plugins

package
v0.2.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 17, 2026 License: MIT Imports: 22 Imported by: 0

Documentation

Overview

Package plugins loads Extism WASM plugins for honey (CUE transforms, custom steps, secret ref backends, and local hooks). Enable via honey config plugins.enabled.

Index

Constants

View Source 
const (
	CapCueTransform = "cue_transform"
	CapCustomStep   = "custom_step"
	CapSecret       = "secret"
	CapStackUnwrap  = "stack_unwrap"
	CapHook         = "hook"
)

Capability names registered in plugin.yaml.

Variables

This section is empty.

Functions

func KVSessionFromContext 

func KVSessionFromContext(ctx context.Context) (*stepkv.Session, bool)

KVSessionFromContext returns the session bound for this plugin call, if any.

func PluginsFromConfig 

func PluginsFromConfig(f *config.File) config.PluginsEffective

PluginsFromConfig builds effective settings from honey config file.

func RunKVForTest 

func RunKVForTest(ctx context.Context, in apiv1.KVInput) apiv1.KVOutput

RunKVForTest exposes runKV for unit tests.

func WithKVSession 

func WithKVSession(ctx context.Context, sess *stepkv.Session) context.Context

WithKVSession attaches the recipe stepkv session for plugin host functions.

Types

type Info 

type Info struct {
	ID                   string            `json:"id"`
	Version              string            `json:"version"`
	Capabilities         []string          `json:"capabilities"`
	Path                 string            `json:"path"`
	SecretRefPrefixes    []string          `json:"secret_ref_prefixes,omitempty"`
	AllowHostExec        bool              `json:"allow_host_exec,omitempty"`
	AllowKV              bool              `json:"allow_kv,omitempty"`
	AllowedHosts         []string          `json:"allowed_hosts,omitempty"`
	AllowedPaths         map[string]string `json:"allowed_paths,omitempty"`
	AllowedEnv           []string          `json:"allowed_env,omitempty"`
	MaxHTTPResponseBytes int64             `json:"max_http_response_bytes,omitempty"`
}

Info describes a loaded plugin for listing.

type Manager 

type Manager struct {
	// contains filtered or unexported fields
}

Manager loads Extism WASM plugins and routes capability calls.

func LoadFromDir 

func LoadFromDir(ctx context.Context, dir string) (*Manager, error)

LoadFromDir is a test helper that loads plugins from a directory without config allowlist.

func NewManager 

func NewManager(ctx context.Context, cfg config.PluginsEffective) (*Manager, error)

NewManager loads plugins from cfg. When plugins are disabled, returns a manager with no plugins.

func Open 

func Open(ctx context.Context, cfg *config.File) (*Manager, error)

Open loads plugins from honey config (returns non-nil manager even when disabled).

func (*Manager) Call 

func (m *Manager) Call(ctx context.Context, pluginID, export string, in, out any) error

Call invokes export on pluginID with JSON input; decodes JSON output or returns plugin error string.

func (*Manager) Close 

func (m *Manager) Close() error

Close releases plugin resources.

func (*Manager) Enabled 

func (m *Manager) Enabled() bool

Enabled reports whether plugins are turned on in config.

func (*Manager) ExecuteStep 

func (m *Manager) ExecuteStep(ctx context.Context, pluginID, action string, config json.RawMessage, stepIndex int, hostJSON []byte, env map[string]string, execute, secretsDry bool, kvSession *stepkv.Session) (apiv1.ExecuteStepOutput, error)

ExecuteStep runs the execute_step export for a plugin step on one host. kvSession is optional; when non-nil it is bound for allow_kv plugins via the kv host function.

func (*Manager) List 

func (m *Manager) List() []Info

List returns metadata for loaded plugins.

func (*Manager) OnStepResult 

func (m *Manager) OnStepResult(ctx context.Context, pluginID, action string, config json.RawMessage, in apiv1.OnStepResultInput, kvSession *stepkv.Session) (apiv1.OnStepResultOutput, error)

OnStepResult runs the on_step_result export for a local hook plugin.

func (*Manager) PluginIDsWithCapability 

func (m *Manager) PluginIDsWithCapability(capability string) []string

PluginIDsWithCapability returns plugin IDs that declare the capability.

func (*Manager) SecretRefBackends 

func (m *Manager) SecretRefBackends() []ref.Backend

SecretRefBackends returns ref.Backend adapters for plugins with the secret capability.

func (*Manager) SecretRefPrefixes 

func (m *Manager) SecretRefPrefixes() []string

SecretRefPrefixes returns all registered secret ref prefixes from secret-capable plugins.

func (*Manager) TransformCue 

func (m *Manager) TransformCue(ctx context.Context, cueBytes []byte, hostsCount int) ([]byte, error)

TransformCue runs cue_transform plugins in manifest order.

type Manifest 

type Manifest struct {
	ID                   string            `yaml:"id"`
	Version              string            `yaml:"version"`
	Capabilities         []string          `yaml:"capabilities"`
	SecretRefPrefixes    []string          `yaml:"secret_ref_prefixes,omitempty"`
	AllowHostExec        bool              `yaml:"allow_host_exec,omitempty"`
	AllowKV              bool              `yaml:"allow_kv,omitempty"`
	AllowedEnv           []string          `yaml:"allowed_env,omitempty"`
	AllowedHosts         []string          `yaml:"allowed_hosts,omitempty"`
	AllowedPaths         map[string]string `yaml:"allowed_paths,omitempty"`
	MaxHTTPResponseBytes int64             `yaml:"max_http_response_bytes,omitempty"`
	Order                int               `yaml:"order,omitempty"`
}

Manifest describes a plugin bundle (plugin.yaml next to plugin.wasm).

type SecretBackend 

type SecretBackend struct {
	// contains filtered or unexported fields
}

SecretBackend resolves secret refs via a WASM plugin prefix.

func (SecretBackend) Handles 

func (b SecretBackend) Handles(ref string) bool

Handles implements ref.Backend.

func (SecretBackend) Name 

func (b SecretBackend) Name() string

Name implements ref.Backend.

func (SecretBackend) Resolve 

func (b SecretBackend) Resolve(ctx context.Context, ref string) (string, error)

Resolve implements ref.Backend.

Source Files

View all Source files

Directories

Path Synopsis
api
v1
Package v1 defines the honey.plugins/v1 JSON contract between the host and WASM plugins.
 Package v1 defines the honey.plugins/v1 JSON contract between the host and WASM plugins.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.