feat: Add Linear integration

[brainstormingdev-super]

Implements #2485

Description

This PR implements the Linear integration for SuperPlane with 2 components:

• OnIssueCreated (trigger): Activates workflows when Linear issues are created, with optional filtering by team and/or labels. Uses Linear webhooks with HMAC-SHA256 signature verification.
• CreateIssue (action): Creates new Linear issues with configurable team, title, description, assignee, labels, priority, and status fields.

Authentication is via personal API token, which users can generate in Linear at Settings > API > Personal API keys. The integration uses Linear's GraphQL API exclusively for all operations (teams, labels, issue creation, webhook management).

On setup, the integration syncs available teams and labels from Linear, which are then used to populate resource pickers in the UI.

Changes

Backend (pkg/integrations/linear/)

• linear.go — Integration entry point, API token auth, metadata sync (teams/labels)
• client.go — GraphQL API client (viewer, teams, labels, issue create, webhook create/delete)
• common.go — Shared data models (Team, Label, Issue)
• on_issue_created.go — Webhook-based trigger with team/label filtering
• create_issue.go — Issue creation action with full field support
• webhook_handler.go — Webhook lifecycle (setup, config comparison, cleanup)
• list_resources.go — Resource discovery for UI pickers
• example.go — Embedded example payloads

Frontend (web_src/src/pages/workflowv2/mappers/linear/)

• Trigger renderer and component mapper following existing patterns
• Icon and sidebar registration

Docs

• docs/components/Linear.mdx — Generated component documentation

Tests

• linear_test.go — Integration sync (missing token, invalid creds, successful sync)
• client_test.go — Client creation and API calls
• create_issue_test.go — Setup validation and execution
• on_issue_created_test.go — Signature verification, event filtering, webhook setup
• webhook_handler_test.go — Config comparison logic

[video-demo]

[zekebawt]

🤖 Claiming this bounty! Will implement Linear integration with OnIssueCreated trigger and CreateIssue action. ETA: 2-3 hours.

[AleksandarCole]

@brainstormingdev-super Looks good overall and works as expected. Here are some small UX changes we need to address before we move to code review:

• createIssue uses wrong input fields for title/description/assignee - they are the expression fields that filter/if use, but instead they should be input with expression supported like Wait for in the wait component for example.
• Let's clean up the details tab for both components - it should show timestamp at the top (Created at:) also, let's remove things like TeamID, StateID, or IDs in general. In the create issue details tab, make sure to include link to the issue - like what we have in onIssueCreated.

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.}

[cursor]

Asymmetric set comparison in resourceTypesEqual

Low Severity

resourceTypesEqual only verifies that every element of b exists in a, but not the reverse. Combined with the length check, this is only correct when neither slice contains duplicates. If a = ["Issue", "Comment"] and b = ["Issue", "Issue"], the function incorrectly returns true — the lengths match and both elements of b are found in a, but the slices represent different sets. Using slices.Sort + slices.Equal or checking both directions would fix this.

 

[brainstormingdev-super]

@AleksandarCole I’ve improved the UX. Please take a look at the video demo below.
video demo

[AleksandarCole]

@brainstormingdev-super looks good - moved to code review.

[shiroyasha]

Hey @brainstormingdev-super, tried it out, works good.

When looking at Linear, OAuth seems to be the default way to integrate with the system.
Why did you decide to go with the personal API key?

I see two big problems with Personal API key vs OAuth:

1/ When you create an issue with personal keys, the creator is the Personal Key's owner. With OAuth the creator of the issue can be a SuperPlaneBot which is more natural for integrations and workflow automations.
2/ When the user leaves the organization, the SuperPlane automation will no longer work.

cc @AleksandarCole

Returning to stage-2

[lucaspin]

@AleksandarCole I don't think we should have a onIssueCreated trigger. Instead, we should have a onIssue trigger, that allows you select the action you're interested in (create, close, deleted, ...). This pattern is already used in the github.onIssue and gitlab.onIssue

[forestileao]

Minor concern: if hasNextPage stays true and endCursor doesn’t change (e.g., due to an API inconsistency or pagination bug), this could loop forever. Maybe add a cursor-change check or safety cap?

[forestileao]

I don't think this is the data that appears on trigger payload (in the sidebar event). Check it and replace it here with mocked data

[brainstormingdev-super]

Hey @brainstormingdev-super, tried it out, works good.

When looking at Linear, OAuth seems to be the default way to integrate with the system. Why did you decide to go with the personal API key?

I see two big problems with Personal API key vs OAuth:

1/ When you create an issue with personal keys, the creator is the Personal Key's owner. With OAuth the creator of the issue can be a SuperPlaneBot which is more natural for integrations and workflow automations. 2/ When the user leaves the organization, the SuperPlane automation will no longer work.

cc @AleksandarCole

Returning to stage-2

@shiroyasha, I will update to implement OAuth2.
Btw, I don’t think we can automatically register a webhook for the OnIssueCreate trigger. It looks like webhook creation requires admin permissions, and Linear doesn’t allow the admin scope when actor=app. So we probably need a workspace admin to create the webhook manually.
cc @AleksandarCole