Last active
July 12, 2024 09:51
-
-
Save jayanthjj/508f12c9f2c72908ccaa8acd8e3b9377 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
openapi: 3.0.0 | |
info: | |
title: ADOSecuritySkill API | |
description: ADOSecuritySkill API Documentation | |
version: 1.0.0 | |
servers: | |
- url: https://adoskillsetwebapp20240603144826.azurewebsites.net | |
paths: | |
/buildsecurebulk/{orgName}/{projectName}/{buildDefinitions}: | |
get: | |
operationId: AreBuildPipelinesSecure | |
summary: Checks for all the provided comma separated builddef are secure. | |
parameters: | |
- in: path | |
name: orgName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking if the build pipelines are secure. | |
- in: path | |
name: projectName | |
schema: | |
type: string | |
required: true | |
description: The projectName to be used for checking if the build pipelines are secure. | |
- in: path | |
name: buildDefinitions | |
schema: | |
type: string | |
required: true | |
description: Multiple comma separated buildDefinitions for multiple pipelines to check if they are secure. | |
responses: | |
200: | |
description: Successful request. | |
400: | |
description: Bad request. | |
/buildsecure/{orgName}/{projectName}/{buildDefinition}: | |
get: | |
operationId: isBuildPipelineSecure | |
summary: Check if the build pipeline is secure. | |
parameters: | |
- in: path | |
name: orgName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking if the build pipeline is secure. | |
- in: path | |
name: projectName | |
schema: | |
type: string | |
required: true | |
description: The projectName to be used for checking if the build pipeline is secure. | |
- in: path | |
name: buildDefinition | |
schema: | |
type: string | |
required: true | |
description: The buildDefinition to be used for checking if the build pipeline is secure. | |
responses: | |
200: | |
description: Successful request. | |
400: | |
description: Bad request. | |
/releasesecure/{orgName}/{projectName}/{buildDefinition}: | |
get: | |
operationId: isReleasePipelineSecure | |
summary: Check if the release pipeline is secure. | |
parameters: | |
- in: path | |
name: orgName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking if the release pipeline is secure. | |
- in: path | |
name: projectName | |
schema: | |
type: string | |
required: true | |
description: The projectName to be used for checking if the release pipeline is secure. | |
- in: path | |
name: buildDefinition | |
schema: | |
type: string | |
required: true | |
description: The buildDefinition to be used for checking if the release pipeline is secure. | |
responses: | |
200: | |
description: Successful request. | |
400: | |
description: Bad request. | |
/buildpipelinelevelsecret/{orgName}/{projectName}/{buildDefinition}: | |
get: | |
operationId: CheckBuildPipelineLevelSecrets | |
summary: Check if the build pipeline is secure by evaluating if there is any pipeline level secrets in the build pipeline. | |
parameters: | |
- in: path | |
name: orgName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking if pipeline level secrets are present in the build pipeline. | |
- in: path | |
name: projectName | |
schema: | |
type: string | |
required: true | |
description: The projectName to be used for checking if pipeline level secrets are present in the build pipeline. | |
- in: path | |
name: buildDefinition | |
schema: | |
type: string | |
required: true | |
description: The buildDefinition to be used for checking if pipeline level secrets are present in the build pipeline. | |
responses: | |
200: | |
description: Successful request. | |
400: | |
description: Bad request. | |
/buildyamllevelsecret/{orgName}/{projectName}/{buildDefinition}: | |
get: | |
operationId: CheckBuildYamlLevelSecret | |
summary: Check if the build pipeline is secure by evaluating if there is any plain-text secrets in the yaml file of the build pipeline. | |
parameters: | |
- in: path | |
name: orgName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking if plain text secrets are present in the build pipeline. | |
- in: path | |
name: projectName | |
schema: | |
type: string | |
required: true | |
description: The projectName to be used for checking if plain text secrets are present in the build pipeline. | |
- in: path | |
name: buildDefinition | |
schema: | |
type: string | |
required: true | |
description: The buildDefinition to be used for checking if plain text secrets are present in the build pipeline. | |
responses: | |
200: | |
description: Successful request. | |
400: | |
description: Bad request. | |
/buildPCBSVulneribility/{orgName}/{projectName}/{buildDefinition}: | |
get: | |
operationId: CheckBuildPCBSVulnerability | |
summary: Check if the build pipeline is secure by evaluating PCBS vulnerability. | |
parameters: | |
- in: path | |
name: orgName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking if the build pipeline has PCBS vulnerability. | |
- in: path | |
name: projectName | |
schema: | |
type: string | |
required: true | |
description: The projectName to be used for checking if the build pipeline has PCBS vulnerability. | |
- in: path | |
name: buildDefinition | |
schema: | |
type: string | |
required: true | |
description: The buildDefinition to be used for checking if the build pipeline has PCBS vulnerability. | |
responses: | |
200: | |
description: Successful request. | |
400: | |
description: Bad request. | |
/buildreleasegateapproval/{orgName}/{projectName}/{buildDefinition}: | |
get: | |
operationId: ApprovalForReleaseGate | |
summary: Check if the build pipeline is secure by checking if approvals are set in presence of release gate. | |
parameters: | |
- in: path | |
name: orgName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking if approvals are set in presence of release gate. | |
- in: path | |
name: projectName | |
schema: | |
type: string | |
required: true | |
description: The projectName to be used for checking if approvals are set in presence of release gate. | |
- in: path | |
name: buildDefinition | |
schema: | |
type: string | |
required: true | |
description: The buildDefinition to be used for checking if approvals are set in presence of release gate. | |
responses: | |
200: | |
description: Successful request. | |
400: | |
description: Bad request. | |
/buildbranchcontrol/{orgName}/{projectName}/{buildDefinition}: | |
get: | |
operationId: ApprovalForReleaseGate | |
summary: Check if the build pipeline is secure by checking if branch control is set in presence of release gate. | |
parameters: | |
- in: path | |
name: orgName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking if branch control is set in presence of release gate. | |
- in: path | |
name: projectName | |
schema: | |
type: string | |
required: true | |
description: The projectName to be used for checking if branch control is set in presence of release gate. | |
- in: path | |
name: buildDefinition | |
schema: | |
type: string | |
required: true | |
description: The buildDefinition to be used for checking if branch control is set in presence of release gate. | |
responses: | |
200: | |
description: Successful request. | |
400: | |
description: Bad request. | |
/releasecontributorcreaterelease/{orgName}/{projectName}/{buildDefinition}: | |
get: | |
operationId: CheckReleaseContributorCreateRelease | |
summary: Check if the release pipeline is secure by checking Contributor access to create release. | |
parameters: | |
- in: path | |
name: orgName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking if Contributor has access to create release in the release pipeline. | |
- in: path | |
name: projectName | |
schema: | |
type: string | |
required: true | |
description: The projectName to be used for checking if Contributor has access to create release in the release pipeline. | |
- in: path | |
name: buildDefinition | |
schema: | |
type: string | |
required: true | |
description: The buildDefinition to be used for checking if Contributor has access to create release in the release pipeline. | |
responses: | |
200: | |
description: Successful request. | |
400: | |
description: Bad request. | |
/releaseminimumapprover/{orgName}/{projectName}/{buildDefinition}: | |
get: | |
operationId: CheckReleaseMinimumApprover | |
summary: Check if the release pipeline is secure by checking if there is minimum approval required to create release. | |
parameters: | |
- in: path | |
name: orgName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking if there is minimum approval required to create release in the release pipeline. | |
- in: path | |
name: projectName | |
schema: | |
type: string | |
required: true | |
description: The projectName to be used for checking if there is minimum approval required to create release in the release pipeline. | |
- in: path | |
name: buildDefinition | |
schema: | |
type: string | |
required: true | |
description: The buildDefinition to be used for checking if there is minimum approval required to create release in the release pipeline. | |
responses: | |
200: | |
description: Successful request. | |
400: | |
description: Bad request. | |
/buildrestrictjobauthscope/{orgName}/{projectName}: | |
get: | |
operationId: BuildRestrictJobAuthScope | |
summary: Check for the build pipelines if job Authorization for current project is restricted. | |
parameters: | |
- in: path | |
name: orgName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking job authorization scope. | |
- in: path | |
name: projectName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking job authorization scope. | |
responses: | |
200: | |
description: Successful request. | |
400: | |
description: Bad request. | |
/releaserestrictjobauthscope/{orgName}/{projectName}: | |
get: | |
operationId: ReleaseRestrictJobAuthScope | |
summary: Check for the release pipelines if job Authorization for current project is restricted. | |
parameters: | |
- in: path | |
name: orgName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking job authorization scope. | |
- in: path | |
name: projectName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking job authorization scope. | |
responses: | |
200: | |
description: Successful request. | |
400: | |
description: Bad request. | |
/limitqueuevariable/{orgName}/{projectName}: | |
get: | |
operationId: LimitQueueVariable | |
summary: Check if only Limited variables can be set at queue time in project settings. | |
parameters: | |
- in: path | |
name: orgName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking if only Limited variables can be set at queue time in project settings. | |
- in: path | |
name: projectName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking if only Limited variables can be set at queue time in project settings. | |
responses: | |
200: | |
description: Successful request. | |
400: | |
description: Bad request. | |
/buildeditpipelinecount/{orgName}/{projectName}/{buildDefinition}: | |
get: | |
operationId: BuildRestrictEditPipelineCount | |
summary: Check if the build pipeline is secure by checking if more than 10 members have Edit Pipeline Permission. | |
parameters: | |
- in: path | |
name: orgName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking if more than 10 members have Edit Pipeline Permission. | |
- in: path | |
name: projectName | |
schema: | |
type: string | |
required: true | |
description: The projectName to be used for checking if more than 10 members have Edit Pipeline Permission. | |
- in: path | |
name: buildDefinition | |
schema: | |
type: string | |
required: true | |
description: The buildDefinition to be used for cchecking if more than 10 members have Edit Pipeline Permission. | |
responses: | |
200: | |
description: Successful request. | |
400: | |
description: Bad request. | |
/checkPRValidationPipeline/{orgName}/{projectName}/{buildDefinition}: | |
get: | |
operationId: CheckPRValidationSecrets | |
summary: Check if the build pipeline is secure by checking for PR Validation pipelines if secrets are being used. | |
parameters: | |
- in: path | |
name: orgName | |
schema: | |
type: string | |
required: true | |
description: The orgName to be used for checking for PR Validation pipelines if secrets are being used. | |
- in: path | |
name: projectName | |
schema: | |
type: string | |
required: true | |
description: The projectName to be used for checking for PR Validation pipelines if secrets are being used. | |
- in: path | |
name: buildDefinition | |
schema: | |
type: string | |
required: true | |
description: The buildDefinition to be used for checking for PR Validation pipelines if secrets are being used. | |
responses: | |
200: | |
description: Successful request. | |
400: | |
description: Bad request. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment