Skip to content

Introduce new endpoints to support CSPM work#86

Merged
elliot-huffman merged 66 commits intomainfrom
LAB-938-CSPM-main
Feb 3, 2026
Merged

Introduce new endpoints to support CSPM work#86
elliot-huffman merged 66 commits intomainfrom
LAB-938-CSPM-main

Conversation

@pasha-zayko
Copy link
Contributor

@pasha-zayko pasha-zayko commented Dec 15, 2025

Significant enhancements and feature additions to the SHI Data Gateway and SHIELD OpenAPI specifications, along with corresponding SDK version bumps and dependency updates. Below is a consolidated, non-redundant summary of the notable changes based on the cumulative commit differences:

SHI Data Gateway & General OpenAPI Enhancements

License Report API Improvements:

  • Introduces versioned endpoints (/Api/V1/LicenseReport) supporting a new LicenseReportV1 schema that improves structure, clarity, and extensibility.
  • Adds new schemas for enhanced principal and license reporting, e.g., enhanced identity data for users, richer structure for available licenses and service plans, and improved correlation records.
  • Updates error handling, response schemas, and documentation for better alignment with customer scenarios and API consumers' needs.

Architecture Report API Additions:

  • Adds a complete API and schema for submitting and retrieving Architecture Analysis Reports (/Api/V1/ArchitectureReport).
  • Introduces correlation and principal data models for these architecture reports, supporting detailed tenant, user, and device metadata.
  • New endpoints supporting versioned architecture correlation records and report retrieval.

Tenant & Update API Improvements:

  • Expands tenant record endpoints: new PATCH and GET sources, better support for parent/child relationships and principal authorization lists.
  • Adds and documents new endpoints for retrieving/updating tenant configurations via SHIELD's update service.

SHIELD Specification & CSPM Features

CSPM & Security Posture Updates:

  • Substantial enrichment of the CSPM-related structures, including new policy assessment endpoints and result objects for architecture reports and remediation.
  • Adds new status endpoints and schemas for tracking deployment, remediation, and break glass scenarios.
  • Introduces operation selectors and result objects (e.g., flagging deploy, remediate, or analysis actions).

Configuration Item Metadata:

  • New endpoints and detailed schema for retrieving user-friendly, instructional metadata for configuration items (including guidance, compliance mapping, risk, and benefit analysis).

Remediation Automation Support:

  • Adds endpoints and models for tracking and returning remediation actions and results, allowing for clearer reporting on automated or user-approved remediation flows.

SDK & Dependency Management

SDK Package Version Updates:

  • Bumps @shi-corp/sdk-data-gateway to v2.4.0 and @shi-corp/sdk-shield to v3.1.0 to reflect breaking changes and new features.
  • Corresponding updates in package.json and package-lock.json files for each SDK.
  • Integrates newer/updated dependencies, including peer dependency refinements and essential dependency upgrades (e.g., linting, browser compatibility, comment handling, and type definitions).

Additional Quality & Maintenance

  • Expanded error handling and improved consistency in HTTP response codes (including more 500 and 404 responses).
  • Improved OpenAPI doc organization, code examples, and schema title/description for maintainability and clarity.
  • Numerous examples and extended documentation to facilitate SDK generation and user onboarding.

pasha-zayko and others added 30 commits October 13, 2025 12:35
@pasha-zayko
Adding remediation point definition
9e1f440 
Creating definition for new remediation endpoint with POST request
@pasha-zayko
Merge branch 'main' into pasha-remediation-lab-815
bed1d14
@pasha-zayko
Merge branch 'main' into pasha-remediation-lab-815
1294fd3
@pasha-zayko
Merge branch 'main' into pasha-remediation-lab-815
79eafbc
@pasha-zayko
Adding endpoint to create BreakGlass group resource
5627f91 
Define new endpoint that attempts to create new group and return its name, or just returns name if the resource has already been provisioned
@TheMartianMaker
updated spec to include new endpoint
5a67984 
updated spec to include the newly added /Api/Deploy/BreakGlassStatus endpoint
@TheMartianMaker
removed unneeded schema
c973430 
removed unneeded object schema
@pasha-zayko
Merge branch 'main' into pasha-remediation-lab-815
63eae81
@pasha-zayko
Updating the spec definition to reflect all properties and adjusting …
cb38c2a 
…example to match the definition

Deploy.ConfigurationItem response now also includes deployStatus field

Change example to accurately present available fields
@TheMartianMaker
updated endpoint path
e1e58f6 
updated endpoint name to match incoming schema update from @pasha-zayko
@TheMartianMaker
fixed copilot suggestions
92ada1f 
Fixed copilot pr suggested problems
@pasha-zayko
Merge branch 'LAB-916-Update-API-to-check-for-existing-break-glass-gr…
33854be 
…oup-and-users' into LAB-938-CSPM-main
@pasha-zayko
Merge branch 'main' into LAB-938-CSPM-main
d793095
@pasha-zayko
Adding optional operation to Deploy/Progress endpoint
8e85e33 
Included optional query parameter with possible values to retrieve progress of the specific operation
@pasha-zayko
Typos and text clarification
4612502 
Typos and text clarification
@pasha-zayko
Adding description to request remediation results (#70)
55104d8 
* Adding description to request remediation results

Adding new schema and verb option to /Api/Deploy/Remediate path
@JagdishKhunti
LAB-980
a56e847 
- Added endpoint and schema descriptions for LicenseReportV1
- Extracted common schema into a shared object for reuse in both LicenseReport and LicenseReportV1
@pasha-zayko
Adding new schema and path for configuration item metadata (#75)
6cf8173 
Adding schema to describe documentation response object when data is available.

Adding path to handle retrieval of the configuration item documentation.
@Loop-infinity
LAB-979 - [SHIELD] Add Spec for Deploy/Analyze/Invoke (#73)
3e7c417 
* LAB-979 - [SHIELD] Add Open API Spec for Deploy/Analyze/Invoke
@JagdishKhunti
Refactor license report schemas and enhance docs
056e96d 
Renamed LicenseReportV1 schemas to Report.* for consistency and updated all references. Added detailed descriptions, examples, and validation patterns to license, principal, and service plan fields. Improved API response codes and documentation for error handling and deletion endpoints.
@JagdishKhunti
Update Data-Gateway.json
0bd0f0d
@Loop-infinity
LAB-1034: [SHIELD] Open Api Spec for Deploy/Progress (#78)
2d98a00
@JagdishKhunti
LAB-980
424c5fd 
Updated the Data-Gateway JSON schema to clarify and expand user and device principal records, including required fields and more detailed property definitions. Enhanced the structure and examples for inferred attributes and enhanced identity data, added explicit nullability, and improved descriptions for service plan and license references. These changes improve schema accuracy and documentation for integrators.
@Loop-infinity
Add Open API Spec for Discover/ArchitectureReport/Correlation/:correl…
85d6ae6 
…ationId/Data

* LAB-989: [SHIELD] Add Open API Spec for Discover/ArchitectureReport/Correlation/:correlationId/Data
@JagdishKhunti
LAB-980
3d2e0a2 
Refactored user and device principal data schemas to use new CommonService, AssignedLicense, and PrincipalMetadata references under Report.PrincipalData. Simplified nullable property definitions and examples. Added 500 error responses to multiple API endpoints for improved error handling.
@JagdishKhunti
LAB-987
f9faf37 
Revised the structure of the 'examples' field for assigned licenses, wrapping multiple example objects in an array and adding a new example. This improves consistency and clarity in the API specification.
@JagdishKhunti
LAB-980
381385a 
Refactored and expanded example objects for available licenses, users, and devices to improve clarity and coverage. Adjusted nesting and array structures for consistency and added additional sample entries to better illustrate expected data formats.
@pasha-zayko
Adding new endpoint to provide list of correlation records (#82)
0256206 
* Adding new endpoint to provide list of correlation records

Listing available correlation entries for the Architecture Report
@JagdishKhunti
Merge pull request #71 from Software-Hardware-Integration-Lab/feature…
228bd67 
…/LAB-980_Describe-V1-LicenseReport-API-Endpoints

LAB-980
@dontPushTheButton
Add Architecture Report V1 API and schemas
c629f9c 
Introduces the ArchitectureReportV1 schema, supporting objects, and new API endpoints for submitting, retrieving, and deleting architecture reports and correlation records. Also adds the 'Architecture Reporting' tag to the API documentation.
@pasha-zayko pasha-zayko requested a review from Copilot January 20, 2026 21:34
Copilot AI reviewed Jan 20, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 6 changed files in this pull request and generated 2 comments.

Files not reviewed (2)
  • src/dataGateway/TypeScript/package-lock.json: Language not supported
  • src/shield/TypeScript/package-lock.json: Language not supported

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@pasha-zayko
Adding definition for new endpoint
5f300fb 
Providing description for the endpoint already available in the main code
@pasha-zayko
Update details of summaries and descriptions
d956e13 
Set all summary values to title case

Correct any descriptions for readability
Copilot AI review requested due to automatic review settings January 21, 2026 22:56
Copilot AI reviewed Jan 21, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 2 out of 6 changed files in this pull request and generated 1 comment.

Files not reviewed (2)
  • src/dataGateway/TypeScript/package-lock.json: Language not supported
  • src/shield/TypeScript/package-lock.json: Language not supported

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@elliot-huffman
Update Packages
b8387cd 
Regenerate lock.
Update overrides.
Fix dev utils version specifier.
@socket-security
Copy link

socket-security bot commented Jan 27, 2026
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updated@​shi-corp/​development-utilities@​2.1.0 ⏵ 2.2.074 +11009790 -2100
Updated@​types/​node@​25.0.3 ⏵ 25.0.10100 +110081 +196 +1100
Updatedtypia@​11.0.0 ⏵ 11.0.310010010095 +3100

View full report

@pasha-zayko
Removing empty response as string
182b986 
When data is not present 404 would be returned
Copilot AI review requested due to automatic review settings January 29, 2026 15:53
Copilot AI reviewed Jan 29, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 8 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@elliot-huffman
Bump Version
562bc75 
Make the version match the published version of Data Gateway.
@elliot-huffman
Update Title
51b7a83 
To match the product name.
Copilot AI review requested due to automatic review settings February 2, 2026 19:39
Copilot AI reviewed Feb 2, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@pasha-zayko pasha-zayko requested a review from Copilot February 2, 2026 22:57
Copilot AI reviewed Feb 2, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 8 changed files in this pull request and generated 2 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@pasha-zayko
Typo
cd563a3 
Typo
@pasha-zayko pasha-zayko requested a review from Copilot February 2, 2026 23:00
Copilot AI reviewed Feb 2, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 8 changed files in this pull request and generated 3 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@elliot-huffman
Bump SHIELD Versions
35b6c7b 
To match the upcoming feature set for CSPM.
elliot-huffman
elliot-huffman approved these changes Feb 3, 2026
View reviewed changes
Copy link
Contributor

@elliot-huffman elliot-huffman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good!

@elliot-huffman elliot-huffman merged commit 702fb1b into main Feb 3, 2026
6 checks passed
@elliot-huffman elliot-huffman deleted the LAB-938-CSPM-main branch February 3, 2026 13:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@elliot-huffman elliot-huffman elliot-huffman approved these changes

Assignees

@pasha-zayko pasha-zayko

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

9 participants

@pasha-zayko @elliot-huffman @TheMartianMaker @JagdishKhunti @Loop-infinity @dontPushTheButton @pr0uxx @brandonpham13