upstream/mattermost
1
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2026-02-03 20:40:00 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
mattermost/server/public/plugin/supervisor.go

306 lines
7.9 KiB
Go
Raw Permalink Normal View History

add missing license headers, test to makefile (#7711)
2017-10-25 12:33:19 -04:00
// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
// See LICENSE.txt for license information.
add missing license headers, test to makefile (#7711)
2017-10-25 12:33:19 -04:00
PLT-7407: Back-end plugin mechanism (#7177) * begin backend plugin wip * flesh out rpcplugin. everything done except for minor supervisor stubs * done with basic plugin infrastructure * simplify tests * remove unused test lines
2017-08-16 18:23:38 -04:00
package plugin
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
import (
[MM-48825] "plugin configured with a nil SecureConfig" warning logged when starting each plugin (#21869)
2023-01-26 17:13:33 -05:00
"crypto/sha256"
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
"fmt"
[MM-48825] "plugin configured with a nil SecureConfig" warning logged when starting each plugin (#21869)
2023-01-26 17:13:33 -05:00
"io"
"os"
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
"os/exec"
"path/filepath"
MM-11366: support a plugin bundle with multiple executables (#9121) This avoids the need to distribute multiple plugins per architecture.
2018-07-17 18:47:05 -04:00
"runtime"
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
"strings"
MM-21019 - Fix race in (*Environment).SetPluginState() (#13610) * MM-21019 - Fix race in (*Environment).SetPluginState() - We change from passing pointers to registeredPlugin to passing the struct by value. - We also add a mutex to the supervisor struct to protect from racy data access. * move the immutability comment to the godoc of the Active method * Changing mut to lock Co-authored-by: mattermod <mattermod@users.noreply.github.com>
2020-01-23 22:30:35 -05:00
"sync"
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
"time"
Fix shadowed variables in various places: Part 1 of 2 (#10175) * Fix shadowed variables in cmd package * Fix shadowed variables in plugin package * Fix shadowed variables in store package * Fix shadowed variables in web package * Changes as requested Signed-off-by: Hanzei <hanzei@mailbox.org> * Fix build * Remove unnessary statements * Use require all the time * Fix build * Rename variables according to feedback * Fix NPE * Changes as requested
2019-01-30 12:55:24 -05:00
plugin "github.com/hashicorp/go-plugin"
improve error handling when plugin checksum fails (#22322)
2023-02-14 10:22:15 -05:00
"github.com/pkg/errors"
goimports (#16640) * format using `goimports -local github.com/mattermost/mattermost-server/v5 -w` * added goimports lint check to .golangci.yml * format using `goimports -local github.com/mattermost/mattermost-server/v5 -w` for a corner case * make app-layers, *-mocks and store-layers for ci check Co-authored-by: Mahmudul Haque <mahmudulhaque@protonmail.com> Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
2021-01-07 12:12:43 -05:00
MM-53032: Fix module path after repo rename (#23689) It was a good decision in hindsight to keep the public module as 0.x because this would have been a breaking change again. https://mattermost.atlassian.net/browse/MM-53032 ```release-note Changed the Go module path from github.com/mattermost/mattermost-server/server/v8 to github.com/mattermost/mattermost/server/v8. For the public facing module, it's path is also changed from github.com/mattermost/mattermost-server/server/public to github.com/mattermost/mattermost/server/public ```
2023-06-11 01:24:35 -04:00
"github.com/mattermost/mattermost/server/public/model"
"github.com/mattermost/mattermost/server/public/shared/mlog"
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
)
MM-11292: clean up plugins GoDoc (#9109) * clean up plugins GoDoc: - eliminate plugin.NewBlankContext() as unnecessary - export ValidIdRegex as a string vs. the less readable var - add/update various documentation strings - hide everything by default, except where used by client plugins or the mattermost-server. The exception to this rule are the `*(Args|Returns)` structs which must be public for go-plugin, but are now prefixed with `Z_` with a warning not to use. - include a top-level example to get plugin authors started This is not a breaking change for existing plugins compiled against plugins-v2. * remove commented out ServeHTTPResponseWriter * update examples to match developer docs * add missing plugin/doc.go license header
2018-07-13 10:29:50 -04:00
type supervisor struct {
feat(12-01): start gRPC PluginAPI server for Python plugins - Add startAPIServer function to start gRPC server on random port - Add APIServerRegistrar type to break import cycle with apiserver package - Modify WithCommandFromManifest to accept apiImpl and registrar - Update configurePythonCommand to start API server and set MATTERMOST_PLUGIN_API_TARGET env var - Add apiServerCleanup field to supervisor struct for cleanup on shutdown - Add SetAPIServerRegistrar method to Environment for dependency injection - Wire up API server registrar in app/plugin.go Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-20 09:46:34 -05:00
lock sync.RWMutex
pluginID string
appDriver AppDriver
client *plugin.Client
hooks Hooks
implemented [TotalHooksID]bool
hooksClient *hooksRPCClient
isReattached bool
apiServerCleanup func() // Cleanup function for Python plugin API server
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
}
MM-56402: Introduce a pluginID to track RPC DB connections (#26424) Previously, we relied on the plugin to close the DB connections on shutdown. While this keeps the code simple, there is no guarantee that the plugin author will remember to close the DB. In that case, it's better to track the connections from the server side and close them in case they weren't closed already. This complicates the API slightly, but it's a price we need to pay. https://mattermost.atlassian.net/browse/MM-56402 ```release-note We close any remaining unclosed DB RPC connections after a plugin shuts down. ``` Co-authored-by: Jesse Hallam <jesse.hallam@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>
2024-04-16 09:23:26 -04:00
type driverForPlugin struct {
AppDriver
pluginID string
}
func (d *driverForPlugin) Conn(isMaster bool) (string, error) {
return d.AppDriver.ConnWithPluginID(isMaster, d.pluginID)
}
MM-57018: support reattaching plugins (#26421) * ProfileImageBytes for EnsureBotOptions * leverage plugintest.NewAPI * fix linting * add UpdateUserRoles to plugin api * MM-57018: support reattaching plugins Expose a local-only API for reattaching plugins: instead of the server starting and managing the process itself, allow the plugin to be launched externally (eg within a unit test) and reattach to an existing server instance to provide the unit test with a fully functional RPC API, sidestepping the need for mocking the plugin API in most cases. In the future, this may become the basis for running plugins in a sidecar container. Fixes: https://mattermost.atlassian.net/browse/MM-57018 * drop unused supervisor.pid * factor out checkMinServerVersion * factor out startPluginServer * restore missing setPluginState on successful reattach * avoid passing around a stale registeredPlugin * inline initializePluginImplementation * have IsValid return an error * explicitly close rpcClient In the case of reattached plugins, the Unix socket won't necessarily disappear leaving the muxBrokers blocked indefinitely. And `Kill()` doesn't do anything if there's no process being managed. * explicitly detachPlugin * emphasize gRPC not being supported --------- Co-authored-by: Mattermost Build <build@mattermost.com>
2024-04-11 11:10:25 -04:00
func WithExecutableFromManifest(pluginInfo *model.BundleInfo) func(*supervisor, *plugin.ClientConfig) error {
return func(_ *supervisor, clientConfig *plugin.ClientConfig) error {
executable := pluginInfo.Manifest.GetExecutableForRuntime(runtime.GOOS, runtime.GOARCH)
if executable == "" {
return fmt.Errorf("backend executable not found for environment: %s/%s", runtime.GOOS, runtime.GOARCH)
}
executable = filepath.Clean(filepath.Join(".", executable))
if strings.HasPrefix(executable, "..") {
return fmt.Errorf("invalid backend executable: %s", executable)
}
executable = filepath.Join(pluginInfo.Path, executable)
cmd := exec.Command(executable)
// This doesn't add more security than before
// but removes the SecureConfig is nil warning.
// https://mattermost.atlassian.net/browse/MM-49167
pluginChecksum, err := getPluginExecutableChecksum(executable)
if err != nil {
return errors.Wrapf(err, "unable to generate plugin checksum")
}
clientConfig.Cmd = cmd
clientConfig.SecureConfig = &plugin.SecureConfig{
Checksum: pluginChecksum,
Hash: sha256.New(),
}
return nil
}
}
func WithReattachConfig(pluginReattachConfig *model.PluginReattachConfig) func(*supervisor, *plugin.ClientConfig) error {
return func(sup *supervisor, clientConfig *plugin.ClientConfig) error {
clientConfig.Reattach = pluginReattachConfig.ToHashicorpPluginReattachmentConfig()
sup.isReattached = true
return nil
}
}
MM-56402: Introduce a pluginID to track RPC DB connections (#26424) Previously, we relied on the plugin to close the DB connections on shutdown. While this keeps the code simple, there is no guarantee that the plugin author will remember to close the DB. In that case, it's better to track the connections from the server side and close them in case they weren't closed already. This complicates the API slightly, but it's a price we need to pay. https://mattermost.atlassian.net/browse/MM-56402 ```release-note We close any remaining unclosed DB RPC connections after a plugin shuts down. ``` Co-authored-by: Jesse Hallam <jesse.hallam@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>
2024-04-16 09:23:26 -04:00
func newSupervisor(pluginInfo *model.BundleInfo, apiImpl API, driver AppDriver, parentLogger *mlog.Logger, metrics metricsInterface, opts ...func(*supervisor, *plugin.ClientConfig) error) (retSupervisor *supervisor, retErr error) {
sup := supervisor{
pluginID: pluginInfo.Manifest.Id,
}
if driver != nil {
sup.appDriver = &driverForPlugin{AppDriver: driver, pluginID: pluginInfo.Manifest.Id}
}
MM-11431: handle plugin deadlocks (#9167) * ensure plugin is always shutdown Once we call `.client.Client()` the plugin has started, and must be shut down. `newSupervisor` sometimes returned with an error (and without a reference to the supervisor), leaving the client running indefinitely. * Clarify the documentation to explain that plugin hooks will not trigger until `OnActivate` returns successfully, and will stop triggering just before `OnDeactivate` is called. * test for plugin deadlock * plugin/environment.go: switch to sync.Map From: https://golang.org/pkg/sync/#Map > If a goroutine holds a RWMutex for reading and another goroutine might call Lock, no goroutine should expect to be able to acquire a read lock until the initial read lock is released. In particular, this prohibits recursive read locking. This is to ensure that the lock eventually becomes available; a blocked Lock call excludes new readers from acquiring the lock. The previous `RWMutex` was not safe given that we effectively acquired read locks recursively (hook -> api -> hook). This worked up until we activated or deactivated plugins, tried to acquire a write lock, and the plugin used the API to effectively trigger another hook. Switching to sync.Map avoids this by divesting the need to lock at all, avoiding the potential for a recursive lock in the first place.
2018-07-27 11:37:17 -04:00
defer func() {
if retErr != nil {
Fix shadowed variables in various places: Part 1 of 2 (#10175) * Fix shadowed variables in cmd package * Fix shadowed variables in plugin package * Fix shadowed variables in store package * Fix shadowed variables in web package * Changes as requested Signed-off-by: Hanzei <hanzei@mailbox.org> * Fix build * Remove unnessary statements * Use require all the time * Fix build * Rename variables according to feedback * Fix NPE * Changes as requested
2019-01-30 12:55:24 -05:00
sup.Shutdown()
MM-11431: handle plugin deadlocks (#9167) * ensure plugin is always shutdown Once we call `.client.Client()` the plugin has started, and must be shut down. `newSupervisor` sometimes returned with an error (and without a reference to the supervisor), leaving the client running indefinitely. * Clarify the documentation to explain that plugin hooks will not trigger until `OnActivate` returns successfully, and will stop triggering just before `OnDeactivate` is called. * test for plugin deadlock * plugin/environment.go: switch to sync.Map From: https://golang.org/pkg/sync/#Map > If a goroutine holds a RWMutex for reading and another goroutine might call Lock, no goroutine should expect to be able to acquire a read lock until the initial read lock is released. In particular, this prohibits recursive read locking. This is to ensure that the lock eventually becomes available; a blocked Lock call excludes new readers from acquiring the lock. The previous `RWMutex` was not safe given that we effectively acquired read locks recursively (hook -> api -> hook). This worked up until we activated or deactivated plugins, tried to acquire a write lock, and the plugin used the API to effectively trigger another hook. Switching to sync.Map avoids this by divesting the need to lock at all, avoiding the potential for a recursive lock in the first place.
2018-07-27 11:37:17 -04:00
}
}()
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
wrappedLogger := pluginInfo.WrapLogger(parentLogger)
MM-11292: clean up plugins GoDoc (#9109) * clean up plugins GoDoc: - eliminate plugin.NewBlankContext() as unnecessary - export ValidIdRegex as a string vs. the less readable var - add/update various documentation strings - hide everything by default, except where used by client plugins or the mattermost-server. The exception to this rule are the `*(Args|Returns)` structs which must be public for go-plugin, but are now prefixed with `Z_` with a warning not to use. - include a top-level example to get plugin authors started This is not a breaking change for existing plugins compiled against plugins-v2. * remove commented out ServeHTTPResponseWriter * update examples to match developer docs * add missing plugin/doc.go license header
2018-07-13 10:29:50 -04:00
hclogAdaptedLogger := &hclogAdapter{
MM-36764 mlog refactor (#18118) Refactor mlog - simplify mlog by removing redundant code - remove Zap dependency - update unit test helpers - update logging config - update auditing
2021-08-17 16:08:04 -04:00
wrappedLogger: wrappedLogger,
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
extrasKey: "wrapped_extras",
}
pluginMap := map[string]plugin.Plugin{
MM-11292: clean up plugins GoDoc (#9109) * clean up plugins GoDoc: - eliminate plugin.NewBlankContext() as unnecessary - export ValidIdRegex as a string vs. the less readable var - add/update various documentation strings - hide everything by default, except where used by client plugins or the mattermost-server. The exception to this rule are the `*(Args|Returns)` structs which must be public for go-plugin, but are now prefixed with `Z_` with a warning not to use. - include a top-level example to get plugin authors started This is not a breaking change for existing plugins compiled against plugins-v2. * remove commented out ServeHTTPResponseWriter * update examples to match developer docs * add missing plugin/doc.go license header
2018-07-13 10:29:50 -04:00
"hooks": &hooksPlugin{
DB driver implementation via RPC (#17779) This PR builds up on the pass-through DB driver to a fully functioning DB driver implementation via our RPC layer. To keep things separate from the plugin RPC API, and have the ability to move fast with changes, a separate field Driver is added to MattermostPlugin. Typically the field which is required to be compatible are the API and Helpers. It would be well-documented that Driver is purely for internal use by Mattermost plugins. A new Driver interface was created which would have a client and server implementation. Every object (connection, statement, etc.) is created and added to a map on the server side. On the client side, the wrapper structs hold the object id, and communicate via the RPC API using this id. When the server gets the object id, it picks up the appropriate object from its map and performs the operation, and sends back the data. Some things that need to be handled are errors. Typical error types like pq.Error and mysql.MySQLError are registered with encoding/gob. But for error variables like sql.ErrNoRows, a special integer is encoded with the ErrorString struct. And on the cilent side, the integer is checked, and the appropriate error variable is returned. Some pending things: - Context support. This is tricky. Since context.Context is an interface, it's not possible to marshal it. We have to find a way to get the timeout value from the context and pass it. - RowsColumnScanType(rowsID string, index int) reflect.Type API. Again, reflect.Type is an interface. - Master/Replica API support.
2021-06-16 23:23:52 -04:00
log: wrappedLogger,
MM-56402: Introduce a pluginID to track RPC DB connections (#26424) Previously, we relied on the plugin to close the DB connections on shutdown. While this keeps the code simple, there is no guarantee that the plugin author will remember to close the DB. In that case, it's better to track the connections from the server side and close them in case they weren't closed already. This complicates the API slightly, but it's a price we need to pay. https://mattermost.atlassian.net/browse/MM-56402 ```release-note We close any remaining unclosed DB RPC connections after a plugin shuts down. ``` Co-authored-by: Jesse Hallam <jesse.hallam@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>
2024-04-16 09:23:26 -04:00
driverImpl: sup.appDriver,
DB driver implementation via RPC (#17779) This PR builds up on the pass-through DB driver to a fully functioning DB driver implementation via our RPC layer. To keep things separate from the plugin RPC API, and have the ability to move fast with changes, a separate field Driver is added to MattermostPlugin. Typically the field which is required to be compatible are the API and Helpers. It would be well-documented that Driver is purely for internal use by Mattermost plugins. A new Driver interface was created which would have a client and server implementation. Every object (connection, statement, etc.) is created and added to a map on the server side. On the client side, the wrapper structs hold the object id, and communicate via the RPC API using this id. When the server gets the object id, it picks up the appropriate object from its map and performs the operation, and sends back the data. Some things that need to be handled are errors. Typical error types like pq.Error and mysql.MySQLError are registered with encoding/gob. But for error variables like sql.ErrNoRows, a special integer is encoded with the ErrorString struct. And on the cilent side, the integer is checked, and the appropriate error variable is returned. Some pending things: - Context support. This is tricky. Since context.Context is an interface, it's not possible to marshal it. We have to find a way to get the timeout value from the context and pass it. - RowsColumnScanType(rowsID string, index int) reflect.Type API. Again, reflect.Type is an interface. - Master/Replica API support.
2021-06-16 23:23:52 -04:00
apiImpl: &apiTimerLayer{pluginInfo.Manifest.Id, apiImpl, metrics},
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
},
}
MM-57018: support reattaching plugins (#26421) * ProfileImageBytes for EnsureBotOptions * leverage plugintest.NewAPI * fix linting * add UpdateUserRoles to plugin api * MM-57018: support reattaching plugins Expose a local-only API for reattaching plugins: instead of the server starting and managing the process itself, allow the plugin to be launched externally (eg within a unit test) and reattach to an existing server instance to provide the unit test with a fully functional RPC API, sidestepping the need for mocking the plugin API in most cases. In the future, this may become the basis for running plugins in a sidecar container. Fixes: https://mattermost.atlassian.net/browse/MM-57018 * drop unused supervisor.pid * factor out checkMinServerVersion * factor out startPluginServer * restore missing setPluginState on successful reattach * avoid passing around a stale registeredPlugin * inline initializePluginImplementation * have IsValid return an error * explicitly close rpcClient In the case of reattached plugins, the Unix socket won't necessarily disappear leaving the muxBrokers blocked indefinitely. And `Kill()` doesn't do anything if there's no process being managed. * explicitly detachPlugin * emphasize gRPC not being supported --------- Co-authored-by: Mattermost Build <build@mattermost.com>
2024-04-11 11:10:25 -04:00
clientConfig := &plugin.ClientConfig{
MM-11292: clean up plugins GoDoc (#9109) * clean up plugins GoDoc: - eliminate plugin.NewBlankContext() as unnecessary - export ValidIdRegex as a string vs. the less readable var - add/update various documentation strings - hide everything by default, except where used by client plugins or the mattermost-server. The exception to this rule are the `*(Args|Returns)` structs which must be public for go-plugin, but are now prefixed with `Z_` with a warning not to use. - include a top-level example to get plugin authors started This is not a breaking change for existing plugins compiled against plugins-v2. * remove commented out ServeHTTPResponseWriter * update examples to match developer docs * add missing plugin/doc.go license header
2018-07-13 10:29:50 -04:00
HandshakeConfig: handshake,
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
Plugins: pluginMap,
MM-11029 Adding plugin logging functionality. (#9034) * Capturing stdout, stderr of plugins in logs. * Cleanup go-plugin debug logs. * Adding logging to plugin API * Generating mocks. * godoc convention
2018-07-03 12:58:28 -04:00
SyncStdout: wrappedLogger.With(mlog.String("source", "plugin_stdout")).StdLogWriter(),
SyncStderr: wrappedLogger.With(mlog.String("source", "plugin_stderr")).StdLogWriter(),
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
Logger: hclogAdaptedLogger,
StartTimeout: time.Second * 3,
MM-57018: support reattaching plugins (#26421) * ProfileImageBytes for EnsureBotOptions * leverage plugintest.NewAPI * fix linting * add UpdateUserRoles to plugin api * MM-57018: support reattaching plugins Expose a local-only API for reattaching plugins: instead of the server starting and managing the process itself, allow the plugin to be launched externally (eg within a unit test) and reattach to an existing server instance to provide the unit test with a fully functional RPC API, sidestepping the need for mocking the plugin API in most cases. In the future, this may become the basis for running plugins in a sidecar container. Fixes: https://mattermost.atlassian.net/browse/MM-57018 * drop unused supervisor.pid * factor out checkMinServerVersion * factor out startPluginServer * restore missing setPluginState on successful reattach * avoid passing around a stale registeredPlugin * inline initializePluginImplementation * have IsValid return an error * explicitly close rpcClient In the case of reattached plugins, the Unix socket won't necessarily disappear leaving the muxBrokers blocked indefinitely. And `Kill()` doesn't do anything if there's no process being managed. * explicitly detachPlugin * emphasize gRPC not being supported --------- Co-authored-by: Mattermost Build <build@mattermost.com>
2024-04-11 11:10:25 -04:00
}
feat(05-02): add Python plugin startup path with gRPC protocol - Detect Python plugins in newSupervisor via isPythonPlugin helper - Configure AllowedProtocols to include ProtocolGRPC for Python plugins - Increase StartTimeout to 10s for Python interpreter startup - Skip Dispense("hooks") for Python plugins (Phase 5 supervision only) - Leave sup.hooks nil - hook dispatch deferred to Phase 7 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-16 14:47:54 -05:00
// Check if this is a Python plugin and configure accordingly
isPython := isPythonPlugin(pluginInfo.Manifest)
if isPython {
// Python plugins use gRPC protocol instead of net/rpc
// go-plugin defaults to net/rpc only when AllowedProtocols is nil,
// so we must explicitly allow gRPC for Python plugins
clientConfig.AllowedProtocols = []plugin.Protocol{plugin.ProtocolGRPC}
// Increase start timeout for Python plugins to account for interpreter
// startup time and module imports
clientConfig.StartTimeout = time.Second * 10
}
MM-57018: support reattaching plugins (#26421) * ProfileImageBytes for EnsureBotOptions * leverage plugintest.NewAPI * fix linting * add UpdateUserRoles to plugin api * MM-57018: support reattaching plugins Expose a local-only API for reattaching plugins: instead of the server starting and managing the process itself, allow the plugin to be launched externally (eg within a unit test) and reattach to an existing server instance to provide the unit test with a fully functional RPC API, sidestepping the need for mocking the plugin API in most cases. In the future, this may become the basis for running plugins in a sidecar container. Fixes: https://mattermost.atlassian.net/browse/MM-57018 * drop unused supervisor.pid * factor out checkMinServerVersion * factor out startPluginServer * restore missing setPluginState on successful reattach * avoid passing around a stale registeredPlugin * inline initializePluginImplementation * have IsValid return an error * explicitly close rpcClient In the case of reattached plugins, the Unix socket won't necessarily disappear leaving the muxBrokers blocked indefinitely. And `Kill()` doesn't do anything if there's no process being managed. * explicitly detachPlugin * emphasize gRPC not being supported --------- Co-authored-by: Mattermost Build <build@mattermost.com>
2024-04-11 11:10:25 -04:00
for _, opt := range opts {
err := opt(&sup, clientConfig)
if err != nil {
return nil, errors.Wrap(err, "failed to apply option")
}
}
sup.client = plugin.NewClient(clientConfig)
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
Fix shadowed variables in various places: Part 1 of 2 (#10175) * Fix shadowed variables in cmd package * Fix shadowed variables in plugin package * Fix shadowed variables in store package * Fix shadowed variables in web package * Changes as requested Signed-off-by: Hanzei <hanzei@mailbox.org> * Fix build * Remove unnessary statements * Use require all the time * Fix build * Rename variables according to feedback * Fix NPE * Changes as requested
2019-01-30 12:55:24 -05:00
rpcClient, err := sup.client.Client()
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
if err != nil {
return nil, err
}
feat(11-02): wire hooksGRPCClient for Python plugins in supervisor Remove Phase 5 limitation that skipped hook dispensing for Python plugins. Now Python plugins use hooksGRPCClient to receive hook invocations through the same infrastructure as Go plugins. Changes: - Extract gRPC connection from go-plugin's GRPCClient - Create hooksGRPCClient adapter using the connection - Wrap in hooksTimerLayer for metrics collection - Populate implemented hooks array from gRPC client Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-19 22:26:26 -05:00
// Python plugins use gRPC for hook communication.
feat(05-02): add Python plugin startup path with gRPC protocol - Detect Python plugins in newSupervisor via isPythonPlugin helper - Configure AllowedProtocols to include ProtocolGRPC for Python plugins - Increase StartTimeout to 10s for Python interpreter startup - Skip Dispense("hooks") for Python plugins (Phase 5 supervision only) - Leave sup.hooks nil - hook dispatch deferred to Phase 7 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-16 14:47:54 -05:00
if isPython {
feat(11-02): wire hooksGRPCClient for Python plugins in supervisor Remove Phase 5 limitation that skipped hook dispensing for Python plugins. Now Python plugins use hooksGRPCClient to receive hook invocations through the same infrastructure as Go plugins. Changes: - Extract gRPC connection from go-plugin's GRPCClient - Create hooksGRPCClient adapter using the connection - Wrap in hooksTimerLayer for metrics collection - Populate implemented hooks array from gRPC client Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-19 22:26:26 -05:00
// Extract the gRPC connection from go-plugin's client.
grpcClient, ok := rpcClient.(*plugin.GRPCClient)
if !ok {
return nil, errors.New("expected gRPC client for Python plugin")
}
conn := grpcClient.Conn
hooksClient, err := newHooksGRPCClient(conn, wrappedLogger)
if err != nil {
return nil, errors.Wrap(err, "failed to create gRPC hooks client")
}
sup.hooks = &hooksTimerLayer{pluginInfo.Manifest.Id, hooksClient, metrics}
// Populate implemented array from gRPC client
impl, err := hooksClient.Implemented()
if err != nil {
return nil, errors.Wrap(err, "failed to query implemented hooks")
}
for _, hookName := range impl {
if hookId, ok := hookNameToId[hookName]; ok {
sup.implemented[hookId] = true
}
}
wrappedLogger.Info("Python plugin started with gRPC hooks")
feat(05-02): add Python plugin startup path with gRPC protocol - Detect Python plugins in newSupervisor via isPythonPlugin helper - Configure AllowedProtocols to include ProtocolGRPC for Python plugins - Increase StartTimeout to 10s for Python interpreter startup - Skip Dispense("hooks") for Python plugins (Phase 5 supervision only) - Leave sup.hooks nil - hook dispatch deferred to Phase 7 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-16 14:47:54 -05:00
return &sup, nil
}
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
raw, err := rpcClient.Dispense("hooks")
if err != nil {
return nil, err
}
MM-37165: Fix improper plugin shutdown (#18044) * MM-37165: Fix improper plugin shutdown This was caught from a race test failure. While the failure manifested due to a log being written from a test after the test exited, the real reason was hidden further deeper. What was happening is that the server would always listen for plugin requests in a separate goroutine via `g.muxBroker.AcceptAndServe` in the `OnActivate` hook. But the plugin shutdown process would just close the plugin connections and move on, leading to the classic case of improperly shut down goroutines. When this happened, an opportunity opens up in a way that the server would still be executing a request whereas the main goroutine and therefore the parent test has already finished. This would lead to an error like ``` {"level":"error","ts":1626451258.4141135,"caller":"mlog/sugar.go:25","msg":"pluginAPI scheduleOnce poller encountered an error but is still polling","plugin_id":"com.mattermost.plugin-incident-management","error":"ListPluginKeys: Unable to list all the plugin keys., failed to get PluginKeyValues with pluginId=com.mattermost.plugin-incident-management: sql: database is closed ``` And now, this finally calls `mlog.Error`, which finally triggers our race condition :) To fix this, we use some basic synchronization via waitgroups and just wait for it to finish after closing the plugin process. https://mattermost.atlassian.net/browse/MM-37165 ```release-note NONE ``` * gofmt ```release-note NONE ``` * split waitgroup additions ```release-note NONE ```
2021-08-10 00:37:35 -04:00
c, ok := raw.(*hooksRPCClient)
if ok {
sup.hooksClient = c
}
MM-21626, MM-21627 - Plugin API/Hooks Prometheus instrumentati… (#13825) * MM-21626,MM-21627 - Plugin API/Hooks Prometheus instrumentation * Updated einterface mocks * Fixed supervisor tests * ignoring golint errors for plugin metrics wrappers * Making golangci happy * Using variadic form when generating wrapper code * Removed artificial delay * Removed comments from tests * Renaming plugin wrappers to api/hooks_timer_layer * updating vendor dir and mod files * Recording plugin api/hook responses in prometheus * Updated einterfaces-mocks * Updating go sum * Updating go sum * Fixing conflicts * More conflicts fixing Co-authored-by: mattermod <mattermod@users.noreply.github.com>
2020-02-14 15:47:43 -05:00
sup.hooks = &hooksTimerLayer{pluginInfo.Manifest.Id, raw.(Hooks), metrics}
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
Fix shadowed variables in various places: Part 1 of 2 (#10175) * Fix shadowed variables in cmd package * Fix shadowed variables in plugin package * Fix shadowed variables in store package * Fix shadowed variables in web package * Changes as requested Signed-off-by: Hanzei <hanzei@mailbox.org> * Fix build * Remove unnessary statements * Use require all the time * Fix build * Rename variables according to feedback * Fix NPE * Changes as requested
2019-01-30 12:55:24 -05:00
impl, err := sup.hooks.Implemented()
if err != nil {
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
return nil, err
Fix shadowed variables in various places: Part 1 of 2 (#10175) * Fix shadowed variables in cmd package * Fix shadowed variables in plugin package * Fix shadowed variables in store package * Fix shadowed variables in web package * Changes as requested Signed-off-by: Hanzei <hanzei@mailbox.org> * Fix build * Remove unnessary statements * Use require all the time * Fix build * Rename variables according to feedback * Fix NPE * Changes as requested
2019-01-30 12:55:24 -05:00
}
for _, hookName := range impl {
Revert "Fix initialism errors (PR-3) (#17062)" (#17202) This reverts commit ea61458f16c16da3f6cb4168f16c91923b5b1564. This was causing panic in the plugins because the client and the plugin API changed with this PR
2021-03-23 05:32:54 -04:00
if hookId, ok := hookNameToId[hookName]; ok {
sup.implemented[hookId] = true
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
}
}
Fix shadowed variables in various places: Part 1 of 2 (#10175) * Fix shadowed variables in cmd package * Fix shadowed variables in plugin package * Fix shadowed variables in store package * Fix shadowed variables in web package * Changes as requested Signed-off-by: Hanzei <hanzei@mailbox.org> * Fix build * Remove unnessary statements * Use require all the time * Fix build * Rename variables according to feedback * Fix NPE * Changes as requested
2019-01-30 12:55:24 -05:00
return &sup, nil
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
}
MM-11292: clean up plugins GoDoc (#9109) * clean up plugins GoDoc: - eliminate plugin.NewBlankContext() as unnecessary - export ValidIdRegex as a string vs. the less readable var - add/update various documentation strings - hide everything by default, except where used by client plugins or the mattermost-server. The exception to this rule are the `*(Args|Returns)` structs which must be public for go-plugin, but are now prefixed with `Z_` with a warning not to use. - include a top-level example to get plugin authors started This is not a breaking change for existing plugins compiled against plugins-v2. * remove commented out ServeHTTPResponseWriter * update examples to match developer docs * add missing plugin/doc.go license header
2018-07-13 10:29:50 -04:00
func (sup *supervisor) Shutdown() {
MM-21019 - Fix race in (*Environment).SetPluginState() (#13610) * MM-21019 - Fix race in (*Environment).SetPluginState() - We change from passing pointers to registeredPlugin to passing the struct by value. - We also add a mutex to the supervisor struct to protect from racy data access. * move the immutability comment to the godoc of the Active method * Changing mut to lock Co-authored-by: mattermod <mattermod@users.noreply.github.com>
2020-01-23 22:30:35 -05:00
sup.lock.RLock()
defer sup.lock.RUnlock()
MM-11431: handle plugin deadlocks (#9167) * ensure plugin is always shutdown Once we call `.client.Client()` the plugin has started, and must be shut down. `newSupervisor` sometimes returned with an error (and without a reference to the supervisor), leaving the client running indefinitely. * Clarify the documentation to explain that plugin hooks will not trigger until `OnActivate` returns successfully, and will stop triggering just before `OnDeactivate` is called. * test for plugin deadlock * plugin/environment.go: switch to sync.Map From: https://golang.org/pkg/sync/#Map > If a goroutine holds a RWMutex for reading and another goroutine might call Lock, no goroutine should expect to be able to acquire a read lock until the initial read lock is released. In particular, this prohibits recursive read locking. This is to ensure that the lock eventually becomes available; a blocked Lock call excludes new readers from acquiring the lock. The previous `RWMutex` was not safe given that we effectively acquired read locks recursively (hook -> api -> hook). This worked up until we activated or deactivated plugins, tried to acquire a write lock, and the plugin used the API to effectively trigger another hook. Switching to sync.Map avoids this by divesting the need to lock at all, avoiding the potential for a recursive lock in the first place.
2018-07-27 11:37:17 -04:00
if sup.client != nil {
MM-57018: support reattaching plugins (#26421) * ProfileImageBytes for EnsureBotOptions * leverage plugintest.NewAPI * fix linting * add UpdateUserRoles to plugin api * MM-57018: support reattaching plugins Expose a local-only API for reattaching plugins: instead of the server starting and managing the process itself, allow the plugin to be launched externally (eg within a unit test) and reattach to an existing server instance to provide the unit test with a fully functional RPC API, sidestepping the need for mocking the plugin API in most cases. In the future, this may become the basis for running plugins in a sidecar container. Fixes: https://mattermost.atlassian.net/browse/MM-57018 * drop unused supervisor.pid * factor out checkMinServerVersion * factor out startPluginServer * restore missing setPluginState on successful reattach * avoid passing around a stale registeredPlugin * inline initializePluginImplementation * have IsValid return an error * explicitly close rpcClient In the case of reattached plugins, the Unix socket won't necessarily disappear leaving the muxBrokers blocked indefinitely. And `Kill()` doesn't do anything if there's no process being managed. * explicitly detachPlugin * emphasize gRPC not being supported --------- Co-authored-by: Mattermost Build <build@mattermost.com>
2024-04-11 11:10:25 -04:00
// For reattached plugins, Kill() is mostly a no-op, so manually clean up the
// underlying rpcClient. This might be something to upstream unless we're doing
// something else wrong.
if sup.isReattached {
rpcClient, err := sup.client.Client()
if err != nil {
mlog.Warn("Failed to obtain rpcClient on Shutdown")
} else {
if err = rpcClient.Close(); err != nil {
mlog.Warn("Failed to close rpcClient on Shutdown")
}
}
}
MM-11431: handle plugin deadlocks (#9167) * ensure plugin is always shutdown Once we call `.client.Client()` the plugin has started, and must be shut down. `newSupervisor` sometimes returned with an error (and without a reference to the supervisor), leaving the client running indefinitely. * Clarify the documentation to explain that plugin hooks will not trigger until `OnActivate` returns successfully, and will stop triggering just before `OnDeactivate` is called. * test for plugin deadlock * plugin/environment.go: switch to sync.Map From: https://golang.org/pkg/sync/#Map > If a goroutine holds a RWMutex for reading and another goroutine might call Lock, no goroutine should expect to be able to acquire a read lock until the initial read lock is released. In particular, this prohibits recursive read locking. This is to ensure that the lock eventually becomes available; a blocked Lock call excludes new readers from acquiring the lock. The previous `RWMutex` was not safe given that we effectively acquired read locks recursively (hook -> api -> hook). This worked up until we activated or deactivated plugins, tried to acquire a write lock, and the plugin used the API to effectively trigger another hook. Switching to sync.Map avoids this by divesting the need to lock at all, avoiding the potential for a recursive lock in the first place.
2018-07-27 11:37:17 -04:00
sup.client.Kill()
}
MM-37165: Fix improper plugin shutdown (#18044) * MM-37165: Fix improper plugin shutdown This was caught from a race test failure. While the failure manifested due to a log being written from a test after the test exited, the real reason was hidden further deeper. What was happening is that the server would always listen for plugin requests in a separate goroutine via `g.muxBroker.AcceptAndServe` in the `OnActivate` hook. But the plugin shutdown process would just close the plugin connections and move on, leading to the classic case of improperly shut down goroutines. When this happened, an opportunity opens up in a way that the server would still be executing a request whereas the main goroutine and therefore the parent test has already finished. This would lead to an error like ``` {"level":"error","ts":1626451258.4141135,"caller":"mlog/sugar.go:25","msg":"pluginAPI scheduleOnce poller encountered an error but is still polling","plugin_id":"com.mattermost.plugin-incident-management","error":"ListPluginKeys: Unable to list all the plugin keys., failed to get PluginKeyValues with pluginId=com.mattermost.plugin-incident-management: sql: database is closed ``` And now, this finally calls `mlog.Error`, which finally triggers our race condition :) To fix this, we use some basic synchronization via waitgroups and just wait for it to finish after closing the plugin process. https://mattermost.atlassian.net/browse/MM-37165 ```release-note NONE ``` * gofmt ```release-note NONE ``` * split waitgroup additions ```release-note NONE ```
2021-08-10 00:37:35 -04:00
// Wait for API RPC server and DB RPC server to exit.
MM-56402: Introduce a pluginID to track RPC DB connections (#26424) Previously, we relied on the plugin to close the DB connections on shutdown. While this keeps the code simple, there is no guarantee that the plugin author will remember to close the DB. In that case, it's better to track the connections from the server side and close them in case they weren't closed already. This complicates the API slightly, but it's a price we need to pay. https://mattermost.atlassian.net/browse/MM-56402 ```release-note We close any remaining unclosed DB RPC connections after a plugin shuts down. ``` Co-authored-by: Jesse Hallam <jesse.hallam@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>
2024-04-16 09:23:26 -04:00
// And then shutdown conns.
MM-37165: Fix improper plugin shutdown (#18044) * MM-37165: Fix improper plugin shutdown This was caught from a race test failure. While the failure manifested due to a log being written from a test after the test exited, the real reason was hidden further deeper. What was happening is that the server would always listen for plugin requests in a separate goroutine via `g.muxBroker.AcceptAndServe` in the `OnActivate` hook. But the plugin shutdown process would just close the plugin connections and move on, leading to the classic case of improperly shut down goroutines. When this happened, an opportunity opens up in a way that the server would still be executing a request whereas the main goroutine and therefore the parent test has already finished. This would lead to an error like ``` {"level":"error","ts":1626451258.4141135,"caller":"mlog/sugar.go:25","msg":"pluginAPI scheduleOnce poller encountered an error but is still polling","plugin_id":"com.mattermost.plugin-incident-management","error":"ListPluginKeys: Unable to list all the plugin keys., failed to get PluginKeyValues with pluginId=com.mattermost.plugin-incident-management: sql: database is closed ``` And now, this finally calls `mlog.Error`, which finally triggers our race condition :) To fix this, we use some basic synchronization via waitgroups and just wait for it to finish after closing the plugin process. https://mattermost.atlassian.net/browse/MM-37165 ```release-note NONE ``` * gofmt ```release-note NONE ``` * split waitgroup additions ```release-note NONE ```
2021-08-10 00:37:35 -04:00
if sup.hooksClient != nil {
sup.hooksClient.doneWg.Wait()
MM-56402: Introduce a pluginID to track RPC DB connections (#26424) Previously, we relied on the plugin to close the DB connections on shutdown. While this keeps the code simple, there is no guarantee that the plugin author will remember to close the DB. In that case, it's better to track the connections from the server side and close them in case they weren't closed already. This complicates the API slightly, but it's a price we need to pay. https://mattermost.atlassian.net/browse/MM-56402 ```release-note We close any remaining unclosed DB RPC connections after a plugin shuts down. ``` Co-authored-by: Jesse Hallam <jesse.hallam@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>
2024-04-16 09:23:26 -04:00
if sup.appDriver != nil {
sup.appDriver.ShutdownConns(sup.pluginID)
}
MM-37165: Fix improper plugin shutdown (#18044) * MM-37165: Fix improper plugin shutdown This was caught from a race test failure. While the failure manifested due to a log being written from a test after the test exited, the real reason was hidden further deeper. What was happening is that the server would always listen for plugin requests in a separate goroutine via `g.muxBroker.AcceptAndServe` in the `OnActivate` hook. But the plugin shutdown process would just close the plugin connections and move on, leading to the classic case of improperly shut down goroutines. When this happened, an opportunity opens up in a way that the server would still be executing a request whereas the main goroutine and therefore the parent test has already finished. This would lead to an error like ``` {"level":"error","ts":1626451258.4141135,"caller":"mlog/sugar.go:25","msg":"pluginAPI scheduleOnce poller encountered an error but is still polling","plugin_id":"com.mattermost.plugin-incident-management","error":"ListPluginKeys: Unable to list all the plugin keys., failed to get PluginKeyValues with pluginId=com.mattermost.plugin-incident-management: sql: database is closed ``` And now, this finally calls `mlog.Error`, which finally triggers our race condition :) To fix this, we use some basic synchronization via waitgroups and just wait for it to finish after closing the plugin process. https://mattermost.atlassian.net/browse/MM-37165 ```release-note NONE ``` * gofmt ```release-note NONE ``` * split waitgroup additions ```release-note NONE ```
2021-08-10 00:37:35 -04:00
}
feat(12-01): wire API server lifecycle into supervisor shutdown - Add apiServerCleanup call to supervisor Shutdown method - Cleanup happens AFTER Python process terminates for graceful disconnect - Fix test assertion to check for relative executable path Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-20 09:49:51 -05:00
// Clean up the Python plugin API server if it was started.
// This must happen AFTER the Python process terminates to allow graceful disconnect.
if sup.apiServerCleanup != nil {
sup.apiServerCleanup()
}
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
}
MM-11292: clean up plugins GoDoc (#9109) * clean up plugins GoDoc: - eliminate plugin.NewBlankContext() as unnecessary - export ValidIdRegex as a string vs. the less readable var - add/update various documentation strings - hide everything by default, except where used by client plugins or the mattermost-server. The exception to this rule are the `*(Args|Returns)` structs which must be public for go-plugin, but are now prefixed with `Z_` with a warning not to use. - include a top-level example to get plugin authors started This is not a breaking change for existing plugins compiled against plugins-v2. * remove commented out ServeHTTPResponseWriter * update examples to match developer docs * add missing plugin/doc.go license header
2018-07-13 10:29:50 -04:00
func (sup *supervisor) Hooks() Hooks {
MM-21019 - Fix race in (*Environment).SetPluginState() (#13610) * MM-21019 - Fix race in (*Environment).SetPluginState() - We change from passing pointers to registeredPlugin to passing the struct by value. - We also add a mutex to the supervisor struct to protect from racy data access. * move the immutability comment to the godoc of the Active method * Changing mut to lock Co-authored-by: mattermod <mattermod@users.noreply.github.com>
2020-01-23 22:30:35 -05:00
sup.lock.RLock()
defer sup.lock.RUnlock()
MM-10702 Moving plugins to use hashicorp go-plugin. (#8978) * Moving plugins to use hashicorp go-plugin. * Tweaks from feedback.
2018-06-25 15:33:13 -04:00
return sup.hooks
}
MM-17488: simplify plugin health check (#11820) Simplify the plugin health check to only leverage the `Ping` API instead of sending signals, the latter of which is not supported on Windows.
2019-08-12 17:38:25 -04:00
// PerformHealthCheck checks the plugin through an an RPC ping.
[MM-13507] Plugin framework: auto-restart plugins that crash (#10781) * introduce plugin health check * implement plugin health check job * add support for checking pid of plugin process and RPC ping, to determine a plugin's health * implement restart policy with back-offs * support "EnableHealthCheck" boolean from config file. * add tests for supervisor.PerformHealthCheck() and shouldDeactivatePlugin() * improve error handling. clean up if blocks to be more concise
2019-05-09 16:08:31 -04:00
func (sup *supervisor) PerformHealthCheck() error {
MM-21019 - Fix race in (*Environment).SetPluginState() (#13610) * MM-21019 - Fix race in (*Environment).SetPluginState() - We change from passing pointers to registeredPlugin to passing the struct by value. - We also add a mutex to the supervisor struct to protect from racy data access. * move the immutability comment to the godoc of the Active method * Changing mut to lock Co-authored-by: mattermod <mattermod@users.noreply.github.com>
2020-01-23 22:30:35 -05:00
// No need for a lock here because Ping is read-locked.
[MM-13507] Plugin framework: auto-restart plugins that crash (#10781) * introduce plugin health check * implement plugin health check job * add support for checking pid of plugin process and RPC ping, to determine a plugin's health * implement restart policy with back-offs * support "EnableHealthCheck" boolean from config file. * add tests for supervisor.PerformHealthCheck() and shouldDeactivatePlugin() * improve error handling. clean up if blocks to be more concise
2019-05-09 16:08:31 -04:00
if pingErr := sup.Ping(); pingErr != nil {
MM-31063: Change constants to use CamelCase (#16608) * MM-31063: Change constants to use CamelCase * store package * change allcaps to camel case (#16615) * New tools.mod Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com>
2021-01-04 01:02:29 -05:00
for pingFails := 1; pingFails < HealthCheckPingFailLimit; pingFails++ {
[MM-13507] Plugin framework: auto-restart plugins that crash (#10781) * introduce plugin health check * implement plugin health check job * add support for checking pid of plugin process and RPC ping, to determine a plugin's health * implement restart policy with back-offs * support "EnableHealthCheck" boolean from config file. * add tests for supervisor.PerformHealthCheck() and shouldDeactivatePlugin() * improve error handling. clean up if blocks to be more concise
2019-05-09 16:08:31 -04:00
pingErr = sup.Ping()
if pingErr == nil {
break
}
}
if pingErr != nil {
NO-TCIKET fix bad smells - error strings should not be capitalized (#16930) Automatic Merge
2021-02-23 00:22:27 -05:00
return fmt.Errorf("plugin RPC connection is not responding")
[MM-13507] Plugin framework: auto-restart plugins that crash (#10781) * introduce plugin health check * implement plugin health check job * add support for checking pid of plugin process and RPC ping, to determine a plugin's health * implement restart policy with back-offs * support "EnableHealthCheck" boolean from config file. * add tests for supervisor.PerformHealthCheck() and shouldDeactivatePlugin() * improve error handling. clean up if blocks to be more concise
2019-05-09 16:08:31 -04:00
}
}
return nil
}
// Ping checks that the RPC connection with the plugin is alive and healthy.
func (sup *supervisor) Ping() error {
MM-21019 - Fix race in (*Environment).SetPluginState() (#13610) * MM-21019 - Fix race in (*Environment).SetPluginState() - We change from passing pointers to registeredPlugin to passing the struct by value. - We also add a mutex to the supervisor struct to protect from racy data access. * move the immutability comment to the godoc of the Active method * Changing mut to lock Co-authored-by: mattermod <mattermod@users.noreply.github.com>
2020-01-23 22:30:35 -05:00
sup.lock.RLock()
defer sup.lock.RUnlock()
[MM-13507] Plugin framework: auto-restart plugins that crash (#10781) * introduce plugin health check * implement plugin health check job * add support for checking pid of plugin process and RPC ping, to determine a plugin's health * implement restart policy with back-offs * support "EnableHealthCheck" boolean from config file. * add tests for supervisor.PerformHealthCheck() and shouldDeactivatePlugin() * improve error handling. clean up if blocks to be more concise
2019-05-09 16:08:31 -04:00
client, err := sup.client.Client()
if err != nil {
return err
}
return client.Ping()
}
Revert "Fix initialism errors (PR-3) (#17062)" (#17202) This reverts commit ea61458f16c16da3f6cb4168f16c91923b5b1564. This was causing panic in the plugins because the client and the plugin API changed with this PR
2021-03-23 05:32:54 -04:00
func (sup *supervisor) Implements(hookId int) bool {
MM-21019 - Fix race in (*Environment).SetPluginState() (#13610) * MM-21019 - Fix race in (*Environment).SetPluginState() - We change from passing pointers to registeredPlugin to passing the struct by value. - We also add a mutex to the supervisor struct to protect from racy data access. * move the immutability comment to the godoc of the Active method * Changing mut to lock Co-authored-by: mattermod <mattermod@users.noreply.github.com>
2020-01-23 22:30:35 -05:00
sup.lock.RLock()
defer sup.lock.RUnlock()
Revert "Fix initialism errors (PR-3) (#17062)" (#17202) This reverts commit ea61458f16c16da3f6cb4168f16c91923b5b1564. This was causing panic in the plugins because the client and the plugin API changed with this PR
2021-03-23 05:32:54 -04:00
return sup.implemented[hookId]
PLT-7407: Back-end plugin mechanism (#7177) * begin backend plugin wip * flesh out rpcplugin. everything done except for minor supervisor stubs * done with basic plugin infrastructure * simplify tests * remove unused test lines
2017-08-16 18:23:38 -04:00
}
[MM-48825] "plugin configured with a nil SecureConfig" warning logged when starting each plugin (#21869)
2023-01-26 17:13:33 -05:00
func getPluginExecutableChecksum(executablePath string) ([]byte, error) {
pathHash := sha256.New()
file, err := os.Open(executablePath)
if err != nil {
return nil, err
}
defer file.Close()
_, err = io.Copy(pathHash, file)
if err != nil {
return nil, err
}
return pathHash.Sum(nil), nil
}
Reference in a new issue Copy permalink