chore: deprecate og environment policies

[adityachoudhari26]

Summary by CodeRabbit

• Removals

  • Environment policy management features have been removed, including related tabs, dropdowns, API endpoints, and URL routes.
  • Policy-related fields and options are no longer available when creating or editing environments.
  • Database tables, schema elements, and related enums for environment policies and approvals have been deleted.

• Bug Fixes

  • User interface elements and navigation related to environment policies have been cleaned up for clarity.

• Chores

  • Internal code and database cleanup to remove obsolete environment policy logic and dependencies.

[coderabbitai]

Walkthrough

This change removes all environment policy–related features from the codebase. It deletes database tables, schema definitions, API routers, utility functions, UI components, and URL builders associated with environment policies and their approvals. All references, relations, and logic tied to environment policies are eliminated from backend and frontend code.

Changes

File(s) / Path(s)	Change Summary
packages/db/drizzle/0121_tricky_eddie_brock.sql, packages/db/src/schema/environment.ts, ...	Dropped all environment policy–related tables, enums, columns, and schema definitions.
packages/db/src/schema/environment-policy-deployment.ts, .../environment-policy-relations.ts	Deleted files defining environment policy deployment and relations schemas.
packages/db/src/schema/index.ts	Removed exports for environment policy deployment and relations schemas.
packages/db/src/schema/rbac.ts	Removed "environmentPolicy" value from scopeType enum.
packages/db/src/schema/environment-relations.ts	Removed policy relation from environment relations.
packages/db/src/utils/upsert-env.ts	Removed all logic handling environment policy in upsert function.
packages/api/src/router/environment-policy.ts, .../environment-approval.ts	Deleted routers for managing environment policies and approvals.
packages/api/src/router/environment.ts	Removed all environment policy references, joins, and returned fields from environment router.
packages/api/src/router/environment-page/deployments/deployment-stats.ts	Removed policy approval joins from deployment stats query.
packages/auth/src/utils/rbac.ts	Deleted environment policy scope handler and related function.
apps/webservice/src/app/api/v1/environments/openapi.ts	Removed policyId and releaseChannels from environment creation API schema.
apps/webservice/src/app/api/v1/environments/[environmentId]/route.ts	Removed inclusion of policy from environment fetch query.
apps/webservice/src/app/urls.ts	Removed environment policies URL builder.
apps/webservice/src/app/[...]/EnvironmentTabs.tsx, .../EnvironmentDropdown.tsx	Deleted UI for environment policies tab and dropdown menu item.
apps/webservice/src/app/[...]/flow-diagram/nodes/EnvironmentNode.tsx	Removed policy prop and related type from node props.
apps/webservice/src/app/[...]/reactflow/edges.ts	Deleted file generating edges for environment policy relationships in diagrams.
packages/db/drizzle/meta/_journal.json	Added migration journal entry for schema changes.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant Web UI
    participant API Server
    participant Database

    User->>Web UI: Interact with environment features
    Web UI->>API Server: Fetch/create/update environment (no policy fields)
    API Server->>Database: Query/modify environment (no policy joins or columns)
    Database-->>API Server: Return environment data (no policy)
    API Server-->>Web UI: Respond without policy information
    Web UI-->>User: Display environment (no policy tabs or menu items)

Loading

Possibly related PRs

• ctrlplanedev/ctrlplane#295: Removes environment policy types and UI props, reversing additions of policy override features.
• ctrlplanedev/ctrlplane#292: Adds timestamp to environment policy approval schema, related to environment policy domain now removed.
• ctrlplanedev/ctrlplane#279: Modifies environment policy and approval props in EnvironmentNode.tsx, related to this PR’s removal of those props.

Poem

A hop, a skip, with code anew,
Old policy fields bid adieu!
No more tables, joins, or tabs—
The schema’s light, the UI fab.
Approval flows have hopped away,
Simpler gardens here to stay.
🐇✨

---

📜 Recent review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 35205bc and 04940c3.

📒 Files selected for processing (2)

• packages/api/src/router/environment-page/deployments/deployment-stats.ts (2 hunks)
• packages/db/drizzle/meta/_journal.json (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• packages/api/src/router/environment-page/deployments/deployment-stats.ts
• packages/db/drizzle/meta/_journal.json

⏰ Context from checks skipped due to timeout of 90000ms (6)

• GitHub Check: Typecheck
• GitHub Check: Lint
• GitHub Check: build (linux/amd64)
• GitHub Check: build (linux/amd64)
• GitHub Check: build (linux/amd64)
• GitHub Check: build (linux/amd64)

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d3568c3 and 35205bc.

📒 Files selected for processing (21)

• apps/webservice/src/app/[workspaceSlug]/(app)/(deploy)/(raw)/systems/[systemSlug]/(raw)/deployments/[deploymentSlug]/(raw)/releases/[releaseId]/checks/_components/flow-diagram/nodes/EnvironmentNode.tsx (0 hunks)
• apps/webservice/src/app/[workspaceSlug]/(app)/(deploy)/(raw)/systems/[systemSlug]/(raw)/environments/[environmentId]/_components/EnvironmentTabs.tsx (0 hunks)
• apps/webservice/src/app/[workspaceSlug]/(app)/(deploy)/(raw)/systems/[systemSlug]/(sidebar)/environments/_components/EnvironmentDropdown.tsx (0 hunks)
• apps/webservice/src/app/[workspaceSlug]/(app)/_components/reactflow/edges.ts (0 hunks)
• apps/webservice/src/app/api/v1/environments/[environmentId]/route.ts (1 hunks)
• apps/webservice/src/app/api/v1/environments/openapi.ts (0 hunks)
• apps/webservice/src/app/urls.ts (0 hunks)
• packages/api/src/router/environment-approval.ts (0 hunks)
• packages/api/src/router/environment-page/deployments/deployment-stats.ts (1 hunks)
• packages/api/src/router/environment-policy.ts (0 hunks)
• packages/api/src/router/environment.ts (1 hunks)
• packages/auth/src/utils/rbac.ts (0 hunks)
• packages/db/drizzle/0121_tricky_eddie_brock.sql (1 hunks)
• packages/db/drizzle/meta/_journal.json (1 hunks)
• packages/db/src/schema/environment-policy-deployment.ts (0 hunks)
• packages/db/src/schema/environment-policy-relations.ts (0 hunks)
• packages/db/src/schema/environment-relations.ts (0 hunks)
• packages/db/src/schema/environment.ts (1 hunks)
• packages/db/src/schema/index.ts (0 hunks)
• packages/db/src/schema/rbac.ts (0 hunks)
• packages/db/src/utils/upsert-env.ts (1 hunks)

💤 Files with no reviewable changes (14)

• apps/webservice/src/app/[workspaceSlug]/(app)/(deploy)/(raw)/systems/[systemSlug]/(sidebar)/environments/_components/EnvironmentDropdown.tsx
• packages/db/src/schema/rbac.ts
• apps/webservice/src/app/[workspaceSlug]/(app)/(deploy)/(raw)/systems/[systemSlug]/(raw)/deployments/[deploymentSlug]/(raw)/releases/[releaseId]/checks/_components/flow-diagram/nodes/EnvironmentNode.tsx
• packages/db/src/schema/environment-relations.ts
• apps/webservice/src/app/[workspaceSlug]/(app)/(deploy)/(raw)/systems/[systemSlug]/(raw)/environments/[environmentId]/_components/EnvironmentTabs.tsx
• packages/db/src/schema/environment-policy-relations.ts
• apps/webservice/src/app/urls.ts
• apps/webservice/src/app/api/v1/environments/openapi.ts
• packages/auth/src/utils/rbac.ts
• packages/db/src/schema/environment-policy-deployment.ts
• packages/api/src/router/environment-approval.ts
• apps/webservice/src/app/[workspaceSlug]/(app)/_components/reactflow/edges.ts
• packages/api/src/router/environment-policy.ts
• packages/db/src/schema/index.ts

🧰 Additional context used

📓 Path-based instructions (4)

`**/*.{ts,tsx}`: Use TypeScript with explicit types (prefer interfaces for public APIs) Consistent type imports: `import type { Type } from "module"`

**/*.{ts,tsx}: Use TypeScript with explicit types (prefer interfaces for public APIs)
Consistent type imports: import type { Type } from "module"

📄 Source: CodeRabbit Inference Engine (CLAUDE.md)

List of files the instruction was applied to:

• apps/webservice/src/app/api/v1/environments/[environmentId]/route.ts
• packages/api/src/router/environment-page/deployments/deployment-stats.ts
• packages/db/src/utils/upsert-env.ts
• packages/api/src/router/environment.ts
• packages/db/src/schema/environment.ts

`**/*.{js,jsx,ts,tsx}`: Import styles: Use named imports, group imports by sourc...

**/*.{js,jsx,ts,tsx}: Import styles: Use named imports, group imports by source (std lib > external > internal)
Prefer async/await over raw promises
Handle errors explicitly (use try/catch and typed error responses)

📄 Source: CodeRabbit Inference Engine (CLAUDE.md)

List of files the instruction was applied to:

• apps/webservice/src/app/api/v1/environments/[environmentId]/route.ts
• packages/api/src/router/environment-page/deployments/deployment-stats.ts
• packages/db/src/utils/upsert-env.ts
• packages/api/src/router/environment.ts
• packages/db/src/schema/environment.ts

`**/*.{js,jsx,ts,tsx,json,css,md,yml,yaml}`: Formatting: Prettier is used with `@ctrlplane/prettier-config`

**/*.{js,jsx,ts,tsx,json,css,md,yml,yaml}: Formatting: Prettier is used with @ctrlplane/prettier-config

📄 Source: CodeRabbit Inference Engine (CLAUDE.md)

List of files the instruction was applied to:

• apps/webservice/src/app/api/v1/environments/[environmentId]/route.ts
• packages/db/drizzle/meta/_journal.json
• packages/api/src/router/environment-page/deployments/deployment-stats.ts
• packages/db/src/utils/upsert-env.ts
• packages/api/src/router/environment.ts
• packages/db/src/schema/environment.ts

`**/*.{ts,tsx}`: **Note on Error Handling:** Avoid strict enforcement of try/cat...

**/*.{ts,tsx}: Note on Error Handling:
Avoid strict enforcement of try/catch blocks. Code may use early returns, Promise chains (.then().catch()), or other patterns for error handling. These are acceptable as long as they maintain clarity and predictability.

⚙️ Source: CodeRabbit Configuration File

List of files the instruction was applied to:

• apps/webservice/src/app/api/v1/environments/[environmentId]/route.ts
• packages/api/src/router/environment-page/deployments/deployment-stats.ts
• packages/db/src/utils/upsert-env.ts
• packages/api/src/router/environment.ts
• packages/db/src/schema/environment.ts

🧠 Learnings (7)

📓 Common learnings

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#187
File: apps/jobs/src/ephemeral-env-checker/index.ts:57-0
Timestamp: 2024-10-30T23:10:58.869Z
Learning: In the codebase, deployments are decoupled from environments. When deleting environments (e.g., in `apps/jobs/src/ephemeral-env-checker/index.ts`), associated deployments should not be deleted.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#601
File: e2e/tests/api/policies/retry-policy.spec.ts:23-24
Timestamp: 2025-06-24T23:52:50.732Z
Learning: The user adityachoudhari26 prefers not to add null safety checks or defensive programming in test code, particularly in e2e tests, as they prioritize simplicity and focus on the main functionality being tested rather than comprehensive error handling within the test itself.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#601
File: e2e/tests/api/policies/retry-policy.spec.ts:117-130
Timestamp: 2025-06-24T23:53:25.398Z
Learning: User adityachoudhari26 prefers to keep non-null assertions in e2e test code without extensive null safety checks, reasoning that test failures serve the same purpose of catching issues and the extra validation doesn't add much value in test contexts.

apps/webservice/src/app/api/v1/environments/[environmentId]/route.ts (7)

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#187
File: apps/jobs/src/ephemeral-env-checker/index.ts:57-0
Timestamp: 2024-10-30T23:10:58.869Z
Learning: In the codebase, deployments are decoupled from environments. When deleting environments (e.g., in `apps/jobs/src/ephemeral-env-checker/index.ts`), associated deployments should not be deleted.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#237
File: packages/api/src/router/job.ts:362-365
Timestamp: 2024-11-27T23:18:42.055Z
Learning: In the file `packages/api/src/router/job.ts`, the function `releaseMatchesCondition` returns undefined if the `filter` parameter is null. This behavior ensures that when constructing the query with `and(...)`, the condition is omitted, allowing the query to function correctly even if there is no release channel associated with the environment.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#188
File: apps/webservice/src/app/[workspaceSlug]/_components/release-channel-drawer/Usage.tsx:42-44
Timestamp: 2024-11-01T02:35:07.352Z
Learning: In `apps/webservice/src/app/[workspaceSlug]/_components/release-channel-drawer/Usage.tsx`, within the `Usage` component, the arrays used for filtering inherited environments are expected to remain small. Therefore, performance optimizations for this filtering logic are not necessary.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#181
File: packages/api/src/router/deployment.ts:116-131
Timestamp: 2024-10-29T02:04:50.312Z
Learning: In `packages/api/src/router/deployment.ts`, the `list.byDeploymentId` procedure requires multiple database queries due to limitations of the `releaseMatchesCondition` function.

Learnt from: zacharyblasczyk
PR: ctrlplanedev/ctrlplane#382
File: apps/webservice/src/app/api/v1/deployments/[deploymentId]/route.ts:82-88
Timestamp: 2025-03-16T19:41:44.129Z
Learning: In Next.js 15, dynamic route parameters (params) return Promises instead of direct values in async contexts. When accessing properties like `params.deploymentId` in an async function, use `(await params).deploymentId` to avoid the "params should be awaited before using its properties" error. This applies to API routes, page components, and other async contexts.

Learnt from: zacharyblasczyk
PR: ctrlplanedev/ctrlplane#382
File: apps/webservice/src/app/api/v1/deployments/[deploymentId]/route.ts:82-88
Timestamp: 2025-03-16T19:41:44.129Z
Learning: In Next.js 15, params in dynamic routes must be awaited before accessing their properties in async contexts. For example, `params.deploymentId` should be accessed as `(await params).deploymentId` in async functions.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#183
File: apps/webservice/src/app/[workspaceSlug]/_components/environment-drawer/EnvironmentDropdownMenu.tsx:27-31
Timestamp: 2024-10-30T00:04:33.532Z
Learning: The `SCHEMA.Environment` type includes the `systemId` field.

packages/api/src/router/environment-page/deployments/deployment-stats.ts (7)

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#181
File: packages/api/src/router/deployment.ts:116-131
Timestamp: 2024-10-29T02:04:50.312Z
Learning: In `packages/api/src/router/deployment.ts`, the `list.byDeploymentId` procedure requires multiple database queries due to limitations of the `releaseMatchesCondition` function.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#237
File: apps/webservice/src/app/[workspaceSlug]/(app)/_components/deployment-resource-drawer/DeploymentResourceDrawer.tsx:43-50
Timestamp: 2024-11-27T23:16:35.580Z
Learning: In `DeploymentResourceDrawer.tsx`, the `isOpen` variable already checks whether `deploymentId`, `environmentId`, and `resourceId` are non-null, so additional null checks in query `enabled` conditions are not necessary.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#187
File: apps/jobs/src/ephemeral-env-checker/index.ts:57-0
Timestamp: 2024-10-30T23:10:58.869Z
Learning: In the codebase, deployments are decoupled from environments. When deleting environments (e.g., in `apps/jobs/src/ephemeral-env-checker/index.ts`), associated deployments should not be deleted.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#515
File: apps/webservice/src/app/api/v1/release-targets/[releaseTargetId]/releases/route.ts:103-108
Timestamp: 2025-04-28T18:41:58.813Z
Learning: In this project, full records from the `deployment` and `deployment_version` tables are considered safe for public API consumption, and there's no need to create restricted DTOs for them.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#188
File: packages/api/src/router/deployment.ts:144-161
Timestamp: 2024-11-01T02:37:25.510Z
Learning: In `packages/api/src/router/deployment.ts`, when using Drizzle ORM, there is a limitation when referencing the same table twice in a relational builder query (rbq), requiring separate queries to avoid issues.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#237
File: packages/api/src/router/job.ts:362-365
Timestamp: 2024-11-27T23:18:42.055Z
Learning: In the file `packages/api/src/router/job.ts`, the function `releaseMatchesCondition` returns undefined if the `filter` parameter is null. This behavior ensures that when constructing the query with `and(...)`, the condition is omitted, allowing the query to function correctly even if there is no release channel associated with the environment.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#515
File: apps/event-worker/src/workers/compute-systems-release-targets.ts:86-110
Timestamp: 2025-04-28T18:38:21.163Z
Learning: In SQL queries that use `inArray()` with arrays like `deploymentIds` or `environmentIds`, if these arrays are empty, it will generate an invalid `IN ()` clause that PostgreSQL rejects. Adding condition checks (e.g., `if (array.length > 0)`) before executing such queries prevents SQL syntax errors.

packages/db/src/utils/upsert-env.ts (3)

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#187
File: apps/jobs/src/ephemeral-env-checker/index.ts:57-0
Timestamp: 2024-10-30T23:10:58.869Z
Learning: In the codebase, deployments are decoupled from environments. When deleting environments (e.g., in `apps/jobs/src/ephemeral-env-checker/index.ts`), associated deployments should not be deleted.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#601
File: packages/job-dispatch/src/job-update.ts:264-270
Timestamp: 2025-06-24T23:56:54.799Z
Learning: In this codebase, the `Tx` type is just an alias for the database client type (`Omit<typeof db, "$client">`) and does not necessarily indicate an active transaction context. Functions like `createReleaseJob` need to be called within a transaction, which is why they are wrapped with `db.transaction()` even when the parameter is typed as `Tx`. Drizzle supports nested transactions via breakpoints, so additional transaction wrappers are safe even if already within a transaction.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#579
File: packages/db/src/schema/rules/concurrency.ts:0-0
Timestamp: 2025-06-01T19:10:11.535Z
Learning: In the ctrlplane codebase, when defining database schemas with Drizzle ORM, it's an intentional pattern to spread base fields (like `basePolicyRuleFields`) and then redefine specific fields to add additional constraints (like unique constraints or foreign key references). The TypeScript field overwriting behavior is deliberately used to override base field definitions with more specific requirements.

packages/api/src/router/environment.ts (6)

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#237
File: packages/api/src/router/job.ts:362-365
Timestamp: 2024-11-27T23:18:42.055Z
Learning: In the file `packages/api/src/router/job.ts`, the function `releaseMatchesCondition` returns undefined if the `filter` parameter is null. This behavior ensures that when constructing the query with `and(...)`, the condition is omitted, allowing the query to function correctly even if there is no release channel associated with the environment.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#181
File: packages/api/src/router/deployment.ts:116-131
Timestamp: 2024-10-29T02:04:50.312Z
Learning: In `packages/api/src/router/deployment.ts`, the `list.byDeploymentId` procedure requires multiple database queries due to limitations of the `releaseMatchesCondition` function.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#187
File: apps/jobs/src/ephemeral-env-checker/index.ts:57-0
Timestamp: 2024-10-30T23:10:58.869Z
Learning: In the codebase, deployments are decoupled from environments. When deleting environments (e.g., in `apps/jobs/src/ephemeral-env-checker/index.ts`), associated deployments should not be deleted.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#188
File: packages/api/src/router/deployment.ts:144-161
Timestamp: 2024-11-01T02:37:25.510Z
Learning: In `packages/api/src/router/deployment.ts`, when using Drizzle ORM, there is a limitation when referencing the same table twice in a relational builder query (rbq), requiring separate queries to avoid issues.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#188
File: apps/webservice/src/app/[workspaceSlug]/_components/release-channel-drawer/Usage.tsx:42-44
Timestamp: 2024-11-01T02:35:07.352Z
Learning: In `apps/webservice/src/app/[workspaceSlug]/_components/release-channel-drawer/Usage.tsx`, within the `Usage` component, the arrays used for filtering inherited environments are expected to remain small. Therefore, performance optimizations for this filtering logic are not necessary.

Learnt from: zacharyblasczyk
PR: ctrlplanedev/ctrlplane#236
File: packages/api/src/router/workspace-integrations.ts:222-231
Timestamp: 2024-12-02T01:47:59.631Z
Learning: In `packages/api/src/router/workspace-integrations.ts`, when creating IAM policies for roles that need to assume customer-provided roles with unknown ARNs, it's acceptable to keep `Resource` as `"*"` in the policy document, while limiting the `Action` to `"sts:AssumeRole"`, since ARNs are not known in advance.

packages/db/src/schema/environment.ts (8)

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#187
File: apps/jobs/src/ephemeral-env-checker/index.ts:57-0
Timestamp: 2024-10-30T23:10:58.869Z
Learning: In the codebase, deployments are decoupled from environments. When deleting environments (e.g., in `apps/jobs/src/ephemeral-env-checker/index.ts`), associated deployments should not be deleted.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#579
File: packages/db/src/schema/rules/concurrency.ts:0-0
Timestamp: 2025-06-01T19:10:11.535Z
Learning: In the ctrlplane codebase, when defining database schemas with Drizzle ORM, it's an intentional pattern to spread base fields (like `basePolicyRuleFields`) and then redefine specific fields to add additional constraints (like unique constraints or foreign key references). The TypeScript field overwriting behavior is deliberately used to override base field definitions with more specific requirements.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#237
File: apps/webservice/src/app/[workspaceSlug]/(app)/_components/deployment-resource-drawer/DeploymentResourceDrawer.tsx:43-50
Timestamp: 2024-11-27T23:16:35.580Z
Learning: In `DeploymentResourceDrawer.tsx`, the `isOpen` variable already checks whether `deploymentId`, `environmentId`, and `resourceId` are non-null, so additional null checks in query `enabled` conditions are not necessary.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#188
File: apps/webservice/src/app/[workspaceSlug]/_components/release-channel-drawer/Usage.tsx:42-44
Timestamp: 2024-11-01T02:35:07.352Z
Learning: In `apps/webservice/src/app/[workspaceSlug]/_components/release-channel-drawer/Usage.tsx`, within the `Usage` component, the arrays used for filtering inherited environments are expected to remain small. Therefore, performance optimizations for this filtering logic are not necessary.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#188
File: packages/api/src/router/deployment.ts:144-161
Timestamp: 2024-11-01T02:37:25.510Z
Learning: In `packages/api/src/router/deployment.ts`, when using Drizzle ORM, there is a limitation when referencing the same table twice in a relational builder query (rbq), requiring separate queries to avoid issues.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#188
File: apps/webservice/src/app/[workspaceSlug]/_components/environment-drawer/EnvironmentDrawer.tsx:139-154
Timestamp: 2024-11-01T02:36:23.101Z
Learning: In `EnvironmentDrawer.tsx`, for the `EnvironmentDrawer` component, when there are only a few `TabButton` instances (e.g., 3), it's acceptable to define them individually without extracting them into a configuration to reduce repetition.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#515
File: apps/webservice/src/app/api/v1/release-targets/[releaseTargetId]/releases/route.ts:103-108
Timestamp: 2025-04-28T18:41:58.813Z
Learning: In this project, full records from the `deployment` and `deployment_version` tables are considered safe for public API consumption, and there's no need to create restricted DTOs for them.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#181
File: packages/auth/src/utils/rbac.ts:102-118
Timestamp: 2024-10-29T02:05:46.185Z
Learning: The `releaseChannel` scope type is included in the `scopeType` enum in `packages/db/src/schema/rbac.ts`.

packages/db/drizzle/0121_tricky_eddie_brock.sql (2)

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#587
File: packages/db/drizzle/0112_curved_annihilus.sql:6-8
Timestamp: 2025-06-13T00:14:44.070Z
Learning: In table `policy_rule_environment_version_rollout`, column `time_scale_interval` is intentionally stored as `numeric` because it represents a dimensionless scaling factor in rollout equations, not a time duration.

Learnt from: adityachoudhari26
PR: ctrlplanedev/ctrlplane#515
File: apps/webservice/src/app/api/v1/release-targets/[releaseTargetId]/releases/route.ts:103-108
Timestamp: 2025-04-28T18:41:58.813Z
Learning: In this project, full records from the `deployment` and `deployment_version` tables are considered safe for public API consumption, and there's no need to create restricted DTOs for them.

🧬 Code Graph Analysis (1)

packages/db/src/utils/upsert-env.ts (2)

packages/db/src/common.ts (1)

• Tx (22-22)

packages/db/src/schema/environment.ts (1)

• environment (44-64)

⏰ Context from checks skipped due to timeout of 90000ms (5)

• GitHub Check: build (linux/amd64)
• GitHub Check: Typecheck
• GitHub Check: build (linux/amd64)
• GitHub Check: Lint
• GitHub Check: build (linux/amd64)

🔇 Additional comments (10)

packages/db/drizzle/meta/_journal.json (1)

851-858: LGTM!

The migration journal entry is correctly formatted and follows the established pattern for tracking database schema changes.

apps/webservice/src/app/api/v1/environments/[environmentId]/route.ts (1)

26-26: LGTM!

Correctly removes the policy relation from the query while preserving metadata functionality, aligning with the environment policy deprecation.

packages/db/src/utils/upsert-env.ts (2)

6-6: LGTM!

Clean removal of environment policy-related imports while preserving core functionality.

---

16-26: LGTM!

The upsert logic is simplified by removing policy-related handling while preserving the core environment and metadata functionality. The conflict resolution columns are appropriately updated to exclude policy-related fields.

packages/api/src/router/environment.ts (1)

206-206: LGTM!

The update logic is correctly simplified to only apply the provided data without preserving policy-related fields, aligning with the environment policy deprecation.

packages/db/src/schema/environment.ts (2)

75-76: LGTM! Clean schema simplification.

The removal of policy-related fields and addition of optional metadata field aligns well with the PR objective of deprecating environment policies.

---

80-80: Good addition of directory validation.

Using the directoryPath validator for the optional directory field ensures proper validation constraints are applied during updates.

packages/db/drizzle/0121_tricky_eddie_brock.sql (3)

1-8: Well-structured table removal sequence.

The migration correctly disables RLS before dropping tables and uses CASCADE to handle dependent objects. This ensures a clean removal of all environment policy-related tables.

---

12-15: Proper enum type migration pattern.

The conversion to text, dropping old enum, creating new enum, and converting back is the correct approach for updating PostgreSQL enum types. The removal of environmentPolicy from the scope types aligns with the deprecation objective.

---

1-20: No orphaned environment policy references detected
Search across SQL and application code shows only migration files mention the dropped tables, types, and the environment.policy_id column. There are no remaining references in .ts, .js, or API/schema layers.