Skip to content

Commit

Permalink
[WIP] Add Incident events
Browse files Browse the repository at this point in the history 
Introduce incident events.

TBD: schema and README updates

Partially-fixes: #59

Signed-off-by: Andrea Frittoli <andrea.frittoli@gmail.com>
  • Loading branch information
@afrittoli
afrittoli committed Jan 24, 2023
1 parent e679a65 commit dda0bed
Show file tree
Hide file tree
Showing 2 changed files with 43 additions and 123 deletions.
8 changes: 6 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,11 +70,15 @@ Definition of specific events that are fundamental to pipeline execution and orc

Handling Events relating to changes in version management of Source Code and related assets

### [Continuous Integration Events](./continuous-integration-pipeline-events.md)
### [Continuous Integration Events](./continuous-integration.md)

Handling Events associated with Continuous Integration activities, typically involving build and test

### [Continuous Deployment Events](./continuous-deployment-pipeline-events.md)
### [Continuous Deployment Events](./continuous-deployment.md)

Handling Events associated with Continuous Deployment activities

### [Continuous Operatorations](./continuous-operations.md)

Handling Events associated with Continuous Deployment activities

Expand Down
158 changes: 37 additions & 121 deletions continuous-operations.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,145 +13,61 @@ Multiple events may be associated to the same incident as well as its resolution

## Subjects

This specification defines two subjects in this stage: `environment` and `service`. The term `service` is used to represent a running Artifact. A `service` can represent a binary that is running, a daemon, an application, a docker container. The term `environment` represent any platform which has all the means to run a `service`.
This specification defines one subject in this stage, the [`incident`](#incident). To quote the definition of the term from the NIST glossary, and [incident][] is:

> An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies.
| Subject | Description | Predicates |
|---------|-------------|------------|
| [`environment`](#environment) | An environment where to run services | [`created`](#environment-created), [`modified`](#environment-modified), [`deleted`](#environment-deleted)|
| [`service`](#service) | A service | [`deployed`](#service-deployed), [`upgraded`](#service-upgraded), [`rolledback`](#service-rolledback), [`removed`](#service-removed), [`published`](#service-published)|
| [`incident`](#incident) | A problem in a production environment | [`reported`](#incident-reported), [`resolved`](#incident-resolved)|

### `environment`
### `incident`

An `environment` is a platform which may run a `service`.
An `incident` represents a problem in a production environment.

| Field | Type | Description | Examples |
|-------|------|-------------|----------|
| id | `String` | Uniquely identifies the subject within the source. | `1234`, `maven123`, `builds/taskrun123` |
| source | `URI-Reference` | [source](../spec.md#source) from the context | `staging/tekton`, `tekton-dev-123`|
| name | `String` | Name of the environment | `dev`, `staging`, `production`, `ci-123`|
| url | `String` | URL to reference where the environment is located | `https://my-cluster.zone.my-cloud-provider`|

### `service`

A `service` can represent for example a binary that is running, a daemon, an application or a docker container.

| Field | Type | Description | Examples |
|-------|------|-------------|----------|
| id | `String` | Uniquely identifies the subject within the source. | `service/myapp`, `daemonset/myapp` |
| source | `URI-Reference` | [source](../spec.md#source) from the context | `staging/tekton`, `tekton-dev-123`|
| environment | `Object` ([`environment`](#environment)) | Reference for the environment where the service runs | `{"id": "1234"}`, `{"id": "maven123, "source": "tekton-dev-123"}` |
| artifactId | `Purl` | Identifier of the artifact deployed with this service | `pkg:oci/myapp@sha256%3A0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427`, `pkg:golang/mygit.com/myorg/myapp@234fd47e07d1004f0aed9c` |
| id | `String` | Uniquely identifies the subject within the source. | `04896C75-F34D-40FF-A584-3F2B71CB9D47`, `issue123`, `risk-CVE123` |
| source | `URI-Reference` | [source](../spec.md#source) from the context | `region1/production`, `monitoring-system/metricA`|
| description | `String` | Short, free style description of the incident | "Response time above 10ms", "New CVE-123 detected" |
| environment | `Object` ([`environment`](./continuous-deployment.md#environment)) | Reference to the environment | `{"id": "production"}`, `{"id": "staging"}`, `{"id": "prod123", "source": "iaas-region-1"}` |
| service | `Object` ([`service`](./continuous-deployment.md#service)) | Reference to the service | `{"id": "service123"}`, `{"id": "service123", "source": "region1/k8s/namespace"}` |
| artifactId | `Purl` | Identifier of the artifact deployed with this service | `0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427`, `927aa808433d17e315a258b98e2f1a55f8258e0cb782ccb76280646d0dbe17b5`, `six-1.14.0-py2.py3-none-any.whl` |

## Events

### `environment created`
### `incident reported`

This event represents an environment that has been created. Such an environment can be used to deploy services in.
This event represents an incident that has been detected by a system or human.

- Event Type: __`dev.cdevents.environment.created.0.1.0`__
- Predicate: created
- Subject: [`environment`](#environment)
- Event Type: __`dev.cdevents.incident.reported.0.1.0-draft`__
- Predicate: reported
- Subject: [`incident`](#incident)

| Field | Type | Description | Examples | Mandatory ✅ \| Optional ⚪ |
| Field | Type | Description | Examples | Mandatory ✅ |
|-------|------|-------------|----------|----------------------------|
| id | `String` | Uniquely identifies the subject within the source. | `tenant1/12345-abcde`, `namespace/pipelinerun-1234` ||
| source | `URI-Reference` | [source](../spec.md#source) from the context | ||
| name | `String` | Name of the environment | `dev`, `staging`, `production`, `ci-123`||
| url | `String` | URL to reference where the environment is located | `https://my-cluster.zone.my-cloud-provider`||
| id | `String` | Uniquely identifies the subject within the source. | `04896C75-F34D-40FF-A584-3F2B71CB9D47`, `issue123`, `risk-CVE123` ||
| source | `URI-Reference` | [source](../spec.md#source) from the context | `region1/production`, `monitoring-system/metricA`| |
| description | `String` | Short, free style description of the incident | "Response time above 10ms", "New CVE-123 detected" | |
| environment | `Object` ([`environment`](./continuous-deployment.md#environment)) | Reference to the environment | `{"id": "production"}`, `{"id": "staging"}`, `{"id": "prod123", "source": "iaas-region-1"}` ||
| service | `Object` ([`service`](./continuous-deployment.md#service)) | Reference to the service | `{"id": "service123"}`, `{"id": "service123", "source": "region1/k8s/namespace"}` | |
| artifactId | `Purl` | Identifier of the artifact deployed with this service | `0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427`, `927aa808433d17e315a258b98e2f1a55f8258e0cb782ccb76280646d0dbe17b5`, `six-1.14.0-py2.py3-none-any.whl` | |

### `environment modified`
### `incident resolved`

This event represents an environment that has been modified.

- Event Type: __`dev.cdevents.environment.modified.0.1.0`__
- Predicate: modified
- Subject: [`environment`](#environment)

| Field | Type | Description | Examples | Mandatory ✅ \| Optional ⚪ |
|-------|------|-------------|----------|----------------------------|
| id | `String` | Uniquely identifies the subject within the source. | `tenant1/12345-abcde`, `namespace/pipelinerun-1234` ||
| source | `URI-Reference` | [source](../spec.md#source) from the context | ||
| name | `String` | Name of the environment | `dev`, `staging`, `production`, `ci-123`||
| url | `String` | URL to reference where the environment is located | `https://my-cluster.zone.my-cloud-provider`||

### `environment deleted`

This event represents an environment that has been deleted.```

- Event Type: __`dev.cdevents.environment.deleted.0.1.0`__
- Predicate: deleted
- Subject: [`environment`](#environment)

| Field | Type | Description | Examples | Mandatory ✅ \| Optional ⚪ |
|-------|------|-------------|----------|----------------------------|
| id | `String` | Uniquely identifies the subject within the source. | `tenant1/12345-abcde`, `namespace/pipelinerun-1234` ||
| source | `URI-Reference` | [source](../spec.md#source) from the context | ||
| name | `String` | Name of the environment | `dev`, `staging`, `production`, `ci-123`||

### `service deployed`

This event represents a new instance of a service that has been deployed

- Event Type: __`dev.cdevents.service.deployed.0.1.0`__
- Predicate: deployed
- Subject: [`service`](#service)

| Field | Type | Description | Examples | Mandatory ✅ \| Optional ⚪ |
|-------|------|-------------|----------|----------------------------|
| id | `String` | Uniquely identifies the subject within the source. | `service/myapp`, `daemonset/myapp` ||
| environment | `Object` ([`environment`](#environment)) | Reference for the environment where the service runs | `{"id": "1234"}`, `{"id": "maven123, "source": "tekton-dev-123"}` ||
| artifactId | `Purl` | Identifier of the artifact deployed with this service | `0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427`, `927aa808433d17e315a258b98e2f1a55f8258e0cb782ccb76280646d0dbe17b5`, `six-1.14.0-py2.py3-none-any.whl` ||

### `service upgraded`

This event represents an existing instance of a service that has been upgraded to a new version

- Event Type: __`dev.cdevents.service.upgraded.0.1.0`__
- Predicate: upgraded
- Subject: [`service`](#service)

| Field | Type | Description | Examples | Mandatory ✅ \| Optional ⚪ |
|-------|------|-------------|----------|----------------------------|
| id | `String` | Uniquely identifies the subject within the source. | `service/myapp`, `daemonset/myapp` ||
| environment | `Object` ([`environment`](#environment)) | Reference for the environment where the service runs | `{"id": "1234"}`, `{"id": "maven123, "source": "tekton-dev-123"}` ||
| artifactId | `Purl` | Identifier of the artifact deployed with this service |`pkg:oci/myapp@sha256%3A0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427`, `pkg:golang/mygit.com/myorg/myapp@234fd47e07d1004f0aed9c` ||

### `service rolledback`

This event represents an existing instance of a service that has been rolled back to a previous version

- Event Type: __`dev.cdevents.service.rolledback.0.1.0`__
- Predicate: rolledback
- Subject: [`service`](#service)

| Field | Type | Description | Examples | Mandatory ✅ \| Optional ⚪ |
|-------|------|-------------|----------|----------------------------|
| id | `String` | Uniquely identifies the subject within the source. | `service/myapp`, `daemonset/myapp` ||
| environment | `Object` ([`environment`](#environment)) | Reference for the environment where the service runs | `{"id": "1234"}`, `{"id": "maven123, "source": "tekton-dev-123"}` ||
| artifactId | `Purl` | Identifier of the artifact deployed with this service | `pkg:oci/myapp@sha256%3A0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427`, `pkg:golang/mygit.com/myorg/myapp@234fd47e07d1004f0aed9c` ||

### `service removed`

This event represents the removal of a previously deployed service instance and is thus not longer present in the specified environment

- Event Type: __`dev.cdevents.service.removed.0.1.0`__
- Predicate: removed
- Subject: [`service`](#service)

| Field | Type | Description | Examples | Mandatory ✅ \| Optional ⚪ |
|-------|------|-------------|----------|----------------------------|
| id | `String` | Uniquely identifies the subject within the source. | `service/myapp`, `daemonset/myapp` ||
| environment | `Object` ([`environment`](#environment)) | Reference for the environment where the service runs | `{"id": "1234"}`, `{"id": "maven123, "source": "tekton-dev-123"}` ||

### `service published`

This event represents an existing instance of a service that has an accessible URL for users to interact with it. This event can be used to let other tools know that the service is ready and also available for consumption.

- Event Type: __`dev.cdevents.service.published.0.1.0`__
- Predicate: published
- Subject: [`service`](#service)
- Event Type: __`dev.cdevents.incident.resolved.0.1.0-draft`__
- Predicate: resolved
- Subject: [`incident`](#incident)

| Field | Type | Description | Examples | Mandatory ✅ \| Optional ⚪ |
| Field | Type | Description | Examples | Mandatory ✅ |
|-------|------|-------------|----------|----------------------------|
| id | `String` | Uniquely identifies the subject within the source. | `service/myapp`, `daemonset/myapp` ||
| environment | `Object` ([`environment`](#environment)) | Reference for the environment where the service runs | `{"id": "1234"}`, `{"id": "maven123, "source": "tekton-dev-123"}` ||
| id | `String` | Uniquely identifies the subject within the source. | `04896C75-F34D-40FF-A584-3F2B71CB9D47`, `issue123`, `risk-CVE123` ||
| source | `URI-Reference` | [source](../spec.md#source) from the context | `region1/production`, `monitoring-system/metricA`| |
| description | `String` | Short, free style description of the incident resolution | "Response time restored below 10ms", "CVE-123 acknowledged as non-exploitable" | |
| environment | `Object` ([`environment`](./continuous-deployment.md#environment)) | Reference to the environment | `{"id": "production"}`, `{"id": "staging"}`, `{"id": "prod123", "source": "iaas-region-1"}` ||
| service | `Object` ([`service`](./continuous-deployment.md#service)) | Reference to the service | `{"id": "service123"}`, `{"id": "service123", "source": "region1/k8s/namespace"}` | |
| artifactId | `Purl` | Identifier of the artifact deployed with this service | `0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427`, `927aa808433d17e315a258b98e2f1a55f8258e0cb782ccb76280646d0dbe17b5`, `six-1.14.0-py2.py3-none-any.whl` | |

[incident]: https://csrc.nist.gov/glossary/term/incident

0 comments on commit dda0bed

Please sign in to comment.