Add plugincontainer module #84
Conversation
tomhjp
force-pushed
the
add-plugincontainer-module
branch
from
82220ed to
96ed8e8
Compare
* Also updates go-plugin to latest from main * Adds some tests * Tweaks docs
|
I think this is in a decent state to review now. I'm planning to tag go-plugin and pull that tag in once there's rough consensus on this PR, just in case there are any last minute API changes required in go-plugin. |
tomhjp
requested review from
jefferai,
swenson,
fairclothjm,
jimlambrt and
briankassouf
|
Note: Looks like the CI gives a green tick even if the build and tests fail: https://github.com/hashicorp/go-secure-stdlib/actions/runs/5956014581/job/16155887975. I'll look into fixing this in a separate PR tomorrow. |
|
Sorry for the commit noise, I accidentally pushed a merge with my CI branch, and chose to revert the merge commit rather than rebase so that it's easier to see changes since last review. |
|
I think this is relatively stable now, but I'm yet to finish the Vault changes leveraging this PR, so I might discover some more requirements. There also seems to be a problem with the tests failing in CI, but they work on my machine, so that may take a bit of time to unpick. (Failing CI link with #85 merged in) |
Set Follow: true for container logs, without which there was an inadvertent race condition that normally succeeded on my laptop but failed on CI. The plugin had to have already printed its protocol negotiation line on stdout by the time we started reading logs or else the logging function would get to the end of the logs at that time and return, causing go-plugin to pick up an empty string and say 'negotiation failed'. This was a pig to track down. Also adds some extra debug/trace logs to shed light on the plugin lifecycle. Finally, disable cgo when building the plugin for tests, so that it successfully runs in the static distroless image where libc is not available.
|
Thanks all! |
Follows up on the new interfaces added in hashicorp/go-plugin#270.
Apologies for the size, although a lot of it is generated/license code. Happy to take feedback on splitting this up into multiple PRs if preferred. Maybe the example could be added separately for instance, but it does make for quite a nice end to end integration test of the feature.