B
Windsurf logoWindsurfData pipelines / ETL (dbt)

Windsurf Data Pipeline Cascade

Omar Reyes@pipeline_omar
82.0Overall score

Cascade's step-by-step flow suits the staged nature of ETL, and Postgres MCP lets it validate transforms against real data. dbt tests on commit guarantee models stay correct as the pipeline grows.

82.0Score
437Votes
5Components
1wUpdated

Install this build

Export
terminal
npx setuproll add windsurf-data-pipeline

Components

Model

  • Claude Sonnet 4.6

MCP servers

  • postgres
  • filesystem
  • github

Subagents

  • cascade
  • schema-validator

Hooks

  • on-save: format
  • pre-commit: dbt test

Rules

  • Validate schemas at each stage
  • Idempotent transforms only
  • Document every model
Workflow

I let Cascade build my dbt pipeline, but only one stage at a time

How I wired Windsurf + Cascade, a Postgres MCP server, and a dbt-test pre-commit hook so an agent can extend my warehouse without quietly breaking the DAG.

pipeline_omar9 min read2026-06-20

I have a rule I tell every junior who joins my team: a pipeline does not fail loudly, it fails three weeks later in a dashboard nobody trusts anymore. That fear is exactly why I was slow to let an AI agent anywhere near my dbt project. A model that compiles is not a model that is correct, and most coding assistants happily hand you SQL that compiles against a schema they invented in their head.

So this is not a story about going fast. It is about the setup I landed on after a few frustrating weekends, where Windsurf's Cascade agent can actually add a staging model or a mart to my warehouse and I trust the output enough to merge it. The short version: give the agent eyes into the real database, make it work one DAG stage at a time, and gate every commit behind dbt tests. The rest of this is the boring detail that makes those three things true.

The stack this is tuned for
Windsurf (the editor) with Cascade as the agent, Claude Sonnet 4.6 as the model behind it, a dbt project on Postgres, and Dagster for orchestration. If you are on BigQuery or Snowflake the shape carries over; swap the Postgres MCP server for your warehouse's.

Why Cascade fits ETL specifically

I tried a couple of the terminal agents first and bounced off them for this work. The thing about a data pipeline is that it is already a sequence: source, staging, intermediate, mart. You do not build a mart and then go back and decide what staging looks like. Cascade's flow is step driven, it proposes a change, you look, it continues, and that maps onto the DAG almost too neatly. I want the agent thinking the way the data flows, not dumping eight files at once.

The other half is that Cascade reads rules from plain Markdown in the repo, the same way the rest of my team reads the README. Windsurf calls them workspace rules and they live under .windsurf/rules. I keep mine version controlled so a teammate cloning the repo gets the same guardrails I do. No hidden settings, no per-machine config drift, which for a data team is the whole point.

.windsurf/rules/pipeline.md
---
trigger: always_on
---

# Pipeline: analytics-warehouse (dbt + Postgres)

## What this repo is
A dbt project that models raw fintech events into a star schema on
Postgres. Layers, in order: staging -> intermediate -> marts.
Orchestrated by Dagster. Nothing here touches production data directly;
Cascade works against a seeded dev warehouse.

## Commands (use these, do not invent them)
- Build everything: `dbt build`
- One model + its tests: `dbt build --select stg_payments+`
- Tests only: `dbt test --select <model>`
- Compile (no run): `dbt compile`
- Lint SQL: `sqlfluff lint models/`
- Seed dev warehouse: `dbt seed`

## DAG rules (non-negotiable)
- staging models read ONLY from sources, one source table each, no joins.
- Joins and business logic live in intermediate (int_*) models.
- marts (fct_*, dim_*) read from intermediate, never from staging.
- Every model declares a schema.yml with at least one not_null and one
  unique or relationship test on its grain key.

## Transform rules
- Transforms must be idempotent. `dbt build` twice = same result. No
  inserts that depend on run time, no `current_timestamp` in a key.
- Incremental models need a deterministic unique_key and an is_incremental
  block. Full-refresh must still produce the identical table.
- Never `SELECT *` past staging. Name your columns.

## Conventions
- One model per file, file name = model name.
- snake_case everywhere. Money is stored in minor units (integer cents).
- Document every model and every column in schema.yml. A model with no
  description is not done.
Put your DAG layering in the rules, not in your head
The single most useful block above is the DAG rules. Staging reads only from sources, joins live in intermediate, marts never read staging. Once Cascade had that written down, it stopped trying to join two raw tables in a stg_ model, which is the exact mistake that turns a clean DAG into spaghetti.

The Postgres MCP server is the whole trick

Here is where most of the value lives. Without MCP, Cascade is guessing at my schema from whatever it can grep out of the repo. With the postgres MCP server pointed at my dev warehouse, it can run a read-only query and actually see that stg_payments has an amount_cents column and not an amount column. That one capability kills the entire category of bugs where a model references a column that does not exist.

I connect it with a read-only role. cascade_ro can SELECT and read information_schema, nothing else. The agent gets to inspect, never to mutate. dbt is the only thing allowed to write tables, and dbt runs under my hands, not the agent's.

mcp_config.json
{
  "mcpServers": {
    "postgres": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-postgres",
        "postgresql://cascade_ro@localhost:5432/warehouse_dev"
      ]
    },
    "filesystem": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-filesystem",
        "."
      ]
    },
    "github": {
      "serverUrl": "https://api.githubcopilot.com/mcp/"
    }
  }
}
Give the agent a read-only database role. I mean it.
Do not hand an agent your dbt deployment credentials through MCP. Make a dedicated role with SELECT on the dev schemas and nothing else, and point it at a seeded dev warehouse, never prod. The agent should be able to look at data and never able to change it.
Overview - Windsurf Docs (Cascade)Official docs for the Cascade agent: workspace vs global rules, the rule activation modes, and how memories work. This is where the rules-file format comes from.docs.windsurf.compunkpeye/awesome-mcp-serversThe curated list I pulled the Postgres and filesystem servers from. Good place to find a warehouse-specific server if you are not on Postgres.github.com60k+
you need to learn MCP RIGHT NOW!! (Model Context Protocol)23:41
you need to learn MCP RIGHT NOW!! (Model Context Protocol)· NetworkChuck

A validator subagent that refuses to trust compiled SQL

Cascade writes the model. A separate validator checks it against the real warehouse before I look. I keep that as its own rule scoped to fire after any model edit, and it has a narrow job: do not write SQL, just confirm the model is true. It reads the file, queries information_schema for every column the model assumes, and checks that the grain key is actually unique by comparing count to count distinct on the compiled output.

That last check has saved me more than once. A model can pass dbt compile and still have a fan-out join that doubles your rows. The validator catches it because it runs the query, not because it read the SQL and felt good about it.

.windsurf/rules/schema-validator.md
---
trigger: model_decision
description: >
  Validate a dbt model against the warehouse before it is considered done.
  Invoke after Cascade writes or edits any model in models/.
---

You are the schema-validator for the analytics-warehouse project. You do
not write SQL. Your job is to check that a model is correct against the
real warehouse using the postgres MCP server.

For the model you are handed, do this in order:
1. Read its .sql file and its schema.yml entry.
2. Query information_schema for every source/ref it touches. Confirm each
   referenced column actually exists with the type the model assumes.
3. Confirm the declared grain key is unique: run a count vs count(distinct)
   on the compiled output (use dbt compile, then run the SQL read-only).
4. Confirm a full-refresh and an incremental run would land the same rows.
5. Report findings as: file, severity (block/warn/nit), and the exact fix.

If the model has no description or is missing the not_null/unique tests the
rules require, that is a block. Do not approve a model you could not query.
Cascade · analytics-warehouse
You
add fct_payments at the transaction grain, one row per payment
Agent
Wrote models/marts/fct_payments.sql joining int_payments to dim_customer. Added schema.yml with unique + not_null on payment_id.
Agent
[schema-validator] queried warehouse_dev. dim_customer has 2 rows per customer_id (SCD-2, current flag not filtered). fct_payments fans out: 41,902 rows vs 41,310 distinct payment_id. BLOCK.
Agent
Fix: join dim_customer where is_current = true. Re-validated: 41,310 rows, 41,310 distinct payment_id. Grain holds.
The validator catching a grain bug before the model ever reaches a test run.
nedcodes-ok/rule-porterZero-dependency CLI that converts rules between Windsurf, CLAUDE.md, AGENTS.md and Cursor. Handy when a teammate is on a different editor than I am.github.com

dbt test on pre-commit, so red never gets committed

Rules are advice the agent usually follows. A git hook is a wall it cannot walk through. I wire dbt test into the pre-commit hook, scoped to only the models that changed so it stays fast, and if a test fails the commit is blocked. Cascade can be as confident as it likes; if the unique test on the grain key fails, nothing lands.

.git/hooks/pre-commit
#!/usr/bin/env bash
# .git/hooks/pre-commit -> wired so Cascade's commits run dbt tests.
# Only tests the models that actually changed, so it stays fast.
set -euo pipefail

CHANGED=$(git diff --cached --name-only --diff-filter=ACM | grep '^models/.*\.sql$' || true)
if [ -z "$CHANGED" ]; then
  exit 0
fi

# models/staging/stg_payments.sql -> stg_payments
SELECTORS=$(printf '%s\n' "$CHANGED" | sed -E 's#.*/##; s#\.sql$##' | paste -sd' ' -)

echo "pre-commit: dbt test on changed models -> $SELECTORS"
if ! dbt test --select $SELECTORS; then
  echo "pre-commit: dbt tests failed, commit blocked" >&2
  exit 1
fi
windsurf · analytics-warehouse
$add stg_refunds from raw.refunds, then int_payments_net
→ Cascade (sonnet 4.6), one stage at a time
Stage 1: wrote models/staging/stg_refunds.sql (reads raw.refunds only, no joins)
[schema-validator] raw.refunds columns confirmed. not_null(refund_id) + unique(refund_id) added. ok
Stage 2: wrote models/intermediate/int_payments_net.sql (joins int_payments + stg_refunds)
[schema-validator] grain check: 41,310 rows = 41,310 distinct payment_id. ok
$git commit -m "feat: net payments after refunds"
pre-commit: dbt test on changed models -> stg_refunds int_payments_net
Completed successfully. PASS=6 WARN=0 ERROR=0 SKIP=0 in 4.1s
[committed] 2 files, 6 tests green
$
Test the changed models, not the world
A full dbt test on a big project can take minutes, and a hook that slow gets disabled within a day. Parsing the staged file names down to dbt selectors keeps it to a few seconds, which is the difference between a hook you keep and a hook you skip with --no-verify.

What it actually costs and catches

I am not going to pretend this turned me into a ten times engineer. What it did was take the tedious part of warehouse work, the boilerplate staging models and the schema.yml docs nobody wants to write, and make it reliable enough that I stopped re-reading every line. Here is roughly where it sits for me on a normal model.

StepWho does itNotes
Write the model SQLCascade (Sonnet 4.6)One DAG stage per turn, never the whole tree
Confirm columns + grainschema-validatorQueries warehouse_dev via Postgres MCP, read-only
Write schema.yml tests + docsCascadeRequired by the rules; a model with no docs is blocked
Gate the commitpre-commit hookdbt test on changed models only, ~2-4s
Apply to prodme + DagsterAgent never runs dbt build against anything real
  • Fan-out joins are the bug it catches most. Compiled SQL hides them; a count vs count distinct does not.
  • Phantom columns basically disappeared once the agent could query information_schema instead of guessing.
  • Undocumented models stopped sneaking in, because the rules treat a missing description as not-done and the validator blocks on it.

The agent did not make me faster at writing SQL. It made the SQL trustworthy enough that I stopped manually diffing row counts after every change, and that was the actual time sink.

from my own pipeline retro
Windsurf AI Tutorial for Beginners: Windsurf Editor vs Cursor26:54
Windsurf AI Tutorial for Beginners: Windsurf Editor vs Cursor· Tech With Tim

Steal the setup

If you run dbt, the parts worth copying in order are: a read-only MCP role pointed at a dev warehouse, your DAG layering written into the Windsurf rules, and a pre-commit hook that runs dbt test on the changed models. Those three turn Cascade from a fast way to write wrong SQL into something that has to prove itself against your real schema before you ever read it. Start with the rules file, it is the cheapest win.

zsh · your dbt repo
$npx setuproll add windsurf-data-pipeline
✓ wrote .windsurf/rules/pipeline.md, .windsurf/rules/schema-validator.md
✓ wrote mcp_config.json (postgres, filesystem, github)
✓ wrote .git/hooks/pre-commit (dbt test on changed models)
next: create a read-only db role, point the postgres server at your dev warehouse, open Windsurf
$
Tune it to your warehouse, do not clone it blind
This is shaped for dbt on Postgres with a staging/intermediate/marts layering. If your project layers differently, rewrite the DAG rules first, because that is the part Cascade leans on hardest. A rules file you actually maintain beats one you inherited and forgot.

0 Reviews

Your rating
Sign in to post

Loading discussion...

← All builds