Merge pull request #47 from ConductorOne/add_account_deprovisioning

[BB-785] Add account deprovisioning

Author: aldevv

.github/workflows/release.yaml

@@ -3,59 +3,18 @@ name: Release
 on:
   push:
     tags:
-      - '*'
+      - "*"
 
 jobs:
-  goreleaser:
-    runs-on: macos-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-        with:
-          fetch-depth: 0
-      - name: Set up Go
-        uses: actions/setup-go@v4
-        with:
-          go-version: 1.23.x
-      - name: Set up Gon
-        run: brew tap conductorone/gon && brew install conductorone/gon/gon
-      - name: Import Keychain Certs
-        uses: apple-actions/import-codesign-certs@v1
-        with:
-          p12-file-base64: ${{ secrets.APPLE_SIGNING_KEY_P12 }}
-          p12-password: ${{ secrets.APPLE_SIGNING_KEY_P12_PASSWORD }}
-      - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v6
-        with:
-          version: "~> v2"
-          args: release --clean
-        env:
-          GITHUB_TOKEN: ${{ secrets.RELENG_GITHUB_TOKEN }}
-          AC_PASSWORD: ${{ secrets.AC_PASSWORD }}
-          AC_PROVIDER: ${{ secrets.AC_PROVIDER }}
-  goreleaser-docker:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-        with:
-          fetch-depth: 0
-      - name: Set up Go
-        uses: actions/setup-go@v4
-        with:
-          go-version: 1.23.x
-      - name: Docker Login
-        uses: docker/login-action@v1
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.RELENG_GITHUB_TOKEN }}
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-      - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v6
-        with:
-          version: "~> v2"
-          args: release --clean -f .goreleaser.docker.yaml
-        env:
-          GITHUB_TOKEN: ${{ secrets.RELENG_GITHUB_TOKEN }}
+  release:
+    uses: ConductorOne/github-workflows/.github/workflows/release.yaml@v2
+    with:
+      tag: ${{ github.ref_name }}
+      lambda: false
+    secrets:
+      RELENG_GITHUB_TOKEN: ${{ secrets.RELENG_GITHUB_TOKEN }}
+      APPLE_SIGNING_KEY_P12: ${{ secrets.APPLE_SIGNING_KEY_P12 }}
+      APPLE_SIGNING_KEY_P12_PASSWORD: ${{ secrets.APPLE_SIGNING_KEY_P12_PASSWORD }}
+      AC_PASSWORD: ${{ secrets.AC_PASSWORD }}
+      AC_PROVIDER: ${{ secrets.AC_PROVIDER }}
+      DATADOG_API_KEY: ${{ secrets.DATADOG_API_KEY }}

cmd/baton-slack/main.go

@@ -5,9 +5,10 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/conductorone/baton-sdk/pkg/config"
+	configSdk "github.com/conductorone/baton-sdk/pkg/config"
 	"github.com/conductorone/baton-sdk/pkg/connectorbuilder"
 	"github.com/conductorone/baton-sdk/pkg/types"
+	"github.com/conductorone/baton-slack/pkg/config"
 	"github.com/conductorone/baton-slack/pkg/connector"
 	"github.com/grpc-ecosystem/go-grpc-middleware/logging/zap/ctxzap"
 	"github.com/spf13/viper"
@@ -22,11 +23,11 @@ var (
 func main() {
 	ctx := context.Background()
 
-	_, cmd, err := config.DefineConfiguration(
+	_, cmd, err := configSdk.DefineConfiguration(
 		ctx,
 		connectorName,
 		getConnector,
-		Configuration,
+		config.Configuration,
 	)
 	if err != nil {
 		fmt.Fprintln(os.Stderr, err.Error())
@@ -46,10 +47,10 @@ func getConnector(ctx context.Context, v *viper.Viper) (types.ConnectorServer, e
 	logger := ctxzap.Extract(ctx)
 	cb, err := connector.New(
 		ctx,
-		v.GetString(AccessTokenField.FieldName),
-		v.GetString(EnterpriseTokenField.FieldName),
-		v.GetBool(SSOEnabledField.FieldName),
-		v.GetBool(GovEnvironmentField.FieldName),
+		v.GetString(config.AccessTokenField.FieldName),
+		v.GetString(config.EnterpriseTokenField.FieldName),
+		v.GetBool(config.SSOEnabledField.FieldName),
+		v.GetBool(config.GovEnvironmentField.FieldName),
 	)
 	if err != nil {
 		logger.Error("error creating connector", zap.Error(err))

cmd/baton-slack/config.go pkg/config/config.gocmd/baton-slack/config.go renamed to pkg/config/config.go

@@ -1,4 +1,4 @@
-package main
+package config
 
 import (
 	"github.com/conductorone/baton-sdk/pkg/field"
@@ -7,20 +7,24 @@ import (
 var (
 	AccessTokenField = field.StringField(
 		"token",
+		field.WithDisplayName("Access Token"),
 		field.WithDescription("The Slack bot user oauth token used to connect to the Slack API"),
 		field.WithRequired(true),
 	)
 	EnterpriseTokenField = field.StringField(
 		"enterprise-token",
+		field.WithDisplayName("Enterprise Token"),
 		field.WithDescription("The Slack user oauth token used to connect to the Slack Enterprise Grid Admin API"),
 	)
 	SSOEnabledField = field.BoolField(
 		"sso-enabled",
+		field.WithDisplayName("SSO Enabled"),
 		field.WithDescription("Flag indicating that the SSO has been configured for Enterprise Grid Organization. Enables usage of SCIM API"),
 		field.WithDefaultValue(false),
 	)
 	GovEnvironmentField = field.BoolField(
 		"gov-env",
+		field.WithDisplayName("Gov Environment"),
 		field.WithDescription("Flag indicating to use Slack-Gov environment."),
 		field.WithDefaultValue(false),
 	)
@@ -45,5 +49,5 @@ var (
 		),
 	}
 
-	Configuration = field.NewConfiguration(ConfigurationFields)
+	Configuration = field.NewConfiguration(ConfigurationFields, field.WithConstraints(FieldRelationships...))
 )

pkg/connector/user.go

@@ -301,6 +301,32 @@ func (o *userResourceType) CreateAccount(
 	}, nil, outputAnnotations, nil
 }
 
+func (o *userResourceType) Delete(ctx context.Context, resourceId *v2.ResourceId) (annotations.Annotations, error) {
+	if o.enterpriseClient == nil {
+		return nil, fmt.Errorf("baton-slack: enterprise client required for user deletion")
+	}
+
+	userID := resourceId.Resource
+	outputAnnotations := annotations.New()
+
+	user, ratelimitData, err := o.enterpriseClient.GetUserInfo(ctx, userID)
+	outputAnnotations.WithRateLimiting(ratelimitData)
+	if err != nil {
+		return outputAnnotations, fmt.Errorf("baton-slack: failed to get user info: %w", err)
+	}
+
+	ratelimitData, err = o.enterpriseClient.RemoveUser(ctx, user.Profile.Team, userID)
+	outputAnnotations.WithRateLimiting(ratelimitData)
+	if err != nil {
+		if err.Error() == enterprise.SlackErrUserAlreadyDeleted {
+			return outputAnnotations, nil
+		}
+		return outputAnnotations, fmt.Errorf("baton-slack: failed to delete user %s: %w", userID, err)
+	}
+
+	return outputAnnotations, nil
+}
+
 func (o *userResourceType) CreateAccountCapabilityDetails(ctx context.Context) (*v2.CredentialDetailsAccountProvisioning, annotations.Annotations, error) {
 	return &v2.CredentialDetailsAccountProvisioning{
 		SupportedCredentialOptions: []v2.CapabilityDetailCredentialOption{