ConductorOne · jirwin · Oct 4, 2024 · Oct 4, 2024 · Oct 4, 2024 · Oct 4, 2024
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -37,68 +37,68 @@ jobs:
         with:
           test-results: test.json
 
-  test:
-    runs-on: ubuntu-latest
-    # Define any services needed for the test suite (or delete this section)
-    # services:
-    #   postgres:
-    #     image: postgres:16
-    #     ports:
-    #       - "5432:5432"
-    #     env:
-    #       POSTGRES_PASSWORD: secretpassword
-    env:
-      BATON_LOG_LEVEL: debug
-      # Add any environment variables needed to run baton-sql
-      # BATON_BASE_URL: 'http://localhost:8080'
-      # BATON_ACCESS_TOKEN: 'secret_token'
-      # The following parameters are passed to grant/revoke commands
-      # Change these to the correct IDs for your test data
-      CONNECTOR_GRANT: 'grant:entitlement:group:1234:member:user:9876'
-      CONNECTOR_ENTITLEMENT: 'entitlement:group:1234:member'
-      CONNECTOR_PRINCIPAL: 'user:9876'
-      CONNECTOR_PRINCIPAL_TYPE: 'user'
-    steps:
-      - name: Install Go
-        uses: actions/setup-go@v5
-        with:
-          go-version: 1.22.x
-      - name: Checkout code
-        uses: actions/checkout@v4
-      # Install any dependencies here (or delete this)
-      # - name: Install postgres client
-      #   run: sudo apt install postgresql-client
-      # Run any fixture setup here (or delete this)
-      # - name: Import sql into postgres
-      #   run: psql -h localhost --user postgres -f environment.sql
-      #   env:
-      #     PGPASSWORD: secretpassword
-      - name: Build baton-sql
-        run: go build ./cmd/baton-sql
-      - name: Run baton-sql
-        run: ./baton-sql
-
-      - name: Install baton
-        run: ./scripts/get-baton.sh && mv baton /usr/local/bin
-
-      - name: Check for grant before revoking
-
-        run:
-          baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\""
-
-
-      - name: Revoke grants
-        run: ./baton-sql --revoke-grant="${{ env.CONNECTOR_GRANT }}"
-
-      - name: Check grant was revoked
-        run: ./baton-sql && baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | jq --exit-status "if .grants then .grants[]?.principal.id.resource != \"${{ env.CONNECTOR_PRINCIPAL }}\" else . end"
-
-      - name: Grant entitlement
-        # Change the grant arguments to the correct IDs for your test data
-        run: ./baton-sql --grant-entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --grant-principal="${{ env.CONNECTOR_PRINCIPAL }}" --grant-principal-type="${{ env.CONNECTOR_PRINCIPAL_TYPE }}"
-
-      - name: Check grant was re-granted
-
-        run:
-          baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\""
-
+#  test:
+#    runs-on: ubuntu-latest
+#    # Define any services needed for the test suite (or delete this section)
+#    # services:
+#    #   postgres:
+#    #     image: postgres:16
+#    #     ports:
+#    #       - "5432:5432"
+#    #     env:
+#    #       POSTGRES_PASSWORD: secretpassword
+#    env:
+#      BATON_LOG_LEVEL: debug
+#      # Add any environment variables needed to run baton-sql
+#      # BATON_BASE_URL: 'http://localhost:8080'
+#      # BATON_ACCESS_TOKEN: 'secret_token'
+#      # The following parameters are passed to grant/revoke commands
+#      # Change these to the correct IDs for your test data
+#      CONNECTOR_GRANT: 'grant:entitlement:group:1234:member:user:9876'
+#      CONNECTOR_ENTITLEMENT: 'entitlement:group:1234:member'
+#      CONNECTOR_PRINCIPAL: 'user:9876'
+#      CONNECTOR_PRINCIPAL_TYPE: 'user'
+#    steps:
+#      - name: Install Go
+#        uses: actions/setup-go@v5
+#        with:
+#          go-version: 1.22.x
+#      - name: Checkout code
+#        uses: actions/checkout@v4
+#      # Install any dependencies here (or delete this)
+#      # - name: Install postgres client
+#      #   run: sudo apt install postgresql-client
+#      # Run any fixture setup here (or delete this)
+#      # - name: Import sql into postgres
+#      #   run: psql -h localhost --user postgres -f environment.sql
+#      #   env:
+#      #     PGPASSWORD: secretpassword
+#      - name: Build baton-sql
+#        run: go build ./cmd/baton-sql
+#      - name: Run baton-sql
+#        run: ./baton-sql
+#
+#      - name: Install baton
+#        run: ./scripts/get-baton.sh && mv baton /usr/local/bin
+#
+#      - name: Check for grant before revoking
+#
+#        run:
+#          baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\""
+#
+#
+#      - name: Revoke grants
+#        run: ./baton-sql --revoke-grant="${{ env.CONNECTOR_GRANT }}"
+#
+#      - name: Check grant was revoked
+#        run: ./baton-sql && baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | jq --exit-status "if .grants then .grants[]?.principal.id.resource != \"${{ env.CONNECTOR_PRINCIPAL }}\" else . end"
+#
+#      - name: Grant entitlement
+#        # Change the grant arguments to the correct IDs for your test data
+#        run: ./baton-sql --grant-entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --grant-principal="${{ env.CONNECTOR_PRINCIPAL }}" --grant-principal-type="${{ env.CONNECTOR_PRINCIPAL_TYPE }}"
+#
+#      - name: Check grant was re-granted
+#
+#        run:
+#          baton grants --entitlement="${{ env.CONNECTOR_ENTITLEMENT }}" --output-format=json | jq --exit-status ".grants[].principal.id.resource == \"${{ env.CONNECTOR_PRINCIPAL }}\""
+#
diff --git a/cmd/baton-sql/config.go b/cmd/baton-sql/config.go
diff --git a/cmd/baton-sql/config_test.go b/cmd/baton-sql/config_test.go
diff --git a/cmd/baton-sql/main.go b/cmd/baton-sql/main.go
@@ -5,27 +5,29 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/conductorone/baton-sdk/pkg/config"
+	configSdk "github.com/conductorone/baton-sdk/pkg/config"
 	"github.com/conductorone/baton-sdk/pkg/connectorbuilder"
 	"github.com/conductorone/baton-sdk/pkg/field"
 	"github.com/conductorone/baton-sdk/pkg/types"
-	"github.com/conductorone/baton-sql/pkg/connector"
 	"github.com/grpc-ecosystem/go-grpc-middleware/logging/zap/ctxzap"
 	"github.com/spf13/viper"
 	"go.uber.org/zap"
+
+	"github.com/conductorone/baton-sql/pkg/config"
+	"github.com/conductorone/baton-sql/pkg/connector"
 )
 
 var version = "dev"
 
 func main() {
 	ctx := context.Background()
 
-	_, cmd, err := config.DefineConfiguration(
+	_, cmd, err := configSdk.DefineConfiguration(
 		ctx,
 		"baton-sql",
 		getConnector,
 		field.Configuration{
-			Fields: ConfigurationFields,
+			Fields: config.ConfigurationFields,
 		},
 	)
 	if err != nil {
@@ -44,11 +46,8 @@ func main() {
 
 func getConnector(ctx context.Context, v *viper.Viper) (types.ConnectorServer, error) {
 	l := ctxzap.Extract(ctx)
-	if err := ValidateConfig(v); err != nil {
-		return nil, err
-	}
 
-	cb, err := connector.New(ctx)
+	cb, err := connector.New(ctx, v.GetString("config-path"))
 	if err != nil {
 		l.Error("error creating connector", zap.Error(err))
 		return nil, err

diff --git a/examples/wordpress.yml b/examples/wordpress.yml
@@ -0,0 +1,99 @@
+---
+app_name: Wordpress
+connect:
+  dsn: "mysql://${DB_USERNAME}:${DB_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_NAME}?charset=utf8mb4&parseTime=True&loc=Local"
+resource_types:
+  user:
+    name: "User"
+    description: "A user within the wordpress system"
+    list:
+      query: |
+        SELECT
+          u.ID AS user_id,
+          u.user_login AS username,
+          u.user_email AS email,
+          u.user_registered AS created_at
+        FROM wp_users u
+        LIMIT ?<Limit> OFFSET ?<Offset>
+      map:
+        id: ".user_id"             # Mapping user ID from query result to ID
+        display_name: ".username"  # Mapping user_login to display name
+        description: ".email"      # Using user email as description
+        traits:
+          user:
+            emails:
+              - address: ".email"          # Mapping user email to traits
+            status:
+              status: 0
+              details: "active"    # Static status for users
+            login: ".username"    # Mapping login (user_login)
+      pagination:
+        strategy: "offset"          # Using offset-based pagination
+        primary_key: "ID"           # Primary key used for pagination
+
+  role:
+    name: "Role"
+    description: "A role within the wordpress system that can be assigned to a user"
+    list:
+      query: |
+        SELECT
+          um.meta_value AS role_name,
+          u.user_login AS username
+        FROM wp_usermeta um
+        JOIN wp_users u ON um.user_id = u.ID
+        WHERE um.meta_key = 'wp_capabilities'
+        LIMIT ?<Limit> OFFSET ?<Offset>
+      map:
+        id: ".role_name"          # Using role_name as the ID
+        display_name: ".role_name" # Using role name as the display name
+        description: "'Wordpress role for user'" # Static description
+        traits:
+          role:
+            name: ".role_name"    # Mapping role name into traits
+      pagination:
+        strategy: "offset"
+        primary_key: "meta_value"
+
+    entitlements:
+      query: |
+        SELECT
+          u.ID AS user_id,
+          u.user_login AS username,
+          um.meta_value AS role_name
+        FROM wp_users u
+        JOIN wp_usermeta um ON u.ID = um.user_id
+        WHERE um.meta_key = 'wp_capabilities'
+        LIMIT ?<Limit> OFFSET ?<Offset>
+      map:
+        id: ".user_id"            # Mapping user ID to entitlement ID
+        display_name: ".username"  # Using user_login as display name
+        description: "'Role entitlement for user'"
+        grantable_to:
+          - "user"
+        annotations:
+          entitlement_immutable:
+            value: true
+      pagination:
+        strategy: "offset"
+        primary_key: "ID"
+
+    grants:
+      query: |
+        SELECT
+          u.ID AS user_id,
+          u.user_login AS username,
+          um.meta_value AS role_name
+        FROM wp_users u
+        JOIN wp_usermeta um ON u.ID = um.user_id
+        WHERE um.meta_key = 'wp_capabilities'
+        LIMIT ?<Limit> OFFSET ?<Offset>
+      map:
+        principal_id: ".user_id"       # User ID as principal ID
+        principal_type: "'user'"       # Static principal type (users)
+        entitlement_id: ".role_name"      # Role entitlement for user
+        annotations:
+          entitlement_immutable:
+            value: true
+      pagination:
+        strategy: "offset"
+        primary_key: "ID"