-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 4407e32
Showing
29 changed files
with
1,352 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,101 @@ | ||
name: Setup repository | ||
on: | ||
push: | ||
paths: | ||
- cookiecutter.json | ||
jobs: | ||
setup: | ||
name: Reinitialize repository | ||
runs-on: ubuntu-latest | ||
env: | ||
REPO_SETUP_TOKEN: ${{ secrets.REPO_SETUP_TOKEN }} | ||
steps: | ||
- name: Do not run scaffolding on template repository | ||
shell: bash | ||
# This workflow runs when the `cookiecutter.json` file is modified. | ||
# This is the trick to re-init a repository, but we don't want to | ||
# run this action if this file is modified in the origin template repository. | ||
# | ||
# Using the GitHub rest API allows us to identify if the current repository | ||
# is a template repository or not. | ||
run: | | ||
curl --silent -X GET \ | ||
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ | ||
-H "Accept: application/vnd.github.baptiste-preview+json" \ | ||
https://api.github.com/repos/$GITHUB_REPOSITORY \ | ||
| jq --exit-status '.is_template == false'; | ||
- id: string | ||
uses: ASzc/change-string-case-action@v6 | ||
with: | ||
string: ${{ github.repository }} | ||
|
||
- uses: actions/checkout@v4 | ||
with: | ||
# Committing workflow files using the regular GITHUB_TOKEN will fail with | ||
# `Git Error: Refusing to allow a GitHub App to create or update workflow without workflows permission`. | ||
# This is by design to prevent third-parties from adding malicious workflow files. | ||
# | ||
# Generate a new personal access token with the workflow `scope` does the trick. | ||
# Checkout my blog post https://stefanbuck.com/blog for alternative options | ||
token: ${{ env.REPO_SETUP_TOKEN || secrets.GITHUB_TOKEN }} | ||
|
||
- uses: actions/setup-python@v5 | ||
with: | ||
python-version: '3.x' | ||
|
||
- name: Install dependencies | ||
run: pip install cookiecutter | ||
|
||
- name: Scaffolding repository | ||
# cookiecutter is command-line utility to create projects from templates | ||
# https://github.com/cookiecutter/cookiecutter | ||
# | ||
# --no-input Do not prompt for parameters and only use | ||
# cookiecutter.json file content | ||
# | ||
# --output-dir Where to output the generated project dir into | ||
run: cookiecutter . --no-input --output-dir ./cookiecutter-temp | ||
|
||
- name: Prepare root directory | ||
shell: bash | ||
run: | | ||
find ./ -maxdepth 1 \ | ||
! -name '.git' \ | ||
! -name 'cookiecutter-temp' \ | ||
! -name '.' \ | ||
! -exec rm -rf {} + | ||
- name: Move files to root | ||
shell: bash | ||
# The cookiecutter-temp/ folder contains a single folder which is the | ||
# generated project by cookiecutter. We want to move all the project | ||
# files into the root directory so we can reinitialize git in the next step | ||
run: | | ||
rsync -r ./cookiecutter-temp/*/ . && \ | ||
rm -rf ./cookiecutter-temp/ | ||
- name: Install Go | ||
uses: actions/setup-go@v5 | ||
with: | ||
go-version: '1.22.x' | ||
|
||
- name: go mod init | ||
shell: bash | ||
run: | | ||
go mod init "github.com/${{ steps.string.outputs.lowercase }}" && \ | ||
go mod tidy && \ | ||
go mod vendor | ||
- name: Reinitialize git repository | ||
shell: bash | ||
# Reinitialize git after scaffolding this repository. | ||
# We use `git checkout --orphan` to create a branch in a git init-like state. | ||
# By force pushing this as `main` we end up with a new clean git history. | ||
run: | | ||
git config --global user.email "github-actions[bot]@users.noreply.github.com" && \ | ||
git config --global user.name "github-actions[bot]" && \ | ||
git checkout --orphan temp-branch && \ | ||
git add . && \ | ||
git commit -m 'Initial commit' && \ | ||
git push origin temp-branch:main -f |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
# Binaries for programs and plugins | ||
*.exe | ||
*.exe~ | ||
*.dll | ||
*.so | ||
*.dylib | ||
build/ | ||
*.c1z | ||
|
||
# Test binary, built with `go test -c` | ||
*.test | ||
|
||
# Output of the go coverage tool, specifically when used with LiteIDE | ||
*.out | ||
|
||
# Dependency directories (remove the comment below to include it) | ||
# vendor/ | ||
dist/ | ||
cookiecutter-temp/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
# baton-template | ||
A simple template for quickly building your own Baton connector. | ||
|
||
## How to use | ||
1. Click on the "use this template" button, and you'll have a new repository for your connector. | ||
2. Update `cookiecutter.json` with the appropriate configuration | ||
```json | ||
{ | ||
"repo_owner": "conductorone", | ||
"repo_name": "baton-example", | ||
"name": "baton-example" | ||
} | ||
``` | ||
3. Commit this change, and a GitHub action will process the update and initialize the repo for you. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
{ | ||
"repo_owner": "conductorone", | ||
"repo_name": "baton-example", | ||
"name": "baton-example" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
#### Description | ||
|
||
- [ ] Bug fix | ||
- [ ] New feature | ||
|
||
|
||
|
||
|
||
#### Useful links: | ||
|
||
- [Baton SDK coding guidelines](https://github.com/ConductorOne/baton-sdk/wiki/Coding-Guidelines) | ||
- [New contributor guide](https://github.com/ConductorOne/baton/blob/main/CONTRIBUTING.md) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
version: 2 | ||
updates: | ||
- package-ecosystem: "gomod" | ||
directory: "/" | ||
schedule: | ||
interval: "weekly" | ||
allow: | ||
- dependency-name: "github.com/conductorone/baton-sdk" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
name: Generate connector capabilities | ||
|
||
on: | ||
push: | ||
branches: | ||
- main | ||
|
||
jobs: | ||
calculate-capabilities: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v4 | ||
with: | ||
token: ${{ '{{ secrets.RELENG_GITHUB_TOKEN }}' }} | ||
|
||
- name: Setup Go | ||
uses: actions/setup-go@v5 | ||
with: | ||
go-version-file: 'go.mod' | ||
|
||
- name: Build | ||
run: go build -o connector ./cmd/{{ cookiecutter.name }} | ||
|
||
- name: Run and save output | ||
run: ./connector capabilities > baton_capabilities.json | ||
|
||
- name: Commit changes | ||
uses: EndBug/add-and-commit@v9 | ||
with: | ||
default_author: github_actions | ||
message: 'Updating baton capabilities.' | ||
add: 'baton_capabilities.json' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,104 @@ | ||
name: ci | ||
on: pull_request | ||
jobs: | ||
go-lint: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Install Go | ||
uses: actions/setup-go@v5 | ||
with: | ||
go-version: 1.22.x | ||
- name: Checkout code | ||
uses: actions/checkout@v4 | ||
- name: Run linters | ||
uses: golangci/golangci-lint-action@v5 | ||
with: | ||
version: latest | ||
args: --timeout=3m | ||
go-test: | ||
strategy: | ||
matrix: | ||
go-version: [1.22.x] | ||
platform: [ubuntu-latest] | ||
runs-on: ${{ '{{ matrix.platform }}' }} | ||
steps: | ||
- name: Install Go | ||
if: success() | ||
uses: actions/setup-go@v5 | ||
with: | ||
go-version: ${{ '{{ matrix.go-version }}' }} | ||
- name: Checkout code | ||
uses: actions/checkout@v4 | ||
- name: go tests | ||
run: (set -o pipefail && go test -v -covermode=count -json ./... | tee test.json) | ||
- name: annotate go tests | ||
if: always() | ||
uses: guyarb/golang-test-annotations@v0.5.1 | ||
with: | ||
test-results: test.json | ||
|
||
test: | ||
runs-on: ubuntu-latest | ||
# Define any services needed for the test suite (or delete this section) | ||
# services: | ||
# postgres: | ||
# image: postgres:16 | ||
# ports: | ||
# - "5432:5432" | ||
# env: | ||
# POSTGRES_PASSWORD: secretpassword | ||
env: | ||
BATON_LOG_LEVEL: debug | ||
# Add any environment variables needed to run {{ cookiecutter.name }} | ||
# BATON_BASE_URL: 'http://localhost:8080' | ||
# BATON_ACCESS_TOKEN: 'secret_token' | ||
# The following parameters are passed to grant/revoke commands | ||
# Change these to the correct IDs for your test data | ||
CONNECTOR_GRANT: 'grant:entitlement:group:1234:member:user:9876' | ||
CONNECTOR_ENTITLEMENT: 'entitlement:group:1234:member' | ||
CONNECTOR_PRINCIPAL: 'user:9876' | ||
CONNECTOR_PRINCIPAL_TYPE: 'user' | ||
steps: | ||
- name: Install Go | ||
uses: actions/setup-go@v5 | ||
with: | ||
go-version: 1.22.x | ||
- name: Checkout code | ||
uses: actions/checkout@v4 | ||
# Install any dependencies here (or delete this) | ||
# - name: Install postgres client | ||
# run: sudo apt install postgresql-client | ||
# Run any fixture setup here (or delete this) | ||
# - name: Import sql into postgres | ||
# run: psql -h localhost --user postgres -f environment.sql | ||
# env: | ||
# PGPASSWORD: secretpassword | ||
- name: Build {{ cookiecutter.name }} | ||
run: go build ./cmd/{{ cookiecutter.name }} | ||
- name: Run {{ cookiecutter.name }} | ||
run: ./{{ cookiecutter.name }} | ||
|
||
- name: Install baton | ||
run: ./scripts/get-baton.sh && mv baton /usr/local/bin | ||
|
||
- name: Check for grant before revoking | ||
{% raw %} | ||
run: | ||
baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\"" | ||
{% endraw %} | ||
|
||
- name: Revoke grants | ||
run: ./{{ cookiecutter.name }} --revoke-grant="${{ '{{' }} env.CONNECTOR_GRANT {{ '}}' }}" | ||
|
||
- name: Check grant was revoked | ||
run: ./{{ cookiecutter.name }} && baton grants --entitlement="${{ '{{' }} env.CONNECTOR_ENTITLEMENT {{ '}}' }}" --output-format=json | jq --exit-status "if .grants then .grants[]?.principal.id.resource != \"${{ '{{' }} env.CONNECTOR_PRINCIPAL {{ '}}' }}\" else . end" | ||
|
||
- name: Grant entitlement | ||
# Change the grant arguments to the correct IDs for your test data | ||
run: ./{{ cookiecutter.name }} --grant-entitlement="${{ '{{' }} env.CONNECTOR_ENTITLEMENT {{ '}}' }}" --grant-principal="${{ '{{' }} env.CONNECTOR_PRINCIPAL {{ '}}' }}" --grant-principal-type="${{ '{{' }} env.CONNECTOR_PRINCIPAL_TYPE {{ '}}' }}" | ||
|
||
- name: Check grant was re-granted | ||
{% raw %} | ||
run: | ||
baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\"" | ||
{% endraw %} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
name: main ci | ||
on: | ||
push: | ||
branches: | ||
- main | ||
jobs: | ||
go-lint: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Install Go | ||
uses: actions/setup-go@v5 | ||
with: | ||
go-version: 1.22.x | ||
- name: Checkout code | ||
uses: actions/checkout@v4 | ||
- name: Run linters | ||
uses: golangci/golangci-lint-action@v5 | ||
with: | ||
version: latest | ||
args: --timeout=3m | ||
go-test: | ||
strategy: | ||
matrix: | ||
go-version: [ 1.22.x ] | ||
platform: [ ubuntu-latest ] | ||
runs-on: ${{ '{{ matrix.platform }}' }} | ||
steps: | ||
- name: Install Go | ||
if: success() | ||
uses: actions/setup-go@v5 | ||
with: | ||
go-version: ${{ '{{ matrix.go-version }}' }} | ||
- name: Checkout code | ||
uses: actions/checkout@v4 | ||
- name: go tests | ||
run: (set -o pipefail && go test -v -covermode=count -json ./... | tee test.json) | ||
- name: annotate go tests | ||
if: always() | ||
uses: guyarb/golang-test-annotations@v0.5.1 | ||
with: | ||
test-results: test.json |
Oops, something went wrong.