Skip to content

Add unsafe.containers #11233

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
emily-shen merged 5 commits into from
Nov 20, 2025
Merged

Add unsafe.containers #11233

emily-shen merged 5 commits into from
Nov 20, 2025

Conversation

@emily-shen
Copy link
Contributor

@emily-shen emily-shen commented Nov 10, 2025
edited
Loading

Add an unsafe.containers field to allow internal users to configure container options that we do not want to expose publicly (yet).

This will skip wrangler-side validation, and all validation will be done by the containers control plane, which will check if everything is the right shape and you have the right capabilities to do whatever it is you're trying to do.

{
  ...
  containers: [ {..., name: "my-container"}],
  unsafe: {
    containers: [ 
      {
        name: "my-container", // necessary to link it to the right container
        configuration: { 
           network: { 
              foo: "bar"
           }
        }
       }],
  }
  ...
}
  • Tests
    • Tests included
    • Tests not necessary because:
  • Public documentation
    • Cloudflare docs PR(s):
    • Documentation not necessary because: internal
  • Wrangler V3 Backport
    • Wrangler PR:
    • Not necessary because: containers was new in v4

@changeset-bot
Copy link

changeset-bot bot commented Nov 10, 2025
edited
Loading

🦋 Changeset detected

Latest commit: 6d016d5

The changes in this PR will be included in the next version bump.

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@github-project-automation github-project-automation bot moved this to Untriaged in workers-sdk Nov 10, 2025
@pkg-pr-new
Copy link

pkg-pr-new bot commented Nov 10, 2025
edited
Loading

create-cloudflare

npm i https://pkg.pr.new/create-cloudflare@11233

@cloudflare/kv-asset-handler

npm i https://pkg.pr.new/@cloudflare/kv-asset-handler@11233

miniflare

npm i https://pkg.pr.new/miniflare@11233

@cloudflare/pages-shared

npm i https://pkg.pr.new/@cloudflare/pages-shared@11233

@cloudflare/unenv-preset

npm i https://pkg.pr.new/@cloudflare/unenv-preset@11233

@cloudflare/vite-plugin

npm i https://pkg.pr.new/@cloudflare/vite-plugin@11233

@cloudflare/vitest-pool-workers

npm i https://pkg.pr.new/@cloudflare/vitest-pool-workers@11233

@cloudflare/workers-editor-shared

npm i https://pkg.pr.new/@cloudflare/workers-editor-shared@11233

@cloudflare/workers-utils

npm i https://pkg.pr.new/@cloudflare/workers-utils@11233

wrangler

npm i https://pkg.pr.new/wrangler@11233

commit: 6d016d5

@emily-shen emily-shen marked this pull request as ready for review November 11, 2025 13:54
@emily-shen emily-shen requested review from a team as code owners November 11, 2025 13:54
@emily-shen emily-shen force-pushed the emily/unsafe-containers branch from d09bd7b to f711cd7 Compare November 11, 2025 14:12
nikitassharma
nikitassharma approved these changes Nov 11, 2025
View reviewed changes
@petebacondarwin
Copy link
Contributor

petebacondarwin commented Nov 12, 2025
edited
Loading

Would this be simpler to just put an unsafe property within each container section?

{
  ...
  containers: [
    {
      ...,
      name: "my-container"
      unsafe: {
        configuration: { 
           network: { 
              foo: "bar"
           }
        }
    }
  ],
  ...
}

Previously unsafe stuff was independent of bindings that are already in place. E.g. new experimental bindings or internal metadata to send up alongside the Worker.

petebacondarwin
petebacondarwin reviewed Nov 13, 2025
View reviewed changes
@petebacondarwin petebacondarwin marked this pull request as draft November 13, 2025 17:15
@emily-shen emily-shen marked this pull request as ready for review November 20, 2025 10:52
@emily-shen emily-shen force-pushed the emily/unsafe-containers branch from debdd3c to 83d6b1e Compare November 20, 2025 10:52
petebacondarwin
petebacondarwin approved these changes Nov 20, 2025
View reviewed changes
Copy link
Contributor

@petebacondarwin petebacondarwin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Go for it!
It's a shame that we can't do the merge at an earlier stage in the configuration validation, which would be cleaner and simpler, but I understand that the intermediate typings and transforms that are necessary don't support the fields that can appear in the unsafe field.

@github-project-automation github-project-automation bot moved this from Untriaged to Approved in workers-sdk Nov 20, 2025
@emily-shen emily-shen merged commit c922a81 into main Nov 20, 2025
29 checks passed
@emily-shen emily-shen deleted the emily/unsafe-containers branch November 20, 2025 15:15
@github-project-automation github-project-automation bot moved this from Approved to Done in workers-sdk Nov 20, 2025
@workers-devprod workers-devprod mentioned this pull request Nov 20, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@petebacondarwin petebacondarwin petebacondarwin approved these changes

@skepticfx skepticfx skepticfx approved these changes

@gpanders gpanders gpanders approved these changes

@nikitassharma nikitassharma nikitassharma approved these changes

Assignees

No one assigned

Labels

None yet

Projects

workers-sdk
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@emily-shen @petebacondarwin @skepticfx @gpanders @nikitassharma