Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

provide API for CI/CD Pipelines #88

Open
lreading opened this issue Apr 29, 2021 · 3 comments
Open

provide API for CI/CD Pipelines #88

lreading opened this issue Apr 29, 2021 · 3 comments
Labels
API enhancement New feature or request Stale

Comments

@lreading
Copy link
Collaborator

Describe what problem your feature request solves
Provide an API for CI/CD pipelines

Describe the solution you'd like
Provide an API for CI/CD pipelines, see here for an example

Additional context

  • What functions are exposed for this API?
  • How do we handle authentication/authorization?
  • What do we use to document the API? (main github docs, auto-generated via swagger or apidoc?)
@lreading lreading added the enhancement New feature or request label Apr 29, 2021
@jgadsden jgadsden removed this from Todo in Threat Dragon 2.0 Release May 5, 2021
@jgadsden jgadsden mentioned this issue Jan 6, 2022
Open
@jgadsden jgadsden added the API label Jan 6, 2022
@micheelengronne
Copy link

I am in favor of swagger to document it. Many tools exist to extract the API structure from swagger and integrate it in other systems.

For auth/auth I am in favor of Oauth2 and OIDC. It would make it easy to integrate in a larger CI system (like Gitlab, Gitea, etc...) and access their CI pipelines.

For the functions, I see at least 2 main ones :

  • push a source code and get back a threat-dragon json from it (the source code may be annotated to help)
  • push tests results (junit xml for instance) and push a threat-dragon json and get a comparison analysis back

@jgadsden jgadsden changed the title API for CI/CD Pipelines v2 - API for CI/CD Pipelines Feb 10, 2022
@jgadsden
Copy link
Collaborator

Following @ShubhamPalriwala 's suggestion, this may be a good feature for the 2022 Google Summer of Code:
https://github.com/OWASP/www-community/commits/master/pages/initiatives/gsoc/gsoc2022ideas.md

@jgadsden jgadsden added the GSoC Google Summer of Code label Feb 10, 2022
@jgadsden jgadsden changed the title v2 - API for CI/CD Pipelines provide API for CI/CD Pipelines Aug 13, 2022
@jgadsden jgadsden added version-2.x and removed version-2.0 GSoC Google Summer of Code labels Aug 31, 2022
@jgadsden jgadsden removed this from Todo in Threat Dragon 2.0 Release Aug 31, 2022
@github-actions GitHub Actions
Copy link

github-actions bot commented May 5, 2024

This issue is stale because it has been open for 6 months with no activity.

@github-actions github-actions bot added the Stale label May 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
API enhancement New feature or request Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@lreading @micheelengronne @jgadsden