wrangler 2.0.8 → 2.0.9

package/src/dev/dev.tsx

@@ -13,7 +13,6 @@ import { runCustomBuild } from "../entry";
 import { openInspector } from "../inspect";
 import { logger } from "../logger";
 import openInBrowser from "../open-in-browser";
-import { getAPIToken } from "../user";
 import { Local } from "./local";
 import { Remote } from "./remote";
 import { useEsbuild } from "./use-esbuild";
@@ -54,16 +53,11 @@ export type DevProps = {
   };
   env: string | undefined;
   legacyEnv: boolean;
-  zone:
-    | {
-        id: string;
-        host: string;
-      }
-    | undefined;
+  zone: string | undefined;
+  host: string | undefined;
 };
 
 export function DevImplementation(props: DevProps): JSX.Element {
-  const apiToken = props.initialMode === "remote" ? getAPIToken() : undefined;
   const directory = useTmpDir();
 
   useCustomBuild(props.entry, props.build);
@@ -108,19 +102,17 @@ export function DevImplementation(props: DevProps): JSX.Element {
   // only load the UI if we're running in a supported environment
   const { isRawModeSupported } = useStdin();
   return isRawModeSupported ? (
-    <InteractiveDevSession {...props} bundle={bundle} apiToken={apiToken} />
+    <InteractiveDevSession {...props} bundle={bundle} />
   ) : (
     <DevSession
       {...props}
       bundle={bundle}
-      apiToken={apiToken}
       local={props.initialMode === "local"}
     />
   );
 }
 
 type InteractiveDevSessionProps = DevProps & {
-  apiToken: string | undefined;
   bundle: EsbuildBundle | undefined;
 };
 
@@ -183,7 +175,6 @@ function DevSession(props: DevSessionProps) {
       bundle={props.bundle}
       format={props.entry.format}
       accountId={props.accountId}
-      apiToken={props.apiToken}
       bindings={props.bindings}
       assetPaths={props.assetPaths}
       public={props.public}
@@ -197,6 +188,7 @@ function DevSession(props: DevSessionProps) {
       env={props.env}
       legacyEnv={props.legacyEnv}
       zone={props.zone}
+      host={props.host}
     />
   );
 }

package/src/dev/remote.tsx

@@ -1,4 +1,3 @@
-import assert from "node:assert";
 import { readFile } from "node:fs/promises";
 import path from "node:path";
 import { useState, useEffect, useRef } from "react";
@@ -7,6 +6,7 @@ import useInspector from "../inspect";
 import { logger } from "../logger";
 import { usePreviewServer } from "../proxy";
 import { syncAssets } from "../sites";
+import { requireApiToken, requireAuth } from "../user";
 import type { CfPreviewToken } from "../create-worker-preview";
 import type { AssetPaths } from "../sites";
 import type { CfModule, CfWorkerInit, CfScriptFormat } from "../worker";
@@ -23,24 +23,21 @@ export function Remote(props: {
   localProtocol: "https" | "http";
   inspectorPort: number;
   accountId: string | undefined;
-  apiToken: string | undefined;
   bindings: CfWorkerInit["bindings"];
   compatibilityDate: string;
   compatibilityFlags: string[] | undefined;
   usageModel: "bundled" | "unbound" | undefined;
   env: string | undefined;
   legacyEnv: boolean | undefined;
-  zone: { id: string; host: string } | undefined;
+  zone: string | undefined;
+  host: string | undefined;
 }) {
-  assert(props.accountId, "accountId is required");
-  assert(props.apiToken, "apiToken is required");
   const previewToken = useWorker({
     name: props.name,
     bundle: props.bundle,
     format: props.format,
     modules: props.bundle ? props.bundle.modules : [],
     accountId: props.accountId,
-    apiToken: props.apiToken,
     bindings: props.bindings,
     assetPaths: props.assetPaths,
     port: props.port,
@@ -50,6 +47,7 @@ export function Remote(props: {
     env: props.env,
     legacyEnv: props.legacyEnv,
     zone: props.zone,
+    host: props.host,
   });
 
   usePreviewServer({
@@ -73,8 +71,7 @@ export function useWorker(props: {
   bundle: EsbuildBundle | undefined;
   format: CfScriptFormat | undefined;
   modules: CfModule[];
-  accountId: string;
-  apiToken: string;
+  accountId: string | undefined;
   bindings: CfWorkerInit["bindings"];
   assetPaths: AssetPaths | undefined;
   port: number;
@@ -83,7 +80,8 @@ export function useWorker(props: {
   usageModel: "bundled" | "unbound" | undefined;
   env: string | undefined;
   legacyEnv: boolean | undefined;
-  zone: { id: string; host: string } | undefined;
+  zone: string | undefined;
+  host: string | undefined;
 }): CfPreviewToken | undefined {
   const {
     name,
@@ -91,7 +89,6 @@ export function useWorker(props: {
     format,
     modules,
     accountId,
-    apiToken,
     bindings,
     assetPaths,
     compatibilityDate,
@@ -105,6 +102,9 @@ export function useWorker(props: {
   // something's "happened" in our system; We make a ref and
   // mark it once we log our initial message. Refs are vars!
   const startedRef = useRef(false);
+  // This ref holds the actual accountId being used, the `accountId` prop could be undefined
+  // as it is only what is retrieved from the wrangler.toml config.
+  const accountIdRef = useRef(accountId);
 
   useEffect(() => {
     const abortController = new AbortController();
@@ -119,8 +119,13 @@ export function useWorker(props: {
         logger.log("⎔ Detected changes, restarted server.");
       }
 
+      // Ensure we have an account id, even if it means logging in here.
+      accountIdRef.current = await requireAuth({
+        account_id: accountIdRef.current,
+      });
+
       const assets = await syncAssets(
-        accountId,
+        accountIdRef.current,
         // When we're using the newer service environments, we wouldn't
         // have added the env name on to the script name. However, we must
         // include it in the kv namespace name regardless (since there's no
@@ -173,10 +178,15 @@ export function useWorker(props: {
         await createWorkerPreview(
           init,
           {
-            accountId,
-            apiToken,
+            accountId: accountIdRef.current,
+            apiToken: requireApiToken(),
+          },
+          {
+            env: props.env,
+            legacyEnv: props.legacyEnv,
+            zone: props.zone,
+            host: props.host,
           },
-          { env: props.env, legacyEnv: props.legacyEnv, zone: props.zone },
           abortController.signal
         )
       );
@@ -193,7 +203,7 @@ export function useWorker(props: {
             "Error: You need to register a workers.dev subdomain before running the dev command in remote mode";
           const solutionMessage =
             "You can either enable local mode by pressing l, or register a workers.dev subdomain here:";
-          const onboardingLink = `https://dash.cloudflare.com/${accountId}/workers/onboarding`;
+          const onboardingLink = `https://dash.cloudflare.com/${accountIdRef.current}/workers/onboarding`;
           logger.error(
             `${errorMessage}\n${solutionMessage}\n${onboardingLink}`
           );
@@ -211,7 +221,6 @@ export function useWorker(props: {
     bundle,
     format,
     accountId,
-    apiToken,
     port,
     assetPaths,
     compatibilityDate,
@@ -222,6 +231,7 @@ export function useWorker(props: {
     props.env,
     props.legacyEnv,
     props.zone,
+    props.host,
   ]);
   return token;
 }

package/src/index.tsx

@@ -66,6 +66,7 @@ import {
   requireAuth,
 } from "./user";
 import { whoami } from "./whoami";
+import { getZoneIdFromHost, getZoneForRoute } from "./zones";
 
 import type { Config } from "./config";
 import type { TailCLIFilters } from "./tail";
@@ -444,7 +445,10 @@ function createCLIParser(argv: string[]) {
           yesFlag ||
           (await confirm("Would you like to use git to manage this Worker?"));
         if (shouldInitGit) {
-          await execa("git", ["init", "--initial-branch=main"], {
+          await execa("git", ["init"], {
+            cwd: creationDirectory,
+          });
+          await execa("git", ["branch", "-m", "main"], {
             cwd: creationDirectory,
           });
           await writeFile(
@@ -1079,92 +1083,25 @@ function createCLIParser(argv: string[]) {
         );
       }
 
-      const accountId = !args.local ? await requireAuth(config) : undefined;
-
       // TODO: if worker_dev = false and no routes, then error (only for dev)
 
-      /**
-       * Given something that resembles a URL,
-       * try to extract a host from it
-       */
-      function getHost(urlLike: string): string | undefined {
-        // strip leading * / *.
-        urlLike = urlLike.replace(/^\*(\.)?/g, "");
-
-        if (
-          !(urlLike.startsWith("http://") || urlLike.startsWith("https://"))
-        ) {
-          urlLike = "http://" + urlLike;
-        }
-        return new URL(urlLike).host;
-      }
-
-      /**
-       * Given something that resembles a host,
-       * try to infer a zone id from it
-       */
-      async function getZoneId(host: string): Promise<string | undefined> {
-        const zones = await fetchResult<{ id: string }[]>(
-          `/zones`,
-          {},
-          new URLSearchParams({ name: host })
-        );
-        return zones[0]?.id;
-      }
-
-      // When we're given a host (in one of the above ways), we do 2 things:
-      // - We try to extract a host from it
-      // - We try to get a zone id from the host
-      //
-      // So it turns out it's particularly hard to get a 'valid' domain
-      // from a string, so we don't even try to validate TLDs, etc.
-      // Once we get something that looks like w.x.y.z-ish, we then try to
-      // get a zone id for it, by lopping off subdomains until we get a hit
-      // from the API. That's it!
-
-      let zone: { host: string; id: string } | undefined;
+      // Compute zone info from the `host` and `route` args and config;
+      let host = args.host || config.dev.host;
+      let zoneId: string | undefined;
 
       if (!args.local) {
-        const hostLike =
-          args.host ||
-          config.dev.host ||
-          (args.routes && args.routes[0]) ||
-          config.route ||
-          (config.routes && config.routes[0]);
-
-        let zoneId: string | undefined =
-          typeof hostLike === "object" && "zone_id" in hostLike
-            ? hostLike.zone_id
-            : undefined;
-
-        const host =
-          typeof hostLike === "string"
-            ? getHost(hostLike)
-            : typeof hostLike === "object"
-            ? "zone_name" in hostLike
-              ? getHost(hostLike.zone_name)
-              : getHost(hostLike.pattern)
-            : undefined;
-
-        const hostPieces =
-          typeof host === "string" ? host.split(".") : undefined;
-
-        while (!zoneId && hostPieces && hostPieces.length > 1) {
-          zoneId = await getZoneId(hostPieces.join("."));
-          hostPieces.shift();
+        if (host) {
+          zoneId = await getZoneIdFromHost(host);
         }
-
-        if (host && !zoneId) {
-          throw new Error(`Could not find zone for ${hostLike}`);
+        const routes = args.routes || config.route || config.routes;
+        if (!zoneId && routes) {
+          const firstRoute = Array.isArray(routes) ? routes[0] : routes;
+          const zone = await getZoneForRoute(firstRoute);
+          if (zone) {
+            zoneId = zone.id;
+            host = zone.host;
+          }
         }
-
-        zone =
-          typeof zoneId === "string" && typeof host === "string"
-            ? {
-                host,
-                id: zoneId,
-              }
-            : undefined;
       }
 
       const nodeCompat = args.nodeCompat ?? config.node_compat;
@@ -1243,7 +1180,8 @@ function createCLIParser(argv: string[]) {
           name={getScriptName(args, config)}
           entry={entry}
           env={args.env}
-          zone={zone}
+          zone={zoneId}
+          host={host}
           rules={getRules(config)}
           legacyEnv={isLegacyEnv(config)}
           minify={args.minify ?? config.minify}
@@ -1258,7 +1196,7 @@ function createCLIParser(argv: string[]) {
           enableLocalPersistence={
             args["experimental-enable-local-persistence"] || false
           }
-          accountId={accountId}
+          accountId={config.account_id}
           assetPaths={getAssetPaths(
             config,
             args.site,
@@ -1672,6 +1610,7 @@ function createCLIParser(argv: string[]) {
           rules={getRules(config)}
           env={args.env}
           zone={undefined}
+          host={undefined}
           legacyEnv={isLegacyEnv(config)}
           build={config.build || {}}
           minify={undefined}

package/src/pages.tsx

@@ -1139,9 +1139,15 @@ const createDeployment: CommandModule<
 
     const files = [...fileMap.values()];
 
-    const { jwt } = await fetchResult<{ jwt: string }>(
-      `/accounts/${accountId}/pages/projects/${projectName}/upload-token`
-    );
+    async function fetchJwt(): Promise<string> {
+      return (
+        await fetchResult<{ jwt: string }>(
+          `/accounts/${accountId}/pages/projects/${projectName}/upload-token`
+        )
+      ).jwt;
+    }
+
+    let jwt = await fetchJwt();
 
     const start = Date.now();
 
@@ -1237,6 +1243,11 @@ const createDeployment: CommandModule<
             await new Promise((resolve) =>
               setTimeout(resolve, attempts++ * 1000)
             );
+
+            if ((e as { code: number }).code === 8000013) {
+              // Looks like the JWT expired, fetch another one
+              jwt = await fetchJwt();
+            }
             return doUpload();
           } else {
             throw e;

package/src/publish.ts

@@ -4,13 +4,15 @@ import path from "node:path";
 import { URLSearchParams } from "node:url";
 import tmp from "tmp-promise";
 import { bundleWorker } from "./bundle";
-import { fetchResult } from "./cfetch";
+import { fetchListResult, fetchResult } from "./cfetch";
 import { printBindings } from "./config";
 import { createWorkerUploadForm } from "./create-worker-upload-form";
 import { confirm } from "./dialogs";
 import { getMigrationsToUpload } from "./durable";
 import { logger } from "./logger";
+import { ParseError } from "./parse";
 import { syncAssets } from "./sites";
+import { getZoneForRoute } from "./zones";
 import type { Config } from "./config";
 import type {
   Route,
@@ -260,7 +262,7 @@ export default async function publish(props: Props): Promise<void> {
   const nodeCompat = props.nodeCompat ?? config.node_compat;
   if (nodeCompat) {
     logger.warn(
-      "Enabling node.js compatibility mode for builtins and globals. This is experimental and has serious tradeoffs. Please see https://github.com/ionic-team/rollup-plugin-node-polyfills/ for more details."
+      "Enabling node.js compatibility mode for built-ins and globals. This is experimental and has serious tradeoffs. Please see https://github.com/ionic-team/rollup-plugin-node-polyfills/ for more details."
     );
   }
 
@@ -291,7 +293,7 @@ export default async function publish(props: Props): Promise<void> {
   const envName = props.env ?? "production";
 
   const start = Date.now();
-  const notProd = !props.legacyEnv && props.env;
+  const notProd = Boolean(!props.legacyEnv && props.env);
   const workerName = notProd ? `${scriptName} (${envName})` : scriptName;
   const workerUrl = notProd
     ? `/accounts/${accountId}/workers/services/${scriptName}/environments/${envName}`
@@ -497,18 +499,7 @@ export default async function publish(props: Props): Promise<void> {
   // Update routing table for the script.
   if (routesOnly.length > 0) {
     deployments.push(
-      fetchResult(`${workerUrl}/routes`, {
-        // Note: PUT will delete previous routes on this script.
-        method: "PUT",
-        body: JSON.stringify(
-          routesOnly.map((route) =>
-            typeof route !== "object" ? { pattern: route } : route
-          )
-        ),
-        headers: {
-          "Content-Type": "application/json",
-        },
-      }).then(() => {
+      publishRoutes(routesOnly, { workerUrl, scriptName, notProd }).then(() => {
         if (routesOnly.length > 10) {
           return routesOnly
             .slice(0, 9)
@@ -581,3 +572,145 @@ async function getSubdomain(accountId: string): Promise<string> {
     }
   }
 }
+
+/**
+ * Associate the newly deployed Worker with the given routes.
+ */
+async function publishRoutes(
+  routes: Route[],
+  {
+    workerUrl,
+    scriptName,
+    notProd,
+  }: { workerUrl: string; scriptName: string; notProd: boolean }
+): Promise<string[]> {
+  try {
+    return await fetchResult(`${workerUrl}/routes`, {
+      // Note: PUT will delete previous routes on this script.
+      method: "PUT",
+      body: JSON.stringify(
+        routes.map((route) =>
+          typeof route !== "object" ? { pattern: route } : route
+        )
+      ),
+      headers: {
+        "Content-Type": "application/json",
+      },
+    });
+  } catch (e) {
+    if (isAuthenticationError(e)) {
+      // An authentication error is probably due to a known issue,
+      // where the user is logged in via an API token that does not have "All Zones".
+      return await publishRoutesFallback(routes, { scriptName, notProd });
+    } else {
+      throw e;
+    }
+  }
+}
+
+/**
+ * Try updating routes for the Worker using a less optimal zone-based API.
+ *
+ * Compute match zones to the routes, then for each route attempt to connect it to the Worker via the zone.
+ */
+async function publishRoutesFallback(
+  routes: Route[],
+  { scriptName, notProd }: { scriptName: string; notProd: boolean }
+) {
+  if (notProd) {
+    throw new Error(
+      "Service environments combined with an API token that doesn't have 'All Zones' permissions is not supported.\n" +
+        "Either turn off service environments by setting `legacy_env = true`, creating an API token with 'All Zones' permissions, or logging in via OAuth"
+    );
+  }
+  logger.warn(
+    "The current authentication token does not have 'All Zones' permissions.\n" +
+      "Falling back to using the zone-based API endpoint to update each route individually.\n" +
+      "Note that there is no access to routes associated with zones that the API token does not have permission for.\n" +
+      "Existing routes for this Worker in such zones will not be deleted."
+  );
+
+  const deployedRoutes: string[] = [];
+
+  // Collect the routes (and their zones) that will be deployed.
+  const activeZones = new Map<string, string>();
+  const routesToDeploy = new Map<string, string>();
+  for (const route of routes) {
+    const zone = await getZoneForRoute(route);
+    if (zone) {
+      activeZones.set(zone.id, zone.host);
+      routesToDeploy.set(
+        typeof route === "string" ? route : route.pattern,
+        zone.id
+      );
+    }
+  }
+
+  // Collect the routes that are already deployed.
+  const allRoutes = new Map<string, string>();
+  const alreadyDeployedRoutes = new Set<string>();
+  for (const [zone, host] of activeZones) {
+    try {
+      for (const { pattern, script } of await fetchListResult<{
+        pattern: string;
+        script: string;
+      }>(`/zones/${zone}/workers/routes`)) {
+        allRoutes.set(pattern, script);
+        if (script === scriptName) {
+          alreadyDeployedRoutes.add(pattern);
+        }
+      }
+    } catch (e) {
+      if (isAuthenticationError(e)) {
+        e.notes.push({
+          text: `This could be because the API token being used does not have permission to access the zone "${host}" (${zone}).`,
+        });
+      }
+      throw e;
+    }
+  }
+
+  // Deploy each route that is not already deployed.
+  for (const [routePattern, zoneId] of routesToDeploy.entries()) {
+    if (allRoutes.has(routePattern)) {
+      const knownScript = allRoutes.get(routePattern);
+      if (knownScript === scriptName) {
+        // This route is already associated with this worker, so no need to hit the API.
+        alreadyDeployedRoutes.delete(routePattern);
+        continue;
+      } else {
+        throw new Error(
+          `The route with pattern "${routePattern}" is already associated with another worker called "${knownScript}".`
+        );
+      }
+    }
+
+    const { pattern } = await fetchResult(`/zones/${zoneId}/workers/routes`, {
+      method: "POST",
+      body: JSON.stringify({
+        pattern: routePattern,
+        script: scriptName,
+      }),
+      headers: {
+        "Content-Type": "application/json",
+      },
+    });
+
+    deployedRoutes.push(pattern);
+  }
+
+  if (alreadyDeployedRoutes.size) {
+    logger.warn(
+      "Previously deployed routes:\n" +
+        "The following routes were already associated with this worker, and have not been deleted:\n" +
+        [...alreadyDeployedRoutes.values()].map((route) => ` - "${route}"\n`) +
+        "If these routes are not wanted then you can remove them in the dashboard."
+    );
+  }
+
+  return deployedRoutes;
+}
+
+function isAuthenticationError(e: unknown): e is ParseError {
+  return e instanceof ParseError && (e as { code?: number }).code === 10000;
+}

package/src/user.tsx

@@ -233,7 +233,7 @@ import type { Response } from "undici";
 /**
  * Try to read the API token from the environment.
  */
-const getCloudflareAPITokenFromEnv = getEnvironmentVariableFactory({
+export const getCloudflareAPITokenFromEnv = getEnvironmentVariableFactory({
   variableName: "CLOUDFLARE_API_TOKEN",
   deprecatedName: "CF_API_TOKEN",
 });
@@ -1201,3 +1201,14 @@ export async function requireAuth(config: {
 
   return accountId;
 }
+
+/**
+ * Throw an error if there is no API token available.
+ */
+export function requireApiToken(): string {
+  const authToken = getAPIToken();
+  if (!authToken) {
+    throw new Error("No API token found.");
+  }
+  return authToken;
+}

package/src/whoami.tsx

@@ -3,7 +3,7 @@ import Table from "ink-table";
 import React from "react";
 import { fetchListResult, fetchResult } from "./cfetch";
 import { logger } from "./logger";
-import { getAPIToken } from "./user";
+import { getAPIToken, getCloudflareAPITokenFromEnv } from "./user";
 
 export async function whoami() {
   logger.log("Getting User settings...");
@@ -48,10 +48,11 @@ export interface UserInfo {
 
 export async function getUserInfo(): Promise<UserInfo | undefined> {
   const apiToken = getAPIToken();
+  const apiTokenFromEnv = getCloudflareAPITokenFromEnv();
   return apiToken
     ? {
         apiToken,
-        authType: "OAuth",
+        authType: apiTokenFromEnv ? "API" : "OAuth",
         email: await getEmail(),
         accounts: await getAccounts(),
       }

package/src/worker.ts

@@ -176,5 +176,6 @@ export interface CfWorkerInit {
 export interface CfWorkerContext {
   env: string | undefined;
   legacyEnv: boolean | undefined;
-  zone: { id: string; host: string } | undefined;
+  zone: string | undefined;
+  host: string | undefined;
 }