feat: extend datumctl with installable service plugins#198
Open
scotwells wants to merge 4 commits into
Open
Conversation
scotwells
added a commit
to datum-cloud/compute
that referenced
this pull request
May 22, 2026
Adds the datumctl-compute plugin binary with commands for deploying and managing containerized workloads on Datum Cloud via the developer CLI. Commands: - deploy — create or update a workload from flags or a manifest file - destroy — delete a workload and clean up its revision history - status — show health, placement summary, and recent revision info - instances — list and describe running instances across cities - scale — adjust minimum replica count across placements - rollout — watch live progress, view history, and roll back revisions - restart — trigger a rolling restart of a workload or specific city - quota — inspect per-city instance usage and quota headroom Closes #98. Depends on datum-cloud/datumctl#198. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
scotwells
changed the title
8 tasks
scotwells
force-pushed
the
worktree-agent-aaa7004d0f14304c6
branch
from
205a931 to
0207a0c
Compare
scotwells
force-pushed
the
worktree-agent-aaa7004d0f14304c6
branch
2 times, most recently
from
47d9d76 to
6cb991e
Compare
Introduces the plugin subsystem: install, list, remove, upgrade, trust, and invoke external datumctl-<name> binaries. Plugins are stored in ~/.datumctl/plugins with a JSON manifest. The plugin SDK (go.datum.net/ datumctl/plugin) lets authors declare manifests, handle token injection, and receive forwarded Cobra invocations. Security: untrusted PATH plugins hard-error instead of warning-and-exec; trust entries record SHA256 at trust time and re-verify on each invocation; single EvalSymlinks call eliminates TOCTOU window. Plugin names and GitHub owner/repo validated against strict charsets; all download URIs must use https://. Stored SHA256 reflects the extracted binary (not the archive) so ForwardPlugin integrity checks work correctly. The RunE path enforces the same integrity check as ForwardPlugin, closing the bypass where a failed ForwardPlugin would fall through and still exec. Plugin store uses 0o700/0o600 permissions. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Adds 'datumctl plugin search' to browse the curated plugin index and suggests installable plugins when an unknown command is typed. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Provides shell completion for all plugin subcommands and publishes a public plugin/ package with the shared types plugins need to implement. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Covers the plugin development guide, trust model, manifest format, and installation flow for authors building datumctl plugins. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
scotwells
force-pushed
the
worktree-agent-aaa7004d0f14304c6
branch
from
6cb991e to
65ef355
Compare
scotwells
added a commit
to datum-cloud/compute
that referenced
this pull request
May 29, 2026
Adds the datumctl-compute plugin binary with commands for deploying and managing containerized workloads on Datum Cloud via the developer CLI. Commands: - deploy — create or update a workload from flags or a manifest file - destroy — delete a workload and clean up its revision history - status — show health, placement summary, and recent revision info - instances — list and describe running instances across cities - scale — adjust minimum replica count across placements - rollout — watch live progress, view history, and roll back revisions - restart — trigger a rolling restart of a workload or specific city - quota — inspect per-city instance usage and quota headroom Closes #98. Depends on datum-cloud/datumctl#198. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
scotwells
added a commit
to datum-cloud/compute
that referenced
this pull request
May 29, 2026
Adds the datumctl-compute plugin binary with commands for deploying and managing containerized workloads on Datum Cloud via the developer CLI. Commands: - deploy — create or update a workload from flags or a manifest file - destroy — delete a workload and clean up its revision history - status — show health, placement summary, and recent revision info - instances — list and describe running instances across cities - scale — adjust minimum replica count across placements - rollout — watch live progress, view history, and roll back revisions - restart — trigger a rolling restart of a workload or specific city - quota — inspect per-city instance usage and quota headroom Closes #98. Depends on datum-cloud/datumctl#198. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Contributor
Author
|
You can confirm this is working by installing the new compute plugin: There's a new datumctl-plugins repo that maintains our list of plugins. |
savme
approved these changes
May 29, 2026
|
|
||
| // execPlatform runs binaryPath on Windows using exec.Command and os.Exit. | ||
| // Windows does not support syscall.Exec. | ||
| func execPlatform(binaryPath string, args []string, env []string) error { |
There was a problem hiding this comment.
shouldn't kubecmd.NewDefaultPluginHandler work on windows as well?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #197
Summary
Operators can now install service plugins into
datumctlthat work exactly like built-in commands — with tab completion, help text, and automatic credential forwarding. This ships the foundation for the Datum Cloud CLI extension ecosystem.What's new
For operators:
datumctl plugin install datumctl-dnsdatumctl dns zones listdatumctl plugin listshows installed plugins and flags available updatesdatumctl plugin searchdiscovers community plugins via GitHub topicsFor plugin authors:
go.datum.net/datumctl/plugin) withContext(),Token(),ServeManifest(), andNewRootCmd()helpersexamples/plugin-dns/showing a working end-to-end integration--plugin-manifest) for compatibility checks at install and invocation timeTest plan
go build ./...passesgo test ./internal/pluginstore/... ./internal/plugindispatch/... ./internal/cmd/plugin/... ./plugin/...passes (43 tests)examples/plugin-dns/, rundatumctl dns zones listend-to-end🤖 Generated with Claude Code