feat(substrates): railway, gitlab, laravel-cloud, wordpress, cloudflare#64
feat(substrates): railway, gitlab, laravel-cloud, wordpress, cloudflare#64snowmead wants to merge 1 commit into
Conversation
…dflare Phase 2 --on hosts provisioned via Stripe Projects. Observe/destroy key off Stripe registration; provider REST deploy clients deferred.
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes using default effort and found 2 potential issues.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 3e8ae8c. Configure here.
| &ctx, | ||
| &cfg, | ||
| PROVIDER_PREFIX, | ||
| &[("LARAVEL_CLOUD_APP_ID", "app_id", true)], |
There was a problem hiding this comment.
Wrong Laravel Stripe env suffix
High Severity
provision_outputs treats the field tuple’s first element as an env suffix appended to LARAVEL_CLOUD, not the full variable name. Using LARAVEL_CLOUD_APP_ID as the suffix makes lookups use LARAVEL_CLOUD_LARAVEL_CLOUD_APP_ID, so a normal LARAVEL_CLOUD_APP_ID from Stripe is never matched and start can fail even when provisioning succeeded.
Reviewed by Cursor Bugbot for commit 3e8ae8c. Configure here.
| for service in def.services.keys() { | ||
| config::service_laravel_cloud(def, service).map_err(fault)?; | ||
| } | ||
| Ok(()) |
There was a problem hiding this comment.
Missing Laravel DNS name check
Medium Severity
validate_definition only parses the laravel-cloud block and never checks that the derived app name {stack}-{instance}-{service} is DNS-safe. Sibling substrates added in this PR reject invalid derived names before up, so bad stack or service names can reach Stripe provision here and fail later with a less clear error.
Reviewed by Cursor Bugbot for commit 3e8ae8c. Configure here.


Summary
--onsubstrates: railway, gitlab, laravel-cloud, wordpress, cloudflare (Workers host).Test plan
cargo test/ clippy for new crateserror_codes_are_globally_uniqueNote
Medium Risk
Large additive surface around paid cloud provisioning and teardown via Stripe; deploy and health checks are stubbed, so operators may see placeholder URLs until Phase 2.
Overview
Adds five new
--oncloud substrates—railway, gitlab, laravel-cloud, wordpress, and cloudflare (Workers host)—each as its own crate wired into the workspace and the binary substrate registry.Each substrate follows the existing Stripe Projects pattern:
startprovisions the matching catalog service (e.g.railway/hosting,gitlab/project,laravel_cloud/application,wordpress.com/site,cloudflare/workers), records DNS-safe{stack}-{instance}-{service}names and best-effort origins, and gates paid resources on--confirm-paidwith a $25 spend cap. Observe/destroy use Stripe resource registration, not provider APIs; health gates are no-ops and real deploy/log clients are explicitly deferred.Per-provider TOML blocks, typed
CatalogServiceconfigs (with catalog fixture tests), and dedicatedFaulterror codes (includingcloudflare_host.*to separate Workers hosting from Cloudflare integrations) are included. The CLIerror_codes_are_globally_uniquetest aggregates the new crates’ code lists.Reviewed by Cursor Bugbot for commit 3e8ae8c. Bugbot is set up for automated code reviews on this repo. Configure here.