Detect Go entrypoints under cmd directories

[mstolarzblaxelai]

Detects Go entrypoints under cmd/*/main.go so existing Go projects can run without adding a manual prod entrypoint.

• Adds cmd/*/main.go fallback discovery for Go serve/deploy flows.
• Keeps explicit entrypoint config as the override path and covers the selection behavior in tests.

Refs ENG-2846.

---

Note

Adds a security guard (safeGoCmdEntrypointPattern regex) to the Go cmd entrypoint autodetection, rejecting directory names with shell-unsafe characters and providing actionable error messages pointing users to explicit config.

^{Written by Mendral for commit ec4875a.}

[mendral-app]

🧪 Testing Guide

What this PR addresses

Go projects that use the common cmd/<name>/main.go layout (e.g., cmd/myservice/main.go) previously required a manual [entrypoint] prod = "go run ./cmd/<name>" in blaxel.toml. This PR adds automatic detection of that pattern as a fallback when no top-level main.go, src/main.go, or cmd/main.go is found.

Steps to reproduce the original issue

1. Create a Go project with a single entrypoint at cmd/myapp/main.go (no root main.go).
2. Ensure no [entrypoint] section is configured in blaxel.toml.
3. Run bl serve or bl deploy against that project.
4. Before this PR: the CLI fails with "entrypoint not found in config".

What to verify (expected behavior)

1. Single cmd/*/main.go auto-detected — A Go project with only cmd/myapp/main.go should serve/deploy using go run ./cmd/myapp without any explicit config.
2. Conventional entrypoints still preferred — If main.go exists at the root alongside cmd/myapp/main.go, the root main.go should win (i.e., go run .).
3. Multiple candidates produce a clear error — A project with cmd/api/main.go and cmd/worker/main.go (and no root main.go) should error with a message listing both candidates and guidance to set [entrypoint] prod = "go run ./cmd/<name>".
4. Unsafe directory names are rejected — A cmd subdirectory containing shell metacharacters (e.g., cmd/foo;echo pwned/main.go) should be rejected with an error rather than used in a command.
5. Explicit config overrides auto-detection — Setting [entrypoint] prod = "go run ./cmd/api" in blaxel.toml should always be honored, even when multiple candidates exist.
6. Validation warning updated — Running deploy validation on a Go project missing an entrypoint should now mention cmd/<name>/main.go in the guidance message.
7. Unit tests pass — go test ./cli/core/... ./cli/server/... should pass with the new test cases covering all scenarios above.

Note

Posted by PR Testing Guide · Tag @mendral-app with feedback.

[mendral-app]

✅ Linked to Linear issue ENG-2846 — status: In Progress

• Assignee: Michael Stolarz
• PR linked: ✅ Issue will auto-close when this PR merges

Note

Posted by Linear Issue Enforcer · Tag @mendral-app with feedback.

[mendral-app]

🔍 Interaction Flow

Here's how the new cmd/*/main.go entrypoint detection flows through the affected components:

sequenceDiagram
    participant User as User / CLI
    participant Cmd as findGoRootCmdAsString<br/>(commands_go.go)
    participant Core as FindGoEntryFile<br/>(core/utils.go)
    participant FS as Filesystem
    participant Helper as goRunTargetFromEntryFile<br/>(commands_go.go)

    User->>Cmd: bl serve / bl deploy
    Cmd->>Cmd: Check explicit entrypoint config
    alt Explicit config exists
        Cmd-->>User: Return configured command
    else No explicit config
        Cmd->>Core: FindGoEntryFile(folder)
        Core->>FS: Check main.go, src/main.go, cmd/main.go
        alt Conventional file found
            FS-->>Core: Found (e.g. main.go)
            Core-->>Cmd: Return path
        else No conventional file
            Core->>FS: Glob cmd/*/main.go
            alt Single match
                FS-->>Core: e.g. cmd/api/main.go
                Core-->>Cmd: Return path
            else Multiple matches
                FS-->>Core: cmd/a/main.go, cmd/b/main.go
                Core-->>Cmd: Error (ambiguous)
                Cmd-->>User: Error: configure [entrypoint] prod
            else No matches
                Core-->>Cmd: "" (empty)
                Cmd-->>User: Error: entrypoint not found
            end
        end
        Cmd->>Helper: goRunTargetFromEntryFile(path)
        Helper-->>Cmd: "./cmd/api"
        Cmd-->>User: ["go", "run", "./cmd/api"]
    end

Loading

Summary

The PR adds a fallback discovery step for Go entrypoints:

1. Explicit config ([entrypoint] prod) always takes priority.
2. Conventional files (main.go, src/main.go, cmd/main.go) are checked next.
3. New: cmd/*/main.go glob is used as a final fallback — succeeds only if exactly one match is found; multiple matches produce a helpful error guiding the user to configure explicitly.

The HasGoEntryFile() boolean helper now delegates to the richer FindGoEntryFile(), and deploy.go updates validation messages to document the new supported pattern.

Note

Posted by PR Sequence Diagram · Tag @mendral-app with feedback.

[cursor]

Identified one net-new high-severity security issue after module triage, deduplication across runs/modules, and current-head duplicate suppression.

  

_{Sent by Cursor Security Agent: Security Reviewer}

[mendral-app]

LGTM

The new commit adds proper input validation via a restrictive regex (^cmd/[A-Za-z0-9_.-]+/main\.go$) before constructing the go run target, closing a potential command injection vector. Tests cover the injection scenario directly. No issues.

_{Tag @mendral-app with feedback or questions. View session}