Skip to content

Commit

Permalink
fix(doc): add plugin output size limitation (#320)
Browse files Browse the repository at this point in the history
* doc: add plugin output size limitation

Signed-off-by: Junjie Gao <junjiegao@microsoft.com>

* fix: resolve comment for Shiwei

Signed-off-by: Junjie Gao <junjiegao@microsoft.com>

* fix: resolve comment for Shiwei

Signed-off-by: Junjie Gao <junjiegao@microsoft.com>

---------

Signed-off-by: Junjie Gao <junjiegao@microsoft.com>
  • Loading branch information
JeyJeyGao authored Jan 8, 2025
1 parent 8cf800c commit c482ea6
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion specs/plugin-extensibility.md
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,7 @@ Plugin config can be also set/overriden during signing with the `notation sign`

### Plugin contract

* Notation will invoke the plugin executable for each command (e.g. sign, verify), pass inputs through `stdin` and get output through `stdout` and `stderr`.
* Notation will invoke the plugin executable for each command (e.g. sign, verify), pass inputs through `stdin` and get output through `stdout` and `stderr`. Currently, a size limit of less than 64 MiB is applied to each output channel for preventing out-of-memory issues of potential plugin malfunctioning.
* The command will be passed as the first argument to the plugin e.g. `notation-{plugin-name} <command>`. A JSON request is passed using `stdin`. The plugin is expected to return a JSON response through `stdout` with a `0` exit code for successful response, and a non-zero exit code with a JSON error response in `stderr` for error response. Each command defines its request, response and error contract. To avoid any additional content like debug or info level logging from dependencies and inbuilt libraries, the plugin implementation should redirect any output to `stdout` on initialization, and only send the JSON response away from `stdout` when the command execution completes. E.g. For golang, set [`os.Stdout`](https://pkg.go.dev/os#pkg-variables) to point to a log file.
* Every request JSON will contain a `contractVersion` top level attribute whose value will indicate the plugin contract version. Contract version is revised when there are changes to command request/response, new plugin commands are introduced, and supported through Notation.
* To maintain forward compatibility plugin implementors MUST ignore unrecognized attributes in command request which are introduced in minor version updates of the plugin contract.
Expand Down

0 comments on commit c482ea6

Please sign in to comment.