-
Notifications
You must be signed in to change notification settings - Fork 0
Integration Inventory
Phase 6 now persists enterprise integration records for source control, CI/CD, SIEM, ITSM, ChatOps, identity, cloud, storage, security, and observability connectors.
CAVRA integration inventory gives platform and security teams a central view of which enterprise systems are connected or planned, who owns them, what capabilities they provide, how they authenticate, and whether the integration is healthy.
GET /integrationsPOST /integrationsGET /integrations/{integration_id}POST /integrations/{integration_id}/deliver
Supported filters:
providercategorystatusownerenvironmenthealth_status
Default JSON store:
.cavra/api/integrations.jsonOverride the JSON path:
export CAVRA_INTEGRATION_STORE=.cavra/api/integrations.jsonUse SQLite:
export CAVRA_INTEGRATION_DB=.cavra/api/integrations.db
cavra evidence migrate --sqlite .cavra/api/integrations.dbThe migration 006_integrations_inventory.sql creates the integrations table and indexes provider, category, status, owner, and health status.
The sandbox console includes an Enterprise Integrations view. It filters integration records by category, status, health, and owner, then displays provider, environment, capabilities, and operational status.
CAVRA can execute configured connector hooks for Splunk, Microsoft Sentinel, Datadog, Slack, Microsoft Teams, Jira, ServiceNow, and generic webhooks. Configure connector secrets outside the inventory record, set CAVRA_CONNECTOR_CONFIG, and call POST /integrations/{integration_id}/deliver or cavra integration deliver. Release governance records can use the same connector layer through POST /promotion-executions/{execution_id}/audit-export/deliver, POST /rollback-executions/{rollback_id}/deliver, cavra release deliver-promotion-audit, and cavra release deliver-rollback-execution.
Delivery evidence uses the cavra.connector.delivery.v1 schema and redacts credentials before writing output.
- As a platform engineer, I can see which enterprise systems CAVRA is configured to use.
- As a SOC lead, I can track SIEM connector ownership and health status.
- As a SOC lead, I can deliver signed CAVRA evidence events into SIEM and ChatOps systems with credential-redacted delivery records.
- As a release manager, I can deliver promotion audit and rollback execution records through owned connectors with retry evidence.
- As an auditor, I can inspect whether source control, ITSM, identity, and evidence storage integrations have owners and evidence references.
Enterprise CAVRA deployments touch multiple control systems. Integration inventory prevents those connectors from becoming undocumented configuration drift by making ownership, status, health, and capability scope visible through the API and console. Connector execution turns those records into auditable delivery paths for SOC, ITSM, and collaboration workflows.
The next recommended work is production release-signing operations, key rotation, and emergency revocation evidence.
Before the agent acts, CAVRA asks: who is acting, what will change, what policy applies, and what evidence will prove it?
| Start | Build | Operate | Assure |
|---|---|---|---|
| Quick Start | CLI | Enterprise Guide | AISPM |
| Reader Paths | Policy Syntax | Deployments | Evidence |
| Community | GUI | Troubleshooting | Conclusion |
- Foreword And Reader Paths
- Why CAVRA Exists
- Runtime Authority Model
- Architecture
- Editions
- Install And Deploy
- Community Guide
- Enterprise Guide
- CLI Reference
- GUI And Sandbox
- AISPM Guide
- Policy And Evidence
- Operations And Integrations
- Labs And Use Cases
- Appendices And FAQ
- Policy Language Reference
- Troubleshooting Playbook
- Conclusion