API

Status Dashboard application comes with an API for opening incidents from monitoring by posting component statuses.

API is not designed to be used by humans using OpenID or oAuth. Therefore a separate authorization is being used by the API.

Authorization for API requests

Authorizations for API requests based on the JWT usage “SECRET_KEY” and “API_PAYLOAD_KEY” is defined in the app.config.

Authorization will be passed If the “API_PAYLOAD_KEY” from the token’s payload equals “API_PAYLOAD_KEY” from the app.config and secret_key from the token equals “SECRET_KEY”

You should encode the “SECRET_KEY” to get the token

>>> secret_key = "dev"
>>> payload = {"status_dashboard": "dummy"}
>>> encoded = jwt.encode(payload, secret_key, algorithm="HS256")
>>> print(encoded)
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwYXlsb2FkIjoiU09NRV9QQVlMT0FEIn0.oLj3UE3cQaviTpjOn0J6v0KE_wvPowyk2MAyN_s00_8

API v1

POST /api/v1/component_status

Update component status

Process component status update and open new incident if required:

  • current active maintenance for the component - do nothing

  • current active incident for the component - do nothing

  • current active incident NOT for the component - add component into the list of affected components

  • no active incidents - create new one

  • current active incident for the component and requested impact > current impact - run handling:

    If a component exists in an incident, but the requested impact is higher than the current one, then the component will be moved to another incident if it exists with the requested impact, otherwise a new incident will be created and the component will be moved to the new incident. If there is only one component in an incident, and an incident with the requested impact does not exist, then the impact of the incident will be changed to a higher one, otherwise the component will be moved to an existing incident with the requested impact, and the current incident will be closed by the system. The movement of a component and the closure of an incident will be reflected in the incident statuses.

This method requires authorization to be used.

curl http://localhost:5000/api/v1/component_status -X POST \
     -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6pX...' \
     -H 'content-type:application/json' \
     -d '{"impact": "minor", "name": "Component 1", \
     "attributes":[{"name":"region","value":"Reg1"}]}'
Returns IncidentSchema:

IncidentSchema object

GET /api/v1/component_status

Get components

Query configured components with related incidents.

Example:

curl http://localhost:5000/api/v1/component_status -X GET \
     -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6Ikp...'
GET /api/v1/incidents

Get all incidents

Retrieve a list of all incidents.

Example:

curl http://localhost:5000/api/v1/incidents -X GET \
     -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6Ikp...'