New capability — Postgres/Supabase sources in named connections are now runnable (#14)
Previously, a platform: postgres/supabase source under connections: compiled but failed at run time (no credentials on the foreign server). Now the FDW bridge emits a CREATE USER MAPPING, and run injects the source user/password from .df-credentials.json's connections map at execution time.
- Compile emits non-secret placeholders (
${SA_CONN:<conn>:user|password}) — secrets never enter the compiled graph or--dry-run/--jsonoutput. - Run substitutes them at the execution choke point, with fail-fast validation if a connection's creds are missing.
- BigQuery sources (non-secret
saKeyIdpath) are unchanged. - Verified with core unit tests, a CLI substitution unit test, and a live-Postgres integration test (loopback
postgres_fdwreading through the foreign table).
For Postgres/Supabase sources: put non-secret host/port/database in workflow_settings.yaml's connection, and the secret user/password under connections.<name> in .df-credentials.json.