chore(payments): Add the new released connectors#129
Open
Quentin-David-24 wants to merge 2 commits intomainfrom
Open
chore(payments): Add the new released connectors#129Quentin-David-24 wants to merge 2 commits intomainfrom
Quentin-David-24 wants to merge 2 commits intomainfrom
Conversation
Contributor
WalkthroughAdds CLI commands and controllers to install and update configurations for six payment connectors (Fireblocks, Coinbase Prime, Increase, Powens, Tink, Plaid). Implements stores, controllers, command wiring, config file parsing, API calls (V3InstallConnector / V3UpdateConnectorConfig), rendering helpers, and registry entries. Changes
Sequence DiagramsequenceDiagram
actor User
participant CLI
participant Controller
participant Auth
participant StackClient
participant PaymentsAPI
participant Store
participant Renderer
User->>CLI: run install/update command with file + flags
CLI->>Controller: Run(args, flags)
Controller->>Auth: Load profile & authenticate
Auth-->>Controller: profile
Controller->>StackClient: Init client with profile
StackClient-->>Controller: client ready
Controller->>Controller: validate connector-id / version / args
Controller->>User: request approval
User->>Controller: approve / deny
alt approved
Controller->>Controller: read & parse JSON config file
Controller->>PaymentsAPI: InstallConnector / UpdateConnectorConfig (config)
PaymentsAPI-->>Controller: response (200-299 / error)
alt success
Controller->>Store: set Success=true, record ConnectorID/name
Store-->>Controller: persisted
Controller->>Renderer: Render success message
Renderer-->>User: display confirmation
else failure
Controller-->>User: return API error
end
else denied
Controller-->>User: return ErrMissingApproval
end
Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes Poem
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
📝 Coding Plan
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@cmd/payments/connectors/install/coinbaseprime.go`:
- Around line 75-77: The version check in coinbaseprime.go uses
c.PaymentsVersion < versions.V3 but the error text says ">= v3.2.0", causing a
mismatch; update the check or the message to be consistent: either change the
error string in the conditional that references c.PaymentsVersion and
versions.V3 to state ">= v3.0.0" to match versions.V3, or if the connector truly
requires v3.2.0 introduce/use a new finer-grained version constant (e.g.,
versions.V3_2 or similar) and replace versions.V3 with that constant in the same
conditional so the runtime check matches the "v3.2.0" message. Ensure you modify
the conditional and its fmt.Errorf text consistently.
In `@cmd/payments/connectors/install/tink.go`:
- Around line 75-77: The version check uses c.PaymentsVersion < versions.V3 but
the error text says ">= v3.1.0", causing a mismatch; update the check or message
to be consistent: either change the error string in the tink connector (and
similarly in plaid, powens, increase) to reflect the actual minimum
(v3.0.0-rc.1) referenced by versions.V3, or add and use a new constant (e.g.,
versions.V3_1) and compare c.PaymentsVersion < versions.V3_1 to enforce v3.1.0;
adjust the fmt.Errorf text to match whichever minimum you enforce.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: c6d0125d-aa0c-4d00-9f53-a8eef1aeeba1
⛔ Files ignored due to path filters (2)
go.modis excluded by!**/*.modgo.sumis excluded by!**/*.sum,!**/*.sum
📒 Files selected for processing (15)
cmd/payments/connectors/configs/coinbaseprime.gocmd/payments/connectors/configs/fireblocks.gocmd/payments/connectors/configs/increase.gocmd/payments/connectors/configs/plaid.gocmd/payments/connectors/configs/powens.gocmd/payments/connectors/configs/root.gocmd/payments/connectors/configs/tink.gocmd/payments/connectors/install/coinbaseprime.gocmd/payments/connectors/install/fireblocks.gocmd/payments/connectors/install/increase.gocmd/payments/connectors/install/plaid.gocmd/payments/connectors/install/powens.gocmd/payments/connectors/install/root.gocmd/payments/connectors/install/tink.gocmd/payments/connectors/internal/connectors.go
Comment on lines
+75
to
+77
| if c.PaymentsVersion < versions.V3 { | ||
| return nil, fmt.Errorf("coinbaseprime connector is only supported in version >= v3.2.0") | ||
| } |
Contributor
There was a problem hiding this comment.
Version check/error message mismatch.
The check uses versions.V3 which enforces >= v3.0.0-rc.1 (per versions.go), but the error message claims >= v3.2.0. The existing qonto.go connector correctly states v3.0.0 for the same check. Either update the message to match the actual check, or introduce a finer-grained version constant if v3.2.0 is truly the minimum.
Proposed fix (if v3.0.0+ is the correct minimum)
if c.PaymentsVersion < versions.V3 {
- return nil, fmt.Errorf("coinbaseprime connector is only supported in version >= v3.2.0")
+ return nil, fmt.Errorf("coinbaseprime connector is only supported in version >= v3.0.0")
}📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| if c.PaymentsVersion < versions.V3 { | |
| return nil, fmt.Errorf("coinbaseprime connector is only supported in version >= v3.2.0") | |
| } | |
| if c.PaymentsVersion < versions.V3 { | |
| return nil, fmt.Errorf("coinbaseprime connector is only supported in version >= v3.0.0") | |
| } |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@cmd/payments/connectors/install/coinbaseprime.go` around lines 75 - 77, The
version check in coinbaseprime.go uses c.PaymentsVersion < versions.V3 but the
error text says ">= v3.2.0", causing a mismatch; update the check or the message
to be consistent: either change the error string in the conditional that
references c.PaymentsVersion and versions.V3 to state ">= v3.0.0" to match
versions.V3, or if the connector truly requires v3.2.0 introduce/use a new
finer-grained version constant (e.g., versions.V3_2 or similar) and replace
versions.V3 with that constant in the same conditional so the runtime check
matches the "v3.2.0" message. Ensure you modify the conditional and its
fmt.Errorf text consistently.
Comment on lines
+75
to
+77
| if c.PaymentsVersion < versions.V3 { | ||
| return nil, fmt.Errorf("tink connector is only supported in version >= v3.1.0") | ||
| } |
Contributor
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Check what the versions constants represent
rg -n "V3\s*=" cmd/payments/versions/ -A2Repository: formancehq/fctl
Length of output: 41
🏁 Script executed:
# First, find the tink.go file and check the import statement
head -20 cmd/payments/connectors/install/tink.goRepository: formancehq/fctl
Length of output: 583
🏁 Script executed:
# Search for versions package definition across the codebase
find . -name "*.go" -type f | xargs grep -l "versions\.V3\|package versions" | head -20Repository: formancehq/fctl
Length of output: 873
🏁 Script executed:
# Search for V3 constant definition
rg "const.*V3\s*=" --type go -B2 -A2Repository: formancehq/fctl
Length of output: 41
🏁 Script executed:
# List files in the versions directory
ls -la cmd/payments/versions/Repository: formancehq/fctl
Length of output: 233
🏁 Script executed:
# Check the contents of the versions file
cat cmd/payments/versions/*.goRepository: formancehq/fctl
Length of output: 1219
🏁 Script executed:
# Search for V3 definition in the payments versions package specifically
rg "V3" cmd/payments/versions/ -A3 -B1Repository: formancehq/fctl
Length of output: 776
🏁 Script executed:
# Search for any reference to v3.1.0 or version constants that might match it
rg "3\.1\.0|V3_1" --type goRepository: formancehq/fctl
Length of output: 560
🏁 Script executed:
# Check the tink.go file around the error to see full context
sed -n '70,85p' cmd/payments/connectors/install/tink.goRepository: formancehq/fctl
Length of output: 454
Version check does not match error message.
The code rejects versions below versions.V3 (which represents v3.0.0-rc.1 or higher based on the version detection logic), but the error message claims the connector requires >= v3.1.0. This discrepancy is misleading—either update the error message to reflect the actual minimum version (v3.0.0-rc.1), or if v3.1.0 is truly required, add a V3_1 constant and use that for the check instead.
Note: This same inconsistency exists in the plaid, powens, and increase connectors as well.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@cmd/payments/connectors/install/tink.go` around lines 75 - 77, The version
check uses c.PaymentsVersion < versions.V3 but the error text says ">= v3.1.0",
causing a mismatch; update the check or message to be consistent: either change
the error string in the tink connector (and similarly in plaid, powens,
increase) to reflect the actual minimum (v3.0.0-rc.1) referenced by versions.V3,
or add and use a new constant (e.g., versions.V3_1) and compare
c.PaymentsVersion < versions.V3_1 to enforce v3.1.0; adjust the fmt.Errorf text
to match whichever minimum you enforce.
Contributor
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (1)
cmd/payments/connectors/configs/getconfig.go (1)
228-239: Consider a renderer registry before this switch grows again.These six cases keep
renderV3in lockstep with every provider-specific helper. Amap[string]func(*cobra.Command, *shared.V3GetConnectorConfigResponse) errorwould make future connector additions declarative and reduce missed wiring.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@cmd/payments/connectors/configs/getconfig.go` around lines 228 - 239, Replace the growing switch in getconfig.go that calls provider-specific helpers (e.g., views.DisplayFireblocksConfigV3, views.DisplayCoinbaseprimeConfigV3, views.DisplayIncreaseConfigV3, views.DisplayPowensConfigV3, views.DisplayTinkConfigV3, views.DisplayPlaidConfigV3) with a registry map[string]func(*cobra.Command, *shared.V3GetConnectorConfigResponse) error keyed by the connector constants (internal.FireblocksConnector, internal.CoinbaseprimeConnector, etc.); look up the handler from the map using the connector key and call it with (cmd, c.store.V3ConnectorConfig), falling back to the existing default path if the key is missing—this makes renderV3 wiring declarative and avoids adding switch cases for each new connector.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@cmd/payments/connectors/views/fireblocks.go`:
- Around line 20-23: The output currently prints secrets verbatim (see tableData
appends for APIKey and PrivateKey in the Fireblocks config renderer); change the
renderer to omit or redact secret values before adding them to tableData (e.g.,
replace config.APIKey and config.PrivateKey with a redacted placeholder or
masked string) and keep non-secret fields (Endpoint, PollingPeriod via
fctl.StringPointerToString) unchanged so logs no longer leak live credentials.
---
Nitpick comments:
In `@cmd/payments/connectors/configs/getconfig.go`:
- Around line 228-239: Replace the growing switch in getconfig.go that calls
provider-specific helpers (e.g., views.DisplayFireblocksConfigV3,
views.DisplayCoinbaseprimeConfigV3, views.DisplayIncreaseConfigV3,
views.DisplayPowensConfigV3, views.DisplayTinkConfigV3,
views.DisplayPlaidConfigV3) with a registry map[string]func(*cobra.Command,
*shared.V3GetConnectorConfigResponse) error keyed by the connector constants
(internal.FireblocksConnector, internal.CoinbaseprimeConnector, etc.); look up
the handler from the map using the connector key and call it with (cmd,
c.store.V3ConnectorConfig), falling back to the existing default path if the key
is missing—this makes renderV3 wiring declarative and avoids adding switch cases
for each new connector.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 40f47622-3e89-440a-a922-7052cb3ea236
📒 Files selected for processing (8)
cmd/payments/connectors/configs/getconfig.gocmd/payments/connectors/views/atlar.gocmd/payments/connectors/views/coinbaseprime.gocmd/payments/connectors/views/fireblocks.gocmd/payments/connectors/views/increase.gocmd/payments/connectors/views/plaid.gocmd/payments/connectors/views/powens.gocmd/payments/connectors/views/tink.go
💤 Files with no reviewable changes (1)
- cmd/payments/connectors/views/atlar.go
Comment on lines
+20
to
+23
| tableData = append(tableData, []string{pterm.LightCyan("APIKey:"), config.APIKey}) | ||
| tableData = append(tableData, []string{pterm.LightCyan("Endpoint:"), fctl.StringPointerToString(config.Endpoint)}) | ||
| tableData = append(tableData, []string{pterm.LightCyan("Polling Period:"), fctl.StringPointerToString(config.PollingPeriod)}) | ||
| tableData = append(tableData, []string{pterm.LightCyan("PrivateKey:"), config.PrivateKey}) |
Contributor
There was a problem hiding this comment.
Stop echoing raw connector secrets in get-config output.
APIKey and especially PrivateKey are printed verbatim here. The same pattern appears in the new Coinbase Prime, Increase, Powens, Tink, and Plaid renderers, so this PR makes get-config leak live credentials to stdout, shells, and CI logs. Omit these fields or redact them before rendering.
🔐 Minimal fix for this renderer
- tableData = append(tableData, []string{pterm.LightCyan("APIKey:"), config.APIKey})
+ tableData = append(tableData, []string{pterm.LightCyan("APIKey:"), "[redacted]"})
tableData = append(tableData, []string{pterm.LightCyan("Endpoint:"), fctl.StringPointerToString(config.Endpoint)})
tableData = append(tableData, []string{pterm.LightCyan("Polling Period:"), fctl.StringPointerToString(config.PollingPeriod)})
- tableData = append(tableData, []string{pterm.LightCyan("PrivateKey:"), config.PrivateKey})
+ tableData = append(tableData, []string{pterm.LightCyan("PrivateKey:"), "[redacted]"})📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| tableData = append(tableData, []string{pterm.LightCyan("APIKey:"), config.APIKey}) | |
| tableData = append(tableData, []string{pterm.LightCyan("Endpoint:"), fctl.StringPointerToString(config.Endpoint)}) | |
| tableData = append(tableData, []string{pterm.LightCyan("Polling Period:"), fctl.StringPointerToString(config.PollingPeriod)}) | |
| tableData = append(tableData, []string{pterm.LightCyan("PrivateKey:"), config.PrivateKey}) | |
| tableData = append(tableData, []string{pterm.LightCyan("APIKey:"), "[redacted]"}) | |
| tableData = append(tableData, []string{pterm.LightCyan("Endpoint:"), fctl.StringPointerToString(config.Endpoint)}) | |
| tableData = append(tableData, []string{pterm.LightCyan("Polling Period:"), fctl.StringPointerToString(config.PollingPeriod)}) | |
| tableData = append(tableData, []string{pterm.LightCyan("PrivateKey:"), "[redacted]"}) |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@cmd/payments/connectors/views/fireblocks.go` around lines 20 - 23, The output
currently prints secrets verbatim (see tableData appends for APIKey and
PrivateKey in the Fireblocks config renderer); change the renderer to omit or
redact secret values before adding them to tableData (e.g., replace
config.APIKey and config.PrivateKey with a redacted placeholder or masked
string) and keep non-secret fields (Endpoint, PollingPeriod via
fctl.StringPointerToString) unchanged so logs no longer leak live credentials.
laouji
approved these changes
Mar 19, 2026
Contributor
laouji
left a comment
laouji
left a comment
There was a problem hiding this comment.
The dirty check is failing but otherwise looks good.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Resolves EN-147