Skip to content

revert tests to pass #50

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
btipling merged 6 commits into from
Sep 23, 2025
Merged

revert tests to pass #50

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
dc03fc2
revert tests to pass
btipling Sep 23, 2025
5bd0150
fix
btipling Sep 23, 2025
96df60d
fix copy paste
btipling Sep 23, 2025
0d2be0a
fix go version
btipling Sep 23, 2025
4c97920
use enterprise token in capabilities
btipling Sep 23, 2025
81dc85b
fix grep
btipling Sep 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/capabilities_and_config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ jobs:
run: ./connector config > config_schema.json

- name: Run and save capabilities output
run: ./connector capabilities --token "${{ secrets.BATON_TOKEN }}" > baton_capabilities.json
run: ./connector capabilities --token "${{ secrets.BATON_TOKEN }}" --enterprise-token "${{ secrets.BATON_ENTERPRISE_TOKEN}}" > baton_capabilities.json

- name: Commit changes
uses: EndBug/add-and-commit@v9
Expand Down
235 changes: 192 additions & 43 deletions .github/workflows/ci.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
- name: Install Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
go-version: 1.25.x
Copy link

@cursor cursor bot Sep 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Invalid Go Version Specified in CI

The setup-go action in multiple jobs now specifies go-version: 1.25.x instead of using go-version-file: go.mod. Go version 1.25.x does not exist, which will cause these workflows to fail during Go installation.

Additional Locations (5)

Fix in Cursor Fix in Web

- name: Run linters
uses: golangci/golangci-lint-action@v8
with:
Expand All @@ -27,39 +27,76 @@ jobs:
if: success()
uses: actions/setup-go@v5
with:
go-version-file: go.mod
go-version: 1.25.x
- name: go tests
run: (set -o pipefail && go test -v -covermode=count -json ./... | tee test.json)
- name: annotate go tests
if: always()
uses: guyarb/golang-test-annotations@v0.8.0
with:
test-results: test.json

test-member:
runs-on: ubuntu-latest
env:
BATON_LOG_LEVEL: debug

CONNECTOR_GRANT: 'workspaceRole:T08101AQL31:member:assigned:user:U083SJ36LCD'
CONNECTOR_ENTITLEMENT: 'workspaceRole:T08101AQL31:member:assigned'
CONNECTOR_PRINCIPAL: 'U083SJ36LCD'
CONNECTOR_PRINCIPAL_TYPE: 'user'

BATON_TOKEN: "${{ secrets.BATON_TOKEN }}"
BATON_ENTERPRISE_TOKEN: "${{ secrets.BATON_ENTERPRISE_TOKEN }}"

steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
go-version: 1.25.x
- name: Checkout code
uses: actions/checkout@v4
- name: Build baton-slack
run: go build ./cmd/baton-slack
- name: Grant/revoke entitlement
uses: ConductorOne/github-workflows/actions/sync-test@v2
with:
connector: ./baton-slack
baton-entitlement: "workspaceRole:T08101AQL31:member:assigned"
baton-principal: "U083SJ36LCD"
baton-principal-type: "user"
- name: Run baton-slack
run: ./baton-slack
- name: Install baton
run: ./scripts/get-baton.sh && mv baton /usr/local/bin

- name: Grant entitlement first time
run: |
./baton-slack --grant-entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" \
--grant-principal="${{ env.CONNECTOR_PRINCIPAL }}" \
--grant-principal-type="${{ env.CONNECTOR_PRINCIPAL_TYPE }}"

- name: Check for grant before revoking
run: |
./baton-slack && \
baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | \
jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\"" | grep true

- name: Revoke grants
run: ./baton-slack --revoke-grant="${{ env.CONNECTOR_GRANT }}"

- name: Check grant was revoked
run: |
./baton-slack && \
baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | \
jq --exit-status "if .grants then .grants[]?.principal.id.resource != \"${{ env.CONNECTOR_PRINCIPAL }}\" else . end"

- name: Grant entitlement second time
run: |
./baton-slack --grant-entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" \
--grant-principal="${{ env.CONNECTOR_PRINCIPAL }}" \
--grant-principal-type="${{ env.CONNECTOR_PRINCIPAL_TYPE }}"

- name: Wait 10 seconds
run: sleep 10

- name: Check grant was re-granted
run: |
./baton-slack && \
baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | \
jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\"" | grep true

test-admin:
needs: [test-member]
Expand All @@ -68,74 +105,186 @@ jobs:
# Logging level for Baton
BATON_LOG_LEVEL: debug

# Connector-specific details
CONNECTOR_GRANT: 'workspaceRole:T08101AQL31:admin:assigned:user:U083SJ36LCD'
CONNECTOR_ENTITLEMENT: 'workspaceRole:T08101AQL31:admin:assigned'
CONNECTOR_PRINCIPAL: 'U083SJ36LCD'
CONNECTOR_PRINCIPAL_TYPE: 'user'

# Secrets for Baton authentication
BATON_TOKEN: "${{ secrets.BATON_TOKEN }}"
BATON_ENTERPRISE_TOKEN: "${{ secrets.BATON_ENTERPRISE_TOKEN }}"

steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
go-version: 1.25.x
- name: Checkout code
uses: actions/checkout@v4
- name: Build baton-slack
run: go build ./cmd/baton-slack
- name: Grant/revoke entitlement
uses: ConductorOne/github-workflows/actions/sync-test@v2
with:
connector: ./baton-slack
baton-entitlement: "workspaceRole:T08101AQL31:admin:assigned"
baton-principal: "U083SJ36LCD"
baton-principal-type: "user"

- name: Run baton-slack
run: ./baton-slack
- name: Install baton
run: ./scripts/get-baton.sh && mv baton /usr/local/bin

- name: Grant entitlement first time
run: |
./baton-slack --grant-entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" \
--grant-principal="${{ env.CONNECTOR_PRINCIPAL }}" \
--grant-principal-type="${{ env.CONNECTOR_PRINCIPAL_TYPE }}"

- name: Check for grant before revoking
run: |
./baton-slack && \
baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | \
jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\"" | grep true

- name: Revoke grants
run: ./baton-slack --revoke-grant="${{ env.CONNECTOR_GRANT }}"

- name: Check grant was revoked
run: |
./baton-slack && \
baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | \
jq --exit-status "if .grants then .grants[]?.principal.id.resource != \"${{ env.CONNECTOR_PRINCIPAL }}\" else . end"
#
- name: Grant entitlement second time
run: |
./baton-slack --grant-entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" \
--grant-principal="${{ env.CONNECTOR_PRINCIPAL }}" \
--grant-principal-type="${{ env.CONNECTOR_PRINCIPAL_TYPE }}"

- name: Check grant was re-granted
run: |
./baton-slack && \
baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | \
jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\"" | grep true


test-owner:
needs: [test-member, test-admin]
runs-on: ubuntu-latest
env:
BATON_LOG_LEVEL: debug

CONNECTOR_GRANT: 'workspaceRole:T08101AQL31:owner:assigned:user:U083SJ36LCD'
CONNECTOR_ENTITLEMENT: 'workspaceRole:T08101AQL31:owner:assigned'
CONNECTOR_PRINCIPAL: 'U083SJ36LCD'
CONNECTOR_PRINCIPAL_TYPE: 'user'

BATON_TOKEN: "${{ secrets.BATON_TOKEN }}"
BATON_ENTERPRISE_TOKEN: "${{ secrets.BATON_ENTERPRISE_TOKEN }}"

steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
go-version: 1.25.x
- name: Checkout code
uses: actions/checkout@v4
- name: Build baton-slack
run: go build ./cmd/baton-slack
- name: Grant/revoke entitlement
uses: ConductorOne/github-workflows/actions/sync-test@v2
with:
connector: ./baton-slack
baton-entitlement: "workspaceRole:T08101AQL31:owner:assigned"
baton-principal: "U083SJ36LCD"
baton-principal-type: "user"

- name: Run baton-slack
run: ./baton-slack
- name: Install baton
run: ./scripts/get-baton.sh && mv baton /usr/local/bin

- name: Grant entitlement first time
run: |
./baton-slack --grant-entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" \
--grant-principal="${{ env.CONNECTOR_PRINCIPAL }}" \
--grant-principal-type="${{ env.CONNECTOR_PRINCIPAL_TYPE }}"

- name: Check for grant before revoking
run: |
./baton-slack && \
baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | \
jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\"" | grep true

- name: Revoke grants
run: ./baton-slack --revoke-grant="${{ env.CONNECTOR_GRANT }}"

- name: Check grant was revoked
run: |
./baton-slack && \
baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | \
jq --exit-status "if .grants then .grants[]?.principal.id.resource != \"${{ env.CONNECTOR_PRINCIPAL }}\" else . end"

- name: Grant entitlement second time
run: |
./baton-slack --grant-entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" \
--grant-principal="${{ env.CONNECTOR_PRINCIPAL }}" \
--grant-principal-type="${{ env.CONNECTOR_PRINCIPAL_TYPE }}"

- name: Check grant was re-granted
run: |
./baton-slack && \
baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | \
jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\"" | grep -q "true"

test-enterprise-roles:
runs-on: ubuntu-latest
env:
BATON_LOG_LEVEL: debug

CONNECTOR_GRANT: 'enterpriseRole:Rl0K:assigned:user:U083SJ36LCD'
CONNECTOR_ENTITLEMENT: 'enterpriseRole:Rl0K:assigned'
CONNECTOR_PRINCIPAL: 'U083SJ36LCD'
CONNECTOR_PRINCIPAL_TYPE: 'user'

BATON_TOKEN: "${{ secrets.BATON_TOKEN }}"
BATON_ENTERPRISE_TOKEN: "${{ secrets.BATON_ENTERPRISE_TOKEN }}"

steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
go-version: 1.25.x
- name: Checkout code
uses: actions/checkout@v4
- name: Build baton-slack
run: go build ./cmd/baton-slack
- name: Grant/revoke entitlement
uses: ConductorOne/github-workflows/actions/sync-test@v2
with:
connector: ./baton-slack
baton-entitlement: "enterpriseRole:Rl0K:assigned"
baton-principal: "U083SJ36LCD"
baton-principal-type: "user"

- name: Run baton-slack
run: ./baton-slack
- name: Install baton
run: ./scripts/get-baton.sh && mv baton /usr/local/bin

- name: Grant enterprise role first time
run: |
./baton-slack --grant-entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" \
--grant-principal="${{ env.CONNECTOR_PRINCIPAL }}" \
--grant-principal-type="${{ env.CONNECTOR_PRINCIPAL_TYPE }}"

- name: Check for enterprise role grant before revoking
run: |
./baton-slack && \
baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | \
jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\"" | grep -q "true"

- name: Revoke enterprise role grant
run: ./baton-slack --revoke-grant="${{ env.CONNECTOR_GRANT }}"

- name: Check enterprise role grant was revoked
run: |
./baton-slack && \
baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | \
jq --exit-status "if .grants then .grants[]?.principal.id.resource != \"${{ env.CONNECTOR_PRINCIPAL }}\" else . end"

- name: Grant enterprise role second time
run: |
./baton-slack --grant-entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" \
--grant-principal="${{ env.CONNECTOR_PRINCIPAL }}" \
--grant-principal-type="${{ env.CONNECTOR_PRINCIPAL_TYPE }}"

- name: Check enterprise role was re-granted
run: |
./baton-slack && \
baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | \
jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\"" | grep -q "true"


Loading