Documentation
¶
Overview ¶
Package infrasniff inspects a Next.js project's source tree and package.json to infer which Cloudflare resources it needs (D1, R2, KV, Workers AI, Hyperdrive, Vectorize, Queues), which server-side secrets it references, and whether it has an auth layer worth protecting. It powers the `nextdeploy init` "use my existing app" path, prefilling nextdeploy.yml instead of asking the user to hand-write bindings.
It is intentionally heuristic and read-only: signals are best-effort hints a human reviews, never silent infrastructure mutations.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Result ¶
type Result struct {
Signals []Signal // one per (resource, reason); dedup with Resources()
Secrets []string // server-side env var names referenced (NEXT_PUBLIC_* excluded), sorted
Auth bool // an auth library was detected → suggest a protection.auth block
FilesParsed int
// Wrangler is the parsed wrangler config when the project ships one. Its
// bindings are authoritative (real names + IDs) and should be preferred
// over heuristic signals when prefilling nextdeploy.yml.
Wrangler *WranglerConfig
}
Result is the full sniff outcome.
func Sniff ¶
Sniff scans projectDir and returns the inferred infrastructure. Missing files / unreadable entries are skipped, not fatal — partial signal is useful.
func (*Result) RenderNextDeployYAML ¶
RenderNextDeployYAML composes a complete nextdeploy.yml for the "use my existing app" path: app + serverless headers plus the detected cloudflare block (or a minimal stub when nothing was detected).
func (*Result) SecretsChecklist ¶
SecretsChecklist returns the detected secrets sorted, for a post-init "set these with `nextdeploy secrets set`" reminder.
func (*Result) SuggestedCloudflareBlock ¶
SuggestedCloudflareBlock renders a `cloudflare:` YAML block (indented to sit under `serverless:`) from the sniff result. Authoritative wrangler bindings are emitted with real names/IDs; heuristic-only detections become resource declarations + ref bindings the user can complete. Returns "" when nothing was detected.
type Signal ¶
type Signal struct {
Resource Resource
Reason string // human-readable evidence, e.g. `dep "drizzle-orm/d1"` or `type R2Bucket`
}
Signal is one detected resource need with the evidence behind it.
type WranglerBinding ¶
type WranglerBinding struct {
Name string // JS binding variable (e.g. "DB")
Resource string // database_name / bucket_name / index_name / queue
ID string // database_id / namespace id / hyperdrive id
}
WranglerBinding is one declared binding. Fields are populated per kind; unused ones stay empty (e.g. R2 has Resource=bucket_name, ID empty).
type WranglerConfig ¶
type WranglerConfig struct {
Source string // file the config was read from
Name string // worker name
D1 []WranglerBinding // binding + database_name + database_id
KV []WranglerBinding // binding + id
R2 []WranglerBinding // binding + bucket_name
Hyperdrive []WranglerBinding // binding + id
Vectorize []WranglerBinding // binding + index_name
Queues []WranglerBinding // producer binding + queue
AI string // AI binding name (empty when absent)
Vars []string // plain-text var names (not secrets)
}
WranglerConfig is the subset of a wrangler config the sniffer understands. Unlike the heuristic source scan, these bindings are authoritative: the user already declared exact names and resource IDs, so init can prefill them verbatim instead of guessing.