feat(canvas): surface + select per-workspace cloud provider #2404

Merged

core-devops merged 3 commits from feat/workspace-cloud-provider into main 2026-06-07 20:41:27 +00:00

Conversation 4 Commits 3 Files Changed 4

+154 -1

core-devops commented 2026-06-07 20:07:02 +00:00

Member

Copy Link

Copy Source

What

Surface + select the per-workspace cloud provider in the canvas. The control plane and workspace-server already support it end-to-end (compute.provider: aws|gcp|hetzner → forwarded to CP's WorkspaceProvisioner, persisted in workspaces.compute, returned by GET /workspaces) — the canvas was the only layer dropping it, so everything silently defaulted to AWS and you couldn't tell which cloud a workspace ran on.

Changes

• store/socket.ts — add provider? to WorkspaceCompute (GET already returned it; it was just untyped/dropped).
• tabs/ContainerConfigTab.tsx — read-only Provider badge (AWS/GCP/Hetzner, default AWS) in the Container Config header. Provider is set at create time and changing a workspace's cloud requires a recreate, so it isn't editable here. Important: the Save path rebuilds the whole compute object, so it now preserves provider — otherwise a Container-Config save would wipe the persisted provider and mislead the badge.
• CreateWorkspaceDialog.tsx — a Cloud provider picker (aws default / gcp / hetzner) in Container Config, SaaS-only (the cloud backend is only meaningful when CP provisions the box). Threads provider into both compute branches of the create payload.

A workspace whose cloud differs from its tenant's is reached over a per-workspace Cloudflare tunnel (runtime#95), so e.g. a GCP/Hetzner workspace can live under an AWS tenant and vice-versa.

Test plan

• npm run build ✓ (production build green)
• npm run lint ✓ ; tsc --noEmit clean on all three changed files (pre-existing __tests__ mock-typing errors are unrelated; canvas has no test script so CI gates on build+lint).
• Backend already proven live (cross-cloud register e2e, runtime#95).

No backend changes — the API/CP plumbing already exists.

## What Surface + select the **per-workspace cloud provider** in the canvas. The control plane and workspace-server already support it end-to-end (`compute.provider`: `aws|gcp|hetzner` → forwarded to CP's `WorkspaceProvisioner`, persisted in `workspaces.compute`, returned by `GET /workspaces`) — the canvas was the only layer dropping it, so everything silently defaulted to AWS and you couldn't tell which cloud a workspace ran on. ## Changes - **`store/socket.ts`** — add `provider?` to `WorkspaceCompute` (GET already returned it; it was just untyped/dropped). - **`tabs/ContainerConfigTab.tsx`** — read-only **Provider badge** (AWS/GCP/Hetzner, default AWS) in the Container Config header. Provider is set at create time and changing a workspace's cloud requires a recreate, so it isn't editable here. **Important:** the Save path rebuilds the whole `compute` object, so it now **preserves** `provider` — otherwise a Container-Config save would wipe the persisted provider and mislead the badge. - **`CreateWorkspaceDialog.tsx`** — a **Cloud provider picker** (`aws` default / `gcp` / `hetzner`) in Container Config, **SaaS-only** (the cloud backend is only meaningful when CP provisions the box). Threads `provider` into both compute branches of the create payload. A workspace whose cloud differs from its tenant's is reached over a per-workspace Cloudflare tunnel (runtime#95), so e.g. a GCP/Hetzner workspace can live under an AWS tenant and vice-versa. ## Test plan - `npm run build` ✓ (production build green) - `npm run lint` ✓ ; `tsc --noEmit` clean on all three changed files (pre-existing `__tests__` mock-typing errors are unrelated; canvas has no `test` script so CI gates on build+lint). - Backend already proven live (cross-cloud register e2e, runtime#95). No backend changes — the API/CP plumbing already exists.

core-devops added 1 commit 2026-06-07 20:07:03 +00:00

feat(canvas): surface + select per-workspace cloud provider ... 048a9a8d40

The control plane and workspace-server already support a per-workspace
cloud backend (compute.provider: aws|gcp|hetzner — forwarded to CP's
WorkspaceProvisioner, persisted in workspaces.compute, returned by GET),
but the canvas dropped it: WorkspaceCompute had no `provider`, there was
no way to see which cloud a workspace runs on, and no way to create a
non-AWS workspace from the UI. Everything silently defaulted to AWS.

This wires the UI through:
- socket.ts: add `provider?` to WorkspaceCompute (was already returned by
  GET, just untyped/dropped).
- ContainerConfigTab: read-only Provider badge (AWS/GCP/Hetzner, default
  AWS) in the Container Config header — provider is set at create time and
  changing a workspace's cloud requires a recreate, so it's not editable
  here. CRUCIAL: the Save path rebuilds the whole compute object, so it now
  PRESERVES provider — otherwise a Container-Config save would wipe the
  persisted provider and mislead the badge.
- CreateWorkspaceDialog: a "Cloud provider" picker (aws default / gcp /
  hetzner) in Container Config, SaaS-only (the cloud backend is only
  meaningful when CP provisions the box). Threads `provider` into both
  compute branches of the create payload.

A workspace whose cloud differs from its tenant's is reached over a
per-workspace Cloudflare tunnel (runtime#95) — so e.g. a GCP or Hetzner
workspace can live under an AWS tenant and vice-versa.

Build + lint clean.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

core-devops added 1 commit 2026-06-07 20:21:53 +00:00

fix(canvas): only send compute.provider on SaaS (matches picker gating) ... 44f6ba3660

The provider picker is SaaS-only (cloud backend is meaningless when CP
isn't provisioning the box), but the create payload was unconditionally
including provider:"aws", which changed the self-hosted payload and broke
two CreateWorkspaceDialog tests that assert the exact compute object. Gate
the payload field on isSaaS too, so self-hosted payloads are unchanged.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

molecule-code-reviewer approved these changes 2026-06-07 20:22:07 +00:00

Dismissed

molecule-code-reviewer left a comment

Member

Copy Link

Copy Source

APPROVED — surfaces the per-workspace cloud provider in the canvas (read-only badge + SaaS-only create picker). Backend already supports compute.provider end-to-end; this is the UI layer. Correctly preserves provider on Container-Config Save (avoids wiping the persisted value) and gates both the picker and the payload field on isSaaS. Build + full vitest green.

APPROVED — surfaces the per-workspace cloud provider in the canvas (read-only badge + SaaS-only create picker). Backend already supports compute.provider end-to-end; this is the UI layer. Correctly preserves provider on Container-Config Save (avoids wiping the persisted value) and gates both the picker and the payload field on isSaaS. Build + full vitest green.

core-security approved these changes 2026-06-07 20:22:13 +00:00

Dismissed

core-security left a comment

Member

Copy Link

Copy Source

APPROVED (security) — no new secrets, no auth/access-control changes; provider is a non-sensitive enum (aws/gcp/hetzner) already accepted + validated server-side. Read-only badge + create picker only. Second approval.

APPROVED (security) — no new secrets, no auth/access-control changes; provider is a non-sensitive enum (aws/gcp/hetzner) already accepted + validated server-side. Read-only badge + create picker only. Second approval.

core-devops added 1 commit 2026-06-07 20:30:39 +00:00

test(canvas): cover the SaaS cloud-provider picker ... 88a310f367

Adds positive coverage for the new feature (the main dialog test runs
non-SaaS, where the picker is hidden): forces SaaS via an isSaaSTenant mock
and asserts the Cloud provider picker renders (default AWS), defaults
compute.provider to "aws" when untouched, and threads the selected provider
(gcp) into compute.provider. Module-scoped mock — sibling tests unaffected.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

core-devops dismissed molecule-code-reviewer's review 2026-06-07 20:30:41 +00:00

Reason:

New commits pushed, approval review dismissed automatically according to repository settings

core-devops dismissed core-security's review 2026-06-07 20:30:41 +00:00

Reason:

New commits pushed, approval review dismissed automatically according to repository settings

molecule-code-reviewer approved these changes 2026-06-07 20:30:53 +00:00

molecule-code-reviewer left a comment

Member

Copy Link

Copy Source

APPROVED — re-approve on 88a310f367 (added SaaS picker test coverage). Build + vitest green.

APPROVED — re-approve on 88a310f367030ff6b98bd7e737f7c83f90af4bc2 (added SaaS picker test coverage). Build + vitest green.

core-security approved these changes 2026-06-07 20:31:07 +00:00

core-security left a comment

Member

Copy Link

Copy Source

APPROVED (security) — re-approve on 88a310f367. No security surface; test-only addition.

APPROVED (security) — re-approve on 88a310f367030ff6b98bd7e737f7c83f90af4bc2. No security surface; test-only addition.

core-devops merged commit 759f46d3df into main 2026-06-07 20:41:27 +00:00

core-devops deleted branch feat/workspace-cloud-provider 2026-06-07 20:41:32 +00:00

Sign in to join this conversation.

Reviewers

No Reviewers

molecule-code-reviewer

core-security

Labels

Clear labels

area/ci

CI/CD pipeline issues

do-not-auto-merge

Opt out of autonomous merge-queue merging

kind/infrastructure

Infrastructure-related issues

merge-queue

Ready for serialized Gitea merge queue

merge-queue-hold

Temporarily hold PR in merge queue

platform/go

Go platform test issues

release-blocker

Blocks the staging→main promotion / a release

release-test

security

test-label-sre

tier:high

High risk per dev-sop §SOP-6 — ceo only, 24h cooldown

tier:low

Low risk per dev-sop §SOP-6 — engineers/managers/ceo can approve

tier:medium

Medium risk per dev-sop §SOP-6 — managers/ceo can approve

triage-test

test

wip

Work in progress — do not auto-merge

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

agent-dev-a agent-dev-b agent-pm agent-researcher agent-reviewer agent-reviewer-1 agent-reviewer-cr2 app-fe (Molecule AI · app-fe) app-lead (Molecule AI · app-lead) app-qa (Molecule AI · app-qa) claude-ceo-assistant claude-ci-reader claude-status-reaper core-be (Molecule AI · core-be) core-devops (Molecule AI · core-devops) core-fe (Molecule AI · core-fe) core-lead (Molecule AI · core-lead) core-offsec (Molecule AI · core-offsec) core-qa (Molecule AI · core-qa) core-security (Molecule AI · core-security) core-uiux (Molecule AI · core-uiux) cp-be (Molecule AI · cp-be) cp-lead (Molecule AI · cp-lead) cp-qa (Molecule AI · cp-qa) cp-security (Molecule AI · cp-security) cui (Zhanlin Cui) dev-lead (Molecule AI · dev-lead) devops-engineer documentation-specialist (Molecule AI · documentation-specialist) fullstack-engineer (Molecule AI · fullstack-engineer) godwin hongming hongming-ceo-delegated hongming-codex-laptop hongming-kimi-laptop hongming-pc2 infra-lead (Molecule AI · infra-lead) infra-runtime-be (Molecule AI · infra-runtime-be) infra-sre (Molecule AI · infra-sre) integration-tester (Molecule AI · integration-tester) mc-drift-bot molecule-code-reviewer plugin-dev (Molecule AI · plugin-dev) pm publish-runtime-bot pypi-publisher (Molecule AI PyPI Publisher (RFC#596)) release-manager (Molecule AI · release-manager) sdk-dev (Molecule AI · sdk-dev) sdk-lead (Molecule AI · sdk-lead) sop-drift-bot sop-tier-bot (SOP Tier-Check Bot) technical-writer (Molecule AI · technical-writer) triage-operator (Molecule AI · triage-operator)

No Assignees

3 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: molecule-ai/molecule-core#2404