Commit 05fb374
feat(connector): enterprise and cloud connector batch (batch 3) (#149)
* feat(connector): Stripe, Okta, Shopify, Mailchimp, OneDrive, QuickBooks, and RabbitMQ connectors
Adds 17 new connector actions across 7 services:
- stripe/create_charge, stripe/create_customer, stripe/create_refund
- okta/list_users, okta/create_user
- shopify/list_orders, shopify/list_products, shopify/create_order
- mailchimp/list_members, mailchimp/add_member
- onedrive/upload, sharepoint/list_items
- quickbooks/create_invoice, quickbooks/list_invoices
- rabbitmq/publish, rabbitmq/consume
Also adds parseJSONBody shared helper to tools.go and
github.com/rabbitmq/amqp091-go v1.11.0 as the AMQP protocol client.
Closes #94, #108, #109, #111, #112, #114, #115
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(connector): address Codex review comments on OneDrive and RabbitMQ
- OneDrive: remove url.PathEscape on filePath to preserve literal "/"
separators in Graph API path templates (escaping produced %2F which
resolved to a file literally named "documents%2Fhello.txt")
- RabbitMQ: ack each message inside the consume loop when auto_ack=false
so messages are not requeued when the channel closes on return
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(connector): address CodeRabbit review on saas-connector batch
- rabbitmq: validate params before dialing (exchange/routing_key/body for
publish, queue for consume) so invalid requests fail without a connection
- rabbitmq: use amqp.DialConfig with net.Dialer.DialContext so the dial
respects context cancellation
- rabbitmq: default auto_ack=false (at-least-once); true opts into at-most-once
- onedrive: add escapePath helper to encode individual path segments without
escaping "/" separators, so nested folders work with Graph path addressing
- onedrive_test: assert request URL path to catch future slash-escaping regressions
- quickbooks: reject where/order_by values that contain structural keywords
(maxresults, startposition, orderby) to prevent clause injection
- shopify: extract shopifyAPIURL package-level helper, removing three identical
apiURL methods
- go.mod: go mod tidy promotes amqp091-go from indirect to direct
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix: exempt /metrics, /healthz, /readyz from auth; numeric UID in Dockerfile
- server: register /metrics, /healthz, and /readyz on a top-level mux so
Kubernetes probes and Prometheus scrapers bypass API key auth entirely.
All other routes fall through to the auth/rate-limit-wrapped apiMux.
- Dockerfile: create the mantle user with explicit -u 10001 -g 10001 and
switch to USER 10001:10001 so kubelet can verify runAsNonRoot: true
without a numeric runAsUser override in the Helm chart.
Closes #139
Closes #137
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat(connector): enterprise and cloud connector batch (batch 3)
Adds 39 new connector actions across 17 integrations:
Microsoft: entra/list_users, entra/create_user, entra/add_group_member,
teams/send_message, teams/send_adaptive_card
CRM/Ticketing: hubspot/create_contact, hubspot/search_contacts,
jira/create_issue, jira/search_issues, salesforce/query,
salesforce/create_record
Google: drive/upload, drive/list_files, sheets/read_range,
sheets/append_rows, gcp/publish, gcp/invoke_cloud_run
GitHub: github/dispatch_workflow (added to existing file)
Cloud: azure/blob_upload, azure/blob_download, azure/invoke_function,
databricks/execute_sql, databricks/submit_job, bigquery/query,
bigquery/insert_rows
AWS: aws/invoke_lambda, aws/send_sqs, aws/publish_sns
Messaging: kafka/produce, kafka/consume
Database: snowflake/query, mysql/query, mysql/execute, mssql/query,
mssql/execute, redshift/query
Kubernetes: k8s/apply, k8s/create_job, k8s/get_pod_status
All connectors follow the established pattern: baseURL injection for
testing, dual-shape credential extraction, LimitReader on HTTP responses,
170 unit tests via httptest.NewServer with no external dependencies.
Closes #113
Closes #97
Closes #107
Closes #106
Closes #93
Closes #87
Closes #86
Closes #85
Closes #88
Closes #92
Closes #91
Closes #89
Closes #90
Closes #78
Closes #79
Closes #82
Closes #105
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(connectors): address Copilot and Gosec review feedback
Gosec (unblocks CI):
- kubernetes.go: change //nolint:gosec → // #nosec G402 for TLS
InsecureSkipVerify so gosec native suppression is recognized
Copilot feedback applied:
- teams.go: drain response body via io.LimitReader (bounded discard)
- entra.go: same bounded discard for add_group_member response
- kubernetes.go: add k8sPlural() to handle irregular pluralization
(Ingress→ingresses, NetworkPolicy→networkpolicies); handle io.ReadAll
error when reading server-side apply response
- kubernetes_test.go: replace recursive containsStr with strings.Contains
- kafka.go: remove 'partition' from KafkaProduceConnector docstring
(param is not implemented)
- bigquery.go: handle fmt.Sscanf error in parseIntString
- mysql.go: use mysqldrv.Config.FormatDSN() for safe DSN encoding
(handles passwords with '@', ':', '/' characters); omit last_insert_id
from MSSQL execute result when driver returns error (SQL Server does not
support LastInsertId)
- snowflake.go: remove duplicate blank import (named import already
registers the driver via init())
- aws.go, provider_bedrock.go: add #nosec G115 for safe int32 narrowing
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(connector): address CodeRabbit feedback on connector-batch-3
- azure/invoke_function: error on non-2xx responses; url.QueryEscape function key
- gcp/invoke_cloud_run: error on non-2xx responses
- github/dispatch_workflow: url.PathEscape workflowID in path
- drive/upload: use multipart.NewWriter for random boundary (prevents boundary collision)
- k8s: url.PathEscape namespace/name in resource paths and get_pod_status
- salesforce: url.PathEscape objectType in create_record path
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat(connector): BigQuery pagination/row typing + SQL bound parameters
BigQuery:
- Poll until jobComplete with context-bounded retry (500ms interval, configurable for tests)
- Paginate through pageToken until max_rows satisfied
- Return []map[string]any rows keyed by schema field names (was [][]string positional)
- NULL values → nil, RECORD types → nested map, REPEATED fields → slice
- bqParseValue recursively handles nested RECORD and REPEATED+RECORD combinations
MySQL, MSSQL, Redshift, Snowflake:
- Accept optional args: []any for parameterized query/execute
- MySQL/MSSQL use ? placeholders; Redshift uses $1/$2; Snowflake uses ?
- Passes args... to QueryContext/ExecContext — driver handles escaping
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(connectors): address CodeRabbit round-2 review feedback
- kubernetes: support cluster-scoped resources (empty namespace omits /namespaces/{ns}),
add MinVersion TLS 1.2, propagate "default" namespace only in inherently-namespaced
connectors (create_job, get_pod_status)
- mysql: fix Redshift DSN to use pgx URL format so special chars in credentials are
properly percent-encoded
- snowflake: replace duplicated row-scanning loop with shared scanSQLRows helper
- entra: read response body before status check in add_group_member so errors include
the API's error message
- bedrock: add explicit math.MaxInt32 bounds check before int32 narrowing cast and
remove #nosec suppression
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Michael McNees <mmcnees@Michaels-MacBook-Pro.local>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>1 parent 52d3860 commit 05fb374
40 files changed
Lines changed: 6912 additions & 71 deletions
File tree
- packages/engine
- internal/connector
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
2 | | - | |
3 | | - | |
| 1 | + | |
4 | 2 | | |
5 | 3 | | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
1 | 2 | | |
2 | 3 | | |
3 | 4 | | |
| |||
226 | 227 | | |
227 | 228 | | |
228 | 229 | | |
229 | | - | |
230 | | - | |
231 | 230 | | |
232 | 231 | | |
233 | 232 | | |
| |||
238 | 237 | | |
239 | 238 | | |
240 | 239 | | |
241 | | - | |
242 | | - | |
243 | 240 | | |
244 | 241 | | |
245 | 242 | | |
246 | 243 | | |
247 | 244 | | |
248 | 245 | | |
249 | 246 | | |
| 247 | + | |
250 | 248 | | |
251 | 249 | | |
252 | 250 | | |
| |||
262 | 260 | | |
263 | 261 | | |
264 | 262 | | |
| 263 | + | |
265 | 264 | | |
266 | 265 | | |
267 | | - | |
268 | | - | |
269 | | - | |
270 | | - | |
271 | 266 | | |
272 | 267 | | |
273 | 268 | | |
| |||
310 | 305 | | |
311 | 306 | | |
312 | 307 | | |
| 308 | + | |
313 | 309 | | |
314 | 310 | | |
315 | 311 | | |
| |||
319 | 315 | | |
320 | 316 | | |
321 | 317 | | |
322 | | - | |
323 | | - | |
324 | 318 | | |
325 | 319 | | |
326 | 320 | | |
| |||
329 | 323 | | |
330 | 324 | | |
331 | 325 | | |
332 | | - | |
333 | | - | |
334 | | - | |
335 | | - | |
336 | 326 | | |
337 | 327 | | |
338 | 328 | | |
339 | 329 | | |
340 | 330 | | |
341 | 331 | | |
342 | | - | |
343 | | - | |
344 | 332 | | |
345 | 333 | | |
346 | 334 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | | - | |
| 3 | + | |
4 | 4 | | |
5 | 5 | | |
6 | 6 | | |
7 | 7 | | |
8 | 8 | | |
9 | | - | |
| 9 | + | |
10 | 10 | | |
11 | 11 | | |
12 | 12 | | |
| 13 | + | |
13 | 14 | | |
14 | 15 | | |
| 16 | + | |
| 17 | + | |
15 | 18 | | |
16 | 19 | | |
17 | 20 | | |
18 | 21 | | |
19 | | - | |
| 22 | + | |
| 23 | + | |
20 | 24 | | |
21 | 25 | | |
22 | 26 | | |
| 27 | + | |
23 | 28 | | |
24 | 29 | | |
25 | 30 | | |
26 | 31 | | |
| 32 | + | |
27 | 33 | | |
28 | 34 | | |
29 | 35 | | |
30 | 36 | | |
31 | 37 | | |
| 38 | + | |
32 | 39 | | |
33 | 40 | | |
34 | | - | |
| 41 | + | |
35 | 42 | | |
36 | 43 | | |
37 | 44 | | |
| |||
43 | 50 | | |
44 | 51 | | |
45 | 52 | | |
46 | | - | |
47 | | - | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
| 57 | + | |
48 | 58 | | |
| 59 | + | |
49 | 60 | | |
50 | 61 | | |
| 62 | + | |
51 | 63 | | |
52 | 64 | | |
| 65 | + | |
53 | 66 | | |
54 | | - | |
| 67 | + | |
| 68 | + | |
| 69 | + | |
55 | 70 | | |
56 | | - | |
57 | | - | |
| 71 | + | |
| 72 | + | |
| 73 | + | |
58 | 74 | | |
59 | 75 | | |
60 | 76 | | |
| |||
65 | 81 | | |
66 | 82 | | |
67 | 83 | | |
68 | | - | |
| 84 | + | |
69 | 85 | | |
70 | 86 | | |
71 | 87 | | |
| |||
76 | 92 | | |
77 | 93 | | |
78 | 94 | | |
79 | | - | |
| 95 | + | |
| 96 | + | |
80 | 97 | | |
81 | 98 | | |
82 | 99 | | |
| 100 | + | |
83 | 101 | | |
84 | 102 | | |
85 | 103 | | |
86 | 104 | | |
87 | 105 | | |
88 | 106 | | |
| 107 | + | |
89 | 108 | | |
90 | 109 | | |
91 | 110 | | |
92 | 111 | | |
93 | 112 | | |
94 | 113 | | |
95 | 114 | | |
| 115 | + | |
| 116 | + | |
| 117 | + | |
| 118 | + | |
96 | 119 | | |
| 120 | + | |
| 121 | + | |
97 | 122 | | |
98 | 123 | | |
99 | 124 | | |
100 | 125 | | |
| 126 | + | |
101 | 127 | | |
102 | 128 | | |
103 | 129 | | |
104 | 130 | | |
105 | 131 | | |
106 | 132 | | |
107 | | - | |
| 133 | + | |
| 134 | + | |
| 135 | + | |
108 | 136 | | |
109 | 137 | | |
110 | 138 | | |
111 | 139 | | |
| 140 | + | |
| 141 | + | |
112 | 142 | | |
113 | 143 | | |
114 | 144 | | |
| |||
117 | 147 | | |
118 | 148 | | |
119 | 149 | | |
| 150 | + | |
120 | 151 | | |
121 | 152 | | |
122 | 153 | | |
123 | 154 | | |
| 155 | + | |
124 | 156 | | |
125 | 157 | | |
126 | 158 | | |
127 | | - | |
| 159 | + | |
128 | 160 | | |
129 | 161 | | |
130 | 162 | | |
| |||
133 | 165 | | |
134 | 166 | | |
135 | 167 | | |
| 168 | + | |
136 | 169 | | |
137 | 170 | | |
138 | 171 | | |
| |||
142 | 175 | | |
143 | 176 | | |
144 | 177 | | |
| 178 | + | |
145 | 179 | | |
146 | 180 | | |
147 | 181 | | |
148 | 182 | | |
149 | 183 | | |
150 | 184 | | |
| 185 | + | |
151 | 186 | | |
152 | 187 | | |
153 | 188 | | |
| |||
158 | 193 | | |
159 | 194 | | |
160 | 195 | | |
161 | | - | |
| 196 | + | |
162 | 197 | | |
163 | | - | |
| 198 | + | |
| 199 | + | |
164 | 200 | | |
165 | | - | |
166 | | - | |
| 201 | + | |
| 202 | + | |
| 203 | + | |
| 204 | + | |
| 205 | + | |
167 | 206 | | |
168 | 207 | | |
169 | 208 | | |
| |||
0 commit comments