apps/docs/content/guides/deployment/maturity-model.mdx
Supabase is great for building something very fast and for scaling up. However, it's important to note that as your application matures and your team expands, the practices you use for managing an application in production should not be the same as the practices you used for prototyping.
The Dashboard is a quick and easy tool for building applications while you are prototyping. That said, we strongly recommend using Migrations to manage your database changes. You can use our CLI to capture any changes you have made on the Dashboard so that you can commit them a version control system, like git.
As soon as you start collaborating with team members, all project changes should be in version control. At this point we strongly recommend moving away from using the Dashboard for schema changes. Use migrations to manage your database, and check them into your version control system to track every change.
Resources:
Once your application is live, you should never change your database using the Dashboard - everything should be done with Migrations. Some other important things to consider at this point include:
local -> staging -> prod).postgres password. All changes should be made via version-controlled migrations which run via a bastion host or a CI platform (like GitHub Actions. If you use GitHub Actions, use approval workflows to prevent any migrations being run accidentally.Resources:
For a more secure setup, consider running your workload across several organizations. It's a common pattern to have a Production organization which is restricted to only those team members who are qualified to have direct access to production databases.
Reach out to growth if you need help designing a secure development workflow for your organization.