feat(workato-connector): RocketRide custom connector for Workato

[dsapandora]

Summary

• A RocketRide custom connector for Workato (Ruby, workato-connector-sdk), self-contained in packages/workato-connector — same pattern as packages/n8n-nodes.
• One action send_to_pipeline with an explicit lane pick list (question / text / image / audio / video / document); maps each lane to its Content-Type, serializes a Question for the questions lane, and parses answers from the synchronous webhook response.
• CI/CD workflows (workato-connector-{ci,release}.yml) + example pipeline (examples/rocketride-webhook.pipe).

Type

feature

Testing

• Tests added or updated (RSpec, 4/4)
• Tested locally (validated end-to-end with workato exec actions.send_to_pipeline.execute against a running pipeline — returns the agent answer)
• ./builder test passes (N/A — self-contained Ruby package; runs its own RSpec via workato-connector-ci.yml)

Checklist

• Commit messages follow conventional commits
• No secrets or credentials included
• Wiki updated (if applicable)
• Breaking changes documented (if applicable)

Linked Issue

Closes #1259

Summary by CodeRabbit

• New Features

  • Added RocketRide Connector for Workato, enabling integration with RocketRide pipelines. Supports sending data via webhooks across multiple content lanes and retrieving synchronized results.

• Documentation

  • Added comprehensive connector documentation with example pipeline setup and development guides.

• Tests

  • Added automated test suite for connector validation.

• Chores

  • Added CI/CD automation workflows.

[github-actions]

🤖 Internal: Discord sync marker

Auto-managed by the Discord notification workflow. Stores the linked Discord message ID. Do not edit or delete.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR introduces packages/workato-connector, a complete Workato custom connector package that enables users to integrate RocketRide pipelines with Workato recipes. The connector wires Workato actions to RocketRide's webhook endpoint, allowing synchronous send-and-receive workflows through multiple data lanes (question, text, image, audio, video, document) with appropriate content-type handling.

Changes

RocketRide Workato Connector

Layer / File(s)	Summary
Connector Core Implementation packages/workato-connector/connector.rb	RocketRide Connector defines webhook connection fields (webhook_url, auth_key), custom Bearer auth header wiring, lane pick lists with default content types, and the send_to_pipeline action that conditionally builds question-specific JSON payloads or posts raw content for other lanes, returning extracted answers.
Project Setup & Dependencies packages/workato-connector/.ruby-version, Gemfile, .rspec, .gitignore	Ruby 3.3.6 environment, Gemfile declaring rspec and workato-connector-sdk dependencies, RSpec configuration for documentation format output, and gitignore rules for secrets (master.key, encrypted settings) and generated artifacts (.workato/, .vcr/, Gemfile.lock).
Test Infrastructure & Specs packages/workato-connector/spec/spec_helper.rb, spec/connector_spec.rb	RSpec helper requiring the workato-connector-sdk library, and connector specification validating the connector title, exposed send_to_pipeline action, supported lanes (question/text/image/audio/video/document), and required connection fields (webhook_url/auth_key).
Documentation & Example Pipeline packages/workato-connector/README.md, CHANGELOG.md, LICENSE, examples/rocketride-webhook.pipe, settings.yaml.example	README documenting webhook-based synchronous integration, connection fields, lane mappings with content types, local development setup, and push workflow. Changelog and MIT license headers. Example pipe wiring webhook → LlamaIndex agent (with Anthropic LLM) → HTTP request tool → response_answers output. Settings example for local configuration with placeholder auth key.
CI/CD Automation .github/workflows/workato-connector-ci.yml, .github/workflows/workato-connector-release.yml	workato-connector CI workflow runs RSpec tests on PRs and pushes to develop (path-scoped to packages/workato-connector/**). workato-connector Release workflow runs tests and publishes via workato push on tag pushes matching workato-connector-v* or manual dispatch, authenticated with WORKATO_API_EMAIL and WORKATO_API_TOKEN repository secrets.

Sequence Diagram(s)

sequenceDiagram
  participant User as Workato User
  participant Action as send_to_pipeline Action
  participant Webhook as RocketRide Webhook
  participant Pipeline as RocketRide Pipeline
  User->>Action: Choose lane, provide content
  Action->>Webhook: POST lane-specific payload (Bearer auth)
  Webhook->>Pipeline: Route to selected lane
  Pipeline->>Pipeline: Process input
  Pipeline->>Webhook: Return answers
  Webhook->>Action: Response with answers array
  Action->>User: Return answer & answers

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Suggested labels

docs, ci/cd

Suggested reviewers

• jmaionchi
• Rod-Christensen
• stepmikhaylov

Poem

🐰 A connector born in springtime's bloom,
RocketRide now escapes its room!
Through Workato's gateway it shall fly,
Webhooks dancing 'neath the sky. 🚀
Questions answered, answers plain—
Integration flows like gentle rain!

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and concisely describes the main change: adding a RocketRide custom connector for Workato. It aligns with the changeset's primary objective.
Linked Issues check	✅ Passed	The PR implements all core requirements from #1259: connector definition with webhook connection fields, send_to_pipeline action with lane support, Content-Type mapping, Question serialization, and synchronous response parsing from RocketRide webhooks.
Out of Scope Changes check	✅ Passed	All changes are directly related to establishing the Workato connector infrastructure, CI/CD, and documentation. No unrelated modifications were detected.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/workato-connector

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 8

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/workato-connector-ci.yml:
- Around line 1-12: The workflow "name: workato-connector CI" is missing an
explicit permissions block and a concurrency setting and its push.paths omits
the workflow file; add a minimal permissions: { contents: read, id-token: write,
checks: write } (or the least-privilege set required by your jobs) and a
concurrency: { group: 'workato-connector-ci-${{ github.ref }}',
cancel-in-progress: true } at the top-level of the YAML, and update the
push.paths array to include '.github/workflows/workato-connector-ci.yml' so
pushes that modify the workflow itself trigger CI; locate these changes in the
top-level "on:" section and the workflow metadata around "name:
workato-connector CI".

In @.github/workflows/workato-connector-release.yml:
- Around line 1-19: Add explicit minimal workflow permissions, set
persist-credentials: false on the checkout step, and add a concurrency policy to
the workflow to prevent parallel releases: add a top-level permissions block
granting only what this job needs (for example contents: read and id-token:
write only if required by deployments, or adjust to the minimum required),
update the checkout step in the "push" job (the step that references
actions/checkout@v4) to include persist-credentials: false, and add a top-level
concurrency setting (e.g., group using the workflow name and tag/ref and
cancel-in-progress: true) so tag pushes cannot run concurrently.

In `@packages/workato-connector/.gitignore`:
- Line 11: The repo is ignoring Gemfile.lock in packages/workato-connector and
the Gemfile uses an unpinned gem 'workato-connector-sdk'; stop ignoring and
commit the lockfile and pin the SDK to a specific version to ensure
deterministic dependency resolution: remove or comment out the "Gemfile.lock"
entry from packages/workato-connector/.gitignore, add and commit
packages/workato-connector/Gemfile.lock to the repo, and update
packages/workato-connector/Gemfile to pin gem 'workato-connector-sdk' to a
concrete version (e.g., gem 'workato-connector-sdk', 'MAJOR.MINOR.PATCH').

In `@packages/workato-connector/CHANGELOG.md`:
- Around line 5-9: Insert a blank line after the "### Added" header in
CHANGELOG.md so the header is separated from the following bullet list; update
the section containing "### Added" to have an empty line before the first "-"
bullet to satisfy markdownlint (MD022).

In `@packages/workato-connector/connector.rb`:
- Around line 40-43: The connection test currently hardcodes a text/plain POST
using the test lambda (post('').headers('Content-Type' =>
'text/plain').request_body('ping')), which will fail for lanes that expect
non-text payloads; update the test lambda to avoid forcing text by either
invoking the existing send_to_pipeline helper with a minimal/neutral payload
appropriate for any lane or by issuing a POST without a Content-Type and no body
(i.e., remove the headers('Content-Type' => 'text/plain') and
request_body('ping')), so the probe does not reject pipelines that accept only
question/file lanes.
- Around line 104-105: The content_type field is being allowed for all
non-question lanes but must be restricted to media lanes only; update the code
that applies content_type (the logic around where the lane is inspected and
content_type is assigned — reference the content_type field and the
lane/lane_type handling around the non-question branch) to check the lane's
type/is_media flag (e.g., only when lane.type == 'media' or lane.media? is true)
and skip setting or passing content_type for text or other non-media lanes so
custom MIME values cannot reroute or violate lane contracts.

In `@packages/workato-connector/README.md`:
- Around line 29-37: The README's lane table and the `workato exec` example are
inconsistent with the connector implementation: update the docs to list the
actual lanes `question` and `document` (singular) as defined by connector.rb and
change the execution example to use the action's `lane` and `content` fields
(e.g., set lane: "question" or "document" and provide content in the expected
`content` field) rather than `payload.text`; also make the same corrections
where the second occurrence is referenced (lines 54-55 in the file).

In `@packages/workato-connector/spec/connector_spec.rb`:
- Around line 8-25: Add focused request/response specs that call the
send_to_pipeline action's execute method to validate the runtime contract:
create a spec that invokes
connector.source['actions']['send_to_pipeline'].execute with a 'question' lane
payload and assert the outgoing request body is the expected JSON envelope and
Content-Type is "application/rocketride-question"; add a second spec that
iterates non-question lanes (text, image, audio, video, document) and asserts
the mapped Content-Type for each lane; and add assertions for the shape of
extract_answers output (it returns objects/keys named "answer" and "answers") by
calling the same execute flow and inspecting the returned value. Use the
existing connector reference and the send_to_pipeline and extract_answers
symbols to locate methods to exercise.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 8b3ac31e-1a07-4cd6-ae1d-0283a2bb089e

📥 Commits

Reviewing files that changed from the base of the PR and between d5237d9 and 8a8aa40.

⛔ Files ignored due to path filters (1)

• packages/workato-connector/rocketride.svg is excluded by !**/*.svg

📒 Files selected for processing (14)

• .github/workflows/workato-connector-ci.yml
• .github/workflows/workato-connector-release.yml
• packages/workato-connector/.gitignore
• packages/workato-connector/.rspec
• packages/workato-connector/.ruby-version
• packages/workato-connector/CHANGELOG.md
• packages/workato-connector/Gemfile
• packages/workato-connector/LICENSE
• packages/workato-connector/README.md
• packages/workato-connector/connector.rb
• packages/workato-connector/examples/rocketride-webhook.pipe
• packages/workato-connector/settings.yaml.example
• packages/workato-connector/spec/connector_spec.rb
• packages/workato-connector/spec/spec_helper.rb

[coderabbitai]

🔒 Security & Privacy | 🟡 Minor | ⚡ Quick win

Add explicit permissions block and concurrency setting for security hardening and reliability.

The workflow uses default permissions which are broader than needed. Adding explicit minimal permissions and a concurrency group prevents wasted runner time on superseded commits and follows least-privilege.

Also, the push.paths filter omits the workflow file itself (unlike pull_request.paths), so changes to this workflow file won't trigger CI on pushes to develop.

Proposed fix

 name: workato-connector CI
 
 on:
   pull_request:
     paths:
       - 'packages/workato-connector/**'
       - '.github/workflows/workato-connector-ci.yml'
   push:
     branches: [develop]
     paths:
       - 'packages/workato-connector/**'
+      - '.github/workflows/workato-connector-ci.yml'
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
 
 defaults:

🧰 Tools

🪛 zizmor (1.25.2)

[warning] 1-29: overly broad permissions (excessive-permissions): default permissions used due to no permissions: block

(excessive-permissions)

---

[warning] 3-11: insufficient job-level concurrency limits (concurrency-limits): workflow is missing concurrency setting

(concurrency-limits)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/workato-connector-ci.yml around lines 1 - 12, The workflow
"name: workato-connector CI" is missing an explicit permissions block and a
concurrency setting and its push.paths omits the workflow file; add a minimal
permissions: { contents: read, id-token: write, checks: write } (or the
least-privilege set required by your jobs) and a concurrency: { group:
'workato-connector-ci-${{ github.ref }}', cancel-in-progress: true } at the
top-level of the YAML, and update the push.paths array to include
'.github/workflows/workato-connector-ci.yml' so pushes that modify the workflow
itself trigger CI; locate these changes in the top-level "on:" section and the
workflow metadata around "name: workato-connector CI".

Source: Linters/SAST tools

[coderabbitai]

🔒 Security & Privacy | 🟠 Major | ⚡ Quick win

Harden release workflow with explicit permissions, persist-credentials: false, and concurrency.

This workflow handles secrets (WORKATO_API_TOKEN) and publishes to Workato, so it warrants stricter security settings:

1. Explicit minimal permissions prevent accidental broad access.
2. persist-credentials: false ensures the GITHUB_TOKEN isn't left in the workspace after checkout.
3. A concurrency group prevents parallel releases if multiple tags are pushed quickly.

Proposed fix

 name: workato-connector Release
 
 # Pushes the connector to the Workato workspace. Publishing a public version
 # (Community / Partner) is a separate "release version" step; Partner adds code review.
 on:
   workflow_dispatch:
   push:
     tags:
       - 'workato-connector-v*'
 
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: false
+
 defaults:
   run:
     working-directory: packages/workato-connector
 
 jobs:
   push:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
       - uses: ruby/setup-ruby@v1

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	name: workato-connector Release
	# Pushes the connector to the Workato workspace. Publishing a public version
	# (Community / Partner) is a separate "release version" step; Partner adds code review.
	on:
	workflow_dispatch:
	push:
	tags:
	- 'workato-connector-v*'
	defaults:
	run:
	working-directory: packages/workato-connector
	jobs:
	push:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	name: workato-connector Release
	# Pushes the connector to the Workato workspace. Publishing a public version
	# (Community / Partner) is a separate "release version" step; Partner adds code review.
	on:
	workflow_dispatch:
	push:
	tags:
	- 'workato-connector-v*'
	permissions:
	contents: read
	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: false
	defaults:
	run:
	working-directory: packages/workato-connector
	jobs:
	push:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	with:
	persist-credentials: false

🧰 Tools

🪛 zizmor (1.25.2)

[warning] 19-19: credential persistence through GitHub Actions artifacts (artipacked): does not set persist-credentials: false

(artipacked)

---

[warning] 1-32: overly broad permissions (excessive-permissions): default permissions used due to no permissions: block

(excessive-permissions)

---

[error] 19-19: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy)

(unpinned-uses)

---

[info] 16-16: workflow or action definition without a name (anonymous-definition): this job

(anonymous-definition)

---

[warning] 5-9: insufficient job-level concurrency limits (concurrency-limits): workflow is missing concurrency setting

(concurrency-limits)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/workato-connector-release.yml around lines 1 - 19, Add
explicit minimal workflow permissions, set persist-credentials: false on the
checkout step, and add a concurrency policy to the workflow to prevent parallel
releases: add a top-level permissions block granting only what this job needs
(for example contents: read and id-token: write only if required by deployments,
or adjust to the minimum required), update the checkout step in the "push" job
(the step that references actions/checkout@v4) to include persist-credentials:
false, and add a top-level concurrency setting (e.g., group using the workflow
name and tag/ref and cancel-in-progress: true) so tag pushes cannot run
concurrently.

Source: Linters/SAST tools

[coderabbitai]

🩺 Stability & Availability | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "Checking Gemfile dependency pins:"
rg -n "gem 'workato-connector-sdk'|gem 'rspec'" packages/workato-connector/Gemfile

echo
echo "Checking lockfile ignore rule:"
rg -n "^Gemfile.lock$" packages/workato-connector/.gitignore

echo
echo "Checking if a lockfile is present in the package:"
fd -a '^Gemfile\.lock$' packages/workato-connector

Repository: rocketride-org/rocketride-server

Length of output: 264

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "---- packages/workato-connector/Gemfile (lines 1-120) ----"
nl -ba packages/workato-connector/Gemfile | sed -n '1,120p'

echo
echo "---- packages/workato-connector/.gitignore ----"
nl -ba packages/workato-connector/.gitignore

echo
echo "---- Does packages/workato-connector/Gemfile.lock exist? ----"
if [ -f packages/workato-connector/Gemfile.lock ]; then
  echo "FOUND: packages/workato-connector/Gemfile.lock"
  wc -l packages/workato-connector/Gemfile.lock | cat
else
  echo "NOT FOUND: packages/workato-connector/Gemfile.lock"
fi

echo
echo "---- Any Gemfile.lock files under packages/workato-connector/? ----"
find packages/workato-connector -maxdepth 3 -name 'Gemfile.lock' -print

Repository: rocketride-org/rocketride-server

Length of output: 196

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "---- packages/workato-connector/Gemfile (lines 1-120) ----"
cat -n packages/workato-connector/Gemfile | sed -n '1,120p'

echo
echo "---- packages/workato-connector/.gitignore ----"
cat -n packages/workato-connector/.gitignore

echo
echo "---- Does packages/workato-connector/Gemfile.lock exist? ----"
if [ -f packages/workato-connector/Gemfile.lock ]; then
  echo "FOUND: packages/workato-connector/Gemfile.lock"
  wc -l packages/workato-connector/Gemfile.lock | cat
else
  echo "NOT FOUND: packages/workato-connector/Gemfile.lock"
fi

echo
echo "---- Any Gemfile.lock files under packages/workato-connector/? ----"
find packages/workato-connector -maxdepth 4 -name 'Gemfile.lock' -print

Repository: rocketride-org/rocketride-server

Length of output: 745

---

Stop ignoring Gemfile.lock for packages/workato-connector.

packages/workato-connector/.gitignore (line 11) excludes Gemfile.lock, while packages/workato-connector/Gemfile (line 6) has an unpinned gem 'workato-connector-sdk'. Commit/keep the lockfile (and pin the SDK version) so CI/release dependency resolution stays deterministic.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/workato-connector/.gitignore` at line 11, The repo is ignoring
Gemfile.lock in packages/workato-connector and the Gemfile uses an unpinned gem
'workato-connector-sdk'; stop ignoring and commit the lockfile and pin the SDK
to a specific version to ensure deterministic dependency resolution: remove or
comment out the "Gemfile.lock" entry from packages/workato-connector/.gitignore,
add and commit packages/workato-connector/Gemfile.lock to the repo, and update
packages/workato-connector/Gemfile to pin gem 'workato-connector-sdk' to a
concrete version (e.g., gem 'workato-connector-sdk', 'MAJOR.MINOR.PATCH').

[coderabbitai]

📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

Add the blank line required by markdownlint.

### Added runs straight into the bullet list, which matches the MD022 warning in the lint output. Insert a blank line here so the changelog passes docs lint.

Suggested fix

 ## [Unreleased]
 
 ### Added
+
 - Initial skeleton of the RocketRide Workato custom connector.
 - Connection: Webhook URL + Authorization key.
 - Action: **Send to pipeline** (POST data to a running pipeline webhook, return its output).

🧰 Tools

🪛 markdownlint-cli2 (0.22.1)

[warning] 5-5: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/workato-connector/CHANGELOG.md` around lines 5 - 9, Insert a blank
line after the "### Added" header in CHANGELOG.md so the header is separated
from the following bullet list; update the section containing "### Added" to
have an empty line before the first "-" bullet to satisfy markdownlint (MD022).

Source: Linters/SAST tools

[coderabbitai]

🎯 Functional Correctness | 🟠 Major | 🏗️ Heavy lift

Connection test is hardwired to text/plain, which can reject valid lane-specific setups.

Line 42 always probes text content. If a pipeline is wired for question or file lanes only, connection testing can fail even when send_to_pipeline would work for the intended lane.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/workato-connector/connector.rb` around lines 40 - 43, The connection
test currently hardcodes a text/plain POST using the test lambda
(post('').headers('Content-Type' => 'text/plain').request_body('ping')), which
will fail for lanes that expect non-text payloads; update the test lambda to
avoid forcing text by either invoking the existing send_to_pipeline helper with
a minimal/neutral payload appropriate for any lane or by issuing a POST without
a Content-Type and no body (i.e., remove the headers('Content-Type' =>
'text/plain') and request_body('ping')), so the probe does not reject pipelines
that accept only question/file lanes.

[coderabbitai]

🎯 Functional Correctness | 🟠 Major | ⚡ Quick win

Restrict content_type overrides to media lanes only.

Line 104 says this field is for media lanes, but Line 121 applies it to every non-question lane. For text, a custom MIME can route to an unintended lane and break the explicit lane contract.

Suggested fix

       execute: lambda do |_connection, input|
         lane = input['lane']
         if lane == 'question'
           question = {
             type: 'question',
             expectJson: false,
             role: '',
             instructions: [], history: [], examples: [], context: [], goals: [], documents: [],
             questions: [{ text: input['content'] }]
           }
           call('post_to_lane', 'application/rocketride-question', question.to_json)
         else
-          call('post_to_lane', call('lane_content_type', lane, input['content_type']), input['content'])
+          effective_content_type =
+            if %w[image audio video document].include?(lane)
+              call('lane_content_type', lane, input['content_type'])
+            else
+              call('lane_content_type', lane, nil)
+            end
+          call('post_to_lane', effective_content_type, input['content'])
         end
       end,

Also applies to: 121-121

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/workato-connector/connector.rb` around lines 104 - 105, The
content_type field is being allowed for all non-question lanes but must be
restricted to media lanes only; update the code that applies content_type (the
logic around where the lane is inspected and content_type is assigned —
reference the content_type field and the lane/lane_type handling around the
non-question branch) to check the lane's type/is_media flag (e.g., only when
lane.type == 'media' or lane.media? is true) and skip setting or passing
content_type for text or other non-media lanes so custom MIME values cannot
reroute or violate lane contracts.

[coderabbitai]

🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Align the README examples with the connector contract.

The lane table and workato exec sample don't match connector.rb: the connector exposes question and document singular, and the execution example needs the action's actual lane + content fields rather than payload.text. As written, users will be told to send payloads the connector does not accept.

Also applies to: 54-55

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/workato-connector/README.md` around lines 29 - 37, The README's lane
table and the `workato exec` example are inconsistent with the connector
implementation: update the docs to list the actual lanes `question` and
`document` (singular) as defined by connector.rb and change the execution
example to use the action's `lane` and `content` fields (e.g., set lane:
"question" or "document" and provide content in the expected `content` field)
rather than `payload.text`; also make the same corrections where the second
occurrence is referenced (lines 54-55 in the file).

[coderabbitai]

📐 Maintainability & Code Quality | 🟠 Major | ⚡ Quick win

Add execute-path coverage for request/response contract.

Current specs validate only static metadata. Add focused tests for send_to_pipeline.execute to lock down:

• question lane JSON envelope + application/rocketride-question,
• lane-to-content-type behavior for non-question lanes,
• extract_answers output shape (answer, answers).

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/workato-connector/spec/connector_spec.rb` around lines 8 - 25, Add
focused request/response specs that call the send_to_pipeline action's execute
method to validate the runtime contract: create a spec that invokes
connector.source['actions']['send_to_pipeline'].execute with a 'question' lane
payload and assert the outgoing request body is the expected JSON envelope and
Content-Type is "application/rocketride-question"; add a second spec that
iterates non-question lanes (text, image, audio, video, document) and asserts
the mapped Content-Type for each lane; and add assertions for the shape of
extract_answers output (it returns objects/keys named "answer" and "answers") by
calling the same execute flow and inspecting the returned value. Use the
existing connector reference and the send_to_pipeline and extract_answers
symbols to locate methods to exercise.