Skip to content

Containerize baton-jamf connector #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
laurenleach wants to merge 11 commits into
base: main
Choose a base branch
from
Draft

Containerize baton-jamf connector #16

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
01b66ba
Containerize baton-jamf connector
laurenleach Jan 29, 2026
8421492
Fix secret field marking and add display names
laurenleach Jan 30, 2026
db2dde3
Fix Grants return values for V2 API
laurenleach Jan 30, 2026
2bfe6fd
Fix containerization for baton-jamf
laurenleach Feb 3, 2026
191f9a3
Remove old schema.go file
laurenleach Feb 3, 2026
fedad20
Remove WithSessionStoreEnabled() - connector doesn't use caching
laurenleach Feb 3, 2026
8622862
Remove unnecessary secrets from capabilities workflow
laurenleach Feb 4, 2026
a2f04b5
Fix CI workflow to use go.mod for Go version
laurenleach Feb 4, 2026
24dc391
Fix Makefile to reference config.go instead of deleted schema.go
laurenleach Feb 4, 2026
cfacbab
Fix V2 SDK compliance
laurenleach Feb 4, 2026
736975f
Update golangci-lint config to v2
laurenleach Feb 4, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
40 changes: 40 additions & 0 deletions .github/workflows/capabilities_and_config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
name: Generate capabilities and config schema

on:
push:
branches:
- main

jobs:
generate_outputs:
if: github.actor != 'github-actions[bot]'
runs-on: ubuntu-latest

steps:
- name: Checkout code
uses: actions/checkout@v4
with:
token: ${{ secrets.RELENG_GITHUB_TOKEN }}

- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: "go.mod"

- name: Build
run: go build -o connector ./cmd/baton-jamf

- name: Run and save config output
run: ./connector config > config_schema.json

- name: Run and save capabilities output
run: ./connector capabilities > baton_capabilities.json

- name: Commit changes
uses: EndBug/add-and-commit@v9
with:
default_author: github_actions
message: "Updating baton config schema and capabilities."
add: |
config_schema.json
baton_capabilities.json
30 changes: 18 additions & 12 deletions .github/workflows/ci.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,38 +1,44 @@
name: ci
on: pull_request

on:
pull_request:
types: [opened, reopened, synchronize]
push:
branches:
- main

jobs:
go-lint:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v4
uses: actions/setup-go@v5
with:
go-version: 1.23.x
- name: Checkout code
uses: actions/checkout@v3
go-version-file: go.mod
- name: Run linters
uses: golangci/golangci-lint-action@v6
uses: golangci/golangci-lint-action@v8
with:
version: latest
args: --timeout=3m
go-test:
strategy:
matrix:
go-version: [1.23.x]
platform: [ubuntu-latest]
runs-on: ${{ matrix.platform }}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Go
if: success()
uses: actions/setup-go@v4
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
- name: Checkout code
uses: actions/checkout@v4
go-version-file: go.mod
- name: go tests
run: (set -o pipefail && go test -v -covermode=count -json ./... | tee test.json)
- name: annotate go tests
if: always()
uses: guyarb/golang-test-annotations@v0.5.1
with:
test-results: test.json
test-results: test.json
1 change: 0 additions & 1 deletion .github/workflows/release.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ jobs:
uses: ConductorOne/github-workflows/.github/workflows/release.yaml@v4
with:
tag: ${{ github.ref_name }}
lambda: false
secrets:
RELENG_GITHUB_TOKEN: ${{ secrets.RELENG_GITHUB_TOKEN }}
APPLE_SIGNING_KEY_P12: ${{ secrets.APPLE_SIGNING_KEY_P12 }}
Expand Down
211 changes: 119 additions & 92 deletions .golangci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,96 +1,123 @@
#AUTO GENERATED CODE. UPDATE THE CONFIG IN BATON-TEMPLATE FIRST
linters-settings:
exhaustive:
default-signifies-exhaustive: true
gocritic:
enabled-checks:
- ruleguard
# The list of supported checkers can be find in https://go-critic.github.io/overview.
settings:
underef:
# Whether to skip (*x).method() calls where x is a pointer receiver.
skipRecvDeref: false
ruleguard:
rules: "${configDir}/tools/rules.go"
govet:
enable-all: true
disable:
- fieldalignment # too strict
- shadow # complains too much about shadowing errors. All research points to this being fine.
nakedret:
max-func-lines: 0
nolintlint:
allow-no-explanation: [forbidigo, tracecheck, gomnd, gochecknoinits, makezero]
require-explanation: true
require-specific: true
revive:
ignore-generated-header: true
severity: error
rules:
- name: atomic
- name: line-length-limit
arguments: [200]
# These are functions that we use without checking the errors often. Most of these can't return an error even
# though they implement an interface that can.
- name: unhandled-error
arguments:
- fmt.Printf
- fmt.Println
- fmt.Fprint
- fmt.Fprintf
- fmt.Fprintln
- os.Stderr.Sync
- sb.WriteString
- buf.WriteString
- hasher.Write
- os.Setenv
- os.RemoveAll
- name: var-naming
arguments: [["ID", "URL", "HTTP", "API"], []]
tenv:
all: true
# This file is managed by baton-admin. DO NOT EDIT!!!
version: "2"
run:
modules-download-mode: readonly
linters:
disable-all: true
default: none
enable:
- errcheck # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
- gosimple # Linter for Go source code that specializes in simplifying a code
- govet # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
- ineffassign # Detects when assignments to existing variables are not used
- staticcheck # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
- typecheck # Like the front-end of a Go compiler, parses and type-checks Go code
- unused # Checks Go code for unused constants, variables, functions and types
- asasalint # Check for pass []any as any in variadic func(...any)
- asciicheck # Simple linter to check that your code does not contain non-ASCII identifiers
- bidichk # Checks for dangerous unicode character sequences
- bodyclose # checks whether HTTP response body is closed successfully
- durationcheck # check for two durations multiplied together
- errorlint # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
- exhaustive # check exhaustiveness of enum switch statements
- forbidigo # Forbids identifiers
- gochecknoinits # Checks that no init functions are present in Go code
- goconst # Finds repeated strings that could be replaced by a constant
- gocritic # Provides diagnostics that check for bugs, performance and style issues.
- godot # Check if comments end in a period
- goimports # In addition to fixing imports, goimports also formats your code in the same style as gofmt.
- gomoddirectives # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
- goprintffuncname # Checks that printf-like functions are named with f at the end
- gosec # Inspects source code for security problems
- nakedret # Finds naked returns in functions greater than a specified function length
- nilerr # Finds the code that returns nil even if it checks that the error is not nil.
- noctx # noctx finds sending http request without context.Context
- nolintlint # Reports ill-formed or insufficient nolint directives
- nonamedreturns # Reports all named returns
- nosprintfhostport # Checks for misuse of Sprintf to construct a host with port in a URL.
- predeclared # find code that shadows one of Go's predeclared identifiers
- revive # Fast, configurable, extensible, flexible, and beautiful linter for Go. Drop-in replacement of golint.
- tenv # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
- tparallel # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
- unconvert # Remove unnecessary type conversions
- usestdlibvars # detect the possibility to use variables/constants from the Go standard library
- whitespace # Tool for detection of leading and trailing whitespace
- asasalint
- asciicheck
- bidichk
- bodyclose
- durationcheck
- errcheck
- errorlint
- exhaustive
- forbidigo
- gochecknoinits
- goconst
- gocritic
- godot
- gomoddirectives
- goprintffuncname
- gosec
- govet
- ineffassign
- nakedret
- nilerr
- noctx
- nolintlint
- nonamedreturns
- nosprintfhostport
- predeclared
- revive
- staticcheck
- tparallel
- unconvert
- unused
- usestdlibvars
- whitespace
settings:
exhaustive:
default-signifies-exhaustive: true
gocritic:
enabled-checks:
- ruleguard
settings:
ruleguard:
rules: ${base-path}/tools/rules.go
underef:
skipRecvDeref: false
govet:
disable:
- fieldalignment
- shadow
enable-all: true
nakedret:
max-func-lines: 0
nolintlint:
require-explanation: true
require-specific: true
allow-no-explanation:
- forbidigo
- tracecheck
- gomnd
- gochecknoinits
- makezero
revive:
severity: error
rules:
- name: atomic
- name: line-length-limit
arguments:
- 200
- name: unhandled-error
arguments:
- fmt.Printf
- fmt.Println
- fmt.Fprint
- fmt.Fprintf
- fmt.Fprintln
- os.Stderr.Sync
- sb.WriteString
- buf.WriteString
- hasher.Write
- os.Setenv
- os.RemoveAll
- name: var-naming
arguments:
- - ID
- URL
- HTTP
- API
- []
exclusions:
generated: lax
presets:
- comments
- common-false-positives
- legacy
- std-error-handling
rules:
- linters:
- godot
source: (TODO)
- path: (.+)\.go$
text: third_party$
- path: (.+)\.go$
text: builtin$
- path: (.+)\.go$
text: examples$
paths:
- third_party$
- builtin$
- examples$
issues:
max-same-issues: 50
exclude-rules:
# Don't require TODO comments to end in a period
- source: "(TODO)"
linters: [godot]
formatters:
exclusions:
generated: lax
paths:
- third_party$
- builtin$
- examples$
22 changes: 18 additions & 4 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,25 +1,39 @@
GOOS = $(shell go env GOOS)
GOARCH = $(shell go env GOARCH)
BUILD_DIR = dist/${GOOS}_${GOARCH}
GENERATED_CONF := pkg/config/conf.gen.go

ifeq ($(GOOS),windows)
OUTPUT_PATH = ${BUILD_DIR}/baton-jamf.exe
else
OUTPUT_PATH = ${BUILD_DIR}/baton-jamf
endif

# Set the build tag conditionally based on ENABLE_LAMBDA
ifdef BATON_LAMBDA_SUPPORT
BUILD_TAGS=-tags baton_lambda_support
else
BUILD_TAGS=
endif

.PHONY: build
build:
go build -o ${OUTPUT_PATH} ./cmd/baton-jamf
build: $(GENERATED_CONF)
go build ${BUILD_TAGS} -o ${OUTPUT_PATH} ./cmd/baton-jamf

$(GENERATED_CONF): pkg/config/config.go go.mod
@echo "Generating $(GENERATED_CONF)..."
go generate ./pkg/config

generate: $(GENERATED_CONF)

.PHONY: update-deps
update-deps:
go get -d -u ./...
go mod tidy -v
go mod vendor

.PHONY: add-dep
add-dep:
.PHONY: add-deps
add-deps:
go mod tidy -v
go mod vendor

Expand Down
Loading