feat: private network service discovery added

Author: Alex Holmberg

src/agent/tools/platform/deploy_service.rs

@@ -26,6 +26,7 @@ use crate::wizard::{
     get_hetzner_regions_dynamic, get_hetzner_server_types_dynamic, HetznerFetchResult,
     DynamicCloudRegion, DynamicMachineType, discover_env_files, parse_env_file,
     get_available_endpoints, filter_endpoints_for_provider, match_env_vars_to_services,
+    extract_network_endpoints,
 };
 use std::process::Command;
 
@@ -200,6 +201,14 @@ User: "deploy this service"
 - Private endpoints are pre-filtered to only show services on the same provider network
 - ALWAYS mention available endpoints when deploying services that have env vars matching deployed services
 
+**Private networks (project_networks):**
+- The response includes project_networks showing provisioned VPCs/networks for the target provider
+- Each network includes connection_details with key/value pairs (VPC_ID, SUBNET_ID, DEFAULT_DOMAIN, etc.)
+- If networks have useful connection details (e.g., a default domain, VPC connector), mention them to the user
+- Ask the user if they want to inject any network details as environment variables
+- Network details are NOT secrets — they are infrastructure identifiers
+- Private networks enable service-to-service communication on the same provider
+
 **Environment variables (secret_keys) and .env files:**
 - The preview response includes parsed_env_files: discovered .env files with their parsed keys/values
 - If .env files are found, ALWAYS ask the user: "I found a .env file with N variables. Should I inject these into the deployment?"
@@ -767,6 +776,21 @@ User: "deploy this service"
             let endpoint_suggestions =
                 match_env_vars_to_services(&detected_env_var_names, &deployed_endpoints);
 
+            // Fetch project networks for the target provider
+            let project_networks = match client.list_project_networks(&project_id).await {
+                Ok(nets) => nets,
+                Err(e) => {
+                    tracing::debug!("Could not fetch project networks: {}", e);
+                    Vec::new()
+                }
+            };
+
+            let network_endpoints = extract_network_endpoints(
+                &project_networks,
+                final_provider_for_check.as_str(),
+                Some(&resolved_env_id),
+            );
+
             let response = json!({
                 "status": "recommendation",
                 "deployment_mode": deployment_mode,
@@ -889,6 +913,18 @@ User: "deploy this service"
                     "confidence": format!("{:?}", s.confidence),
                     "reason": s.reason,
                 })).collect::<Vec<_>>(),
+                "project_networks": network_endpoints.iter().map(|ne| json!({
+                    "network_id": ne.network_id,
+                    "cloud_provider": ne.cloud_provider,
+                    "region": ne.region,
+                    "status": ne.status,
+                    "environment_id": ne.environment_id,
+                    "connection_details": ne.connection_details.iter().map(|(k, v)| json!({
+                        "key": k,
+                        "value": v,
+                        "suggested_env_var": k,
+                    })).collect::<Vec<_>>(),
+                })).collect::<Vec<_>>(),
                 "next_steps": next_steps,
                 "confirmation_prompt": if existing_config.is_some() {
                     format!(

src/platform/api/client.rs

@@ -6,13 +6,14 @@
 use super::error::{PlatformApiError, Result};
 use super::types::{
     ApiErrorResponse, ArtifactRegistry, AvailableRepositoriesResponse, CloudCredentialStatus,
-    CloudProvider, ClusterEntity, ConnectRepositoryRequest, ConnectRepositoryResponse,
-    CreateDeploymentConfigRequest, CreateDeploymentConfigResponse, CreateRegistryRequest,
-    CreateRegistryResponse, DeploymentConfig, DeploymentSecretInput, DeploymentTaskStatus,
-    Environment, GenericResponse, GetLogsResponse, GitHubInstallationUrlResponse,
-    GitHubInstallationsResponse, InitializeGitOpsRequest, InitializeGitOpsResponse, Organization,
-    PaginatedDeployments, Project, ProjectRepositoriesResponse, RegistryTaskStatus,
-    TriggerDeploymentRequest, TriggerDeploymentResponse, UserProfile,
+    CloudProvider, CloudRunnerNetwork, ClusterEntity, ConnectRepositoryRequest,
+    ConnectRepositoryResponse, CreateDeploymentConfigRequest, CreateDeploymentConfigResponse,
+    CreateRegistryRequest, CreateRegistryResponse, DeploymentConfig, DeploymentSecretInput,
+    DeploymentTaskStatus, Environment, GenericResponse, GetLogsResponse,
+    GitHubInstallationUrlResponse, GitHubInstallationsResponse, InitializeGitOpsRequest,
+    InitializeGitOpsResponse, Organization, PaginatedDeployments, Project,
+    ProjectRepositoriesResponse, RegistryTaskStatus, TriggerDeploymentRequest,
+    TriggerDeploymentResponse, UserProfile,
 };
 use crate::auth::credentials;
 use reqwest::Client;
@@ -1021,6 +1022,29 @@ impl PlatformApiClient {
         .await
     }
 
+    // =========================================================================
+    // Cloud Runner Network API methods
+    // =========================================================================
+
+    /// List all cloud runner networks for a project
+    ///
+    /// Returns VPCs, subnets, Azure Container App Environments, GCP VPC Connectors, etc.
+    /// Use this to discover private networking infrastructure provisioned for the project.
+    ///
+    /// Endpoint: GET /api/v1/cloud-runner/projects/:projectId/networks
+    pub async fn list_project_networks(
+        &self,
+        project_id: &str,
+    ) -> Result<Vec<CloudRunnerNetwork>> {
+        let response: GenericResponse<Vec<CloudRunnerNetwork>> = self
+            .get(&format!(
+                "/api/v1/cloud-runner/projects/{}/networks",
+                project_id
+            ))
+            .await?;
+        Ok(response.data)
+    }
+
     // =========================================================================
     // Health Check API methods
     // =========================================================================

src/platform/api/types.rs

@@ -1515,6 +1515,53 @@ pub struct ServerTypesResponse {
     pub data: Vec<ServerTypeSummary>,
 }
 
+// =============================================================================
+// Cloud Runner Network Types
+// =============================================================================
+
+/// A provisioned cloud runner network (VPC/subnet/domain)
+///
+/// Represents infrastructure networking resources provisioned for a project,
+/// including VPCs, subnets, Azure Container App Environments, GCP VPC Connectors, etc.
+#[derive(Debug, Clone, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct CloudRunnerNetwork {
+    /// Unique network identifier
+    pub id: String,
+    /// Project this network belongs to
+    pub project_id: String,
+    /// Organization this network belongs to
+    pub organization_id: String,
+    /// Environment this network is scoped to (None for shared/default networks)
+    pub environment_id: Option<String>,
+    /// Cloud provider (e.g., "hetzner", "gcp", "azure")
+    pub cloud_provider: String,
+    /// Region where the network is provisioned
+    pub region: String,
+    /// VPC identifier (provider-specific)
+    pub vpc_id: Option<String>,
+    /// VPC display name
+    pub vpc_name: Option<String>,
+    /// Subnet identifier
+    pub subnet_id: Option<String>,
+    /// GCP VPC Connector identifier
+    pub vpc_connector_id: Option<String>,
+    /// GCP VPC Connector name
+    pub vpc_connector_name: Option<String>,
+    /// Azure resource group name
+    pub resource_group_name: Option<String>,
+    /// Azure Container App Environment identifier
+    pub container_app_environment_id: Option<String>,
+    /// Azure Container App Environment name
+    pub container_app_environment_name: Option<String>,
+    /// Default domain for services on this network (e.g., Azure ACA default domain)
+    pub default_domain: Option<String>,
+    /// Network status (e.g., "ready", "provisioning", "error")
+    pub status: String,
+    /// Error message if status is "error"
+    pub error_message: Option<String>,
+}
+
 // =============================================================================
 // Hetzner Options Types (from /api/v1/cloud-runner/hetzner/options)
 // =============================================================================

src/wizard/mod.rs

@@ -52,7 +52,9 @@ pub use recommendations::{
 };
 pub use render::{count_badge, display_step_header, status_indicator, wizard_render_config};
 pub use service_endpoints::{
-    collect_service_endpoint_env_vars, filter_endpoints_for_provider, get_available_endpoints,
+    collect_network_endpoint_env_vars, collect_service_endpoint_env_vars,
+    extract_network_endpoints, filter_endpoints_for_provider, get_available_endpoints,
     match_env_vars_to_services, AvailableServiceEndpoint, EndpointSuggestion, MatchConfidence,
+    NetworkEndpointInfo,
 };
 pub use target_selection::{select_target, TargetSelectionResult};