Skip to content

feat(substrates): railway, gitlab, laravel-cloud, wordpress, cloudflare#64

Open
snowmead wants to merge 1 commit into
mainfrom
feat/substrates-phase2
Open

feat(substrates): railway, gitlab, laravel-cloud, wordpress, cloudflare#64
snowmead wants to merge 1 commit into
mainfrom
feat/substrates-phase2

Conversation

@snowmead

@snowmead snowmead commented Jul 11, 2026

Copy link
Copy Markdown
Owner

Summary

Test plan

  • cargo test / clippy for new crates
  • error_codes_are_globally_unique
  • Live smoke per substrate when credentials available

Note

Medium Risk
Large additive surface around paid cloud provisioning and teardown via Stripe; deploy and health checks are stubbed, so operators may see placeholder URLs until Phase 2.

Overview
Adds five new --on cloud substrates—railway, gitlab, laravel-cloud, wordpress, and cloudflare (Workers host)—each as its own crate wired into the workspace and the binary substrate registry.

Each substrate follows the existing Stripe Projects pattern: start provisions the matching catalog service (e.g. railway/hosting, gitlab/project, laravel_cloud/application, wordpress.com/site, cloudflare/workers), records DNS-safe {stack}-{instance}-{service} names and best-effort origins, and gates paid resources on --confirm-paid with a $25 spend cap. Observe/destroy use Stripe resource registration, not provider APIs; health gates are no-ops and real deploy/log clients are explicitly deferred.

Per-provider TOML blocks, typed CatalogService configs (with catalog fixture tests), and dedicated Fault error codes (including cloudflare_host.* to separate Workers hosting from Cloudflare integrations) are included. The CLI error_codes_are_globally_unique test aggregates the new crates’ code lists.

Reviewed by Cursor Bugbot for commit 3e8ae8c. Bugbot is set up for automated code reviews on this repo. Configure here.

…dflare

Phase 2 --on hosts provisioned via Stripe Projects. Observe/destroy key off
Stripe registration; provider REST deploy clients deferred.

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes using default effort and found 2 potential issues.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit 3e8ae8c. Configure here.

&ctx,
&cfg,
PROVIDER_PREFIX,
&[("LARAVEL_CLOUD_APP_ID", "app_id", true)],

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wrong Laravel Stripe env suffix

High Severity

provision_outputs treats the field tuple’s first element as an env suffix appended to LARAVEL_CLOUD, not the full variable name. Using LARAVEL_CLOUD_APP_ID as the suffix makes lookups use LARAVEL_CLOUD_LARAVEL_CLOUD_APP_ID, so a normal LARAVEL_CLOUD_APP_ID from Stripe is never matched and start can fail even when provisioning succeeded.

Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 3e8ae8c. Configure here.

for service in def.services.keys() {
config::service_laravel_cloud(def, service).map_err(fault)?;
}
Ok(())

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing Laravel DNS name check

Medium Severity

validate_definition only parses the laravel-cloud block and never checks that the derived app name {stack}-{instance}-{service} is DNS-safe. Sibling substrates added in this PR reject invalid derived names before up, so bad stack or service names can reach Stripe provision here and fail later with a less clear error.

Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 3e8ae8c. Configure here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant