Skip to content

feat(x): status message field #517

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
joe0BAB merged 2 commits into from
May 13, 2026
Merged

feat(x): status message field #517

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
892b4f0
feat(x): status message field
joe0BAB May 13, 2026
e8f72ca
chore: bump go version
joe0BAB May 13, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 8 additions & 6 deletions client/client.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -251,12 +251,13 @@ func (c client) ListPlugins(ctx context.Context) ([]PluginInfo, error) {
continue
}
info := PluginInfo{
Name: name,
Version: version,
Disabled: item.GetDisabled(),
External: item.GetExternal(),
Configurable: item.GetConfigurable(),
RunStatus: item.GetRunStatus(),
Name: name,
Version: version,
Disabled: item.GetDisabled(),
External: item.GetExternal(),
Configurable: item.GetConfigurable(),
RunStatus: item.GetRunStatus(),
StatusMessage: item.GetStatusMessage(),
}
if sp := item.GetSecretsProvider(); sp != nil {
pattern, err := secrets.ParsePattern(sp.GetPattern())
Expand Down Expand Up @@ -297,6 +298,7 @@ type PluginInfo struct {
External bool
Configurable bool
RunStatus pluginsv1.RunStatus
StatusMessage string
SecretsProvider *SecretsProviderMetadata
}

Expand Down
14 changes: 8 additions & 6 deletions client/client_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,12 +78,13 @@ func (m mockPluginsList) ListPlugins(_ context.Context, _ *connect.Request[plugi
version = plugin.Version.String()
}
b := pluginsv1.Plugin_builder{
Name: proto.String(name),
Version: proto.String(version),
Disabled: proto.Bool(plugin.Disabled),
External: proto.Bool(plugin.External),
Configurable: proto.Bool(plugin.Configurable),
RunStatus: plugin.RunStatus.Enum(),
Name: proto.String(name),
Version: proto.String(version),
Disabled: proto.Bool(plugin.Disabled),
External: proto.Bool(plugin.External),
Configurable: proto.Bool(plugin.Configurable),
RunStatus: plugin.RunStatus.Enum(),
StatusMessage: proto.String(plugin.StatusMessage),
}
if plugin.SecretsProvider != nil {
b.SecretsProvider = pluginsv1.SecretsProvider_builder{
Expand Down Expand Up @@ -165,6 +166,7 @@ func Test_ListPlugins(t *testing.T) {
SecretsProvider: &SecretsProviderMetadata{Pattern: secrets.MustParsePattern("**")},
External: true,
RunStatus: pluginsv1.RunStatus_RUN_STATUS_CRASHED,
StatusMessage: "exit status 1: connection refused",
},
}
socket := mockListPluginsEngine(t, plugins)
Expand Down
2 changes: 1 addition & 1 deletion client/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/docker/secrets-engine/client

go 1.25.8
go 1.25.10

// This `replace` is only for CI to function.
// The correct version will get resolved from below when this module is
Expand Down
2 changes: 1 addition & 1 deletion go.work
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
go 1.25.8
go 1.25.10

use (
./client
Expand Down
2 changes: 1 addition & 1 deletion plugin/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/docker/secrets-engine/plugin

go 1.25.8
go 1.25.10

// This `replace` is only for CI to function.
// The correct version will get resolved from below when this module is
Expand Down
2 changes: 1 addition & 1 deletion plugins/credentialhelper/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/docker/secrets-engine/plugins/credentialhelper

go 1.25.8
go 1.25.10

// This `replace` is only for CI to function.
// The correct version will get resolved from below when this module is
Expand Down
2 changes: 1 addition & 1 deletion plugins/pass/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/docker/secrets-engine/plugins/pass

go 1.25.8
go 1.25.10

replace github.com/docker/secrets-engine/store => ./../../store

Expand Down
2 changes: 1 addition & 1 deletion store/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/docker/secrets-engine/store

go 1.25.8
go 1.25.10

// This `replace` is only for CI to function.
// The correct version will get resolved from below when this module is
Expand Down
6 changes: 3 additions & 3 deletions vendor/modules.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,11 +40,11 @@ github.com/davecgh/go-spew/spew
github.com/docker/docker-credential-helpers/client
github.com/docker/docker-credential-helpers/credentials
# github.com/docker/secrets-engine/plugin v0.0.22 => ./plugin
## explicit; go 1.25.8
## explicit; go 1.25.10
# github.com/docker/secrets-engine/store v0.0.23 => ./store
## explicit; go 1.25.8
## explicit; go 1.25.10
# github.com/docker/secrets-engine/x v0.0.30-do.not.use => ./x
## explicit; go 1.25.8
## explicit; go 1.25.10
# github.com/go-logr/logr v1.4.3
## explicit; go 1.18
github.com/go-logr/logr
Expand Down
95 changes: 66 additions & 29 deletions x/api/plugins/v1/api.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 5 additions & 1 deletion x/api/plugins/v1/api.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,9 +50,13 @@ message Plugin {
bool configurable = 5;
// Run status
RunStatus run_status = 6;
// Human-readable detail for the current run_status. Populated for
// terminal/error statuses (CRASHED, RETRIES_EXCEEDED); typically empty
// otherwise. Not machine-parseable — intended for display only.
string status_message = 7;
// Type-specific fields
oneof metadata {
SecretsProvider secrets_provider = 7;
SecretsProvider secrets_provider = 8;
Copy link
Copy Markdown

@docker-agent docker-agent Bot May 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

HIGH: Breaking protobuf field renumbering — secrets_provider moved from field 7 to field 8

This PR inserts status_message at field number 7 and renumbers the pre-existing secrets_provider oneof field from 7 → 8. Protobuf field numbers are the sole wire-format identifiers and must never change after first deployment.

Impact in mixed-version deployments:

  • An old server (field 7 = SecretsProvider) sending to a new client: the new client decodes tag-7 bytes as status_message (a string), producing garbage text and silently dropping the SecretsProvider value.
  • A new server (field 7 = status_message, field 8 = SecretsProvider) sending to an old client: the old client ignores tag-8 entirely (unknown field), losing secrets routing with no error.

No parse error is raised because both fields share wire-type 2 (length-delimited), making this a silent, undetectable corruption.

Fix: Leave secrets_provider at its original field number 7. Assign status_message a new, never-previously-used field number (e.g. 9):

string status_message = 9;
// ...
SecretsProvider secrets_provider = 7;  // unchanged

}
}

Expand Down
2 changes: 1 addition & 1 deletion x/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/docker/secrets-engine/x

go 1.25.8
go 1.25.10

require (
connectrpc.com/connect v1.19.1
Expand Down
Loading