[workers-playground] Migrate from Cloudflare Pages to Cloudflare Workers by petebacondarwin · Pull Request #12655 · cloudflare/workers-sdk

petebacondarwin · 2026-02-23T22:48:58Z

Fixes #[N/A — internal infrastructure change].

Migrate workers-playground from a Cloudflare Pages deployment to a Cloudflare Workers deployment with static assets.

Summary

Production deployment

Replace Pages deployment (wrangler pages deploy) with a Workers + static assets deployment (wrangler deploy)
In production (wrangler.jsonc), this is an assets-only Worker with no code entry point — the playground-preview-worker handles all routing and proxying in front of it
Add wrangler.jsonc and wrangler.dev.jsonc configs; remove the Pages Functions from functions/

Local development

Use @cloudflare/vite-plugin instead of Vite's built-in proxy, so the full Worker stack runs locally via pnpm dev
Add a dev-only Worker entry point (src/worker.ts) that replicates the proxying behavior of the production playground-preview-worker: proxies /playground/api/* to the testing backend, and injects an auth cookie on /playground so the preview iframe can authenticate
Replace the old Pages Functions (functions/playground/[[route]].ts and functions/playground/api/[[route]].ts) with this new Worker

Preview deployment removal

Remove the preview script and turbo task — PR preview deployments of workers-playground never worked properly because the deployed preview was a standalone static asset Worker with no playground-preview-worker proxy in front of it, so the playground was non-functional in preview environments
Remove all workers-playground steps from .github/workflows/deploy-previews.yml
Now that the playground runs fully locally via pnpm dev, there is no need for deployed previews to test changes

Other changes

Harden the playground-preview-worker referer allowlist to also accept *.workers-playground.workers.dev (in addition to *.workers-playground.pages.dev)
Fix the referer check to use exact match for base domains and .endsWith() for subdomains (prevents spoofing via e.g. evil-workers-playground.pages.dev)
Consolidate CLOUDFLARE_ACCOUNT_ID and CLOUDFLARE_API_TOKEN into globalPassThroughEnv in root turbo.json instead of duplicating across per-package turbo configs
Rename defaultHashes.ts to defaultHashes.js (it's a generated file with no TypeScript)
Rename requirements.txt to cf-requirements.txt to match the Python Workers convention
Replace tsx with esbuild-register for running generate-default-hashes.ts
Replace inline snapshot assertions with toEqual() in playground-preview-worker tests for stability

Tests
- Tests included/updated
- Automated tests not possible - manual testing has been completed as follows:
- Additional testing not necessary because: infrastructure/deployment changes; playground-preview-worker test updates are included
Public documentation
- Cloudflare docs PR(s):
- Documentation not necessary because: internal deployment infrastructure change only

changeset-bot · 2026-02-23T22:49:06Z

🦋 Changeset detected

Latest commit: 9696173

The changes in this PR will be included in the next version bump.

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

pkg-pr-new · 2026-02-23T22:52:34Z

create-cloudflare

npm i https://pkg.pr.new/create-cloudflare@12655

@cloudflare/kv-asset-handler

npm i https://pkg.pr.new/@cloudflare/kv-asset-handler@12655

miniflare

npm i https://pkg.pr.new/miniflare@12655

@cloudflare/pages-shared

npm i https://pkg.pr.new/@cloudflare/pages-shared@12655

@cloudflare/unenv-preset

npm i https://pkg.pr.new/@cloudflare/unenv-preset@12655

@cloudflare/vite-plugin

npm i https://pkg.pr.new/@cloudflare/vite-plugin@12655

@cloudflare/vitest-pool-workers

npm i https://pkg.pr.new/@cloudflare/vitest-pool-workers@12655

@cloudflare/workers-editor-shared

npm i https://pkg.pr.new/@cloudflare/workers-editor-shared@12655

wrangler

npm i https://pkg.pr.new/wrangler@12655

commit: 409a666

workers-devprod · 2026-03-05T10:28:53Z

Codeowners approval required for this PR:

@cloudflare/wrangler

Show detailed file reviewers

.github/workflows/deploy-previews.yml: [@cloudflare/wrangler]
CONTRIBUTING.md: [@cloudflare/wrangler]
lint-turbo.mjs: [@cloudflare/wrangler]
package.json: [@cloudflare/wrangler]
packages/chrome-devtools-patches/README.md: [@cloudflare/wrangler]
packages/create-cloudflare/turbo.json: [@cloudflare/wrangler]
packages/playground-preview-worker/src/index.ts: [@cloudflare/wrangler]
packages/playground-preview-worker/tests/index.test.ts: [@cloudflare/wrangler]
packages/quick-edit/src/index.ts: [@cloudflare/wrangler]
packages/vite-plugin-cloudflare/turbo.json: [@cloudflare/wrangler]
packages/vitest-pool-workers/turbo.json: [@cloudflare/wrangler]
packages/workers-playground/.env: [@cloudflare/wrangler]
packages/workers-playground/.env.development: [@cloudflare/wrangler]
packages/workers-playground/README.md: [@cloudflare/wrangler]
packages/workers-playground/functions/playground/[[route]].ts: [@cloudflare/wrangler]
packages/workers-playground/functions/playground/api/[[route]].ts: [@cloudflare/wrangler]
packages/workers-playground/generate-default-hashes.ts: [@cloudflare/wrangler]
packages/workers-playground/package.json: [@cloudflare/wrangler]
packages/workers-playground/src/QuickEditor/defaultHashes.js: [@cloudflare/wrangler]
packages/workers-playground/src/worker.ts: [@cloudflare/wrangler]
packages/workers-playground/tsconfig.node.json: [@cloudflare/wrangler]
packages/workers-playground/turbo.json: [@cloudflare/wrangler]
packages/workers-playground/vite.config.ts: [@cloudflare/wrangler]
packages/workers-playground/welcome/cf-requirements.txt: [@cloudflare/wrangler]
packages/workers-playground/wrangler.dev.jsonc: [@cloudflare/wrangler]
packages/workers-playground/wrangler.jsonc: [@cloudflare/wrangler]
packages/wrangler/turbo.json: [@cloudflare/wrangler]
pnpm-lock.yaml: [@cloudflare/wrangler]
tools/turbo.json: [@cloudflare/wrangler]
turbo.json: [@cloudflare/wrangler]

github-actions · 2026-03-05T10:38:58Z

✅ All changesets look good

github-actions · 2026-03-06T14:41:25Z

Workers Playground preview: https://02629ffa-workers-playground.devprod.workers.dev/playground

petebacondarwin · 2026-03-06T16:57:18Z

Blocked on #12791

workers-devprod · 2026-03-10T11:13:15Z

Codeowners approval required for this PR:

✅ @cloudflare/wrangler

Show detailed file reviewers

packages/chrome-devtools-patches/README.md

packages/workers-playground/src/worker.ts

…rs domain support - Add subdomain boundary check (dot prefix) to pages.dev referer validation to prevent spoofed hostnames like evil-workers-playground.pages.dev from bypassing the allowlist - Add .workers.dev hostnames to the referer allowlist (needed for the upcoming migration from Pages to Workers deployments) - Replace hardcoded tokens in test snapshots with dynamic template literals and convert toMatchInlineSnapshot() to toEqual() for deterministic assertions - Add test cases for spoofed pages.dev and workers.dev hostnames

Replace the Cloudflare Pages deployment with a Workers + static assets deployment. In production, the Worker is assets-only (no server-side code entry point). For local development, a dev-only Worker entry point replicates the proxying behavior of the production playground-preview-worker. Production deployment: - Add wrangler.jsonc (assets-only) and wrangler.dev.jsonc (with worker) - Replace 'wrangler pages deploy' with 'wrangler deploy' - Remove Pages Functions (functions/ directory) Local development: - Add src/worker.ts that proxies /playground/api/* to the testing backend and injects an auth cookie on /playground - Use @cloudflare/vite-plugin instead of Vite's built-in proxy Other changes: - Rename deploy-pages-previews.yml to deploy-previews.yml - Rename defaultHashes.ts to defaultHashes.js (generated file) - Rename requirements.txt to cf-requirements.txt (Python convention) - Replace tsx with esbuild-register for running generate script - Update README, CONTRIBUTING.md, and CI workflow

The workers-playground can now be run locally with full functionality via `pnpm dev -F @cloudflare/workers-playground`, which starts the Vite dev server with a proxy worker that forwards API calls to the testing playground-preview-worker. This makes PR preview deployments unnecessary. Additionally, the deployed previews never actually worked properly because they were deployed as standalone static asset Workers without the playground-preview-worker proxy in front of them, making the playground non-functional in preview environments. - Remove preview script from workers-playground package.json - Remove preview turbo task and VITE_DEVTOOLS_PREVIEW_URL env var - Remove all workers-playground steps from deploy-previews.yml - Remove preview:workers-playground from workflow trigger condition - Update documentation in README, CONTRIBUTING.md, and chrome-devtools-patches README to remove preview label references

…into global turbo config Move CLOUDFLARE_ACCOUNT_ID and CLOUDFLARE_API_TOKEN from per-package turbo.json passThroughEnv declarations into the root turbo.json globalPassThroughEnv. These env vars are needed by multiple packages for deployment and testing, and duplicating them across 8 separate turbo configs is unnecessary.

…ackage is never deployed

…TURBO_EXTENDS$ Move CLOUDFLARE_ACCOUNT_ID, CLOUDFLARE_API_TOKEN, and NODE_DEBUG into the root test:e2e task env (cache-key-affecting) so credential changes bust the E2E test cache. Per-package test:e2e overrides now use $TURBO_EXTENDS$ to inherit from root instead of duplicating entries. Also restore CLOUDFLARE_ACCOUNT_ID and CLOUDFLARE_API_TOKEN to vitest-pool-workers test task env for remote-proxy-cleanup.test.ts.

Co-authored-by: devin-ai-integration[bot] <158243242+devin-ai-integration[bot]@users.noreply.github.com>

workers-devprod added this to workers-sdk Feb 23, 2026

github-project-automation bot moved this to Untriaged in workers-sdk Feb 23, 2026

petebacondarwin force-pushed the pbd/migrate-workers-playground branch 2 times, most recently from 73d8406 to b9123a5 Compare February 24, 2026 14:13

petebacondarwin force-pushed the pbd/migrate-workers-playground branch 2 times, most recently from 06d9f73 to fed7889 Compare March 4, 2026 21:40

petebacondarwin marked this pull request as ready for review March 5, 2026 10:27

petebacondarwin requested a review from a team as a code owner March 5, 2026 10:27

petebacondarwin added preview:workers-playground Trigger a workers playground preview deploy playground-worker Bug or feature on the CF Workers Playground Worker labels Mar 5, 2026