prisma-compute
Prisma Compute deployment and hosting guide. Use whenever the user mentions Prisma Compute, `prisma.compute.ts`, `defineComputeConfig`, deploying or hosting a…
npx skills add https://github.com/prisma/prisma-plugin --skill prisma-computePrisma Compute
Guide agents through Prisma Compute app creation, deployment, operations, and framework-specific deploy readiness.
Prisma Compute CLI Surface
Use the Prisma Platform CLI for Compute app workflows:
bunx @prisma/cli@latest app deploy --help
bunx @prisma/cli@latest app --help
bunx @prisma/cli@latest build logs --help
bunx create-prisma@latest --help
Use @prisma/cli@latest for Compute app deployment. Use create-prisma@latest for new-project scaffolding.
Source-of-Truth Order
Use evidence in this order when deciding what to edit or run:
- The project's generated scripts and config, especially
prisma.compute.ts,compute:deploy, framework config, andpackage.json. - CLI help output from
create-prismaand@prisma/cli. - Local installed package code, generated artifacts, and type definitions.
- Official docs.
When to Apply
Use this skill for:
- Creating a new app that can deploy to Prisma Compute
- Deploying an existing TypeScript app to Prisma Compute
- Creating or updating a typed
prisma.compute.tsdeploy config - Deciding whether a framework is Compute-ready
- Debugging
create-prisma --deploy,compute:deploy, orapp deploy - Managing Compute app logs, deployments, environment variables, branches, and domains
- Inspecting GitHub/Console build logs and GitHub push-to-deploy status
- Running non-interactive deploys with browser auth, multiple stored workspaces, or Prisma service tokens
- Switching, selecting, listing, or logging out local Prisma Platform workspaces for
@prisma/cli - Installing or updating Prisma skills with
@prisma/cli agent install|update|status - Programmatic deployments with
@prisma/compute-sdkor Management API integrations
Decision Tree
-
Existing project deployment or redeploy: Read
references/app-deploy-cli.md. -
Typed Compute config, monorepos, deploy targets, app roots, or build/env defaults: Read
references/compute-config.md. -
Framework-specific build/runtime work: Read
references/frameworks.md. -
New project from a scaffold: Read
references/create-prisma.md. -
Programmatic deployment, SDKs, APIs, or low-level App/Deployment concepts: Read
references/sdk-api.md. -
Build, auth, env, deploy, or runtime failures: Read
references/troubleshooting.md.
Rules by Priority
| Priority | Category | Impact | Prefix |
|---|---|---|---|
| 1 | Command verification | CRITICAL | verify- |
| 2 | Auth and workspace selection | CRITICAL | auth- |
| 3 | Framework readiness | CRITICAL | framework- |
| 4 | Runtime host and port binding | CRITICAL | runtime- |
| 5 | Typed Compute config | HIGH | config- |
| 6 | Branch, environment, and database wiring | HIGH | env- |
| 7 | Deploy operations | HIGH | deploy- |
| 8 | SDK and API automation | MEDIUM | sdk- |
Quick Rules
1. Command Verification
verify-help-first- Use CLI help output to confirm command syntax while working.verify-prisma-vs-platform-cli- Do not assumeprisma app deployexists in the ORM CLI; check whether the task should use@prisma/cli.verify-generated-scripts- Prefer the generatedcompute:deployscript when a project already has one.verify-public-url- After a real deploy, request the public deployment URL instead of trusting local or readiness-only checks.verify-config-support- Treatprisma.compute.tsas the typed Compute config; inspect the project's config and generated scripts before editing or deploying.verify-auth-workspace-support- Use@prisma/cli auth workspacecommands for local workspace list/use/logout flows.
2. Auth and Workspace Selection
auth-source-precedence- A non-emptyPRISMA_SERVICE_TOKENis the active auth source for commands and local OAuth workspaces are ignored for execution. If it is set but empty, the CLI should fail instead of falling back to stored OAuth.auth-multi-workspace-auth logincan store OAuth sessions for multiple workspaces on the same machine. The active workspace pointer selects which stored OAuth grant normal commands use.auth-list-before-switch- Useauth workspace list --jsonto inspect local sessions. Agents should prefer workspace ids from JSON over names because names can be ambiguous.auth-switch-explicitly- Useauth workspace use <id-or-name>for non-interactive switching. Useauth workspace usewith no argument only for an interactive picker or when exactly one local OAuth workspace exists.auth-no-fallthrough- If the active OAuth workspace is logged out or fails refresh, the CLI should not silently fall through to another cached workspace. Runauth workspace use <id>to choose the next workspace.auth-single-workspace-logout- Useauth workspace logout <id-or-name>orauth logout --workspace <id-or-name>to remove one local OAuth workspace session. Plainauth logoutclears all local OAuth workspace sessions.auth-service-token-switching- WhilePRISMA_SERVICE_TOKENis set,auth workspace useis unavailable because the service token is the active auth source; unset the env var to switch local OAuth workspaces. Workspace logout still only cleans local OAuth state.auth-storage-awareness- Local OAuth credentials live in the platform auth file, with workspace metadata in a sidecar context file. Project pins live in.prisma/local.json, and CLI app/project state lives in.prisma/cli/state.jsonnearprisma.compute.tswhen present.
3. Framework Readiness
framework-cli-first- Evaluate deploy readiness against@prisma/cli app deploy, not against whatcreate-prismacan scaffold.framework-supported-cli-deploy- Compute deploy supportsnextjs,nuxt,astro,hono,nestjs,tanstack-start,custom, andbun.framework-create-prisma-defaults-only-create-prismacan provide generated defaults andcompute:deploy, but it is not the general deploy surface for existing apps.framework-build-output- Compute needs a server entrypoint or framework artifact, not only static output.
4. Runtime Host and Port Binding
runtime-bind-all-interfaces- Deployed servers must bind on all interfaces (0.0.0.0or the framework equivalent), not hard-codedlocalhostor127.0.0.1.runtime-match-http-port- The app must listen on the deployed HTTP port: readprocess.env.PORTwhen possible, or pass the matching--http-port.runtime-readiness-port-only- Compute readiness watches listening ports; a loopback-only listener can look ready while public ingress cannot reach it.
5. Typed Compute Config
config-optional-simple-app-prisma.compute.tsis not required to deploy a normal single app; use flags when there is no durable config.config-use-prisma-compute-ts- Put reusable deploy defaults inprisma.compute.tswithdefineComputeConfig, not inprisma.config.ts.config-app-vs-apps- Useappfor a single deploy target andappsfor monorepos or multi-app repos; define exactly one.config-monorepo-roots- For monorepos, useprisma.compute.tsto declare app targets, roots, framework defaults, entrypoints, ports, and env inputs.config-targets- In multi-app configs,@prisma/cli app deploy webselects theapps.webtarget. Without[app], commands can infer the target from the current directory; otherwise deploy can run all targets while build/run require one.config-region-new-app-only- A configregionis only a default for newly created apps; deploys to existing apps keep the app's current region.config-custom-artifact- Useframework: "custom"withbuild.outputDirectoryandbuild.entrypointfor prebuilt or custom-built artifacts.config-no-project-branch-secrets- Do not commit Workspace, Project, Branch, production intent, service tokens, or secret values inprisma.compute.ts; keep those in flags,.prisma/local.json, env storage, or CI secrets. App-level defaults such asregion,root,framework,entry,httpPort, and non-secret env file paths belong in config.config-flags-win- Explicit deploy flags such as--framework,--entry,--http-port,--region, and--envoverride matching config values.
6. Branch, Environment, and Database
env-do-not-leak-secrets- Never print fullDATABASE_URL, service tokens, or secret values.env-deploy-loads-dotenv- Generated deploy scripts may load env viaprisma.compute.tsor--env .env; inspect the actual script/config before redeploy.env-migrations-separate- Redeploy scripts do not run migrations or seed data. Run the appropriate Prisma database scripts separately.env-cli-token-name-@prisma/cliusesPRISMA_SERVICE_TOKENfor service-token auth.env-branch-scope- Branch deploys, branch env vars, and branch databases must use the same branch name; pass--branch <git-name>explicitly when targeting a preview branch.env-production-vs-preview- Use--role productionfor production env,--role previewfor preview template env, and--branch <git-name>for branch-specific overrides.env-db-explicit- Keep database and env wiring explicit through database and project env commands; deploy examples should not add database setup, and deploys do not run migrations, seed data, or create one database per app automatically.
7. Deploy Operations
deploy-prod-intent- Use--prod --yesonly when the user intends a production deploy.deploy-github-default-branch- When a Compute app is connected to GitHub push-to-deploy, a merge to the default branch is the production deploy path; check deployment records or GitHub check runs instead of telling users to redeploy the merged PR branch or run a default-branch preview deploy.deploy-build-logs- Use@prisma/cli build logs <build-id>for GitHub/Console build output. Useapp logsfor runtime deployment logs; the two ids are different.deploy-noninteractive-auth- Non-interactive deploys need either the correct active stored OAuth workspace or a supported service token env var; never print the token.deploy-json-for-agents- Use--json --no-interactivefor scripts and agent-readable output.deploy-create-project- Use--create-project <name>only when the user wants deploy to create and link a new project; it conflicts with--projectandPRISMA_PROJECT_ID.deploy-ops-targets- App show/open/logs/list-deploys/promote/rollback/remove and domain commands can also accept[app]targets fromprisma.compute.ts.
8. SDK and API
sdk-use-cli-first- Prefer@prisma/cli app deployfor app workflows; usecreate-prismaonly to scaffold a new app unless the user is building lower-level automation.sdk-result-handling-@prisma/compute-sdkreturnsResultvalues; checkisOk()/isErr()instead of relying on exceptions.
Preferred Workflow
- Inspect the project: package manager, template/framework,
package.jsonscripts, Prisma version, Prisma client location,prisma.compute.ts, and existingcompute:deploy. - Verify CLI help output for the package actually being used.
- Verify auth context before project/app mutations:
auth whoami --json, and when multiple local sessions may exist,auth workspace list --json. - Choose the path:
- existing app deploy: config-backed target when present, generated
compute:deploy, or@prisma/cli app build/run/deployflags - new app scaffold:
create-prisma, then generatedcompute:deployor@prisma/cli app deploy - low-level automation:
@prisma/compute-sdkor Management API
- existing app deploy: config-backed target when present, generated
- Check framework readiness plus host/port/env/runtime requirements, including project and branch scope.
- Run a local build or
app buildbefore deploying when feasible. - Deploy with JSON output when automating, then request the public URL and summarize app URL, app id, deployment id, project id, workspace id, and follow-up steps.
- For GitHub/Console builds, inspect the
Prisma Compute Deploycheck run orbuild logs <build-id>before guessing why a build failed.
Avoid
- Do not bury Compute deployment guidance in the generic
prisma-cliskill. - Do not run
create-prismainside an existing app just to deploy it; use the generatedcompute:deployscript or@prisma/cli app deploy. - Do not tell users that every
create-prismatemplate can auto-deploy. - Do not put Compute deploy defaults in
prisma.config.ts; useprisma.compute.ts. - Do not deploy with placeholder
DATABASE_URLvalues. - Do not assume
next startis the Compute runtime path; Next.js deploys need standalone output. - Do not expose secret values from
.env, CLI output, Management API responses, or logs. - Do not assume a stored OAuth login means the desired workspace is active; inspect or switch it explicitly.
- Do not auto-switch to another cached workspace after logout or auth refresh failure.