Resource Model

Every Wrangler fragment is stored as a Cloudflare Native config node. Layeron extracts known binding shapes for graph visibility and Worker attachment.

worker.default
  -> wrangler.decl_1
  -> binding.FEATURE_FLAGS
  -> cloudflare.kv.namespace

worker.default
  -> wrangler.decl_2
  -> binding.ORDER_QUEUE
  -> cloudflare.queue

queue.orders
  -> queue_consumer.orders
  -> worker.default queue entrypoint

Known bindings contribute runtime bindings, resource graph nodes, and deployment state entries. Queue consumers also contribute runtime entrypoints so the Worker can receive queue batches.

Unknown Wrangler sections are still preserved in the native config node. This keeps the authoring surface open as Cloudflare adds products, while Layeron can add deeper graph extraction later without changing the user-facing shape.

Current Extraction Coverage

Layeron performs best-effort graph extraction for these Wrangler sections:

kv_namespaces
r2_buckets
d1_databases
queues.producers
queues.consumers
durable_objects.bindings
workflows
vars

Wrangler remains the final validator and deploy executor for Cloudflare Native. The generated artifact contains the complete raw native config, including unknown or newly added Cloudflare product sections.

Deployment Artifact

layer deploy writes:

.layeron/deploy/<env>/cloudflare-native/wrangler.jsonc

The artifact includes the raw Wrangler-shaped config plus generated Worker fields such as name, main, account_id, compatibility_date, and compatibility_flags. Layeron records the artifact as wrangler.native in deployment state after Wrangler completes successfully.

Secrets And Vars

Wrangler vars entries become plain-text Worker bindings and are available on request.env in route handlers. Use Cloudflare Native for Cloudflare resource bindings and product-specific Wrangler config.

Use Env for non-secret values that should resolve by Layeron environment. Use Secrets for sensitive runtime values such as API keys, signing keys, and provider tokens.