Add scoped extension-mechanism proposal#340
Draft
peter-smith-phd wants to merge 1 commit into
Draft
Conversation
OpenSpec change proposing a Git-style extension mechanism for lstk: when `lstk <name>` is not a built-in, lstk resolves and execs an `lstk-<name>` binary, forwarding args/streams/exit code and passing runtime context via a versioned `LSTK_EXT_*` environment contract. Scope (4 capabilities): - extension-framework: bundled-dir + PATH resolution (bundled wins), built-in precedence, leading-only global-flag handling, side-effect-free help listing. - extension-runtime-context: emulator endpoint/type/port, config dir, auth token, and resolved global flags (e.g. LSTK_EXT_NON_INTERACTIVE). - extension-entitlement: lstk passes the token; the extension self-authorizes. The lstk-side signed-grant mechanism is explicitly deferred. - extension-bundling: ship LocalStack-built (closed-source) extensions like lstk-deploy by default, with a release-generated descriptions file for help text and atomic version-matched updates. Deferred: emulator attestation, signed entitlement grants, and user-facing `lstk extension` management commands.
peter-smith-phd
added
docs: needed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Goal
Let anyone add
lstk <name>subcommands as independent binaries — open or closed source, built in-house or by partners — without merging them into the open-source core. lstk becomes a Git-style dispatcher that resolves and execslstk-<name>, hands it enough runtime context to be useful, and leaves authorization to the extension. This is an OpenSpec proposal only (no implementation yet).Approach
lstk <name>isn't a built-in, lstk resolves anlstk-<name>executable and execs it, forwarding args, streams, and exit code. Built-ins always win; no in-process plugin ABI.LSTK_EXT_*env contract: lstk passes the resolved emulator endpoint/type/port, config dir, auth token, and resolved global-flag state (e.g.LSTK_EXT_NON_INTERACTIVE) — so extensions skip rediscovering any of it. Global flags before the command name are consumed by lstk and conveyed by env, never forwarded on the extension's command line.lstk-deployby default in a directory next to the binary, resolved ahead ofPATH, updated atomically with lstk. No user-facing install step.PATH/custom extensions are name-only.lstk helpnever executes an extension.LSTK_EXT_API_VERSION). Emulator attestation and the user-facinglstk extensionmanagement commands are deferred.See
proposal.mdanddesign.mdfor the full rationale, threat model, decisions, and open questions.🤖 Generated with Claude Code