DEV Community

Cover image for I built Envoy - Control Plane for Painless PostgreSQL Schema Migrations
Francisco Luna
Francisco Luna

Posted on

I built Envoy - Control Plane for Painless PostgreSQL Schema Migrations

#devops #database #postgres #go

If you have some years of experience as a FullStack Developer, Dbadmin or DevOps engineer, you already know managing database migrations across Staging, QA, and Production is a mess. You already know how this game work:

  • We switch .env files manually is dangerous and error-prone
  • Then forget GRANT permissions in pgAdmin causes production downtime
  • Audit logs are non-existent, scattered in sql files, or hard to verify
  • Multiple tools required for simple database operations
  • We build custom scripts we forget how to use

Here's how every Friday was like in a regulated environment from an actual registered startup:

  • I get the development database credentials
  • Then replace the environment variable in .env file
  • Run migration command with the orm
  • Verify migration was successful
  • Try changes in development
  • Realize I forgot to give permissions to new tables
  • Go back to pgAdmin/psql to fix permissions
  • Try again
  • Repeat next week across all environments

Introducing Envoy

This month I've built Envoy. It is an open source control plane for your PostgreSQL database schema migrations built as a Golang 1.25.0 API, which is consumed by a React/Vite Frontend. It connects to your database using PGX and encrypts all your connection strings using AES-256.

Envoy does not care if you wrote the SQL yourself or if it comes from your ORM. It allows you to visualize the GRANT permissions, log migrations and work by environments in case your infrastructure has multiple projects or you manage multiple clients.

How to use Envoy

  • Clone the repository and initialize it using Docker Compose
  • Create an account and login
  • Create a new project and set up your first environment
  • Connect to your Postgres database as an admin or any user capable of modifying the Postgres schema (I advice you to experiment with the PostgreSQL database from the dockerized environment first)

Why Envoy

I built Envoy because no ORM considered actual compliance requirements and multiple users when working in multiple databases. They asssume you're always running the database as doadmin or postgres, which is a lie in actual startups with compliance.

Every deployment was full of anxiety and rushed SQL commands to see permissions, not because I was careless, but because I was managing 3 environments at the same time on my own; each one with different users and needs. Also, the previews I got were simple command line tables that were gone and forced me to open pgAdmin to further inspect the schema.

I realized this was not sustainable in the long term, and I started building Envoy to manage my clients' database schema migrations seamlessly.

Key Features

  • Environment Management: Add/switch between dev, staging, prod databases
  • Migration Editor: Write SQL with syntax highlighting
  • Schema Preview: See changes before applying
  • Permission Auditing: GRANT verification per user and environment
  • Audit Trail: Complete history of all schema migration operations

Next Steps

All feedback is welcome! As I'm in the MVP stage, I'll be working on UI enhancements, finishing the environments CRUD, integrating both unit and integration tests in the codebase and simplifying the onboarding process.

You can support Envoy by giving it a star in the following repo:

https://github.com/franciscoluna-28/envoy

Leave a comment and share if you've found this tool useful :)

Top comments (0)