fix: Workflow Postgres

website/docs/getting-started/setup/environment-variables.md

@@ -239,25 +239,9 @@
 ##### `APPSMITH_KEYCLOAK_DB_URL`
 
 <dd>
-Specifies the URL for the external PostgreSQL database (RDS instance) to be used by Keycloak. This URL is critical for establishing a secure connection to the database and must be in the format: `jdbc:postgresql://<hostname>:<port>/<database_name>`. 
-</dd>
-
-##### `APPSMITH_KEYCLOAK_DB_DRIVER`
-
-<dd>
-Defines the database driver that Keycloak will use to interact with the external PostgreSQL database. For PostgreSQL databases, this value must be set to `postgresql`. The driver acts as an intermediary, facilitating smooth and efficient communication between Keycloak and the database.
-</dd>
 
-##### `APPSMITH_KEYCLOAK_DB_USERNAME`
+ Specifies the URL for the external PostgreSQL database (e.g., an RDS instance) used by Keycloak. The connection string must be in the format: `postgres://<username>:<password>@<hostname>:<port>/<database_name>`
 
-<dd>
-Sets the username required for authenticating with the external PostgreSQL database. This credential ensures secure access and grants Keycloak the necessary permissions to manage its database operations.
-</dd>
-
-##### `APPSMITH_KEYCLOAK_DB_PASSWORD`
-
-<dd>
-Specifies the password associated with the database username. This sensitive information is used to authenticate Keycloak's connection to the PostgreSQL database and must be kept secure to prevent unauthorized access.
 </dd>
 
 ##### `APPSMITH_REDIS_URL`

website/docs/getting-started/setup/instance-configuration/deploy-non-root.md

@@ -0,0 +1,126 @@
+# Deploy Appsmith as a Non-Root User on Kubernetes
+
+This page shows you how to deploy Appsmith as a non-root user on a Kubernetes cluster. Running containers as non-root enhances security and is often required by organizational or platform policies. This setup works on clusters like KIND, Minikube, EKS, or GKE. It does not cover Docker-based deployments.
+
+## Prerequisites
+
+- A running Kubernetes cluster (KIND, Minikube, or any cloud-based Kubernetes provider)
+- `kubectl` and `helm` installed and configured
+- Access to Docker Hub or a compatible container registry
+- (Optional) [External PostgreSQL](/getting-started/setup/instance-configuration/external-postgresql-rds) and [Redis](/getting-started/setup/instance-configuration/external-redis) instances, if you prefer not to use Helm-managed services
+
+## Configure Pull Secret and Helm Values
+
+Set up the image pull secret and define Helm chart values to deploy Appsmith securely as a non-root user.
+
+
+1. Create a DockerHub image pull secret to access the Appsmith image:
+
+<dd>
+
+```bash
+kubectl create secret docker-registry dockerhub \
+  --docker-username=<your-username> \
+  --docker-password=<your-password> \
+  --docker-email=<your-email>
+```
+
+</dd>
+
+2. Prepare a `values.yaml` file with the following configuration to run Appsmith as a non-root user:
+
+<dd>
+
+```yaml
+_image:
+  repository: appsmith/appsmith-ee
+  tag: latest
+  pullPolicy: Always
+
+image:
+  pullSecrets: dockerhub
+
+mongodb:
+  enabled: true
+
+redis:
+  enabled: true
+
+postgresql:
+  enabled: true
+
+podSecurityContext:
+  fsGroup: 1001
+  sysctls:
+    - name: net.ipv4.ip_unprivileged_port_start
+      value: "80"
+
+securityContext:
+  runAsNonRoot: true
+  runAsUser: 1001
+  runAsGroup: 1001
+  fsGroup: 1001
+  seccompProfile:
+    type: RuntimeDefault
+
+applicationConfig:
+  LD_PRELOAD: /usr/local/lib/libnss_wrapper.so
+```
+
+</dd>
+
+## Install Appsmith with Helm
+
+Install Appsmith using Helm and verify that the application is running successfully in your Kubernetes cluster.
+
+1. Add the Appsmith Helm repository and install the chart using your customized `values.yaml` file:
+
+<dd>
+
+```bash
+helm repo add appsmith https://helm.appsmith.com
+helm repo update
+
+helm install appsmith appsmith/appsmith \
+  -f values.yaml
+```
+
+</dd>
+
+2. To test the deployment, wait for all pods to reach the Running state:
+
+<dd>
+
+```bash
+kubectl get pods
+```
+
+Then, check if the Appsmith service is accessible:
+
+```bash
+kubectl port-forward service/appsmith 8080:80
+```
+
+Open `http://localhost:8080` in your browser. You should see the Appsmith setup screen.
+
+</dd>
+
+3. For best security practices, make sure Appsmith is running with the following container settings:
+
+<dd>
+
+- Runs as a non-root user (`runAsNonRoot: true`)
+- Uses a fixed `runAsUser`, `runAsGroup`, and `fsGroup` (all set to `1001`)
+- Enables `seccompProfile: RuntimeDefault `for syscall filtering
+- Applies `net.ipv4.ip_unprivileged_port_start` sysctl so Appsmith can bind to ports `<1024` without root access
+
+
+
+</dd>
+
+
+:::note
+- MongoDB, Redis, and PostgreSQL are enabled and managed via Helm
+
+- Ensure the image pull secret is created beforehand and correctly referenced in values.yaml
+:::

website/docs/help-and-support/troubleshooting-guide/action-errors/workflow-errors.md

@@ -0,0 +1,135 @@
+# Workflow Errors
+
+Appsmith workflows allow you to build backend logic visually. If your workflow isn't working as expected, this guide will help you troubleshoot and resolve common setup or connectivity issues.
+
+
+## Workflow Setup Requirements
+
+If you’re encountering issues with workflows not running or triggering, start by reviewing the following setup checklist. These are required for workflows to function correctly in Appsmith.
+
+1. **Verify PostgreSQL is configured and accessible**:
+
+<dd>
+
+Appsmith requires a PostgreSQL database for all setups.
+
+- Supported versions: 13 to 16
+- Version 17 is not supported
+
+See [how to configure PostgreSQL](https://docs.appsmith.com/getting-started/setup/instance-configuration/external-postgresql-rds).
+
+</dd>
+
+
+2. **Use external PostgreSQL for ECS or Kubernetes**:
+
+<dd>
+
+If you’re deploying Appsmith on ECS or Kubernetes, you must use an external PostgreSQL instance (e.g., AWS RDS). The embedded PostgreSQL database is not suitable for production or containerized environments.
+
+</dd>
+
+
+3. **Confirm Temporal and RTS services are running**:
+
+<dd>
+
+Workflows depend on the following services:
+
+- Temporal for workflow execution
+
+- RTS (Real-Time Service) for triggering and communication
+
+- Make sure both services are running and healthy:
+
+- For Docker: Run `docker ps` to confirm containers are up
+
+- For Kubernetes: Use `kubectl get pods` to check pod status
+
+[See required services for self-hosted Appsmith](https://docs.appsmith.com/setup/self-host)
+
+</dd>
+
+## Common Workflow Errors
+
+If the required services are set up correctly and you're still experiencing issues, review the following common workflow errors and their resolutions.
+
+### Workflow not triggering
+
+
+<Message  
+messageContainerClassName="error"  
+messageContent="Workflow failed to start. Temporal client is not connected."/>
+
+
+This error occurs when the Temporal service is unavailable or not connected to the Appsmith instance.
+
+**Resolution:**
+
+- Ensure the Temporal service is running.
+  - For Docker: Run `docker ps` and check that the `temporal` container is listed.
+  - For Kubernetes: Run `kubectl get pods` and verify the Temporal pod is running and healthy.
+- Check Temporal logs for startup or connectivity issues.
+- Restart the Temporal service if needed.
+
+---
+
+### Real-time service not responding
+
+
+<Message  
+messageContainerClassName="error"  
+messageContent="Failed to start workflow. RTS service is not responding."/>
+
+
+This error indicates that the RTS (Real-Time Service) is not running or not communicating with the Appsmith server.
+
+**Resolution:**
+
+- Confirm that the RTS service is running.
+  - For Docker: Run `docker ps` and look for the `rts` container.
+  - For Kubernetes: Run `kubectl get pods` and ensure the RTS pod is running.
+- Check RTS logs for connection errors.
+- Ensure network access between RTS, Appsmith server, and Temporal.
+
+### Payload too large
+
+
+<Message  
+messageContainerClassName="error"  
+messageContent="Workflow execution failed: Payload size exceeds allowed limit."/>
+
+
+This error is triggered when the data passed into a workflow exceeds the supported payload size.
+
+**Resolution:**
+
+- Avoid sending large data blobs (e.g., files, large arrays) directly into workflows.
+- Instead, store large data in external services like S3 or a database, and pass only a reference (e.g., URL or ID) into the workflow.
+
+
+### Temporal migration failure (rare)
+
+
+<Message  
+messageContainerClassName="error"  
+messageContent="Temporal schema migration failed. See logs for details."/>
+
+
+This is an uncommon error that may occur during upgrades if the Temporal database schema is not updated properly.
+
+**Resolution:**
+
+- Review the Temporal migration logs to identify the issue.
+- Follow the correct upgrade steps for Temporal.
+- If the issue persists, reset the Temporal schema in a non-production environment to test.
+
+If you've verified the setup and reviewed the common errors but are still facing issues, please [get in touch with Appsmith Support](/product/support) with relevant logs and configuration details.
+
+
+
+
+
+
+
+

website/docs/workflows/how-to-guides/create-approval-workflow.md

@@ -34,6 +34,7 @@
 * A self-hosted instance of Appsmith. Refer to the [Appsmith installation guides](/getting-started/setup/installation-guides) for detailed instructions on setting up your Appsmith instance.
 * Basic knowledge of creating a basic workflow in Appsmith. If you're new to Workflows, follow the [Tutorial - Create Basic Workflow](/workflows/tutorials/create-workflow) to learn the workflow basics.
 * A configured datasource to manage data within your workspace. For more information on configuring datasource, see the available [Datasources](/connect-data/reference) in Appsmith.
+* PostgreSQL must be configured and accessible. Appsmith workflows require PostgreSQL version `13` to `16`. If you're using ECS or Kubernetes, configure an external PostgreSQL database (e.g., AWS RDS). For setup instructions, refer to [Configure External PostgreSQL](/getting-started/setup/instance-configuration/external-postgresql-rds). 
 
 ## Create workflow
 

website/docs/workflows/how-to-guides/debug-workflow.md

@@ -26,6 +26,7 @@
 Before you begin, make sure you have:
 
 - A self-hosted Appsmith instance with a [business subscription](https://www.appsmith.com/pricing). Refer to the [Appsmith installation guides](/getting-started/setup/installation-guides) for detailed instructions if you need to set up your instance. You can also get a trial license by signing up on [customer.appsmith.com](https://customer.appsmith.com/).
+- PostgreSQL must be configured and accessible. Appsmith workflows require PostgreSQL version `13` to `16`. If you're using ECS or Kubernetes, configure an external PostgreSQL database (e.g., AWS RDS). For setup instructions, refer to [Configure External PostgreSQL](/getting-started/setup/instance-configuration/external-postgresql-rds). 
 
 ## Set up and run workflow with test values
 

website/docs/workflows/how-to-guides/set-up-automatic-processing.md

@@ -28,6 +28,7 @@
 * A self-hosted Appsmith instance with a [business subscription](https://www.appsmith.com/pricing). Refer to the [Appsmith installation guides](/getting-started/setup/installation-guides) for detailed instructions if you need to set up your instance. You can also get a trial license by signing up on [customer.appsmith.com](https://customer.appsmith.com/).
 * Basic knowledge of creating a basic workflow in Appsmith. If you're new to Workflows, follow the [Tutorial - Create Basic Workflow](/workflows/tutorials/create-workflow) to learn the workflow basics.
 * Basic understanding of writing queries in workflows. For more information, see the [Write Query to Send Email](/workflows/tutorials/create-workflow#write-query-to-send-email) section.
+* PostgreSQL must be configured and accessible. Appsmith workflows require PostgreSQL version `13` to `16`. If you're using ECS or Kubernetes, configure an external PostgreSQL database (e.g., AWS RDS). For setup instructions, refer to [Configure External PostgreSQL](/getting-started/setup/instance-configuration/external-postgresql-rds). 
 
 ## Configure automated processing
 

website/docs/workflows/how-to-guides/trigger-workflow-from-appsmith-app.md

@@ -26,7 +26,7 @@
 - A self-hosted Appsmith instance with a [business subscription](https://www.appsmith.com/pricing). Refer to the [Appsmith installation guides](/getting-started/setup/installation-guides) for detailed instructions if you need to set up your instance. You can also get a trial license by signing up on [customer.appsmith.com](https://customer.appsmith.com/).
 - Basic familiarity with Appsmith operations. If you're new to Appsmith, follow the [Getting Started Tutorial](/getting-started/tutorials/start-building) to learn the basics.
 * Basic knowledge of creating a basic workflow in Appsmith. If you're new to Workflows, follow the [Tutorial - Create Basic Workflow](/workflows/tutorials/create-workflow) to learn the workflow basics.
-
+* PostgreSQL must be configured and accessible. Appsmith workflows require PostgreSQL version `13` to `16`. If you're using ECS or Kubernetes, configure an external PostgreSQL database (e.g., AWS RDS). For setup instructions, refer to [Configure External PostgreSQL](/getting-started/setup/instance-configuration/external-postgresql-rds). 
 
 ## Connect Workflow with Appsmith App
 

website/docs/workflows/tutorials/create-workflow.md

@@ -35,6 +35,7 @@
 - A self-hosted Appsmith instance with a [business subscription](https://www.appsmith.com/pricing). Refer to the [Appsmith installation guides](/getting-started/setup/installation-guides) for detailed instructions if you need to set up your instance. You can also get a trial license by signing up on [customer.appsmith.com](https://customer.appsmith.com/).
 - Basic familiarity with Appsmith operations. If you're new to Appsmith, follow the [Getting Started Tutorial](/getting-started/tutorials/start-building) to learn the basics.
 - A REST client like [HTTPie](https://httpie.io) for testing workflows.
+- PostgreSQL must be configured and accessible. Appsmith workflows require PostgreSQL version `13` to `16`. If you're using ECS or Kubernetes, configure an external PostgreSQL database (e.g., AWS RDS). For setup instructions, refer to [Configure External PostgreSQL](/getting-started/setup/instance-configuration/external-postgresql-rds). 
 
 ## Create workflow
 

website/sidebars.js

@@ -37,6 +37,7 @@ const sidebars = {
               },
               items: [
                 'getting-started/setup/installation-guides/kubernetes/setup-kubernetes-cluster-aws-eks',
+                'getting-started/setup/instance-configuration/deploy-non-root',
               ],
             },
             'getting-started/setup/installation-guides/aws-ami',
@@ -895,6 +896,7 @@ const sidebars = {
             'help-and-support/troubleshooting-guide/action-errors/README',
             'help-and-support/troubleshooting-guide/git-errors',
             'help-and-support/troubleshooting-guide/gac-errors',
+            'help-and-support/troubleshooting-guide/action-errors/workflow-errors',
             'help-and-support/troubleshooting-guide/cyclic-dependency',
           ],
         },