Skip to content

feat(entities): Implement ENTITY_ORGANIZATION for Github Providers #6356

Open
Jaydeep869 wants to merge 3 commits intomindersec:mainfrom
Jaydeep869:feat/organization-entity-5377
Open

feat(entities): Implement ENTITY_ORGANIZATION for Github Providers #6356
Jaydeep869 wants to merge 3 commits intomindersec:mainfrom
Jaydeep869:feat/organization-entity-5377

Conversation

@Jaydeep869
Copy link
Copy Markdown
Contributor

@Jaydeep869 Jaydeep869 commented Apr 13, 2026

Description

This PR fully implements ENTITY_ORGANIZATION to act as a proper target for evaluation rules and effectively unblocks the 2FA checking mechanics highlighted in #3842.

As per recent discussions with @evankanderson, rather than introducing custom endpoints or manual administration routines, this integration relies natively on the new generic entity properties architecture and auto registers organizations fully in the background directly after a user successfully installs the Github Provider app.

Key Changes

  • Database & Protobufs:
    • Altered Postgres entities enum via a new migration (000117_organization_entity.up.sql) to include the 'organization' value.
    • Added ENTITY_ORGANIZATION = 9 natively within minder.proto.
  • Generic Entity Engine Integration:
    • Implemented an OrganizationFetcher within github/properties that queries Github's API to construct properties.Properties mapping the is_user and avatar_url fields correctly.
    • Implemented OrganizationValidator for reliable validation logic and registered ENTITY_ORGANIZATION in service.go.
  • Asynchronous Auto Registration LifeCycle:
    • Hooked an auto deployment execution in CreateGitHubAppProvider to publish a MinderEvent to the TopicQueueReconcileEntityAdd Watermill queue synchronously upon provider registration. The control plane natively handles this via background reconcile pipelines.
  • Database Backfill:
    • Executed a programmatic hook (backfill_organizations.go) linked through the migrate up procedure to automatically traverse all existing user/database providers and populate any orphaned organization links via transaction safety upon startup.
  • Testing Adjustments:
    • Safely exposed *db.Provider as a third return value payload originating from CreateGitHubAppWithoutInvitation and rebuilt all the testing mocks appropriately matching the expectation logic.

Related Issues

Testing Performed

  • Code generation executed successfully (make buf, make sqlc, make mock).
  • Ran unit tests locally (make test-silent), fixing broken mock signatures.
  • Verified migration runs cleanly with make run-docker.

@Jaydeep869
Add organization entity support
56cbde2 
Implements ENTITY_ORGANIZATION relying entirely on the new generic entity architecture to solve mindersec#5377 and unblock 2FA checks. Includes property fetcher, validator, and async Watermill organization auto-registration upon GitHub App installation.

Also implements a backfill migration to synthesize missing organization associations for existing providers.
@Jaydeep869 Jaydeep869 requested a review from a team as a code owner April 13, 2026 13:41
@coveralls
Copy link
Copy Markdown

coveralls commented Apr 13, 2026
edited
Loading

Coverage Status

coverage: 59.317% (-0.07%) from 59.39% — Jaydeep869:feat/organization-entity-5377 into mindersec:main

@Jaydeep869
Fix lint, exhaustive cases and test panics
4000a99 
- Addresses exhaustive switch cases missed in initial entity setup
- Fixes cyclomatic complexity warning in processAppCallback by extracting error handling
- Fixes gh provider initialization panic by adding support for organization in RegisterEntity
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add a organization entity

2 participants

@Jaydeep869 @coveralls