feat: Add support for custom autodiscovery plugin by olblak · Pull Request #7034 · updatecli/updatecli

olblak · 2025-12-04T14:18:18Z

Related to #5730

Add support for custom autodiscovery plugin using WASM.

This feature leverage the WASM framework Extism which allows writing plugin using Rust, JS, Go, C#, F#, C, Haskell, and Zig

I also created this repository https://github.com/updatecli/plugins to host a plugin example.

A simple Updatecli manifest looks like
Where the autodiscovery crawler kind can be a file with the ".wasm" extension
At the moment it supports local files but we can envision supporting OCI artifacts in order to push/push plugins similar to Updatecli shared policies.

name: Test Custom autodiscovery plugin

autodiscovery:
  crawlers:
    "pkg/plugins/autodiscovery/plugin/testdata/demo.wasm":
      # The source code for this plugin is available autodiscovery
      # https://github.com/updatecli/plugins/tree/main/autodiscovery/demo
      spec:
        files:
          - pkg/plugins/autodiscovery/plugin/testdata/demo/data.txt

Please note that WASM comes with its own set of limitations.

A WASM binary is executed within its own container so we need to mount any files that we need to manipulate from the host to the WASM container
Depending on the programming language, we may have some limitations.

Test

To test this pull request, you can run the following commands:

cd pkg/plugins/autodiscovery/plugin/
go test .

go build -o bin/updatecli .
./bin/updatecli diff --config e2e/updatecli.d/success.d/autodiscovery/plugin/

Additional Information

Checklist

I have updated the documentation via pull request in website repository.

Tradeoff

By default, a WASM container doesn't have access to the host local files. For that we need to allow list some path such as

  crawlers:
    "pkg/plugins/autodiscovery/plugin/testdata/demo.wasm":
      # The source code for this plugin is available autodiscovery
      # https://github.com/updatecli/plugins/tree/main/autodiscovery/demo
      spec:
        allowedpaths:
          - ".:/mnt"

If allowedpaths is unset, then I made the decision to automatically load the local directory or the scm directory if a scm configuration is specified, to reduce the amount of configuration needed in the Updatecli manifest.

By default, a WASM binary is executed from the directory /mnt

Potential improvement

Right now the plugin must remain local to the Updatecli manifest file, it would be nice to also support fetching plugins from an OCI registry.

Signed-off-by: Olblak <me@olblak.com>

Copilot

Pull request overview

This PR adds support for custom autodiscovery plugins using WebAssembly (WASM) via the Extism framework. The feature enables users to write custom autodiscovery logic in multiple languages (Rust, JS, Go, C#, F#, C, Haskell, and Zig) that can be executed in a secure sandboxed environment.

Key Changes:

Introduces a new WASM-based plugin system for autodiscovery with configurable allowed paths, hosts, and timeouts
Integrates plugin support into the existing autodiscovery framework with experimental feature flag protection
Provides host functions for plugins to interact with Updatecli's Docker image source spec generation

Reviewed changes

Copilot reviewed 9 out of 11 changed files in this pull request and generated 10 comments.

Show a summary per file

File	Description
`pkg/plugins/autodiscovery/plugin/main.go`	Core plugin implementation with WASM initialization and manifest discovery logic
`pkg/plugins/autodiscovery/plugin/spec.go`	Plugin specification structure defining allowed paths, hosts, and timeout configuration
`pkg/plugins/autodiscovery/plugin/utils.go`	Utility function for processing and normalizing allowed paths for WASM sandbox
`pkg/plugins/autodiscovery/plugin/hostFunction.go`	Host function exposing Docker source spec generation to WASM plugins
`pkg/plugins/autodiscovery/plugin/main_test.go`	Test suite validating plugin execution with demo WASM binary
`pkg/core/pipeline/autodiscovery/main.go`	Integration point adding plugin crawler support with `.wasm` file detection
`pkg/plugins/autodiscovery/plugin/testdata/demo/data.txt`	Test data for demo plugin validation
`e2e/updatecli.d/success.d/autodiscovery/plugin/updatecli.yaml`	End-to-end test configuration demonstrating plugin usage
`go.mod`	Added Extism and Wazero dependencies for WASM runtime
`go.sum`	Dependency checksums for new WASM-related packages

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

pkg/plugins/autodiscovery/plugin/main.go

pkg/plugins/autodiscovery/plugin/spec.go

e2e/updatecli.d/warning.d/autodiscovery/plugin/updatecli.yaml

pkg/plugins/autodiscovery/plugin/hostFunction.go

pkg/plugins/autodiscovery/plugin/main.go

pkg/plugins/autodiscovery/plugin/hostFunction.go

Signed-off-by: Olblak <me@olblak.com>

feat: Add custom autodiscovery plugin

4b391f0

Signed-off-by: Olblak <me@olblak.com>

olblak added enhancement New feature or request experimental Experimental feaure autodiscovery All things related to the autodiscovery feature labels Dec 4, 2025

olblak requested a review from Copilot December 4, 2025 14:20

Merge branch 'main' into issue/5730

7cb48e7

Copilot started reviewing on behalf of olblak December 4, 2025 14:21 View session

Copilot finished reviewing on behalf of olblak December 4, 2025 14:23

Copilot AI reviewed Dec 4, 2025

View reviewed changes

olblak added 6 commits December 4, 2025 15:37

chore: cleanup various issues

e0b788e

Signed-off-by: Olblak <me@olblak.com>

Merge branch 'issue/5730' of github.com:olblak/updatecli into issue/5730

922ac96

fix hostfunction

06c40e9

Signed-off-by: Olblak <me@olblak.com>

feat: add new host function versionfilter_greater_than_pattern

e25a5b3

Signed-off-by: Olblak <me@olblak.com>

chore: increase timeout

ef127f9

Signed-off-by: Olblak <me@olblak.com>

chore: move error message to debug

486ac4b

Signed-off-by: Olblak <me@olblak.com>

olblak mentioned this pull request Dec 5, 2025

Feature Request: Enable support for custom plugins #5730

Closed

olblak and others added 5 commits December 7, 2025 10:15

Merge branch 'main' into issue/5730

9d5ba17

Merge remote-tracking branch 'upstream/main' into issue/5730

6dcfb1e

Merge branch 'main' into issue/5730

31ee763

Merge branch 'main' into issue/5730

2afbc58

Merge branch 'main' into issue/5730

5567e40

olblak enabled auto-merge (squash) January 3, 2026 08:37

fix: move e2e test to warning

9174ce3

Signed-off-by: Olblak <me@olblak.com>

olblak disabled auto-merge January 4, 2026 07:17

Merge branch 'main' into issue/5730

e5ade6c

olblak merged commit db116bb into updatecli:main Jan 4, 2026
5 checks passed

olblak deleted the issue/5730 branch January 4, 2026 09:05

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

feat: Add support for custom autodiscovery plugin#7034

feat: Add support for custom autodiscovery plugin#7034
olblak merged 15 commits intoupdatecli:mainfrom
olblak:issue/5730

olblak commented Dec 4, 2025 •

edited

Loading

Uh oh!

Copilot AI left a comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

olblak commented Dec 4, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Test

Additional Information

Checklist

Tradeoff

Potential improvement

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Reviewed changes

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

olblak commented Dec 4, 2025 •

edited

Loading