Endpoints de organização
Grupo /platform/organizations/{organization_id}/* (menos API keys e webhooks, que têm páginas próprias).
Cobre: reportes de feedback, integrações externas (Git e CI), identity providers (OIDC/SSO), git bindings (vínculo entre um projeto e um repositório) e pipeline runs.
Tabela de endpoints
Feedback
| Método | Caminho | Permissão |
|---|---|---|
| GET | /platform/organizations/{organization_id}/feedback-reports | feedback:view |
| POST | /platform/organizations/{organization_id}/feedback-reports | feedback:create |
Integrações
| Método | Caminho | Permissão |
|---|---|---|
| GET | /platform/organizations/{organization_id}/integrations | Sessão |
| POST | /platform/organizations/{organization_id}/integrations | integration:manage |
| PATCH | /platform/organizations/{organization_id}/integrations/{integration_id} | integration:manage |
| DELETE | /platform/organizations/{organization_id}/integrations/{integration_id} | integration:manage |
| POST | /platform/organizations/{organization_id}/integrations/{integration_id}/test | integration:manage |
Identity providers (OIDC/SSO)
| Método | Caminho | Permissão |
|---|---|---|
| GET | /platform/organizations/{organization_id}/identity-providers | Sessão |
| POST | /platform/organizations/{organization_id}/identity-providers | identity_provider:manage |
| PATCH | /platform/organizations/{organization_id}/identity-providers/{provider_id} | identity_provider:manage |
| DELETE | /platform/organizations/{organization_id}/identity-providers/{provider_id} | identity_provider:manage |
Capacidades dos provedores Git
| Método | Caminho | Auth |
|---|---|---|
| GET | /platform/git-providers/capabilities | Pública |
Repositórios e branches
| Método | Caminho | Permissão |
|---|---|---|
| GET | /platform/organizations/{organization_id}/integrations/{integration_id}/repositories | integration:manage |
| GET | /platform/organizations/{organization_id}/integrations/{integration_id}/branches?repository=… | integration:manage |
| POST | /platform/organizations/{organization_id}/integrations/{integration_id}/discover | integration:manage |
| POST | /platform/organizations/{organization_id}/integrations/{integration_id}/sync-import | integration:manage |
| POST | /platform/organizations/{organization_id}/integrations/{integration_id}/sync-export | integration:manage |
Git bindings (sync de projeto)
| Método | Caminho | Permissão |
|---|---|---|
| GET | /platform/organizations/{organization_id}/git-bindings | Sessão |
| POST | /platform/organizations/{organization_id}/git-bindings | integration:manage |
| POST | /platform/organizations/{organization_id}/git-bindings/validate | integration:manage |
| PATCH | /platform/organizations/{organization_id}/git-bindings/{binding_id} | integration:manage |
| DELETE | /platform/organizations/{organization_id}/git-bindings/{binding_id} | integration:manage |
| GET | /platform/organizations/{organization_id}/git-bindings/{binding_id}/runs | Sessão |
| POST | /platform/organizations/{organization_id}/git-bindings/{binding_id}/discover | integration:manage |
| POST | /platform/organizations/{organization_id}/git-bindings/{binding_id}/import | integration:manage |
| GET | /platform/organizations/{organization_id}/git-bindings/{binding_id}/commits | Sessão |
| GET | /platform/organizations/{organization_id}/git-bindings/{binding_id}/review-status | Sessão |
| POST | /platform/organizations/{organization_id}/git-bindings/{binding_id}/preflight | integration:manage |
| POST | /platform/organizations/{organization_id}/git-bindings/{binding_id}/rollback | integration:manage |
| POST | /platform/organizations/{organization_id}/git-bindings/{binding_id}/publish | version:publish |
Pipeline runs (CI)
| Método | Caminho | Permissão |
|---|---|---|
| POST | /platform/organizations/{organization_id}/integrations/{integration_id}/pipeline-runs | integration:manage |
| GET | /platform/organizations/{organization_id}/integrations/{integration_id}/pipeline-runs/{external_run_id} | integration:manage |
Feedback
POST /.../feedback-reports
Cria um reporte de feedback (bug, feature request, melhoria, dúvida).
Request body (FeedbackReportCreateRequest):
{
"kind": "bug",
"title": "Logtest falha em eventos grandes",
"description": "Ao colar um evento de 50KB a resposta demora > 10s",
"attachments": []
}
kind ∈ question.
Response 200 (FeedbackReportRecord): inclui id, status, created_at. Emite webhook feedback.created.
Integrações
Uma integração conecta o RuleForge a um sistema externo: repositório Git, pipeline CI, ou canal de mensagens. Campos principais:
kind—git,ci,messaging.provider—github,gitlab,gitea,jenkins,slack, etc.credentials(criptografadas) — tokens, private keys.settings— configuração por provedor (base URL, org id, etc.).
POST /.../integrations
Request body (IntegrationConnectionCreateRequest):
{
"name": "GitHub SOC",
"kind": "git",
"provider": "github",
"settings": {
"base_url": "https://github.com",
"organization": "acme-soc"
},
"credentials": {
"token": "ghp_..."
}
}
Response 200: IntegrationConnectionRecord — credentials não é retornado; apenas metadata.
PATCH /.../integrations/{integration_id}
Atualização parcial. Envie credenciais novamente se quiser trocá-las; caso contrário as existentes são preservadas.
DELETE /.../integrations/{integration_id}
Response 204. Bindings/pipelines que dependem ficam órfãos e precisam ser reconectados manualmente.
POST /.../integrations/{integration_id}/test
Testa conectividade. Response varia pelo kind:
git→ clona listagem de repos.ci→ valida API da plataforma.
Identity providers (OIDC/SSO)
Configura provedor externo para o fluxo de login.
POST /.../identity-providers
Request body (IdentityProviderCreateRequest):
{
"name": "Okta corporativo",
"kind": "oidc",
"issuer": "https://acme.okta.com",
"client_id": "…",
"client_secret": "…",
"discovery_url": "https://acme.okta.com/.well-known/openid-configuration",
"scopes": ["openid", "email", "profile"],
"default_role": "engineer"
}
Response 200: IdentityProviderRecord (sem client_secret).
Git providers — capacidades
GET /platform/git-providers/capabilities
Lista o que cada provedor suporta. Útil para o frontend habilitar/desabilitar features.
Response 200:
{
"github": {
"supports_repository_listing": true,
"supports_branch_listing": true,
"supports_scan_discovery": true,
"supports_explicit_paths": true,
"supports_direct_publish": true,
"supports_review_publish": true,
"supports_app_auth": true,
"supports_webhook_sync": true,
"supports_pagination": true
},
"gitlab": { "...": "..." },
"gitea": { "...": "..." }
}
Repositórios e branches
GET /.../integrations/{integration_id}/repositories
Lista repositórios acessíveis pela integração.
Response 200:
[
{ "full_name": "acme-soc/wazuh-rules", "default_branch": "main", "private": true },
{ "full_name": "acme-soc/ids-content", "default_branch": "trunk", "private": false }
]
GET /.../integrations/{integration_id}/branches?repository=<repo>
Lista branches do repositório informado.
Response 200: array de { "name": "main", "commit_sha": "abc…", "protected": true }.
POST /.../integrations/{integration_id}/discover
Descobre a estrutura do repositório (detecta pastas rules/ e decoders/).
Request body: { "repository": "acme/repo", "branch": "main" }.
Response 200: estrutura detectada com caminhos e contagens.
POST /.../integrations/{integration_id}/sync-import
Importa um bundle (rules + decoders) do Git direto (sem passar por binding). Útil para one-shot.
Request body: { "repository": "...", "branch": "main" }.
POST /.../integrations/{integration_id}/sync-export
Exporta (faz commit) do conteúdo atual em XML para o Git.
Request body:
{
"repository": "acme/repo",
"branch": "main",
"decoders_xml": "<decoders>…</decoders>",
"rules_xml": "<group>…</group>",
"commit_message": "Update via RuleForge"
}
Git bindings
Um binding conecta um projeto RuleForge a uma pasta específica em um repositório/branch, com política de sincronização.
POST /.../git-bindings
Request body (GitProjectBindingCreateRequest):
{
"project_id": "prj_...",
"integration_id": "int_...",
"repository": "acme-soc/wazuh-rules",
"branch": "main",
"rules_path": "rules/",
"decoders_path": "decoders/",
"publish_strategy": "review",
"scheduled_sync_interval_minutes": 60,
"sync_on_webhook": true
}
publish_strategy—"direct"(commit na branch) ou"review"(abre PR/MR).scheduled_sync_interval_minutes— 0 para desabilitar.
Response 200: GitProjectBindingRecord.
POST /.../git-bindings/validate
Valida o request antes de criar (útil para pré-visualizar conflitos).
Response 200 (GitBindingValidationResult): { valid, warnings, errors }.
POST /.../git-bindings/{binding_id}/discover
Re-descobre a estrutura; atualiza contagens e avisa sobre arquivos novos/renomeados.
POST /.../git-bindings/{binding_id}/import
Importa o estado atual do repositório para o workspace do projeto.
Request body (opcional, GitProjectBindingImportRequest): parâmetros de filtro (branch alternativo, forçar overwrite).
GET /.../git-bindings/{binding_id}/commits?limit=20
Lista commits recentes da branch vinculada. limit 1–100.
GET /.../git-bindings/{binding_id}/review-status
Estado da review pendente (PR/MR aberto pelo RuleForge), se houver.
POST /.../git-bindings/{binding_id}/preflight
Simula o publish sem fazer commit. Retorna o diff e violações de quality gate.
POST /.../git-bindings/{binding_id}/publish
Executa o publish: commit direto ou abre PR/MR conforme publish_strategy.
POST /.../git-bindings/{binding_id}/rollback
Reverte o projeto para o estado de um commit anterior.
Request body (GitBindingRollbackRequest):
{ "commit_sha": "abc123…", "workspace_name": "rollback-20260424" }
Cria um workspace novo com o conteúdo restaurado.
GET /.../git-bindings/{binding_id}/runs
Histórico de sincronizações (discover/import/publish).
Response 200: array de GitProjectSyncRunRecord com run_type, status, created_at, error, diff_summary.
Pipeline runs (CI)
Disparo e monitoramento de pipeline em CI externo (Jenkins, GitLab CI, GitHub Actions).
POST /.../integrations/{integration_id}/pipeline-runs
Dispara um run.
Request body (dependente do provedor): { "branch": "main", "inputs": { "key": "value" } }.
Response 200: { "external_run_id": "...", "status": "queued", "url": "..." }.
GET /.../integrations/{integration_id}/pipeline-runs/{external_run_id}
Consulta status.
Response 200:
{
"external_run_id": "abc",
"status": "running|succeeded|failed|canceled|queued",
"url": "https://ci.example.com/run/abc",
"started_at": "…",
"finished_at": null,
"logs_url": "…"
}