Act system

.github/workflows/release.yaml

@@ -19,10 +19,10 @@ jobs:
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      - name: Set up Go 1.21
-        uses: actions/setup-go@v3
+      - name: Set up Go 1.22
+        uses: actions/setup-go@v5
         with:
-          go-version: "1.21"
+          go-version: "1.22"
           cache: true
       - name: Install nfpm for building Linux packages
         run: go install github.com/goreleaser/nfpm/v2/cmd/nfpm@latest

.github/workflows/test.yaml

@@ -43,19 +43,21 @@ jobs:
           --health-retries 5
     steps:
       - name: Checkout 🛎️
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
       - name: Install Go 🧑‍💻
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v5
         with:
-          go-version: "1.21"
+          go-version: "1.22"
 
       - name: Lint code issues 🚨
-        uses: golangci/golangci-lint-action@v3
+        uses: golangci/golangci-lint-action@v4
         with:
+          version: "v1.56"
           skip-pkg-cache: true
+          install-mode: "goinstall"
 
       - name: Run Go tests 🔬
         run: go test -p 1 -cover -covermode atomic -coverprofile=profile.cov -v ./...
@@ -89,17 +91,17 @@ jobs:
           --health-retries 5
     steps:
       - name: Checkout 🛎️
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
       - name: Install Go 🧑‍💻
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v5
         with:
-          go-version: "1.21"
+          go-version: "1.22"
 
       - name: Checkout test plugin 🛎️
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           repository: gatewayd-io/plugin-template-go
           path: plugin-template-go
@@ -113,7 +115,6 @@ jobs:
           export SHA256SUM=$(sha256sum ptg | awk '{print $1}')
           cat <<EOF > gatewayd_plugins.yaml
           compatibilityPolicy: "strict"
-          terminationPolicy: "stop"
           metricsMergerPeriod: 1s
           healthCheckPeriod: 1s
           reloadOnCrash: true

.gitignore

@@ -10,6 +10,7 @@
 
 # Output of the go coverage tool, specifically when used with LiteIDE
 *.out
+go-carpet-coverage-out*
 
 # Dependency directories (remove the comment below to include it)
 # vendor/

.golangci.yaml

@@ -68,6 +68,8 @@ linters-settings:
           - "gopkg.in/yaml.v3"
           - "github.com/zenizh/go-capturer"
           - "gopkg.in/natefinch/lumberjack.v2"
+          - "github.com/expr-lang/expr"
+          - "github.com/jackc/pgx/v5/pgproto3"
       test:
         files:
           - $test
@@ -84,6 +86,7 @@ linters-settings:
           - "github.com/panjf2000/gnet/v2"
           - "github.com/spf13/cobra"
           - "github.com/knadh/koanf"
+          - "github.com/spf13/cast"
   tagalign:
     align: false
     sort: false

Dockerfile

@@ -1,7 +1,7 @@
 # syntax=docker/dockerfile:1
 
 # Use the official golang image to build the binary.
-FROM golang:1.21-alpine3.18 as builder
+FROM golang:1.22-alpine3.18 as builder
 
 ARG TARGETOS
 ARG TARGETARCH

Makefile

@@ -108,7 +108,7 @@ clean:
 	@rm -rf dist
 
 test:
-	@go test -v ./...
+	@go test -v -cover -coverprofile=c.out ./...
 
 test-race:
 	@go test -race -v ./...

act/builtins.go

@@ -0,0 +1,162 @@
+package act
+
+import (
+	sdkAct "github.com/gatewayd-io/gatewayd-plugin-sdk/act"
+	"github.com/gatewayd-io/gatewayd-plugin-sdk/databases/postgres"
+	"github.com/gatewayd-io/gatewayd-plugin-sdk/logging"
+	gerr "github.com/gatewayd-io/gatewayd/errors"
+	"github.com/jackc/pgx/v5/pgproto3"
+	"github.com/rs/zerolog"
+	"github.com/spf13/cast"
+)
+
+const (
+	// TerminateDefaultParamCount is the default parameter count for the terminate action.
+	TerminateDefaultParamCount = 2
+
+	// LogDefaultKeyCount is the default key count in the metadata for the log action.
+	LogDefaultKeyCount = 3
+
+	// These are the keys used to pass the logger and the result to the built-in actions.
+	LoggerKey = "__logger__"
+	ResultKey = "__result__"
+)
+
+// BuiltinSignals returns a map of built-in signals.
+func BuiltinSignals() map[string]*sdkAct.Signal {
+	return map[string]*sdkAct.Signal{
+		"passthrough": sdkAct.Passthrough(),
+		"terminate":   sdkAct.Terminate(),
+		"log":         {Name: "log"},
+	}
+}
+
+// BuiltinPolicies returns a map of built-in policies.
+func BuiltinPolicies() map[string]*sdkAct.Policy {
+	return map[string]*sdkAct.Policy{
+		"passthrough": sdkAct.MustNewPolicy("passthrough", "true", nil),
+		"terminate": sdkAct.MustNewPolicy(
+			"terminate",
+			`Signal.terminate == true && Policy.terminate == "stop"`,
+			map[string]any{"terminate": "stop"},
+		),
+		"log": sdkAct.MustNewPolicy(
+			"log",
+			`Signal.log == true && Policy.log == "enabled"`,
+			map[string]any{"log": "enabled"},
+		),
+	}
+}
+
+// BuiltinActions returns a map of built-in actions.
+func BuiltinActions() map[string]*sdkAct.Action {
+	return map[string]*sdkAct.Action{
+		"passthrough": {
+			Name:     "passthrough",
+			Metadata: nil,
+			Sync:     true,
+			Terminal: false,
+			Run:      Passthrough,
+		},
+		"terminate": {
+			Name:     "terminate",
+			Metadata: nil,
+			Sync:     true,
+			Terminal: true,
+			Run:      Terminate,
+		},
+		"log": {
+			Name:     "log",
+			Metadata: nil,
+			Sync:     false,
+			Terminal: false,
+			Run:      Log,
+		},
+	}
+}
+
+// Passthrough is a built-in action that always returns true and no error.
+func Passthrough(map[string]any, ...sdkAct.Parameter) (any, error) {
+	return true, nil
+}
+
+// Terminate is a built-in action that terminates the connection if the
+// terminate signal is true and the policy is set to "stop". The action
+// can optionally receive a result parameter.
+func Terminate(_ map[string]any, params ...sdkAct.Parameter) (any, error) {
+	if len(params) == 0 || params[0].Key != LoggerKey {
+		// No logger parameter or the first parameter is not a logger.
+		return nil, gerr.ErrLoggerRequired
+	}
+
+	logger, isValid := params[0].Value.(zerolog.Logger)
+	if !isValid {
+		// The first parameter is not a logger.
+		return nil, gerr.ErrLoggerRequired
+	}
+
+	if len(params) < TerminateDefaultParamCount || params[1].Key != ResultKey {
+		logger.Debug().Msg(
+			"terminate action can optionally receive a result parameter")
+		return true, nil
+	}
+
+	result, isValid := params[1].Value.(map[string]any)
+	if !isValid {
+		logger.Debug().Msg("terminate action received a non-map result parameter")
+		return true, nil
+	}
+
+	// If the result from the plugin does not contain a response,
+	// yet it is a terminal action (hence running this action),
+	// add an error response to the result and terminate the connection.
+	if _, exists := result["response"]; !exists {
+		logger.Trace().Fields(result).Msg(
+			"Terminating without response, returning an error response")
+		result["response"] = (&pgproto3.Terminate{}).Encode(
+			postgres.ErrorResponse(
+				"Request terminated",
+				"ERROR",
+				"42000",
+				"Policy terminated the request",
+			),
+		)
+	}
+
+	return result, nil
+}
+
+// Log is a built-in action that logs the data received from the plugin.
+func Log(data map[string]any, params ...sdkAct.Parameter) (any, error) {
+	if len(params) == 0 || params[0].Key != LoggerKey {
+		// No logger parameter or the first parameter is not a logger.
+		return nil, gerr.ErrLoggerRequired
+	}
+
+	logger, ok := params[0].Value.(zerolog.Logger)
+	if !ok {
+		// The first parameter is not a logger.
+		return nil, gerr.ErrLoggerRequired
+	}
+
+	fields := map[string]any{}
+	if len(data) > LogDefaultKeyCount {
+		for key, value := range data {
+			// Skip these necessary fields, as they are already used by the logger.
+			// level: The log level.
+			// message: The log message.
+			// log: The log signal.
+			if key == "level" || key == "message" || key == "log" {
+				continue
+			}
+			// Add the rest of the fields to the logger as extra fields.
+			fields[key] = value
+		}
+	}
+
+	logger.WithLevel(
+		logging.GetZeroLogLevel(cast.ToString(data["level"])),
+	).Fields(fields).Msg(cast.ToString(data["message"]))
+
+	return true, nil
+}