plugin

package
v4.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 29, 2026 License: Apache-2.0 Imports: 28 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// Install is executed after the plugin is added.
	Install = "install"
	// Delete is executed after the plugin is removed.
	Delete = "delete"
	// Update is executed after the plugin is updated.
	Update = "update"
)

Types of hooks

View Source 
const ExtismV1WasmBinaryFilename = "plugin.wasm"
View Source 
const PluginFileName = "plugin.yaml"

Variables

This section is empty.

Functions

func CreatePluginTarball 

func CreatePluginTarball(sourceDir, pluginName string, w io.Writer) error

CreatePluginTarball creates a gzipped tarball from a plugin directory

func FormatEnv added in v4.0.5 

func FormatEnv(env map[string]string) []string

FormatEnv takes a map[KEY]=value and transforms it into a list of "KEY=value" environment variable strings

func GetSigningInfoForPlugins 

func GetSigningInfoForPlugins(plugins []Plugin) map[string]*SigningInfo

GetSigningInfoForPlugins returns signing info for multiple plugins

func IsTarball 

func IsTarball(filename string) bool

isTarball checks if a file has a tarball extension

func ParseEnv added in v4.0.5 

func ParseEnv(env []string) map[string]string

ParseEnv takes a list of "KEY=value" environment variable strings and transforms the result into a map[KEY]=value

- empty input strings are ignored - input strings with no value are stored as empty strings - duplicate keys overwrite earlier values

func PrepareCommands 

func PrepareCommands(cmds []PlatformCommand, expandArgs bool, extraArgs []string, env map[string]string) (string, []string, error)

PrepareCommands takes a []Plugin.PlatformCommand and prepares the command and arguments for execution.

It merges extraArgs into any arguments supplied in the plugin. It returns the main command and an args array.

The result is suitable to pass to exec.Command.

func SignPlugin 

func SignPlugin(tarballData []byte, filename string, signer *provenance.Signatory) (string, error)

SignPlugin signs a plugin using the SHA256 hash of the tarball data.

This is used when packaging and signing a plugin from tarball data. It creates a signature that includes the tarball hash and plugin metadata, allowing verification of the original tarball later.

func VerifyPlugin 

func VerifyPlugin(archiveData, provData []byte, filename, keyring string) (*provenance.Verification, error)

VerifyPlugin verifies plugin data against a signature using data in memory.

Types

type Config 

type Config interface {
	Validate() error
}

Config represents a plugin type specific configuration It is expected to type assert (cast) the Config to its expected underlying type (schema.ConfigCLIV1, schema.ConfigGetterV1, etc).

type Descriptor 

type Descriptor struct {
	// Name is the name of the plugin
	Name string
	// Type is the type of the plugin (cli, getter, postrenderer)
	Type string
}

Descriptor describes a plugin to find

type Downloaders 

type Downloaders struct {
	// Protocols are the list of schemes from the charts URL.
	Protocols []string `yaml:"protocols"`
	// Command is the executable path with which the plugin performs
	// the actual download for the corresponding Protocols
	Command string `yaml:"command"`
}

Downloaders represents the plugins capability if it can retrieve charts from special sources

type ExtismV1PluginRuntime 

type ExtismV1PluginRuntime struct {
	// contains filtered or unexported fields
}

func (*ExtismV1PluginRuntime) Dir 

func (p *ExtismV1PluginRuntime) Dir() string

func (*ExtismV1PluginRuntime) Invoke 

func (p *ExtismV1PluginRuntime) Invoke(ctx context.Context, input *Input) (*Output, error)

func (*ExtismV1PluginRuntime) Metadata 

func (p *ExtismV1PluginRuntime) Metadata() Metadata

type Hooks 

type Hooks map[string]string

Hooks is a map of events to commands.

type Input 

type Input struct {
	// Message represents the type-elided value to be passed to the plugin.
	// The plugin is expected to interpret the message according to its type
	// The message object must be JSON-serializable
	Message any

	// Optional: Reader to be consumed plugin's "stdin"
	Stdin io.Reader

	// Optional: Writers to consume the plugin's "stdout" and "stderr"
	Stdout, Stderr io.Writer

	// Optional: Env represents the environment as a list of "key=value" strings
	// see os.Environ
	Env []string
}

Input defines the input message and parameters to be passed to the plugin

type InvokeExecError 

type InvokeExecError struct {
	ExitCode int   // Exit code from plugin code execution
	Err      error // Underlying error
}

InvokeExecError is returned when a plugin invocation returns a non-zero status/exit code - subprocess plugin: child process exit code - extism plugin: wasm function return code

func (*InvokeExecError) Error 

func (e *InvokeExecError) Error() string

Error implements the error interface

type Metadata 

type Metadata struct {
	// APIVersion specifies the plugin API version
	APIVersion string

	// Name is the name of the plugin
	Name string

	// Type of plugin (eg, cli/v1, getter/v1, postrenderer/v1)
	Type string

	// Runtime specifies the runtime type (subprocess, wasm)
	Runtime string

	// Version is the SemVer 2 version of the plugin.
	Version string

	// SourceURL is the URL where this plugin can be found
	SourceURL string

	// Config contains the type-specific configuration for this plugin
	Config Config

	// RuntimeConfig contains the runtime-specific configuration
	RuntimeConfig RuntimeConfig
}

Metadata of a plugin, converted from the "on-disk" legacy or v1 plugin.yaml Specifically, Config and RuntimeConfig are converted to their respective types based on the plugin type and runtime

func ExtractTgzPluginMetadata 

func ExtractTgzPluginMetadata(r io.Reader) (*Metadata, error)

ExtractTgzPluginMetadata extracts plugin metadata from a gzipped tarball reader

func (Metadata) Validate 

func (m Metadata) Validate() error

type MetadataLegacy 

type MetadataLegacy struct {
	// Name is the name of the plugin
	Name string `yaml:"name"`

	// Version is a SemVer 2 version of the plugin.
	Version string `yaml:"version"`

	// Usage is the single-line usage text shown in help
	Usage string `yaml:"usage"`

	// Description is a long description shown in places like `helm help`
	Description string `yaml:"description"`

	// PlatformCommand is the plugin command, with a platform selector and support for args.
	PlatformCommand []PlatformCommand `yaml:"platformCommand"`

	// Command is the plugin command, as a single string.
	// DEPRECATED: Use PlatformCommand instead. Removed in subprocess/v1 plugins.
	Command string `yaml:"command"`

	// IgnoreFlags ignores any flags passed in from Helm
	IgnoreFlags bool `yaml:"ignoreFlags"`

	// PlatformHooks are commands that will run on plugin events, with a platform selector and support for args.
	PlatformHooks PlatformHooks `yaml:"platformHooks"`

	// Hooks are commands that will run on plugin events, as a single string.
	// DEPRECATED: Use PlatformHooks instead. Removed in subprocess/v1 plugins.
	Hooks Hooks `yaml:"hooks"`

	// Downloaders field is used if the plugin supply downloader mechanism
	// for special protocols.
	Downloaders []Downloaders `yaml:"downloaders"`
}

MetadataLegacy is the legacy plugin.yaml format

func (*MetadataLegacy) Validate 

func (m *MetadataLegacy) Validate() error

type MetadataV1 

type MetadataV1 struct {
	// APIVersion specifies the plugin API version
	APIVersion string `yaml:"apiVersion"`

	// Name is the name of the plugin
	Name string `yaml:"name"`

	// Type of plugin (eg, cli/v1, getter/v1, postrenderer/v1)
	Type string `yaml:"type"`

	// Runtime specifies the runtime type (subprocess, wasm)
	Runtime string `yaml:"runtime"`

	// Version is a SemVer 2 version of the plugin.
	Version string `yaml:"version"`

	// SourceURL is the URL where this plugin can be found
	SourceURL string `yaml:"sourceURL,omitempty"`

	// Config contains the type-specific configuration for this plugin
	Config map[string]any `yaml:"config"`

	// RuntimeConfig contains the runtime-specific configuration
	RuntimeConfig map[string]any `yaml:"runtimeConfig"`
}

MetadataV1 is the APIVersion V1 plugin.yaml format

func (*MetadataV1) Validate 

func (m *MetadataV1) Validate() error

type Output 

type Output struct {
	// Message represents the type-elided value returned from the plugin
	// The invoker is expected to interpret the message according to the plugin's type
	// The message object must be JSON-serializable
	Message any
}

Output defines the output message and parameters the passed from the plugin

type PlatformCommand 

type PlatformCommand struct {
	OperatingSystem string   `yaml:"os"`
	Architecture    string   `yaml:"arch"`
	Command         string   `yaml:"command"`
	Args            []string `yaml:"args"`
}

PlatformCommand represents a command for a particular operating system and architecture

type PlatformHooks 

type PlatformHooks map[string][]PlatformCommand

PlatformHooks is a map of events to a command for a particular operating system and architecture.

type Plugin 

type Plugin interface {
	// Dir return the plugin directory (as an absolute path) on the filesystem
	Dir() string

	// Metadata describes the plugin's type, version, etc.
	// (This metadata type is the converted and plugin version independented in-memory representation of the plugin.yaml file)
	Metadata() Metadata

	// Invoke takes the given input, and dispatches the contents to plugin instance
	// The input is expected to be a JSON-serializable object, which the plugin will interpret according to its type
	// The plugin is expected to return a JSON-serializable object, which the invoker
	// will interpret according to the plugin's type
	//
	// Invoke can be thought of as a request/response mechanism. Similar to e.g. http.RoundTripper
	//
	// If plugin's execution fails with a non-zero "return code" (this is plugin runtime implementation specific)
	// an InvokeExecError is returned
	Invoke(ctx context.Context, input *Input) (*Output, error)
}

Plugin defines a plugin instance. The client (Helm codebase) facing type that can be used to introspect and invoke a plugin

func FindPlugin 

func FindPlugin(dirs []string, descriptor Descriptor) (Plugin, error)

FindPlugin returns a single plugin that matches the descriptor

func FindPlugins 

func FindPlugins(pluginsDirs []string, descriptor Descriptor) ([]Plugin, error)

FindPlugins returns a list of plugins that match the descriptor

func LoadAll 

func LoadAll(basedir string) ([]Plugin, error)

LoadAll loads all plugins found beneath the base directory.

This scans only one directory level.

func LoadDir 

func LoadDir(dirname string) (Plugin, error)

LoadDir loads a plugin from the given directory.

type PluginHook 

type PluginHook interface {
	InvokeHook(event string) error
}

PluginHook allows plugins to implement hooks that are invoked on plugin management events (install, upgrade, etc)

type Runtime 

type Runtime interface {
	// CreatePlugin creates a plugin instance from the given metadata
	CreatePlugin(pluginDir string, metadata *Metadata) (Plugin, error)
}

Runtime represents a plugin runtime (subprocess, extism, etc) ie. how a plugin should be executed Runtime is responsible for instantiating plugins that implement the runtime TODO: could call this something more like "PluginRuntimeCreator"?

type RuntimeConfig 

type RuntimeConfig interface {
	Validate() error
}

RuntimeConfig represents the assertable type for a plugin's runtime configuration. It is expected to type assert (cast) the a RuntimeConfig to its expected type

type RuntimeConfigExtismV1 

type RuntimeConfigExtismV1 struct {
	// Describes the limits on the memory the plugin may be allocated.
	Memory RuntimeConfigExtismV1Memory `yaml:"memory"`

	// The "config" key is a free-form map that can be passed to the plugin.
	// The plugin must interpret arbitrary data this map may contain
	Config map[string]string `yaml:"config,omitempty"`

	// An optional set of hosts this plugin can communicate with.
	// This only has an effect if the plugin makes HTTP requests.
	// If not specified, then no hosts are allowed.
	AllowedHosts []string `yaml:"allowedHosts,omitempty"`

	FileSystem RuntimeConfigExtismV1FileSystem `yaml:"fileSystem,omitempty"`

	// The timeout in milliseconds for the plugin to execute
	Timeout uint64 `yaml:"timeout,omitempty"`

	// HostFunction names exposed in Helm the plugin may access
	// see: https://extism.org/docs/concepts/host-functions/
	HostFunctions []string `yaml:"hostFunctions,omitempty"`

	// The name of entry function name to call in the plugin
	// Defaults to "helm_plugin_main".
	EntryFuncName string `yaml:"entryFuncName,omitempty"`
}

RuntimeConfigExtismV1 defines the user-configurable options the plugin's Extism runtime The format loosely follows the Extism Manifest format: https://extism.org/docs/concepts/manifest/

func (*RuntimeConfigExtismV1) Validate 

func (r *RuntimeConfigExtismV1) Validate() error

type RuntimeConfigExtismV1FileSystem 

type RuntimeConfigExtismV1FileSystem struct {
	// If specified, a temporary directory will be created and mapped to /tmp in the plugin's filesystem.
	// Data written to the directory will be visible on the host filesystem.
	// The directory will be removed when the plugin invocation completes.
	CreateTempDir bool `yaml:"createTempDir,omitempty"`
}

RuntimeConfigExtismV1FileSystem exposes filesystem options for the configuration TODO: should Helm expose AllowedPaths?

type RuntimeConfigExtismV1Memory 

type RuntimeConfigExtismV1Memory struct {
	// The max amount of pages the plugin can allocate
	// One page is 64Kib. e.g. 16 pages would require 1MiB.
	// Default is 4 pages (256KiB)
	MaxPages uint32 `yaml:"maxPages,omitempty"`

	// The max size of an Extism HTTP response in bytes
	// Default is 4096 bytes (4KiB)
	MaxHTTPResponseBytes int64 `yaml:"maxHttpResponseBytes,omitempty"`

	// The max size of all Extism vars in bytes
	// Default is 4096 bytes (4KiB)
	MaxVarBytes int64 `yaml:"maxVarBytes,omitempty"`
}

RuntimeConfigExtismV1Memory exposes the Wasm/Extism memory options for the plugin

type RuntimeConfigSubprocess 

type RuntimeConfigSubprocess struct {
	// PlatformCommand is a list containing a plugin command, with a platform selector and support for args.
	PlatformCommand []PlatformCommand `yaml:"platformCommand"`
	// PlatformHooks are commands that will run on plugin events, with a platform selector and support for args.
	PlatformHooks PlatformHooks `yaml:"platformHooks"`
	// ProtocolCommands allows the plugin to specify protocol specific commands
	//
	// Obsolete/deprecated: This is a compatibility hangover from the old plugin downloader mechanism, which was extended
	// to support multiple protocols in a given plugin. The command supplied in PlatformCommand should implement protocol
	// specific logic by inspecting the download URL
	ProtocolCommands []SubprocessProtocolCommand `yaml:"protocolCommands,omitempty"`
	// contains filtered or unexported fields
}

RuntimeConfigSubprocess implements RuntimeConfig for RuntimeSubprocess

func (*RuntimeConfigSubprocess) GetType 

func (r *RuntimeConfigSubprocess) GetType() string

func (*RuntimeConfigSubprocess) Validate 

func (r *RuntimeConfigSubprocess) Validate() error

type RuntimeExtismV1 

type RuntimeExtismV1 struct {
	HostFunctions    map[string]extism.HostFunction
	CompilationCache wazero.CompilationCache
}

func (*RuntimeExtismV1) CreatePlugin 

func (r *RuntimeExtismV1) CreatePlugin(pluginDir string, metadata *Metadata) (Plugin, error)

type RuntimeSubprocess 

type RuntimeSubprocess struct {
	EnvVars map[string]string
}

func (*RuntimeSubprocess) CreatePlugin 

func (r *RuntimeSubprocess) CreatePlugin(pluginDir string, metadata *Metadata) (Plugin, error)

CreatePlugin implementation for Runtime

type SigningInfo 

type SigningInfo struct {
	// Status can be:
	// - "local dev": Plugin is a symlink (development mode)
	// - "unsigned": No provenance file found
	// - "invalid provenance": Provenance file is malformed
	// - "mismatched provenance": Provenance file does not match the installed tarball
	// - "signed": Valid signature exists for the installed tarball
	Status   string
	IsSigned bool // True if plugin has a valid signature (even if not verified against keyring)
}

SigningInfo contains information about a plugin's signing status

func GetPluginSigningInfo 

func GetPluginSigningInfo(metadata Metadata) (*SigningInfo, error)

GetPluginSigningInfo returns signing information for an installed plugin

type SubprocessPluginRuntime 

type SubprocessPluginRuntime struct {
	RuntimeConfig RuntimeConfigSubprocess
	EnvVars       map[string]string
	// contains filtered or unexported fields
}

SubprocessPluginRuntime implements the Plugin interface for subprocess execution

func (*SubprocessPluginRuntime) Dir 

func (r *SubprocessPluginRuntime) Dir() string

func (*SubprocessPluginRuntime) Invoke 

func (r *SubprocessPluginRuntime) Invoke(_ context.Context, input *Input) (*Output, error)

func (*SubprocessPluginRuntime) InvokeHook 

func (r *SubprocessPluginRuntime) InvokeHook(event string) error

func (*SubprocessPluginRuntime) InvokeWithEnv 

func (r *SubprocessPluginRuntime) InvokeWithEnv(main string, argv []string, env []string, stdin io.Reader, stdout, stderr io.Writer) error

InvokeWithEnv executes a plugin command with custom environment and I/O streams This method allows execution with different command/args than the plugin's default

func (*SubprocessPluginRuntime) Metadata 

func (r *SubprocessPluginRuntime) Metadata() Metadata

type SubprocessProtocolCommand 

type SubprocessProtocolCommand struct {
	// Protocols are the list of schemes from the charts URL.
	Protocols []string `yaml:"protocols"`
	// PlatformCommand is the platform based command which the plugin performs
	// to download for the corresponding getter Protocols.
	PlatformCommand []PlatformCommand `yaml:"platformCommand"`
}

SubprocessProtocolCommand maps a given protocol to the getter command used to retrieve artifacts for that protocol

Source Files

View all Source files

Directories

Path Synopsis
Package cache provides a key generator for vcs urls.
 Package cache provides a key generator for vcs urls.
Package installer provides an interface for installing Helm plugins.
 Package installer provides an interface for installing Helm plugins.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.