */
@@ -471,7 +474,10 @@ function Autocomplete(
                   }
                 : null,
             },
-            inputRoot: { 'aria-label': ariaLabel },
+            inputRoot: {
+              'aria-label': ariaLabel,
+              ...slotProps.inputRoot,
+            },
             label: InputLabelProps,
             formControl: formControlSlotProps,
           }}

dashboard/src/components/ui/v3/inline-code.tsx

@@ -0,0 +1,20 @@
+import { cn } from '@/lib/utils';
+import type { PropsWithChildren } from 'react';
+
+export function InlineCode({
+  children,
+  className,
+  ...props
+}: PropsWithChildren<{ className?: string }>) {
+  return (
+    <code
+      className={cn(
+        'relative rounded bg-[#eaedf0] px-1 font-mono text-[11px] dark:bg-[#2f363d]',
+        className,
+      )}
+      {...props}
+    >
+      {children}
+    </code>
+  );
+}

dashboard/src/components/ui/v3/multi-select.tsx

@@ -244,6 +244,7 @@ export function MultiSelectValue({
             variant="outline"
             data-selected-item
             className="group flex items-center gap-1"
+            data-testid={items.get(value)}
             key={value}
             onClick={
               clickToRemove
@@ -256,7 +257,10 @@ export function MultiSelectValue({
           >
             {items.get(value)}
             {clickToRemove && (
-              <XIcon className="size-2 text-muted-foreground group-hover:text-destructive" />
+              <XIcon
+                className="size-2 text-muted-foreground group-hover:text-destructive"
+                data-testid={`${items.get(value)}-remove`}
+              />
             )}
           </Badge>
         ))}

dashboard/src/components/ui/v3/switch.tsx

@@ -0,0 +1,30 @@
+import * as SwitchPrimitives from '@radix-ui/react-switch';
+import * as React from 'react';
+
+import { cn } from '@/lib/utils';
+
+const Switch = React.forwardRef<
+  React.ElementRef<typeof SwitchPrimitives.Root>,
+  React.ComponentPropsWithoutRef<typeof SwitchPrimitives.Root> & {
+    thumbClassName?: string;
+  }
+>(({ className, thumbClassName, ...props }, ref) => (
+  <SwitchPrimitives.Root
+    className={cn(
+      'peer inline-flex h-6 w-11 shrink-0 cursor-pointer items-center rounded-full border-2 border-transparent transition-colors focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 focus-visible:ring-offset-background disabled:cursor-not-allowed disabled:opacity-50 data-[state=checked]:bg-primary data-[state=unchecked]:bg-input dark:data-[state=checked]:bg-[#e5e5e5]',
+      className,
+    )}
+    {...props}
+    ref={ref}
+  >
+    <SwitchPrimitives.Thumb
+      className={cn(
+        'pointer-events-none block h-5 w-5 rounded-full bg-background shadow-lg ring-0 transition-transform data-[state=checked]:translate-x-[calc(100%-3px)] data-[state=unchecked]:translate-x-0 dark:data-[state=unchecked]:bg-[#e5e5e5]',
+        thumbClassName,
+      )}
+    />
+  </SwitchPrimitives.Root>
+));
+Switch.displayName = SwitchPrimitives.Root.displayName;
+
+export { Switch };

dashboard/src/components/ui/v3/textarea.tsx

@@ -0,0 +1,22 @@
+import * as React from 'react';
+
+import { cn } from '@/lib/utils';
+
+const Textarea = React.forwardRef<
+  HTMLTextAreaElement,
+  React.ComponentProps<'textarea'>
+>(({ className, ...props }, ref) => {
+  return (
+    <textarea
+      className={cn(
+        'flex min-h-[80px] w-full rounded-md border border-input bg-background px-3 py-2 text-base ring-offset-background placeholder:text-muted-foreground focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50 md:text-sm',
+        className,
+      )}
+      ref={ref}
+      {...props}
+    />
+  );
+});
+Textarea.displayName = 'Textarea';
+
+export { Textarea };

dashboard/src/features/orgs/layout/OrgLayout/ProjectLayoutContent.tsx

@@ -12,6 +12,7 @@ import { ApplicationUnpausing } from '@/features/orgs/projects/common/components
 import { useAppState } from '@/features/orgs/projects/common/hooks/useAppState';
 import { useIsPlatform } from '@/features/orgs/projects/common/hooks/useIsPlatform';
 import { useProjectWithState } from '@/features/orgs/projects/hooks/useProjectWithState';
+import { isEmptyValue } from '@/lib/utils';
 import { useAuth } from '@/providers/Auth';
 import { ApplicationStatus } from '@/types/application';
 import { getConfigServerUrl, isPlatform as isPlatformFn } from '@/utils/env';
@@ -188,6 +189,15 @@ function ProjectLayoutContent({
     throw error;
   }
 
+  if (
+    isUserLoggedIn &&
+    isEmptyValue(project) &&
+    !loading &&
+    isEmptyValue(error)
+  ) {
+    throw new Error('Could not load project. Please try again later.');
+  }
+
   return (
     <Box
       component="main"

dashboard/src/features/orgs/projects/authentication/users/components/CreateUserForm/CreateUserForm.tsx

@@ -65,37 +65,39 @@ export default function CreateUserForm({
     onDirtyStateChange(isDirty, location);
   }, [isDirty, location, onDirtyStateChange]);
 
-  const baseAuthUrl =
-    isNotEmptyValue(project?.subdomain) && isNotEmptyValue(project?.region)
-      ? generateAppServiceUrl(project!.subdomain, project!.region, 'auth')
-      : '';
-
-  const signUpUrl = `${baseAuthUrl}/signup/email-password`;
-
   async function handleCreateUser({ email, password }: CreateUserFormValues) {
     setCreateUserFormError(null);
 
     await execPromiseWithErrorToast(
       async () => {
-        await fetch(signUpUrl, {
-          method: 'POST',
-          headers: { 'Content-Type': 'application/json' },
-          body: JSON.stringify({ email, password }),
-        }).then(async (res) => {
+        if (isNotEmptyValue(project)) {
+          const baseAuthUrl = generateAppServiceUrl(
+            project.subdomain,
+            project.region,
+            'auth',
+          );
+          const signUpUrl = `${baseAuthUrl}/signup/email-password`;
+
+          const res = await fetch(signUpUrl, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ email, password }),
+          });
+
           const data = await res.json();
 
-          if (res.ok) {
-            return data;
+          if (!res.ok) {
+            if (res.status === 409) {
+              setError('email', { message: data?.message });
+            }
+            throw new Error(data?.message || 'Something went wrong.');
           }
 
-          if (res.status === 409) {
-            setError('email', { message: data?.message });
-          }
+          onSubmit?.();
 
-          throw new Error(data?.message || 'Something went wrong.');
-        });
-
-        onSubmit?.();
+          return data;
+        }
+        throw new Error('Something went wrong. Please try again later.');
       },
       {
         loadingMessage: 'Creating user...',

dashboard/src/features/orgs/projects/common/hooks/useGetMetadataResourceVersion/index.ts

@@ -0,0 +1 @@
+export { default as useGetMetadataResourceVersion } from './useGetMetadataResourceVersion';

dashboard/src/features/orgs/projects/common/hooks/useGetMetadataResourceVersion/useGetMetadataResourceVersion.ts

@@ -0,0 +1,46 @@
+import { fetchExportMetadata } from '@/features/orgs/projects/common/utils/fetchExportMetadata';
+import { generateAppServiceUrl } from '@/features/orgs/projects/common/utils/generateAppServiceUrl';
+import { useProject } from '@/features/orgs/projects/hooks/useProject';
+import type { ExportMetadataResponse } from '@/utils/hasura-api/generated/schemas';
+import type { UseQueryOptions } from '@tanstack/react-query';
+import { useQuery } from '@tanstack/react-query';
+
+export interface UseGetMetadataResourceVersionOptions {
+  /**
+   * Props passed to the underlying query hook.
+   */
+  queryOptions?: UseQueryOptions<ExportMetadataResponse, unknown, number>;
+}
+
+/**
+ * This hook is a wrapper around a fetch call that gets the metadata resource version.
+ *
+ * @param options - Options to use for the query.
+ * @returns The result of the query.
+ */
+export default function useGetMetadataResourceVersion({
+  queryOptions,
+}: UseGetMetadataResourceVersionOptions = {}) {
+  const { project } = useProject();
+
+  const query = useQuery<ExportMetadataResponse, unknown, number>(
+    ['export-metadata', project?.subdomain],
+    () => {
+      const appUrl = generateAppServiceUrl(
+        project!.subdomain,
+        project!.region,
+        'hasura',
+      );
+
+      const adminSecret = project?.config?.hasura.adminSecret!;
+
+      return fetchExportMetadata({ appUrl, adminSecret });
+    },
+    {
+      ...queryOptions,
+      select: (data) => data.resource_version,
+    },
+  );
+
+  return query;
+}

dashboard/src/features/orgs/projects/common/utils/fetchExportMetadata/fetchExportMetadata.ts

@@ -0,0 +1,31 @@
+import type { MetadataOperationOptions } from '@/features/orgs/projects/remote-schemas/types';
+import { metadataOperation } from '@/utils/hasura-api/generated/default/default';
+import type { ExportMetadataResponse } from '@/utils/hasura-api/generated/schemas';
+
+export default async function fetchExportMetadata({
+  appUrl,
+  adminSecret,
+}: MetadataOperationOptions): Promise<ExportMetadataResponse> {
+  try {
+    const response = await metadataOperation(
+      {
+        type: 'export_metadata',
+        version: 2,
+        args: {},
+      },
+      {
+        baseUrl: appUrl,
+        adminSecret,
+      },
+    );
+
+    if (response.status !== 200) {
+      throw new Error(response.data.error);
+    }
+
+    return response.data as ExportMetadataResponse;
+  } catch (error) {
+    console.error(error);
+    throw error;
+  }
+}

dashboard/src/features/orgs/projects/common/utils/fetchExportMetadata/index.ts

@@ -0,0 +1 @@
+export { default as fetchExportMetadata } from './fetchExportMetadata';

dashboard/src/features/orgs/projects/database/dataGrid/components/BaseColumnForm/BaseColumnForm.tsx

@@ -1,359 +0,0 @@
-import { useDialog } from '@/components/common/DialogProvider';
-import {
-  ControlledAutocomplete,
-  defaultFilterGroupedOptions,
-} from '@/components/form/ControlledAutocomplete';
-import { ControlledCheckbox } from '@/components/form/ControlledCheckbox';
-import { Form } from '@/components/form/Form';
-import { InlineCode } from '@/components/presentational/InlineCode';
-import { Box } from '@/components/ui/v2/Box';
-import { Button } from '@/components/ui/v2/Button';
-import { Input } from '@/components/ui/v2/Input';
-import { OptionBase } from '@/components/ui/v2/Option';
-import { Text } from '@/components/ui/v2/Text';
-import type {
-  ColumnType,
-  DatabaseColumn,
-} from '@/features/orgs/projects/database/dataGrid/types/dataBrowser';
-import {
-  identityTypes,
-  postgresFunctions,
-  postgresTypeGroups,
-} from '@/features/orgs/projects/database/dataGrid/utils/postgresqlConstants';
-import type { DialogFormProps } from '@/types/common';
-import clsx from 'clsx';
-import { useEffect, useState } from 'react';
-import { useFormContext, useWatch } from 'react-hook-form';
-import * as Yup from 'yup';
-import ForeignKeyEditor from './ForeignKeyEditor';
-
-export type BaseColumnFormValues = DatabaseColumn;
-
-export interface BaseColumnFormProps extends DialogFormProps {
-  /**
-   * Function to be called when the form is submitted.
-   */
-  onSubmit: (values: BaseColumnFormValues) => Promise<void>;
-  /**
-   * Function to be called when the operation is cancelled.
-   */
-  onCancel?: VoidFunction;
-  /**
-   * Submit button text.
-   *
-   * @default 'Save'
-   */
-  submitButtonText?: string;
-}
-
-export const baseColumnValidationSchema = Yup.object().shape({
-  name: Yup.string()
-    .required('This field is required.')
-    .matches(
-      /^([A-Za-z]|_)+/i,
-      'Column name must start with a letter or underscore.',
-    )
-    .matches(
-      /^\w+$/i,
-      'Column name must contain only letters, numbers, or underscores.',
-    ),
-  type: Yup.object()
-    .shape({ value: Yup.string().required() })
-    .required('This field is required.')
-    .nullable(),
-});
-
-export default function BaseColumnForm({
-  onSubmit: handleExternalSubmit,
-  onCancel,
-  submitButtonText = 'Save',
-  location,
-}: BaseColumnFormProps) {
-  const { onDirtyStateChange } = useDialog();
-
-  const {
-    control,
-    register,
-    setValue,
-    getValues,
-    formState: { errors, isSubmitting, dirtyFields },
-  } = useFormContext<BaseColumnFormValues>();
-
-  // Learn more: https://github.com/thundermiracle/mobx-json/issues/46
-  const [defaultValueInputText, setDefaultValueInputText] = useState(
-    () => getValues('defaultValue.label') || '',
-  );
-
-  const isIdentity = useWatch({ name: 'isIdentity' });
-  const type = useWatch({ name: 'type' });
-  const foreignKeyRelation = useWatch({ name: 'foreignKeyRelation' });
-  const availableFunctions = (postgresFunctions[type?.value] || []).map(
-    (functionName: string) => ({
-      label: functionName,
-      value: functionName,
-    }),
-  );
-  const [inputValue, setInputValue] = useState<string>();
-  useEffect(() => {
-    setInputValue(type?.label ?? '');
-  }, [type?.label]);
-
-  // react-hook-form's isDirty gets true even if an input field is focused, then
-  // immediately unfocused - we can't rely on that information
-  const isDirty = Object.keys(dirtyFields).length > 0;
-
-  useEffect(() => {
-    onDirtyStateChange(isDirty, location);
-  }, [isDirty, location, onDirtyStateChange]);
-
-  return (
-    <Form
-      onSubmit={handleExternalSubmit}
-      className="flex flex-auto flex-col content-between overflow-hidden border-t-1"
-    >
-      <div className="flex-auto overflow-y-auto">
-        <section className="grid grid-cols-8 px-6 py-3">
-          <Input
-            {...register('name', {
-              onChange: (event) => {
-                if (foreignKeyRelation) {
-                  setValue(`foreignKeyRelation`, {
-                    ...foreignKeyRelation,
-                    columnName: event.target.value,
-                  });
-                }
-              },
-            })}
-            id="name"
-            fullWidth
-            label="Name"
-            helperText={errors.name?.message}
-            hideEmptyHelperText
-            error={Boolean(errors.name)}
-            variant="inline"
-            className="col-span-8 py-3"
-            autoFocus
-            autoComplete="off"
-          />
-          <ControlledAutocomplete
-            id="type"
-            name="type"
-            control={control}
-            aria-label="Type"
-            fullWidth
-            options={postgresTypeGroups}
-            groupBy={(option) => option.group ?? ''}
-            error={Boolean(errors.type)}
-            placeholder="Select a column type"
-            label="Type"
-            hideEmptyHelperText
-            className="col-span-8 py-3"
-            variant="inline"
-            autoHighlight
-            clearOnBlur
-            showCustomOption="first"
-            filterOptions={defaultFilterGroupedOptions}
-            freeSolo
-            inputValue={inputValue}
-            onInputChange={(_event, value) => {
-              // Keep the list scrolled to the top while searching
-              requestAnimationFrame(() => {
-                const listbox = document.querySelector('#type-listbox');
-                if (listbox) {
-                  listbox.scrollTop = 0;
-                }
-              });
-              setInputValue(value);
-            }}
-            renderOption={(props, { label, value, custom }) => {
-              if (custom) {
-                return (
-                  <OptionBase {...props}>
-                    <span>Use type: &quot;{value}&quot;</span>
-                  </OptionBase>
-                );
-              }
-              return (
-                <OptionBase {...props}>
-                  <div className="grid grid-flow-col items-baseline justify-start justify-items-start gap-1.5">
-                    <span>{label}</span>
-
-                    <InlineCode>{value}</InlineCode>
-                  </div>
-                </OptionBase>
-              );
-            }}
-            onChange={(_event, value) => {
-              setDefaultValueInputText('');
-
-              if (
-                typeof value !== 'string' &&
-                !Array.isArray(value) &&
-                !identityTypes.includes(value?.value as ColumnType)
-              ) {
-                setValue('isIdentity', false);
-                setValue('defaultValue', null);
-              }
-            }}
-          />
-
-          {identityTypes.includes(type?.value) && (
-            <ControlledCheckbox
-              name="isIdentity"
-              label={
-                <span className="inline-grid grid-flow-row">
-                  <span>Identity</span>
-                  <Text
-                    component="span"
-                    className="text-xs font-normal"
-                    color="secondary"
-                  >
-                    Attach an implicit sequence to the column and make it
-                    non-nullable
-                  </Text>
-                </span>
-              }
-              className="col-span-8 m-0 w-full py-3 sm:col-span-6 sm:col-start-3 sm:ml-1"
-              onChange={(_event, checked) => {
-                if (checked) {
-                  setDefaultValueInputText('');
-                  setValue('defaultValue', null);
-                }
-              }}
-            />
-          )}
-        </section>
-
-        <Box
-          component="section"
-          className="grid grid-cols-8 border-t-1 px-6 py-3"
-        >
-          <ControlledAutocomplete
-            id="defaultValue"
-            name="defaultValue"
-            control={control}
-            fullWidth
-            freeSolo
-            placeholder="NULL"
-            label="Default Value"
-            inputValue={isIdentity ? '' : defaultValueInputText}
-            onInputChange={(_event, value) => setDefaultValueInputText(value)}
-            onBlur={(event) => {
-              if (
-                event.target instanceof HTMLInputElement &&
-                !event.target.value
-              ) {
-                setValue('defaultValue', null);
-              }
-            }}
-            helperText={
-              errors.defaultValue?.message ||
-              'Can either be a literal or a function'
-            }
-            onChange={(_event, value) => {
-              if (typeof value !== 'string' && !Array.isArray(value)) {
-                setDefaultValueInputText(value?.value || '');
-              }
-            }}
-            autoSelect={(filteredOptions) =>
-              filteredOptions?.length === 0 && defaultValueInputText.length > 0
-            }
-            slotProps={{
-              paper: {
-                className: clsx(availableFunctions.length === 0 && 'hidden'),
-              },
-            }}
-            error={Boolean(errors.defaultValue)}
-            hideEmptyHelperText
-            autoHighlight
-            className="col-span-8 py-3"
-            variant="inline"
-            options={availableFunctions}
-            disabled={isIdentity}
-            showCustomOption="always"
-            customOptionLabel={(optionLabel) =>
-              `Use "${optionLabel}" as a literal`
-            }
-            noOptionsText="Enter a custom default value"
-          />
-
-          <ControlledCheckbox
-            className="col-span-8 m-0 w-full py-3 sm:col-span-6 sm:col-start-3 sm:ml-1"
-            name="isNullable"
-            label={
-              <span className="inline-grid grid-flow-row">
-                <span>Nullable</span>
-                <Text
-                  component="span"
-                  className="text-xs font-normal"
-                  color="secondary"
-                >
-                  Allow the column to assume a NULL value if no value is
-                  provided
-                </Text>
-              </span>
-            }
-            disabled={isIdentity}
-            uncheckWhenDisabled
-          />
-
-          <ControlledCheckbox
-            className="col-span-8 m-0 w-full py-3 sm:col-span-6 sm:col-start-3 sm:ml-1"
-            name="isUnique"
-            label={
-              <span className="inline-grid grid-flow-row">
-                <span>Unique</span>
-                <Text
-                  component="span"
-                  className="text-xs font-normal"
-                  color="secondary"
-                >
-                  Enforce values in the column to be unique across rows
-                </Text>
-              </span>
-            }
-            disabled={isIdentity}
-            uncheckWhenDisabled
-          />
-
-          <ForeignKeyEditor />
-
-          <Input
-            {...register('comment')}
-            id="comment"
-            fullWidth
-            multiline
-            rows={3}
-            label="Comment"
-            helperText={errors.comment?.message}
-            hideEmptyHelperText
-            error={Boolean(errors.comment)}
-            variant="inline"
-            className="col-span-8 py-3"
-            autoComplete="off"
-          />
-        </Box>
-      </div>
-
-      <Box className="grid flex-shrink-0 grid-flow-col justify-between gap-3 border-t-1 p-2">
-        <Button
-          variant="borderless"
-          color="secondary"
-          onClick={onCancel}
-          tabIndex={isDirty ? -1 : 0}
-        >
-          Cancel
-        </Button>
-
-        <Button
-          loading={isSubmitting}
-          disabled={isSubmitting}
-          type="submit"
-          className="justify-self-end"
-        >
-          {submitButtonText}
-        </Button>
-      </Box>
-    </Form>
-  );
-}

dashboard/src/features/orgs/projects/database/dataGrid/components/BaseColumnForm/ForeignKeyEditor.tsx

@@ -1,149 +0,0 @@
-import { useDialog } from '@/components/common/DialogProvider';
-import { Box } from '@/components/ui/v2/Box';
-import { Button } from '@/components/ui/v2/Button';
-import { ArrowRightIcon } from '@/components/ui/v2/icons/ArrowRightIcon';
-import { LinkIcon } from '@/components/ui/v2/icons/LinkIcon';
-import { InputLabel } from '@/components/ui/v2/InputLabel';
-import { Text } from '@/components/ui/v2/Text';
-import { CreateForeignKeyForm } from '@/features/orgs/projects/database/dataGrid/components/CreateForeignKeyForm';
-import { EditForeignKeyForm } from '@/features/orgs/projects/database/dataGrid/components/EditForeignKeyForm';
-import type { DatabaseColumn } from '@/features/orgs/projects/database/dataGrid/types/dataBrowser';
-import type { ForwardedRef } from 'react';
-import { forwardRef, useRef } from 'react';
-import { useFormContext, useWatch } from 'react-hook-form';
-
-interface ForeignKeyEditorInputProps {
-  /**
-   * Function to be called when the user finishes creating a foreign key.
-   */
-  onCreateSubmit: VoidFunction;
-  /**
-   * Function to be called when the user finishes editing a foreign key.
-   */
-  onEditSubmit: VoidFunction;
-}
-
-const ForeignKeyEditorInput = forwardRef(
-  (
-    { onCreateSubmit, onEditSubmit }: ForeignKeyEditorInputProps,
-    ref: ForwardedRef<HTMLButtonElement>,
-  ) => {
-    const { openDialog } = useDialog();
-    const { setValue } = useFormContext();
-    const column = useWatch() as DatabaseColumn;
-    const { foreignKeyRelation } = column;
-
-    if (!column.foreignKeyRelation) {
-      return (
-        <Button
-          variant="borderless"
-          className="py-1"
-          disabled={!column.name || !column.type}
-          ref={ref}
-          onClick={() => {
-            openDialog({
-              title: (
-                <span className="grid grid-flow-row">
-                  <span>Add a Foreign Key Relation</span>
-
-                  <Text variant="subtitle1" component="span">
-                    Foreign keys help ensure the referential integrity of your
-                    data.
-                  </Text>
-                </span>
-              ),
-              component: (
-                <CreateForeignKeyForm
-                  selectedColumn={column.name}
-                  availableColumns={[column]}
-                  onSubmit={(values) => {
-                    setValue('foreignKeyRelation', values);
-                    onCreateSubmit();
-                  }}
-                />
-              ),
-            });
-          }}
-        >
-          Add Foreign Key
-        </Button>
-      );
-    }
-
-    return (
-      <div className="grid grid-flow-col items-center justify-between justify-items-start gap-2 rounded-sm+ px-2">
-        <div className="grid grid-flow-col items-center gap-2">
-          <LinkIcon className="h-4 w-4" />
-
-          <Text className="grid grid-flow-col items-center gap-1.5 truncate font-medium">
-            <span className="truncate">{foreignKeyRelation?.columnName}</span>
-            <ArrowRightIcon />
-            <span className="truncate">
-              {foreignKeyRelation?.referencedSchema}.
-              {foreignKeyRelation?.referencedTable}.
-              {foreignKeyRelation?.referencedColumn}
-            </span>
-          </Text>
-        </div>
-
-        <div className="grid grid-flow-col">
-          <Button
-            ref={ref}
-            onClick={() => {
-              openDialog({
-                title: 'Edit Foreign Key Relation',
-                component: (
-                  <EditForeignKeyForm
-                    foreignKeyRelation={foreignKeyRelation!}
-                    selectedColumn={column.name}
-                    availableColumns={[column]}
-                    onSubmit={(values) => {
-                      setValue('foreignKeyRelation', values);
-                      onEditSubmit();
-                    }}
-                  />
-                ),
-              });
-            }}
-            variant="borderless"
-            className="min-w-[initial] px-2 py-1"
-          >
-            Edit
-          </Button>
-
-          <Button
-            onClick={() => setValue('foreignKeyRelation', null)}
-            variant="borderless"
-            className="min-w-[initial] px-2 py-1"
-          >
-            Delete
-          </Button>
-        </div>
-      </div>
-    );
-  },
-);
-
-ForeignKeyEditorInput.displayName = 'NhostForeignKeyEditorInput';
-
-export default function ForeignKeyEditor() {
-  const buttonRef = useRef<HTMLButtonElement | null>(null);
-
-  return (
-    <div className="col-span-8 grid grid-cols-8 items-center justify-start gap-x-4 gap-y-2">
-      <InputLabel className="col-span-8 sm:col-span-2">Foreign Key</InputLabel>
-
-      <Box className="col-span-8 rounded-sm+ border-1 px-1 py-[3px] sm:col-span-6">
-        <ForeignKeyEditorInput
-          ref={buttonRef}
-          onEditSubmit={() =>
-            requestAnimationFrame(() => buttonRef.current?.focus())
-          }
-          onCreateSubmit={() =>
-            requestAnimationFrame(() => buttonRef.current?.focus())
-          }
-        />
-      </Box>
-    </div>
-  );
-}

dashboard/src/features/orgs/projects/database/dataGrid/components/BaseColumnForm/index.ts

@@ -1,2 +0,0 @@
-export * from './BaseColumnForm';
-export { default as BaseColumnForm } from './BaseColumnForm';

dashboard/src/features/orgs/projects/database/dataGrid/components/BaseTableForm/BaseTableForm.test.tsx

@@ -0,0 +1,465 @@
+import {
+  mockPointerEvent,
+  render,
+  screen,
+  TestUserEvent,
+} from '@/tests/testUtils';
+import { yupResolver } from '@hookform/resolvers/yup';
+import { FormProvider, useForm } from 'react-hook-form';
+import { vi } from 'vitest';
+import type * as Yup from 'yup';
+import BaseTableForm, {
+  type BaseTableFormValues,
+  baseTableValidationSchema,
+} from './BaseTableForm';
+
+mockPointerEvent();
+
+Object.defineProperty(HTMLElement.prototype, 'getBoundingClientRect', {
+  value: vi.fn(() => ({
+    width: 100,
+    height: 40,
+    top: 0,
+    left: 0,
+    bottom: 40,
+    right: 100,
+  })),
+});
+
+const mocks = vi.hoisted(() => ({
+  onSubmit: vi.fn(),
+}));
+
+const defaultFormValues = {
+  columns: [
+    {
+      name: '',
+      type: null as any,
+      defaultValue: null as any,
+      isNullable: false,
+      isUnique: false,
+      isIdentity: false,
+      comment: '',
+    },
+  ],
+  foreignKeyRelations: [],
+  primaryKeyIndices: [],
+  identityColumnIndex: null,
+};
+
+function TestTableFormWrapper({ defaultValues = defaultFormValues }: any) {
+  const form = useForm<
+    BaseTableFormValues | Yup.InferType<typeof baseTableValidationSchema>
+  >({
+    defaultValues,
+    shouldUnregister: false,
+    reValidateMode: 'onSubmit',
+    resolver: yupResolver(baseTableValidationSchema),
+  });
+
+  return (
+    <FormProvider {...form}>
+      <BaseTableForm onSubmit={mocks.onSubmit} submitButtonText="Save" />
+    </FormProvider>
+  );
+}
+
+const user = new TestUserEvent();
+
+async function fillColumnForm(
+  { columnName, optionName, typeValue, defaultValue }: any,
+  index: number,
+) {
+  const columnNameInput = screen.getByTestId(`columns.${index}.name`);
+  expect(columnNameInput).toBeInTheDocument();
+  await user.type(columnNameInput, columnName);
+
+  await TestUserEvent.fireClickEvent(
+    screen.getByTestId(`columns.${index}.type`),
+  );
+
+  await TestUserEvent.fireClickEvent(
+    screen.getByRole('option', { name: optionName }),
+  );
+
+  expect(screen.getByDisplayValue(typeValue)).toBeInTheDocument();
+
+  if (defaultValue) {
+    expect(
+      screen.getByTestId(`columns.${index}.defaultValue`),
+    ).toBeInTheDocument();
+
+    TestUserEvent.fireTypeEvent(
+      screen.getByTestId(`columns.${index}.defaultValue`),
+      `${defaultValue}`,
+    );
+
+    await TestUserEvent.fireClickEvent(
+      screen.getByRole('option', {
+        name: `Use "${defaultValue}" as a literal`,
+      }),
+    );
+
+    expect(screen.getByTestId(`columns.${index}.defaultValue`)).toHaveValue(
+      defaultValue,
+    );
+  }
+}
+
+describe('BaseTableForm', () => {
+  it('should not disable the nullable and unique checkboxes after setting the column name', async () => {
+    render(<TestTableFormWrapper />);
+
+    let firstColumnIsNullableCheckbox = screen.getByRole('checkbox', {
+      name: (accessibleName, element) =>
+        element.getAttribute('name') === 'columns.0.isNullable',
+    });
+
+    let firstColumnIsUniqueCheckbox = screen.getByRole('checkbox', {
+      name: (accessibleName, element) =>
+        element.getAttribute('name') === 'columns.0.isUnique',
+    });
+
+    expect(firstColumnIsNullableCheckbox).not.toBeDisabled();
+    expect(firstColumnIsUniqueCheckbox).not.toBeDisabled();
+
+    await user.type(screen.getByPlaceholderText('Enter name'), 'column1');
+    expect(screen.getByDisplayValue('column1')).toBeInTheDocument();
+
+    firstColumnIsNullableCheckbox = screen.getByRole('checkbox', {
+      name: (accessibleName, element) =>
+        element.getAttribute('name') === 'columns.0.isNullable',
+    });
+    firstColumnIsUniqueCheckbox = screen.getByRole('checkbox', {
+      name: (accessibleName, element) =>
+        element.getAttribute('name') === 'columns.0.isUnique',
+    });
+
+    expect(firstColumnIsNullableCheckbox).not.toBeDisabled();
+    expect(firstColumnIsUniqueCheckbox).not.toBeDisabled();
+  });
+
+  it('should disable the nullable and unique checkboxes if the column is the primary key', async () => {
+    render(<TestTableFormWrapper />);
+    await fillColumnForm(
+      {
+        columnName: 'id',
+        optionName: 'uuid uuid',
+        typeValue: 'uuid',
+        defaultValue: 'gen_random_uuid()',
+      },
+      0,
+    );
+    TestUserEvent.fireClickEvent(
+      screen.getByRole('button', { name: /Add Column/ }),
+    );
+
+    await fillColumnForm(
+      {
+        columnName: 'note',
+        optionName: 'text text',
+        typeValue: 'text',
+      },
+      1,
+    );
+
+    await TestUserEvent.fireClickEvent(
+      screen.getByRole('button', { name: /Add Column/ }),
+    );
+
+    await fillColumnForm(
+      {
+        columnName: 'isDone',
+        optionName: 'boolean bool',
+        typeValue: 'boolean',
+        defaultValue: 'false',
+      },
+      2,
+    );
+
+    await TestUserEvent.fireClickEvent(screen.getByText('Add Primary Key'));
+    await TestUserEvent.fireClickEvent(
+      screen.getByRole('option', { name: 'id' }),
+    );
+
+    expect(screen.getByTestId('id')).toBeInTheDocument();
+    expect(
+      screen.getByRole('checkbox', {
+        name: (accessibleName, element) =>
+          element.getAttribute('name') === 'columns.0.isNullable',
+      }),
+    ).toBeDisabled();
+    expect(
+      screen.getByRole('checkbox', {
+        name: (accessibleName, element) =>
+          element.getAttribute('name') === 'columns.0.isUnique',
+      }),
+    ).toBeDisabled();
+  });
+
+  it('should disable the nullable and unique checkboxes and default value if the column is an identity column', async () => {
+    render(<TestTableFormWrapper />);
+    await fillColumnForm(
+      {
+        columnName: 'id',
+        optionName: 'uuid uuid',
+        typeValue: 'uuid',
+        defaultValue: 'gen_random_uuid()',
+      },
+      0,
+    );
+    TestUserEvent.fireClickEvent(
+      screen.getByRole('button', { name: /Add Column/ }),
+    );
+
+    await fillColumnForm(
+      {
+        columnName: 'identity_column',
+        optionName: 'smallint int2',
+        typeValue: 'smallint',
+      },
+      1,
+    );
+
+    TestUserEvent.fireClickEvent(screen.getByLabelText('Identity'));
+    expect(
+      screen.getByRole('option', { name: 'identity_column' }),
+    ).toBeInTheDocument();
+    TestUserEvent.fireClickEvent(
+      screen.getByRole('option', { name: 'identity_column' }),
+    );
+
+    expect(screen.getByRole('combobox', { name: 'Identity' }).textContent).toBe(
+      'identity_column',
+    );
+  });
+
+  it('should display the identity column picker if an integer is selected as a column type', async () => {
+    render(<TestTableFormWrapper />);
+
+    expect(screen.queryByLabelText('Identity')).not.toBeInTheDocument();
+
+    await TestUserEvent.fireClickEvent(
+      screen.getByPlaceholderText('Select type'),
+    );
+
+    await user.type(screen.getByPlaceholderText('Select type'), 'int');
+
+    await TestUserEvent.fireClickEvent(
+      screen.getByRole('option', { name: 'smallint int2' }),
+    );
+
+    expect(screen.getByDisplayValue('smallint')).toBeInTheDocument();
+    expect(screen.getByLabelText('Identity')).toBeInTheDocument();
+
+    await TestUserEvent.fireClickEvent(screen.getByDisplayValue('smallint'));
+
+    await user.type(screen.getByDisplayValue('smallint'), 'text');
+
+    await TestUserEvent.fireClickEvent(
+      screen.getByRole('option', { name: 'text text' }),
+    );
+    expect(screen.getByDisplayValue('text')).toBeInTheDocument();
+    expect(screen.queryByLabelText('Identity')).not.toBeInTheDocument();
+
+    await TestUserEvent.fireClickEvent(screen.getByDisplayValue('text'));
+
+    await user.type(screen.getByDisplayValue('text'), 'int');
+
+    await TestUserEvent.fireClickEvent(
+      screen.getByRole('option', { name: 'integer int4' }),
+    );
+
+    expect(screen.getByDisplayValue('integer')).toBeInTheDocument();
+    expect(screen.getByLabelText('Identity')).toBeInTheDocument();
+
+    await TestUserEvent.fireClickEvent(screen.getByDisplayValue('integer'));
+
+    await user.type(screen.getByDisplayValue('integer'), 'numeric');
+
+    await TestUserEvent.fireClickEvent(
+      screen.getByRole('option', { name: 'numeric numeric' }),
+    );
+
+    expect(screen.getByDisplayValue('numeric')).toBeInTheDocument();
+    expect(screen.queryByLabelText('Identity')).not.toBeInTheDocument();
+
+    await TestUserEvent.fireClickEvent(screen.getByDisplayValue('numeric'));
+    await user.type(screen.getByDisplayValue('numeric'), 'int');
+
+    await TestUserEvent.fireClickEvent(
+      screen.getByRole('option', { name: 'bigint int8' }),
+    );
+
+    expect(screen.getByDisplayValue('bigint')).toBeInTheDocument();
+    expect(screen.getByLabelText('Identity')).toBeInTheDocument();
+  });
+
+  it('should add a new empty row with the Add Column button', async () => {
+    render(<TestTableFormWrapper />);
+    TestUserEvent.fireClickEvent(
+      screen.getByRole('button', { name: /Add Column/ }),
+    );
+
+    expect(screen.getAllByPlaceholderText('Enter name')).toHaveLength(2);
+
+    TestUserEvent.fireClickEvent(
+      screen.getByRole('button', { name: /Add Column/ }),
+    );
+
+    TestUserEvent.fireClickEvent(
+      screen.getByRole('button', { name: /Add Column/ }),
+    );
+    expect(screen.getAllByPlaceholderText('Enter name')).toHaveLength(4);
+  });
+
+  it('the remove column button is disabled if it is the only column', async () => {
+    render(<TestTableFormWrapper />);
+    expect(screen.getByTestId('remove-column-0')).toBeDisabled();
+    TestUserEvent.fireClickEvent(
+      screen.getByRole('button', { name: /Add Column/ }),
+    );
+
+    TestUserEvent.fireClickEvent(
+      screen.getByRole('button', { name: /Add Column/ }),
+    );
+
+    expect(screen.getByTestId('remove-column-0')).not.toBeDisabled();
+    expect(screen.getByTestId('remove-column-1')).not.toBeDisabled();
+    expect(screen.getByTestId('remove-column-2')).not.toBeDisabled();
+
+    TestUserEvent.fireClickEvent(screen.getByTestId('remove-column-1'));
+    expect(screen.getByTestId('remove-column-0')).not.toBeDisabled();
+    expect(screen.getByTestId('remove-column-1')).not.toBeDisabled();
+
+    TestUserEvent.fireClickEvent(screen.getByTestId('remove-column-1'));
+
+    expect(screen.getByTestId('remove-column-0')).toBeDisabled();
+  });
+
+  it('should add a comment to the column', async () => {
+    render(<TestTableFormWrapper />);
+    expect(screen.getByText('Save')).toBeInTheDocument();
+
+    await user.type(screen.getByTestId('tableNameInput'), 'test_table');
+
+    expect(screen.getByTestId('tableNameInput')).toHaveDisplayValue(
+      'test_table',
+    );
+
+    await fillColumnForm(
+      {
+        columnName: 'id',
+        optionName: 'uuid uuid',
+        typeValue: 'uuid',
+        defaultValue: 'gen_random_uuid()',
+      },
+      0,
+    );
+
+    await TestUserEvent.fireClickEvent(screen.getByTestId('columns.0.comment'));
+    expect(
+      screen.getByPlaceholderText('Add a comment for the column'),
+    ).toBeInTheDocument();
+
+    await user.type(
+      screen.getByPlaceholderText('Add a comment for the column'),
+      'Test comment{Escape}',
+    );
+
+    expect(
+      screen.queryByPlaceholderText('Add a comment for the column'),
+    ).not.toBeInTheDocument();
+
+    TestUserEvent.fireClickEvent(
+      screen.getByRole('button', { name: /Add Column/ }),
+    );
+
+    await fillColumnForm(
+      {
+        columnName: 'description',
+        optionName: 'text text',
+        typeValue: 'text',
+      },
+      1,
+    );
+
+    TestUserEvent.fireClickEvent(
+      screen.getByRole('button', { name: /Add Column/ }),
+    );
+    await fillColumnForm(
+      {
+        columnName: 'identity_column',
+        optionName: 'smallint int2',
+        typeValue: 'smallint',
+      },
+      2,
+    );
+
+    await TestUserEvent.fireClickEvent(screen.getByText('Add Primary Key'));
+
+    await TestUserEvent.fireClickEvent(
+      screen.getByRole('option', { name: 'id' }),
+    );
+
+    expect(screen.getByTestId('id')).toBeInTheDocument();
+
+    TestUserEvent.fireClickEvent(screen.getByLabelText('Identity'));
+    expect(
+      screen.getByRole('option', { name: 'identity_column' }),
+    ).toBeInTheDocument();
+    TestUserEvent.fireClickEvent(
+      screen.getByRole('option', { name: 'identity_column' }),
+    );
+
+    expect(screen.getByText('Save')).toBeInTheDocument();
+
+    await TestUserEvent.fireClickEvent(screen.getByText('Save'));
+
+    expect(screen.getByText('Save')).not.toBeDisabled();
+
+    expect(mocks.onSubmit.mock.calls[0][0].name).toBe('test_table');
+    expect(mocks.onSubmit.mock.calls[0][0].primaryKeyIndices).toStrictEqual([
+      '0',
+    ]);
+    expect(mocks.onSubmit.mock.calls[0][0].identityColumnIndex).toBe(2);
+    expect(mocks.onSubmit.mock.calls[0][0].columns).toStrictEqual([
+      {
+        name: 'id',
+        type: { group: 'UUID types', label: 'uuid', value: 'uuid' },
+        defaultValue: {
+          custom: true,
+          dropdownLabel: 'Use "gen_random_uuid()" as a literal',
+          label: 'gen_random_uuid()',
+          value: 'gen_random_uuid()',
+        },
+        isNullable: false,
+        isUnique: false,
+        isIdentity: false,
+        comment: 'Test comment',
+      },
+      {
+        name: 'description',
+        type: { group: 'String types', label: 'text', value: 'text' },
+        defaultValue: null,
+        isNullable: false,
+        isUnique: false,
+        isIdentity: false,
+        comment: null,
+      },
+      {
+        comment: null,
+        defaultValue: null,
+        isIdentity: false,
+        isNullable: false,
+        isUnique: false,
+        name: 'identity_column',
+        type: {
+          group: 'Numeric types',
+          label: 'smallint',
+          value: 'int2',
+        },
+      },
+    ]);
+  });
+});

dashboard/src/features/orgs/projects/database/dataGrid/components/BaseTableForm/BaseTableForm.tsx

@@ -4,7 +4,6 @@ import { Box } from '@/components/ui/v2/Box';
 import { Button } from '@/components/ui/v2/Button';
 import { Input } from '@/components/ui/v2/Input';
 import { Text } from '@/components/ui/v2/Text';
-import { baseColumnValidationSchema } from '@/features/orgs/projects/database/dataGrid/components/BaseColumnForm';
 import type {
   DatabaseTable,
   ForeignKeyRelation,
@@ -51,6 +50,23 @@ export interface BaseTableFormProps extends DialogFormProps {
   submitButtonText?: string;
 }
 
+export const baseColumnValidationSchema = Yup.object().shape({
+  name: Yup.string()
+    .required('This field is required.')
+    .matches(
+      /^([A-Za-z]|_)+/i,
+      'Column name must start with a letter or underscore.',
+    )
+    .matches(
+      /^\w+$/i,
+      'Column name must contain only letters, numbers, or underscores.',
+    ),
+  type: Yup.object()
+    .shape({ value: Yup.string().required() })
+    .required('This field is required.')
+    .nullable(),
+});
+
 export const baseTableValidationSchema = Yup.object({
   name: Yup.string()
     .required('This field is required.')
@@ -86,6 +102,9 @@ function NameInput() {
       {...register('name')}
       id="name"
       fullWidth
+      inputProps={{
+        'data-testid': 'tableNameInput',
+      }}
       label="Name"
       helperText={
         typeof errors.name?.message === 'string' ? errors.name?.message : ''

dashboard/src/features/orgs/projects/database/dataGrid/components/BaseTableForm/ColumnEditorRow/ColumnComment.tsx

@@ -0,0 +1,59 @@
+import { Button } from '@/components/ui/v3/button';
+import {
+  Popover,
+  PopoverContent,
+  PopoverTrigger,
+} from '@/components/ui/v3/popover';
+import { Textarea } from '@/components/ui/v3/textarea';
+import { isEmptyValue } from '@/lib/utils';
+import { MessageSquare, MessageSquareText } from 'lucide-react';
+import { type KeyboardEvent } from 'react';
+import { useFormContext, useWatch } from 'react-hook-form';
+
+interface ColumnCommentProps {
+  index: number;
+}
+
+function ColumnComment({ index }: ColumnCommentProps) {
+  const { register } = useFormContext();
+  const comment = useWatch({ name: `columns.${index}.comment` });
+
+  const CommentIcon = isEmptyValue(comment) ? MessageSquare : MessageSquareText;
+  const title = isEmptyValue(comment) ? 'Add comment' : 'Edit comment';
+
+  function handleKeyDown(event: KeyboardEvent<HTMLTextAreaElement>) {
+    if (event.key === 'Escape') {
+      event.stopPropagation();
+    }
+  }
+
+  return (
+    <Popover>
+      <PopoverTrigger asChild>
+        <Button
+          type="button"
+          variant="ghost"
+          size="icon"
+          title={title}
+          data-testid={`columns.${index}.comment`}
+          className="h-8 w-8 hover:bg-[#eaedf0] dark:hover:bg-[#2f363d]"
+        >
+          <CommentIcon strokeWidth={1} className="h-5 w-5" />
+        </Button>
+      </PopoverTrigger>
+      <PopoverContent
+        className="w-80 p-0 data-[state=closed]:duration-100 data-[state=open]:duration-100"
+        align="end"
+      >
+        <Textarea
+          {...register(`columns.${index}.comment`, { shouldUnregister: false })}
+          onKeyDown={handleKeyDown}
+          className="resize-none"
+          placeholder="Add a comment for the column"
+        />
+      </PopoverContent>
+    </Popover>
+  );
+}
+
+export default ColumnComment;

dashboard/src/features/orgs/projects/database/dataGrid/components/BaseTableForm/ColumnEditorRow/ColumnEditorRow.tsx

@@ -7,6 +7,7 @@ import { InlineCode } from '@/components/presentational/InlineCode';
 import type { CheckboxProps } from '@/components/ui/v2/Checkbox';
 import { Input } from '@/components/ui/v2/Input';
 import { OptionBase } from '@/components/ui/v2/Option';
+
 import type {
   ColumnType,
   ForeignKeyRelation,
@@ -17,10 +18,12 @@ import {
   postgresTypeGroups,
 } from '@/features/orgs/projects/database/dataGrid/utils/postgresqlConstants';
 import clsx from 'clsx';
+
 import type { PropsWithoutRef } from 'react';
 import { memo, useEffect, useState } from 'react';
 import type { FieldError } from 'react-hook-form';
 import { useFormContext, useFormState, useWatch } from 'react-hook-form';
+import ColumnComment from './ColumnComment';
 import { RemoveButton } from './RemoveButton';
 
 export interface FieldArrayInputProps {
@@ -43,7 +46,7 @@ function NameInput({ index }: FieldArrayInputProps) {
     name: [`columns.${index}.name`],
   });
 
-  const primaryKeyIndex: number = useWatch({ name: 'primaryKeyIndex' });
+  const primaryKeyIndices: string[] = useWatch({ name: 'primaryKeyIndices' });
 
   return (
     <Input
@@ -61,17 +64,12 @@ function NameInput({ index }: FieldArrayInputProps) {
             clearErrors('columns');
           }
 
-          if (!event.target.value && primaryKeyIndex === index) {
-            setValue('primaryKeyIndex', null);
+          if (!event.target.value && primaryKeyIndices.includes(`${index}`)) {
+            const updatedPrimaryKeyIndices = primaryKeyIndices.filter(
+              (pk) => pk !== `${index}`,
+            );
 
-            return;
-          }
-
-          if (
-            event.target.value &&
-            (primaryKeyIndex === null || typeof primaryKeyIndex === 'undefined')
-          ) {
-            setValue('primaryKeyIndex', index);
+            setValue('primaryKeyIndices', updatedPrimaryKeyIndices);
           }
         },
       })}
@@ -81,6 +79,7 @@ function NameInput({ index }: FieldArrayInputProps) {
       hideEmptyHelperText
       error={Boolean(errors?.columns?.[index]?.name)}
       helperText={errors?.columns?.[index]?.name?.message}
+      inputProps={{ 'data-testid': `columns.${index}.name` }}
     />
   );
 }
@@ -98,6 +97,11 @@ function TypeAutocomplete({ index }: FieldArrayInputProps) {
 
   return (
     <ControlledAutocomplete
+      slotProps={{
+        inputRoot: {
+          'data-testid': `columns.${index}.type`,
+        },
+      }}
       id={`columns.${index}.type`}
       name={`columns.${index}.type`}
       aria-label="Type"
@@ -201,6 +205,9 @@ function DefaultValueAutocomplete({ index }: FieldArrayInputProps) {
       freeSolo
       slotProps={{
         paper: { className: clsx(availableFunctions.length === 0 && 'hidden') },
+        inputRoot: {
+          'data-testid': `columns.${index}.defaultValue`,
+        },
       }}
       disabled={isIdentity}
       noOptionsText="Enter a custom default value"
@@ -225,10 +232,10 @@ function Checkbox({
   index,
   ...props
 }: FieldArrayInputProps & PropsWithoutRef<CheckboxProps>) {
-  const primaryKeyIndex = useWatch({ name: 'primaryKeyIndex' });
+  const primaryKeyIndices = useWatch({ name: 'primaryKeyIndices' });
   const identityColumnIndex = useWatch({ name: 'identityColumnIndex' });
 
-  const isPrimary = primaryKeyIndex === index;
+  const isPrimary = primaryKeyIndices.includes(`${index}`);
   const isIdentity = identityColumnIndex === index;
 
   return (
@@ -249,28 +256,39 @@ export interface ColumnEditorRowProps extends FieldArrayInputProps {
 }
 
 const ColumnEditorRow = memo(({ index, remove }: ColumnEditorRowProps) => (
-  <div role="row" className="grid w-full grid-cols-12 gap-1">
-    <div role="cell" className="col-span-3">
+  <div role="row" className="flex w-full gap-2">
+    <div role="cell" className="w-52 flex-none">
       <NameInput index={index} />
     </div>
 
-    <div role="cell" className="col-span-3">
+    <div role="cell" className="w-52 flex-none">
       <TypeAutocomplete index={index} />
     </div>
 
-    <div role="cell" className="col-span-3">
+    <div role="cell" className="w-52 flex-none">
       <DefaultValueAutocomplete index={index} />
     </div>
 
-    <div role="cell" className="col-span-1 flex justify-center py-3">
+    <div role="cell" className="flex w-8 flex-none items-center justify-center">
+      <ColumnComment index={index} />
+    </div>
+
+    <div
+      role="cell"
+      className="flex w-13 flex-none items-center justify-center"
+    >
       <Checkbox
         name={`columns.${index}.isNullable`}
         aria-label="Nullable"
         index={index}
+        data-testid={`columns.${index}.isNullable`}
       />
     </div>
 
-    <div role="cell" className="col-span-1 flex justify-center py-3">
+    <div
+      role="cell"
+      className="flex w-13 flex-none items-center justify-center"
+    >
       <Checkbox
         name={`columns.${index}.isUnique`}
         aria-label="Unique"
@@ -278,7 +296,7 @@ const ColumnEditorRow = memo(({ index, remove }: ColumnEditorRowProps) => (
       />
     </div>
 
-    <div role="cell" className="col-span-1 flex justify-center py-0.5">
+    <div role="cell" className="flex w-9 flex-none items-center justify-center">
       <RemoveButton
         index={index}
         onClick={() => {

dashboard/src/features/orgs/projects/database/dataGrid/components/BaseTableForm/ColumnEditorTable.tsx

@@ -25,9 +25,9 @@ export default function ColumnEditorTable() {
 
   return (
     <>
-      <div role="table" className="col-span-8">
-        <div className="sticky top-0 z-10 grid w-full grid-cols-12 gap-1 pb-2 pt-1">
-          <div role="columnheader" className="col-span-3">
+      <div role="table" className="col-span-8 overflow-x-auto">
+        <div className="sticky top-0 z-10 flex w-full gap-2 pb-2 pt-1">
+          <div role="columnheader" className="w-52 flex-none">
             <InputLabel as="span">
               Name
               <Text component="span" color="error">
@@ -36,7 +36,7 @@ export default function ColumnEditorTable() {
             </InputLabel>
           </div>
 
-          <div role="columnheader" className="col-span-3">
+          <div role="columnheader" className="w-52 flex-none">
             <InputLabel as="span">
               Type
               <Text component="span" color="error">
@@ -45,24 +45,30 @@ export default function ColumnEditorTable() {
             </InputLabel>
           </div>
 
-          <div role="columnheader" className="col-span-3">
+          <div role="columnheader" className="w-52 flex-none">
             <InputLabel as="span">Default Value</InputLabel>
           </div>
+          <div role="columnheader" className="w-8 flex-none">
+            <InputLabel as="span" className="hidden">
+              Comment
+            </InputLabel>
+          </div>
 
-          <div role="columnheader" className="col-span-1 truncate text-center">
+          <div role="columnheader" className="w-13 flex-none text-center">
             <InputLabel as="span" className="truncate">
               Nullable
             </InputLabel>
           </div>
 
-          <div role="columnheader" className="col-span-1 truncate text-center">
+          <div role="columnheader" className="w-13 flex-none text-center">
             <InputLabel as="span" className="truncate">
               Unique
             </InputLabel>
           </div>
+          <div className="flex w-9 flex-auto" />
         </div>
 
-        <div role="rowgroup" className="grid w-full grid-flow-row gap-2">
+        <div role="rowgroup" className="grid w-full grid-flow-row gap-1">
           {fields.map((field, index) => (
             <ColumnEditorRow key={field.id} index={index} remove={remove} />
           ))}
@@ -82,6 +88,7 @@ export default function ColumnEditorTable() {
               isNullable: false,
               isUnique: false,
               isIdentity: false,
+              comment: null,
             })
           }
           startIcon={<PlusIcon />}

dashboard/src/features/orgs/projects/database/dataGrid/components/BaseTableForm/ForeignKeyEditorSection.tsx

@@ -60,6 +60,7 @@ export default function ForeignKeyEditorSection() {
     validateDuplicateRelation(values);
     append(values);
   }
+  const primaryKeyIndices = getValues('primaryKeyIndices');
 
   return (
     <section className="grid grid-flow-row gap-2 px-6">
@@ -71,15 +72,13 @@ export default function ForeignKeyEditorSection() {
         <ForeignKeyEditorRow
           index={index}
           onEdit={() => {
-            const primaryKeyIndex = getValues('primaryKeyIndex');
-
             openDialog({
               title: 'Edit Foreign Key Relation',
               component: (
                 <EditForeignKeyForm
                   foreignKeyRelation={fields[index] as ForeignKeyRelation}
                   availableColumns={columns.map((column, columnIndex) =>
-                    columnIndex === primaryKeyIndex
+                    primaryKeyIndices.includes(`${columnIndex}`)
                       ? { ...column, isPrimary: true }
                       : column,
                   )}
@@ -109,8 +108,6 @@ export default function ForeignKeyEditorSection() {
         }}
         disabled={columnsWithNameAndType?.length === 0}
         onClick={() => {
-          const primaryKeyIndex = getValues('primaryKeyIndex');
-
           openDialog({
             title: (
               <span className="grid grid-flow-row">
@@ -125,7 +122,7 @@ export default function ForeignKeyEditorSection() {
             component: (
               <CreateForeignKeyForm
                 availableColumns={columns.map((column, index) =>
-                  index === primaryKeyIndex
+                  primaryKeyIndices.includes(`${index}`)
                     ? { ...column, isPrimary: true }
                     : column,
                 )}

dashboard/src/features/orgs/projects/database/dataGrid/components/BaseTableForm/PrimaryKeySelect.tsx

@@ -75,5 +75,3 @@ export default function PrimaryKeySelect() {
     </div>
   );
 }
-// #1e293b
-// #1b2534

dashboard/src/features/orgs/projects/database/dataGrid/components/CreateTableForm/CreateTableForm.tsx

@@ -67,13 +67,14 @@ export default function CreateTableForm({
           isNullable: false,
           isUnique: false,
           isIdentity: false,
+          comment: '',
         },
       ],
       foreignKeyRelations: [],
       primaryKeyIndices: [],
       identityColumnIndex: null,
     },
-    shouldUnregister: true,
+    shouldUnregister: false,
     reValidateMode: 'onSubmit',
     resolver: yupResolver(baseTableValidationSchema),
   });
@@ -86,6 +87,7 @@ export default function CreateTableForm({
       ],
       [],
     );
+
     try {
       const table: DatabaseTable = {
         ...values,

dashboard/src/features/orgs/projects/database/dataGrid/components/DataBrowserGrid/DataBrowserGrid.tsx

@@ -1,11 +1,9 @@
 import { useDialog } from '@/components/common/DialogProvider';
 import { FormActivityIndicator } from '@/components/form/FormActivityIndicator';
-import { InlineCode } from '@/components/presentational/InlineCode';
-import { KeyIcon } from '@/components/ui/v2/icons/KeyIcon';
+import { InlineCode } from '@/components/ui/v3/inline-code';
 import { useTablePath } from '@/features/orgs/projects/database/common/hooks/useTablePath';
 import { DataBrowserEmptyState } from '@/features/orgs/projects/database/dataGrid/components/DataBrowserEmptyState';
 import { DataBrowserGridControls } from '@/features/orgs/projects/database/dataGrid/components/DataBrowserGridControls';
-import { useDeleteColumnWithToastMutation } from '@/features/orgs/projects/database/dataGrid/hooks/useDeleteColumnMutation';
 import { useTableQuery } from '@/features/orgs/projects/database/dataGrid/hooks/useTableQuery';
 import type { UpdateRecordVariables } from '@/features/orgs/projects/database/dataGrid/hooks/useUpdateRecordMutation';
 import { useUpdateRecordWithToastMutation } from '@/features/orgs/projects/database/dataGrid/hooks/useUpdateRecordMutation';
@@ -21,8 +19,6 @@ import {
   POSTGRESQL_INTEGER_TYPES,
   POSTGRESQL_JSON_TYPES,
 } from '@/features/orgs/projects/database/dataGrid/utils/postgresqlConstants';
-import { isSchemaLocked } from '@/features/orgs/projects/database/dataGrid/utils/schemaHelpers';
-import { useProject } from '@/features/orgs/projects/hooks/useProject';
 import type { DataGridProps } from '@/features/orgs/projects/storage/dataGrid/components/DataGrid';
 import { DataGrid } from '@/features/orgs/projects/storage/dataGrid/components/DataGrid';
 import { DataGridBooleanCell } from '@/features/orgs/projects/storage/dataGrid/components/DataGridBooleanCell';
@@ -31,18 +27,11 @@ import { DataGridDecimalCell } from '@/features/orgs/projects/storage/dataGrid/c
 import { DataGridIntegerCell } from '@/features/orgs/projects/storage/dataGrid/components/DataGridIntegerCell';
 import { DataGridTextCell } from '@/features/orgs/projects/storage/dataGrid/components/DataGridTextCell';
 import { useQueryClient } from '@tanstack/react-query';
+import { KeyRound } from 'lucide-react';
 import dynamic from 'next/dynamic';
 import { useRouter } from 'next/router';
 import { useEffect, useMemo, useRef, useState } from 'react';
 
-const EditColumnForm = dynamic(
-  () =>
-    import(
-      '@/features/orgs/projects/database/dataGrid/components/EditColumnForm/EditColumnForm'
-    ),
-  { ssr: false, loading: () => <FormActivityIndicator /> },
-);
-
 const CreateRecordForm = dynamic(
   () =>
     import(
@@ -63,7 +52,7 @@ export function createDataGridColumn(
   const defaultColumnConfiguration = {
     Header: () => (
       <div className="grid grid-flow-col items-center justify-start gap-1 font-normal">
-        {column.is_primary && <KeyIcon className="text-sm" />}
+        {column.is_primary && <KeyRound width={14} height={14} />}
 
         <span className="truncate font-bold" title={column.column_name}>
           {column.column_name}
@@ -167,23 +156,15 @@ export default function DataBrowserGrid({
     ...router
   } = useRouter();
   const currentTablePath = useTablePath();
-  const isSchemaEditable = !isSchemaLocked(schemaSlug as string);
-  const { openDrawer, openAlertDialog } = useDialog();
 
-  const { project } = useProject();
-  const isGitHubConnected = !!project?.githubRepository;
+  const { openDrawer } = useDialog();
 
   const limit = 25;
   const [currentOffset, setCurrentOffset] = useState<number>(
     parseInt(page as string, 10) - 1 || 0,
   );
 
-  const [removableColumnId, setRemovableColumnId] = useState<string>();
-  const [optimisticlyRemovedColumnId, setOptimisticlyRemovedColumnId] =
-    useState<string>();
-
   const { mutateAsync: updateRow } = useUpdateRecordWithToastMutation();
-  const { mutateAsync: deleteColumn } = useDeleteColumnWithToastMutation();
 
   const { data, status, error, refetch } = useTableQuery(
     [currentTablePath, limit, currentOffset, sortBy],
@@ -271,26 +252,16 @@ export default function DataBrowserGrid({
 
   const memoizedColumns = useMemo(
     () =>
-      columns
-        .map((column) => ({
-          ...createDataGridColumn(column, true),
-          onCellEdit: async (variables: UpdateRecordVariables) => {
-            const result = await updateRow(variables);
-            await queryClient.invalidateQueries([currentTablePath]);
+      columns.map((column) => ({
+        ...createDataGridColumn(column, true),
+        onCellEdit: async (variables: UpdateRecordVariables) => {
+          const result = await updateRow(variables);
+          await queryClient.invalidateQueries([currentTablePath]);
 
-            return result;
-          },
-          isDisabled: removableColumnId === column.column_name,
-        }))
-        .filter((column) => column.id !== optimisticlyRemovedColumnId),
-    [
-      columns,
-      currentTablePath,
-      optimisticlyRemovedColumnId,
-      queryClient,
-      removableColumnId,
-      updateRow,
-    ],
+          return result;
+        },
+      })),
+    [columns, currentTablePath, queryClient, updateRow],
   );
 
   const memoizedData = useMemo(() => rows, [rows]);
@@ -308,58 +279,6 @@ export default function DataBrowserGrid({
     });
   }
 
-  async function handleEditColumnClick(
-    column: DataBrowserGridColumn<NormalizedQueryDataRow>,
-  ) {
-    openDrawer({
-      title: 'Edit Column',
-      component: (
-        <EditColumnForm
-          column={column}
-          onSubmit={() => queryClient.refetchQueries([currentTablePath])}
-        />
-      ),
-    });
-  }
-
-  async function handleColumnDeleteConfirmation(
-    column: DataBrowserGridColumn<NormalizedQueryDataRow>,
-  ) {
-    try {
-      // We are greying out and disabling it in the grid
-      setRemovableColumnId(column.id);
-      await deleteColumn({ column });
-
-      // Note: At this point we can optimistically assume that the column was
-      // removed, so we can improve the UX by removing it from the grid right
-      // away, without waiting for the refetch to succeed.
-      setOptimisticlyRemovedColumnId(column.id);
-      await queryClient.refetchQueries([currentTablePath]);
-    } finally {
-      setRemovableColumnId(undefined);
-      setOptimisticlyRemovedColumnId(undefined);
-    }
-  }
-
-  async function handleColumnRemoveClick(
-    column: DataBrowserGridColumn<NormalizedQueryDataRow>,
-  ) {
-    openAlertDialog({
-      title: 'Delete column',
-      payload: (
-        <span>
-          Are you sure you want to delete the{' '}
-          <strong className="break-all">{column.id}</strong> column?
-        </span>
-      ),
-      props: {
-        primaryButtonText: 'Delete',
-        primaryButtonColor: 'error',
-        onPrimaryAction: () => handleColumnDeleteConfirmation(column),
-      },
-    });
-  }
-
   if (metadata?.schemaNotFound) {
     return (
       <DataBrowserEmptyState
@@ -414,8 +333,6 @@ export default function DataBrowserGrid({
       sortBy={sortBy}
       className="pb-17 sm:pb-0"
       onInsertRow={handleInsertRowClick}
-      onEditColumn={isSchemaEditable ? handleEditColumnClick : undefined}
-      onRemoveColumn={isSchemaEditable ? handleColumnRemoveClick : undefined}
       options={{
         manualSortBy: true,
         disableMultiSort: true,
@@ -423,12 +340,6 @@ export default function DataBrowserGrid({
         autoResetSelectedRows: false,
         autoResetResize: false,
       }}
-      headerProps={{
-        componentsProps: {
-          editActionProps: { disabled: isGitHubConnected },
-          deleteActionProps: { disabled: isGitHubConnected },
-        },
-      }}
       controls={
         <DataBrowserGridControls
           onInsertRowClick={handleInsertRowClick}

dashboard/src/features/orgs/projects/database/dataGrid/components/DataBrowserSidebar/DataBrowserSidebar.tsx

@@ -603,7 +603,7 @@ export default function DataBrowserSidebar({
       </Box>
 
       <IconButton
-        className="absolute bottom-4 left-4 z-[38] h-11 w-11 rounded-full md:hidden"
+        className="absolute bottom-4 left-8 z-[38] h-11 w-11 rounded-full md:hidden"
         onClick={toggleExpanded}
         aria-label="Toggle sidebar"
       >

dashboard/src/features/orgs/projects/database/dataGrid/components/DatabaseRecordInputGroup/DatabaseRecordInputGroup.tsx

@@ -112,7 +112,7 @@ export default function DatabaseRecordInputGroup({
             const isMultiline =
               specificType === 'text' ||
               specificType === 'bpchar' ||
-              specificType === 'character varying' ||
+              specificType === 'varchar' ||
               specificType === 'json' ||
               specificType === 'jsonb';
 

dashboard/src/features/orgs/projects/database/dataGrid/components/EditColumnForm/EditColumnForm.tsx

@@ -1,151 +0,0 @@
-import { Alert } from '@/components/ui/v2/Alert';
-import type { AutocompleteOption } from '@/components/ui/v2/Autocomplete';
-import { Button } from '@/components/ui/v2/Button';
-import type {
-  BaseColumnFormProps,
-  BaseColumnFormValues,
-} from '@/features/orgs/projects/database/dataGrid/components/BaseColumnForm';
-import {
-  BaseColumnForm,
-  baseColumnValidationSchema,
-} from '@/features/orgs/projects/database/dataGrid/components/BaseColumnForm';
-import { useTrackForeignKeyRelationsMutation } from '@/features/orgs/projects/database/dataGrid/hooks/useTrackForeignKeyRelationsMutation';
-import { useUpdateColumnMutation } from '@/features/orgs/projects/database/dataGrid/hooks/useUpdateColumnMutation';
-import type {
-  ColumnType,
-  DataBrowserGridColumn,
-} from '@/features/orgs/projects/database/dataGrid/types/dataBrowser';
-import { convertDataBrowserGridColumnToDatabaseColumn } from '@/features/orgs/projects/database/dataGrid/utils/convertDataBrowserGridColumnToDatabaseColumn';
-import { isNotEmptyValue } from '@/lib/utils';
-import { triggerToast } from '@/utils/toast';
-import { yupResolver } from '@hookform/resolvers/yup';
-import { useRouter } from 'next/router';
-import { FormProvider, useForm } from 'react-hook-form';
-import type * as Yup from 'yup';
-
-export interface EditColumnFormProps
-  extends Pick<BaseColumnFormProps, 'onCancel' | 'location'> {
-  /**
-   * Column to be edited.
-   */
-  column: DataBrowserGridColumn;
-  /**
-   * Function to be called when the form is submitted.
-   */
-  onSubmit?: () => Promise<void>;
-}
-
-export default function EditColumnForm({
-  column: originalColumn,
-  onSubmit,
-  ...props
-}: EditColumnFormProps) {
-  const {
-    query: { schemaSlug, tableSlug },
-  } = useRouter();
-
-  const {
-    mutateAsync: updateColumn,
-    error: updateColumnError,
-    reset: resetUpdateColumnError,
-  } = useUpdateColumnMutation();
-
-  const {
-    mutateAsync: trackForeignKeyRelation,
-    error: foreignKeyError,
-    reset: resetForeignKeyError,
-  } = useTrackForeignKeyRelationsMutation();
-
-  const error = updateColumnError || foreignKeyError;
-
-  function resetError() {
-    resetUpdateColumnError();
-    resetForeignKeyError();
-  }
-
-  const defaultValue: AutocompleteOption = {
-    value: originalColumn.defaultValue,
-    label: originalColumn.defaultValue,
-    custom: originalColumn.isDefaultValueCustom,
-  };
-
-  const columnValues: BaseColumnFormValues = {
-    name: originalColumn.id,
-    type: {
-      value: originalColumn.specificType as ColumnType,
-      label: originalColumn.specificType as ColumnType,
-    },
-    defaultValue,
-    isNullable: originalColumn.isNullable || false,
-    isUnique: originalColumn.isUnique || false,
-    isIdentity: originalColumn.isIdentity || false,
-    foreignKeyRelation: originalColumn.foreignKeyRelation || null,
-    comment: originalColumn.comment || null,
-  };
-
-  const form = useForm<
-    BaseColumnFormValues | Yup.InferType<typeof baseColumnValidationSchema>
-  >({
-    defaultValues: columnValues,
-    reValidateMode: 'onSubmit',
-    resolver: yupResolver(baseColumnValidationSchema),
-  });
-
-  async function handleSubmit(values: BaseColumnFormValues) {
-    try {
-      await updateColumn({
-        originalColumn:
-          convertDataBrowserGridColumnToDatabaseColumn(originalColumn),
-        column: values,
-      });
-
-      if (isNotEmptyValue(values.foreignKeyRelation)) {
-        await trackForeignKeyRelation({
-          foreignKeyRelations: [values.foreignKeyRelation],
-          schema: schemaSlug as string,
-          table: tableSlug as string,
-        });
-      }
-
-      if (onSubmit) {
-        await onSubmit();
-      }
-
-      triggerToast('The column has been updated successfully.');
-    } catch {
-      // This error is handled by the useUpdateColumnMutation hook.
-    }
-  }
-
-  return (
-    <FormProvider {...form}>
-      {error && error instanceof Error ? (
-        <div className="-mt-3 mb-4 px-6">
-          <Alert
-            severity="error"
-            className="grid grid-flow-col items-center justify-between px-4 py-3"
-          >
-            <span className="text-left">
-              <strong>Error:</strong> {error.message}
-            </span>
-
-            <Button
-              variant="borderless"
-              color="error"
-              size="small"
-              onClick={resetError}
-            >
-              Clear
-            </Button>
-          </Alert>
-        </div>
-      ) : null}
-
-      <BaseColumnForm
-        submitButtonText="Save"
-        onSubmit={handleSubmit}
-        {...props}
-      />
-    </FormProvider>
-  );
-}

dashboard/src/features/orgs/projects/database/dataGrid/components/EditColumnForm/index.ts

@@ -1,2 +0,0 @@
-export * from './EditColumnForm';
-export { default as EditColumnForm } from './EditColumnForm';

dashboard/src/features/orgs/projects/database/dataGrid/components/EditTableForm/EditTableForm.tsx

@@ -133,6 +133,7 @@ export default function EditTableForm({
           defaultValue: column.defaultValue,
           isNullable: column.isNullable,
           isUnique: column.isUnique,
+          comment: column.comment || '',
         })),
         primaryKeyIndices,
         identityColumnIndex:
@@ -153,7 +154,7 @@ export default function EditTableForm({
 
   async function handleSubmit(values: BaseTableFormValues) {
     const primaryKey = values.primaryKeyIndices.map<string>(
-      (primaryKeys, primaryKeyIndex) => values.columns[primaryKeyIndex].name,
+      (primaryKeys) => values.columns[primaryKeys].name,
     );
     try {
       const updatedTable: DatabaseTable = {