Add OpenAPI documentation for k9-integration-api endpoints

examples/v2/security-monitoring/CreateSecurityFinding.ts

@@ -0,0 +1,23 @@
+/**
+ * Create security finding returns "OK" response
+ */
+
+import { client, v2 } from "@datadog/datadog-api-client";
+
+const configuration = client.createConfiguration();
+configuration.unstableOperations["v2.createSecurityFinding"] = true;
+const apiInstance = new v2.SecurityMonitoringApi(configuration);
+
+const params: v2.SecurityMonitoringApiCreateSecurityFindingRequest = {
+  vendor: "vendor",
+  findingType: "vulnerability",
+};
+
+apiInstance
+  .createSecurityFinding(params)
+  .then((data: any) => {
+    console.log(
+      "API called successfully. Returned data: " + JSON.stringify(data)
+    );
+  })
+  .catch((error: any) => console.error(error));

examples/v2/security-monitoring/ImportSecurityVulnerabilities.ts

@@ -0,0 +1,83 @@
+/**
+ * Import vulnerabilities returns "OK" response
+ */
+
+import { client, v2 } from "@datadog/datadog-api-client";
+
+const configuration = client.createConfiguration();
+configuration.unstableOperations["v2.importSecurityVulnerabilities"] = true;
+const apiInstance = new v2.SecurityMonitoringApi(configuration);
+
+const params: v2.SecurityMonitoringApiImportSecurityVulnerabilitiesRequest = {
+  body: {
+    bomFormat: "CycloneDX",
+    components: [
+      {
+        bomRef: "a3390fca-c315-41ae-ae05-af5e7859cdee",
+        name: "lodash",
+        purl: "pkg:npm/lodash@4.17.21",
+        type: "library",
+        version: "4.17.21",
+      },
+    ],
+    metadata: {
+      component: {
+        bomRef: "asset-ref-123",
+        name: "i-12345",
+        type: "operating-system",
+      },
+      tools: {
+        components: [
+          {
+            name: "my-scanner",
+            type: "application",
+          },
+        ],
+      },
+    },
+    specVersion: "1.5",
+    version: 1,
+    vulnerabilities: [
+      {
+        advisories: [
+          {
+            url: "https://example.com/advisory/CVE-2021-1234",
+          },
+        ],
+        affects: [
+          {
+            ref: "a3390fca-c315-41ae-ae05-af5e7859cdee",
+          },
+        ],
+        cwes: [123, 345],
+        description: "Sample vulnerability detected in the application.",
+        detail: "Details about the vulnerability",
+        id: "CVE-2021-1234",
+        ratings: [
+          {
+            score: 9.0,
+            severity: "high",
+            vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
+          },
+        ],
+        references: [
+          {
+            id: "GHSA-35m5-8cvj-8783",
+            source: {
+              url: "https://example.com",
+            },
+          },
+        ],
+      },
+    ],
+  },
+};
+
+apiInstance
+  .importSecurityVulnerabilities(params)
+  .then((data: any) => {
+    console.log(
+      "API called successfully. Returned data: " + JSON.stringify(data)
+    );
+  })
+  .catch((error: any) => console.error(error));

examples/v2/security-monitoring/ImportThreatIntel.ts

@@ -0,0 +1,23 @@
+/**
+ * Import threat intelligence feed returns "OK" response
+ */
+
+import { client, v2 } from "@datadog/datadog-api-client";
+
+const configuration = client.createConfiguration();
+configuration.unstableOperations["v2.importThreatIntel"] = true;
+const apiInstance = new v2.SecurityMonitoringApi(configuration);
+
+const params: v2.SecurityMonitoringApiImportThreatIntelRequest = {
+  tiVendor: "ti_vendor",
+  tiIndicator: "ip_address",
+};
+
+apiInstance
+  .importThreatIntel(params)
+  .then((data: any) => {
+    console.log(
+      "API called successfully. Returned data: " + JSON.stringify(data)
+    );
+  })
+  .catch((error: any) => console.error(error));

features/support/scenarios_model_mapping.ts

@@ -4056,6 +4056,21 @@ export const ScenariosModelMappings: {[key: string]: {[key: string]: any}} = {
             },
         "operationResponseType": "ListSecurityFindingsResponse",
     },
+    "v2.CreateSecurityFinding": {
+        "vendor": {
+            "type": "string",
+            "format": "",
+            },
+        "findingType": {
+            "type": "SecurityFindingType",
+            "format": "",
+            },
+        "body": {
+            "type": "{ [key: string]: any; }",
+            "format": "",
+            },
+        "operationResponseType": "{}",
+    },
     "v2.CreateCases": {
         "body": {
             "type": "CreateCaseRequestArray",
@@ -4218,6 +4233,25 @@ export const ScenariosModelMappings: {[key: string]: {[key: string]: any}} = {
             },
         "operationResponseType": "NotificationRuleResponse",
     },
+    "v2.ImportThreatIntel": {
+        "tiVendor": {
+            "type": "string",
+            "format": "",
+            },
+        "tiIndicator": {
+            "type": "ThreatIntelIndicatorType",
+            "format": "",
+            },
+        "tiIntegrationAccount": {
+            "type": "string",
+            "format": "",
+            },
+        "body": {
+            "type": "any",
+            "format": "",
+            },
+        "operationResponseType": "{}",
+    },
     "v2.ListVulnerabilities": {
         "pageToken": {
             "type": "string",
@@ -4393,6 +4427,13 @@ export const ScenariosModelMappings: {[key: string]: {[key: string]: any}} = {
             },
         "operationResponseType": "ListVulnerabilitiesResponse",
     },
+    "v2.ImportSecurityVulnerabilities": {
+        "body": {
+            "type": "CycloneDXBOM",
+            "format": "",
+            },
+        "operationResponseType": "{}",
+    },
     "v2.GetVulnerabilityNotificationRules": {
         "operationResponseType": "NotificationRulesList",
     },

features/v2/security_monitoring.feature

@@ -708,6 +708,24 @@ Feature: Security Monitoring
     When the request is sent
     Then the response status is 404 Not Found
 
+  @generated @skip @team:DataDog/asm-vm
+  Scenario: Create security finding returns "Bad Request" response
+    Given operation "CreateSecurityFinding" enabled
+    And new "CreateSecurityFinding" request
+    And request contains "vendor" parameter from "REPLACE.ME"
+    And request contains "finding_type" parameter from "REPLACE.ME"
+    When the request is sent
+    Then the response status is 400 Bad Request
+
+  @generated @skip @team:DataDog/asm-vm
+  Scenario: Create security finding returns "OK" response
+    Given operation "CreateSecurityFinding" enabled
+    And new "CreateSecurityFinding" request
+    And request contains "vendor" parameter from "REPLACE.ME"
+    And request contains "finding_type" parameter from "REPLACE.ME"
+    When the request is sent
+    Then the response status is 200 OK
+
   @generated @skip @team:DataDog/k9-cloud-security-platform
   Scenario: Deactivate content pack returns "Accepted" response
     Given operation "DeactivateContentPack" enabled
@@ -1397,6 +1415,40 @@ Feature: Security Monitoring
     When the request is sent
     Then the response status is 200 The list of notification rules.
 
+  @generated @skip @team:DataDog/asm-vm
+  Scenario: Import threat intelligence feed returns "Bad Request" response
+    Given operation "ImportThreatIntel" enabled
+    And new "ImportThreatIntel" request
+    And request contains "ti_vendor" parameter from "REPLACE.ME"
+    And request contains "ti_indicator" parameter from "REPLACE.ME"
+    When the request is sent
+    Then the response status is 400 Bad Request
+
+  @generated @skip @team:DataDog/asm-vm
+  Scenario: Import threat intelligence feed returns "OK" response
+    Given operation "ImportThreatIntel" enabled
+    And new "ImportThreatIntel" request
+    And request contains "ti_vendor" parameter from "REPLACE.ME"
+    And request contains "ti_indicator" parameter from "REPLACE.ME"
+    When the request is sent
+    Then the response status is 200 OK
+
+  @generated @skip @team:DataDog/asm-vm
+  Scenario: Import vulnerabilities returns "Bad Request" response
+    Given operation "ImportSecurityVulnerabilities" enabled
+    And new "ImportSecurityVulnerabilities" request
+    And body with value {"bomFormat": "CycloneDX", "components": [{"bom-ref": "a3390fca-c315-41ae-ae05-af5e7859cdee", "name": "lodash", "purl": "pkg:npm/lodash@4.17.21", "type": "library", "version": "4.17.21"}], "metadata": {"component": {"bom-ref": "asset-ref-123", "name": "i-12345", "type": "operating-system"}, "tools": {"components": [{"name": "my-scanner", "type": "application"}]}}, "specVersion": "1.5", "version": 1, "vulnerabilities": [{"advisories": [{"url": "https://example.com/advisory/CVE-2021-1234"}], "affects": [{"ref": "a3390fca-c315-41ae-ae05-af5e7859cdee"}], "cwes": [123, 345], "description": "Sample vulnerability detected in the application.", "detail": "Details about the vulnerability", "id": "CVE-2021-1234", "ratings": [{"score": 9.0, "severity": "high", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N"}], "references": [{"id": "GHSA-35m5-8cvj-8783", "source": {"url": "https://example.com"}}]}]}
+    When the request is sent
+    Then the response status is 400 Bad Request
+
+  @generated @skip @team:DataDog/asm-vm
+  Scenario: Import vulnerabilities returns "OK" response
+    Given operation "ImportSecurityVulnerabilities" enabled
+    And new "ImportSecurityVulnerabilities" request
+    And body with value {"bomFormat": "CycloneDX", "components": [{"bom-ref": "a3390fca-c315-41ae-ae05-af5e7859cdee", "name": "lodash", "purl": "pkg:npm/lodash@4.17.21", "type": "library", "version": "4.17.21"}], "metadata": {"component": {"bom-ref": "asset-ref-123", "name": "i-12345", "type": "operating-system"}, "tools": {"components": [{"name": "my-scanner", "type": "application"}]}}, "specVersion": "1.5", "version": 1, "vulnerabilities": [{"advisories": [{"url": "https://example.com/advisory/CVE-2021-1234"}], "affects": [{"ref": "a3390fca-c315-41ae-ae05-af5e7859cdee"}], "cwes": [123, 345], "description": "Sample vulnerability detected in the application.", "detail": "Details about the vulnerability", "id": "CVE-2021-1234", "ratings": [{"score": 9.0, "severity": "high", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N"}], "references": [{"id": "GHSA-35m5-8cvj-8783", "source": {"url": "https://example.com"}}]}]}
+    When the request is sent
+    Then the response status is 200 OK
+
   @generated @skip @team:DataDog/k9-cloud-vm
   Scenario: List assets SBOMs returns "Bad request: The server cannot process the request due to invalid syntax in the request." response
     Given new "ListAssetsSBOMs" request

features/v2/undo.json

@@ -4304,6 +4304,12 @@
       "type": "safe"
     }
   },
+  "CreateSecurityFinding": {
+    "tag": "Security Monitoring",
+    "undo": {
+      "type": "unsafe"
+    }
+  },
   "DetachCase": {
     "tag": "Security Monitoring",
     "undo": {
@@ -4409,12 +4415,24 @@
       "type": "idempotent"
     }
   },
+  "ImportThreatIntel": {
+    "tag": "Security Monitoring",
+    "undo": {
+      "type": "unsafe"
+    }
+  },
   "ListVulnerabilities": {
     "tag": "Security Monitoring",
     "undo": {
       "type": "safe"
     }
   },
+  "ImportSecurityVulnerabilities": {
+    "tag": "Security Monitoring",
+    "undo": {
+      "type": "unsafe"
+    }
+  },
   "GetVulnerabilityNotificationRules": {
     "tag": "Security Monitoring",
     "undo": {

packages/datadog-api-client-common/configuration.ts

@@ -251,6 +251,7 @@ export function createConfiguration(
       "v2.activateContentPack": false,
       "v2.cancelThreatHuntingJob": false,
       "v2.convertJobResultToSignal": false,
+      "v2.createSecurityFinding": false,
       "v2.deactivateContentPack": false,
       "v2.deleteThreatHuntingJob": false,
       "v2.getContentPacksStates": false,
@@ -260,6 +261,8 @@ export function createConfiguration(
       "v2.getSecurityMonitoringHistsignal": false,
       "v2.getSecurityMonitoringHistsignalsByJobId": false,
       "v2.getThreatHuntingJob": false,
+      "v2.importSecurityVulnerabilities": false,
+      "v2.importThreatIntel": false,
       "v2.listFindings": false,
       "v2.listMultipleRulesets": false,
       "v2.listScannedAssetsMetadata": false,