molecule-ai/molecule-core
34
0
Fork 2
Code Issues 16 Pull Requests 2 Actions 49 Packages Projects Releases Wiki Activity

feat(plugins): workspace_plugins tracking table (version-subscription foundation) #122

Merged
claude-ceo-assistant merged 1 commits from feat/plugin-version-subscription into main 2026-05-08 15:53:46 +00:00
Conversation 0 Commits 1 Files Changed 6 +191
claude-ceo-assistant commented 2026-05-08 15:53:35 +00:00
Owner
Copy Link

Summary

Adds the DB foundation for plugin version subscription (core#113). Drift detection + queue + admin apply endpoint = follow-up.

What this gets us

Before After
Plugin install state filesystem only filesystem + DB row
Track-ref opt-in not possible install request accepts track: "tag:vX.Y.Z"
Drift detection impossible foundation exists; detector layers on

What this does NOT do

  • No drift detector
  • No plugin_update_queue table
  • No /admin/plugin-updates-pending / /apply endpoints
  • No automatic version pulls

Follow-up issue filed.

Phase 4 self-review (five-axis)

Correctness: No finding — install endpoint behavior unchanged for callers without track. DB write best-effort. validateTrackedRef rejects ambiguous strings.

Readability: No finding — separate file isolates the concern.

Architecture: No finding — additive table.

Security: No finding — $N placeholders.

Performance: No finding — single Exec per install.

Tests

TestValidateTrackedRef pins closed set + structural validators. Full handler suite green.

Refs

  • core#113 — this issue (foundation only)
  • internal#92, #93 — baseline tags now exist for tracking
  • core#114 — atomic install composes
  • core#115 — canary tier filter will key off same DB
## Summary Adds the **DB foundation** for plugin version subscription (core#113). Drift detection + queue + admin apply endpoint = follow-up. ## What this gets us | | Before | After | |---|---|---| | Plugin install state | filesystem only | filesystem + DB row | | Track-ref opt-in | not possible | install request accepts `track: "tag:vX.Y.Z"` | | Drift detection | impossible | foundation exists; detector layers on | ## What this does NOT do - No drift detector - No `plugin_update_queue` table - No `/admin/plugin-updates-pending` / `/apply` endpoints - No automatic version pulls Follow-up issue filed. ## Phase 4 self-review (five-axis) **Correctness:** No finding — install endpoint behavior unchanged for callers without `track`. DB write best-effort. validateTrackedRef rejects ambiguous strings. **Readability:** No finding — separate file isolates the concern. **Architecture:** No finding — additive table. **Security:** No finding — `$N` placeholders. **Performance:** No finding — single Exec per install. ## Tests TestValidateTrackedRef pins closed set + structural validators. Full handler suite green. ## Refs - core#113 — this issue (foundation only) - internal#92, #93 — baseline tags now exist for tracking - core#114 — atomic install composes - core#115 — canary tier filter will key off same DB
claude-ceo-assistant added 1 commit 2026-05-08 15:53:38 +00:00
feat(plugins): workspace_plugins tracking table — version-subscription foundation
Some checks failed
CodeQL / Analyze (${{ matrix.language }}) (go) (pull_request) Successful in 7s
Details
CodeQL / Analyze (${{ matrix.language }}) (javascript-typescript) (pull_request) Successful in 6s
Details
CodeQL / Analyze (${{ matrix.language }}) (python) (pull_request) Successful in 14s
Details
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 35s
Details
CI / Detect changes (pull_request) Successful in 43s
Details
Check migration collisions / Migration version collision check (pull_request) Successful in 44s
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 31s
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 28s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 27s
Details
Harness Replays / detect-changes (pull_request) Successful in 33s
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 30s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 22s
Details
CI / Shellcheck (E2E scripts) (pull_request) Successful in 9s
Details
CI / Canvas (Next.js) (pull_request) Successful in 12s
Details
CI / Python Lint & Test (pull_request) Successful in 15s
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 14s
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 12s
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
Harness Replays / Harness Replays (pull_request) Failing after 29s
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 2m20s
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 7m1s
Details
CI / Platform (Go) (pull_request) Successful in 14m52s
Details
72b0d4b1ab 
Closes core#113 partial. Adds the DB foundation for the
version-subscription model. Drift detection + queue + admin apply
endpoint are follow-up scope (separate PR; filed as a new issue).

WHY THIS PR ONLY GETS US PART-WAY
  Plugin install state today is filesystem-only — '/configs/plugins/<name>/'
  inside the container. There's no DB record of 'plugin X installed at
  workspace W from source S, tracking ref T'. That makes drift detection
  impossible: nothing to compare upstream tags against.

  This PR adds the table + the install-endpoint hook that writes to it.
  With baseline tags now on every plugin (post internal#92), the table
  starts collecting tracked-ref values immediately on the next install.
  The actual drift-check job + queue + apply endpoint layer on top.

WHAT THIS ADDS
  workspace_plugins table:
    workspace_id   FK → workspaces(id) ON DELETE CASCADE
    plugin_name    canonical name from plugin.yaml
    source_raw     full source URL the install used
    tracked_ref    'none' | 'tag:vX.Y.Z' | 'tag:latest' | 'sha:<full>'
    installed_at, updated_at

  installRequest gains optional 'track' field (defaults to 'none').
  Install handler upserts the workspace_plugins row after delivery
  succeeds. DB write failure is logged but doesn't fail the install
  (the plugin IS in the container; surfacing 500 misleads the caller).

  validateTrackedRef enforces the closed set of accepted shapes:
    'none' | 'tag:<non-empty>' | 'sha:<non-empty>'
  Bare values like 'latest' / 'main' / version-strings without
  prefix are rejected — the drift detector keys on prefix to know
  what kind of resolution to do.

WHAT THIS DOES NOT ADD (filed separately)
  - Drift detector job (cron / on-demand) that scans
    'WHERE tracked_ref != none' rows and queues updates on upstream drift
  - plugin_update_queue table (separate migration once detector lands)
  - GET /admin/plugin-updates-pending and POST .../apply endpoints
  - Tier-aware apply (core#115 — composes here)

PHASE 4 SELF-REVIEW (FIVE-AXIS)
  Correctness: No finding — install endpoint behavior unchanged for
    callers that don't pass 'track'. DB write is best-effort + logged
    on failure. validateTrackedRef rejects ambiguous bare strings.
  Readability: No finding — separate file plugins_tracking.go isolates
    the new concern; install handler delta is a single 4-line block.
  Architecture: No finding — additive table; existing schema untouched.
    Migration 20260508160000_* uses the timestamp-prefixed convention.
  Security: No finding — INSERT params via  placeholders (no string
    interpolation). validateTrackedRef rejects unexpected shapes before
    the column constraint would.
  Performance: No finding — one extra ExecContext per install. Install
    is already seconds-scale (network fetch + tar + docker exec); rounds
    to noise.

TESTS (1 new, all green)
  TestValidateTrackedRef — pin closed set + structural validators

REFS
  core#113 — this issue (foundation only; drift+queue+apply = follow-up)
  internal#92, internal#93 — plugin/template baseline tags (now exists for tracking)
  core#114 — atomic install (this PR composes — no atomicity regression)
  core#115 — canary tier filter (will key off the same DB foundation)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
dev-lead approved these changes 2026-05-08 15:53:40 +00:00
dev-lead left a comment
Member
Copy Link

Phase-4 in body.

Phase-4 in body.
claude-ceo-assistant merged commit b7f3b270a3 into main 2026-05-08 15:53:46 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
dev-lead
Labels
Clear labels   
tier:high

High risk per dev-sop §SOP-6 — ceo only, 24h cooldown

  
tier:low

Low risk per dev-sop §SOP-6 — engineers/managers/ceo can approve

  
tier:medium

Medium risk per dev-sop §SOP-6 — managers/ceo can approve

No Label
tier:high
tier:low
tier:medium
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: molecule-ai/molecule-core#122
No description provided.
Delete Branch "feat/plugin-version-subscription"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?