ConductorOne
diff --git a/‎.github/workflows/ci.yaml‎
Lines changed: 17 additions & 37 deletions b/‎.github/workflows/ci.yaml‎
Lines changed: 17 additions & 37 deletions
diff --git a/‎pkg/connector/connector.go‎
Lines changed: 132 additions & 0 deletions b/‎pkg/connector/connector.go‎
Lines changed: 132 additions & 0 deletions
@@ -43,19 +43,14 @@ jobs:
 
   test:
     runs-on: ubuntu-latest
-    # Define any services needed for the test suite (or delete this section)
-    # services:
-    #   postgres:
-    #     image: postgres:16
-    #     ports:
-    #       - "5432:5432"
-    #     env:
-    #       POSTGRES_PASSWORD: secretpassword
+    if: github.event_name == 'pull_request' || github.ref == 'refs/heads/main'
     env:
       BATON_LOG_LEVEL: debug
-      # Add any environment variables needed to run baton-snowflake
-      # BATON_BASE_URL: 'http://localhost:8080'
-      # BATON_ACCESS_TOKEN: 'secret_token'
+      # Snowflake connection configuration
+      BATON_ACCOUNT_IDENTIFIER: ${{ secrets.BATON_ACCOUNT_IDENTIFIER }}
+      BATON_USER_IDENTIFIER: ${{ secrets.BATON_USER_IDENTIFIER }}
+      BATON_ACCOUNT_URL: ${{ secrets.BATON_ACCOUNT_URL }}
+      BATON_PRIVATE_KEY: ${{ secrets.BATON_PRIVATE_KEY }}
       # The following parameters are passed to grant/revoke commands
       # Change these to the correct IDs for your test data
       CONNECTOR_GRANT: 'grant:entitlement:group:1234:member:user:9876'
@@ -69,37 +64,22 @@ jobs:
         uses: actions/setup-go@v5
         with:
           go-version-file: 'go.mod'
-      # Install any dependencies here (or delete this)
-      # - name: Install postgres client
-      #   run: sudo apt install postgresql-client
-      # Run any fixture setup here (or delete this)
-      # - name: Import sql into postgres
-      #   run: psql -h localhost --user postgres -f environment.sql
-      #   env:
-      #     PGPASSWORD: secretpassword
+
       - name: Build baton-snowflake
-        run: go build ./cmd/baton-snowflake
+        run: go build -o baton-snowflake ./cmd/baton-snowflake
       # - name: Run baton-snowflake
       #   run: ./baton-snowflake
 
       - name: Install baton
         run: ./scripts/get-baton.sh && mv baton /usr/local/bin
 
-      # - name: Check for grant before revoking
-      #   run:
-      #     baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\""
-
-      # - name: Revoke grants
-      #   run: ./baton-snowflake --revoke-grant="${{ env.CONNECTOR_GRANT }}"
-
-      # - name: Check grant was revoked
-      #   run: ./baton-snowflake && baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | jq --exit-status "if .grants then .grants[]?.principal.id.resource != \"${{ env.CONNECTOR_PRINCIPAL }}\" else . end"
-
-      # - name: Grant entitlement
-      #   # Change the grant arguments to the correct IDs for your test data
-      #   run: ./baton-snowflake --grant-entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --grant-principal="${{ env.CONNECTOR_PRINCIPAL }}" --grant-principal-type="${{ env.CONNECTOR_PRINCIPAL_TYPE }}"
-
-      # - name: Check grant was re-granted
-      #   run:
-      #     baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\""
+      - name: Test Account Provisioning
+        uses: ConductorOne/github-workflows/.github/actions/account-provisioning@main
+        with:
+          connector: './baton-snowflake'
+          account-email: 'test-provisioning@example.com'
+          account-login: 'test-provisioning-user'
+          account-profile: '{"first_name": "Test", "last_name": "User", "name": "test-provisioning-user", "email": "test-provisioning@example.com"}'
+          account-type: 'user'
+          search-method: 'email'
 
@@ -48,6 +48,138 @@ func (d *Connector) Metadata(ctx context.Context) (*v2.ConnectorMetadata, error)
 	return &v2.ConnectorMetadata{
 		DisplayName: "Baton Snowflake",
 		Description: "Connector syncing users, databases and account roles from Snowflake.",
+		AccountCreationSchema: &v2.ConnectorAccountCreationSchema{
+			FieldMap: map[string]*v2.ConnectorAccountCreationSchema_Field{
+				"name": {
+					DisplayName: "User Name",
+					Required:    true,
+					Description: "The name of the user (required). Can be provided via login or profile.name",
+					Placeholder: "username",
+					Order:       0,
+					Field: &v2.ConnectorAccountCreationSchema_Field_StringField{
+						StringField: &v2.ConnectorAccountCreationSchema_StringField{},
+					},
+				},
+				"login": {
+					DisplayName: "Login Name",
+					Required:    false,
+					Description: "The login name for the user (defaults to email if not provided)",
+					Placeholder: "user@example.com",
+					Order:       1,
+					Field: &v2.ConnectorAccountCreationSchema_Field_StringField{
+						StringField: &v2.ConnectorAccountCreationSchema_StringField{},
+					},
+				},
+				"display_name": {
+					DisplayName: "Display Name",
+					Required:    false,
+					Description: "The display name for the user",
+					Placeholder: "John Doe",
+					Order:       2,
+					Field: &v2.ConnectorAccountCreationSchema_Field_StringField{
+						StringField: &v2.ConnectorAccountCreationSchema_StringField{},
+					},
+				},
+				"first_name": {
+					DisplayName: "First Name",
+					Required:    false,
+					Description: "The first name of the user",
+					Placeholder: "John",
+					Order:       3,
+					Field: &v2.ConnectorAccountCreationSchema_Field_StringField{
+						StringField: &v2.ConnectorAccountCreationSchema_StringField{},
+					},
+				},
+				"last_name": {
+					DisplayName: "Last Name",
+					Required:    false,
+					Description: "The last name of the user",
+					Placeholder: "Doe",
+					Order:       4,
+					Field: &v2.ConnectorAccountCreationSchema_Field_StringField{
+						StringField: &v2.ConnectorAccountCreationSchema_StringField{},
+					},
+				},
+				"email": {
+					DisplayName: "Email",
+					Required:    false,
+					Description: "The email address for the user",
+					Placeholder: "user@example.com",
+					Order:       5,
+					Field: &v2.ConnectorAccountCreationSchema_Field_StringField{
+						StringField: &v2.ConnectorAccountCreationSchema_StringField{},
+					},
+				},
+				"comment": {
+					DisplayName: "Comment",
+					Required:    false,
+					Description: "A comment or description for the user",
+					Placeholder: "User description",
+					Order:       6,
+					Field: &v2.ConnectorAccountCreationSchema_Field_StringField{
+						StringField: &v2.ConnectorAccountCreationSchema_StringField{},
+					},
+				},
+				"disabled": {
+					DisplayName: "Disabled",
+					Required:    false,
+					Description: "Whether the user account should be disabled",
+					Order:       8,
+					Field: &v2.ConnectorAccountCreationSchema_Field_BoolField{
+						BoolField: &v2.ConnectorAccountCreationSchema_BoolField{},
+					},
+				},
+				"must_change_password": {
+					DisplayName: "Must Change Password",
+					Required:    false,
+					Description: "Whether the user must change their password on next login",
+					Order:       9,
+					Field: &v2.ConnectorAccountCreationSchema_Field_BoolField{
+						BoolField: &v2.ConnectorAccountCreationSchema_BoolField{},
+					},
+				},
+				"default_warehouse": {
+					DisplayName: "Default Warehouse",
+					Required:    false,
+					Description: "The default warehouse to use when this user starts a session",
+					Placeholder: "COMPUTE_WH",
+					Order:       10,
+					Field: &v2.ConnectorAccountCreationSchema_Field_StringField{
+						StringField: &v2.ConnectorAccountCreationSchema_StringField{},
+					},
+				},
+				"default_namespace": {
+					DisplayName: "Default Namespace",
+					Required:    false,
+					Description: "The default namespace to use when this user starts a session",
+					Placeholder: "DATABASE.SCHEMA",
+					Order:       11,
+					Field: &v2.ConnectorAccountCreationSchema_Field_StringField{
+						StringField: &v2.ConnectorAccountCreationSchema_StringField{},
+					},
+				},
+				"default_role": {
+					DisplayName: "Default Role",
+					Required:    false,
+					Description: "The default role to use when this user starts a session",
+					Placeholder: "PUBLIC",
+					Order:       12,
+					Field: &v2.ConnectorAccountCreationSchema_Field_StringField{
+						StringField: &v2.ConnectorAccountCreationSchema_StringField{},
+					},
+				},
+				"default_secondary_roles": {
+					DisplayName: "Default Secondary Roles",
+					Required:    false,
+					Description: "The default secondary roles of this user to use when starting a session. Valid values: ALL or NONE. Default is ALL.",
+					Placeholder: "ALL",
+					Order:       13,
+					Field: &v2.ConnectorAccountCreationSchema_Field_StringField{
+						StringField: &v2.ConnectorAccountCreationSchema_StringField{},
+					},
+				},
+			},
+		},
 	}, nil
 }