@postman-cse/onboarding-insights 1.0.3 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +15 -13
- package/action.yml +3 -3
- package/dist/action.cjs +357 -46
- package/dist/cli.cjs +449 -138
- package/dist/index.cjs +361 -46
- package/package.json +4 -4
package/README.md
CHANGED
|
@@ -16,6 +16,8 @@ Part of the [Postman API Onboarding suite](https://github.com/postman-cs/postman
|
|
|
16
16
|
|
|
17
17
|
This action does **not** deploy the Insights agent, create workspaces, create environments, upload OpenAPI specs, or sync repo artifacts. It only links a service that Insights has already discovered.
|
|
18
18
|
|
|
19
|
+
> **Credential requirement for the Insights linking steps.** The service discovery and git-link calls run on Postman's `api-catalog` service and accept a service-account access token. The Insights acknowledgment and application-binding steps run on the `akita` (Insights) service, which authenticates against a **Postman user identity** and answers `401 "Postman User not found"` for a service-account token. To complete the full link, supply a credential pair that carries a Postman user identity (a user's access token and user PMAK). A service-account-only pair from `postman-resolve-service-token-action` is sufficient for discovery and git linking but cannot finish the Insights acknowledgment.
|
|
20
|
+
|
|
19
21
|
## Which action should I use?
|
|
20
22
|
|
|
21
23
|
| Need | Action |
|
|
@@ -40,12 +42,12 @@ jobs:
|
|
|
40
42
|
# ... deploy your service to Kubernetes ...
|
|
41
43
|
|
|
42
44
|
- id: postman_token
|
|
43
|
-
uses: postman-cs/postman-resolve-service-token-action@
|
|
45
|
+
uses: postman-cs/postman-resolve-service-token-action@v2
|
|
44
46
|
with:
|
|
45
47
|
postman-api-key: ${{ secrets.POSTMAN_API_KEY }}
|
|
46
48
|
postman-region: us
|
|
47
49
|
|
|
48
|
-
- uses: postman-cs/postman-insights-onboarding-action@
|
|
50
|
+
- uses: postman-cs/postman-insights-onboarding-action@v2
|
|
49
51
|
with:
|
|
50
52
|
project-name: core-payments
|
|
51
53
|
workspace-id: ${{ vars.POSTMAN_WORKSPACE_ID }}
|
|
@@ -70,12 +72,12 @@ jobs:
|
|
|
70
72
|
# ... deploy your service to Kubernetes ...
|
|
71
73
|
|
|
72
74
|
- id: postman_token
|
|
73
|
-
uses: postman-cs/postman-resolve-service-token-action@
|
|
75
|
+
uses: postman-cs/postman-resolve-service-token-action@v2
|
|
74
76
|
with:
|
|
75
77
|
postman-api-key: ${{ secrets.POSTMAN_API_KEY }}
|
|
76
78
|
postman-region: us
|
|
77
79
|
|
|
78
|
-
- uses: postman-cs/postman-insights-onboarding-action@
|
|
80
|
+
- uses: postman-cs/postman-insights-onboarding-action@v2
|
|
79
81
|
with:
|
|
80
82
|
project-name: core-payments
|
|
81
83
|
workspace-id: ${{ vars.POSTMAN_WORKSPACE_ID }}
|
|
@@ -99,12 +101,12 @@ jobs:
|
|
|
99
101
|
- uses: actions/checkout@v5
|
|
100
102
|
|
|
101
103
|
- id: postman_token
|
|
102
|
-
uses: postman-cs/postman-resolve-service-token-action@
|
|
104
|
+
uses: postman-cs/postman-resolve-service-token-action@v2
|
|
103
105
|
with:
|
|
104
106
|
postman-api-key: ${{ secrets.POSTMAN_API_KEY }}
|
|
105
107
|
postman-region: us
|
|
106
108
|
|
|
107
|
-
- uses: postman-cs/postman-bootstrap-action@
|
|
109
|
+
- uses: postman-cs/postman-bootstrap-action@v2
|
|
108
110
|
id: bootstrap
|
|
109
111
|
with:
|
|
110
112
|
project-name: core-payments
|
|
@@ -115,7 +117,7 @@ jobs:
|
|
|
115
117
|
|
|
116
118
|
# ... deploy service to Kubernetes ...
|
|
117
119
|
|
|
118
|
-
- uses: postman-cs/postman-repo-sync-action@
|
|
120
|
+
- uses: postman-cs/postman-repo-sync-action@v2
|
|
119
121
|
id: sync
|
|
120
122
|
with:
|
|
121
123
|
project-name: core-payments
|
|
@@ -129,7 +131,7 @@ jobs:
|
|
|
129
131
|
postman-api-key: ${{ secrets.POSTMAN_API_KEY }}
|
|
130
132
|
postman-access-token: ${{ steps.postman_token.outputs.token }}
|
|
131
133
|
|
|
132
|
-
- uses: postman-cs/postman-insights-onboarding-action@
|
|
134
|
+
- uses: postman-cs/postman-insights-onboarding-action@v2
|
|
133
135
|
with:
|
|
134
136
|
project-name: core-payments
|
|
135
137
|
workspace-id: ${{ steps.bootstrap.outputs.workspace-id }}
|
|
@@ -147,7 +149,7 @@ jobs:
|
|
|
147
149
|
The Insights agent takes time to discover services after pods start. The action polls the [API Catalog](https://learning.postman.com/docs/api-catalog/connect/insights/) discovered-services list until the service appears or the timeout is reached. For services that take longer to appear (cold cluster, large pod startup time), raise the timeout:
|
|
148
150
|
|
|
149
151
|
```yaml
|
|
150
|
-
- uses: postman-cs/postman-insights-onboarding-action@
|
|
152
|
+
- uses: postman-cs/postman-insights-onboarding-action@v2
|
|
151
153
|
with:
|
|
152
154
|
project-name: core-payments
|
|
153
155
|
workspace-id: ${{ vars.POSTMAN_WORKSPACE_ID }}
|
|
@@ -165,7 +167,7 @@ The Insights agent takes time to discover services after pods start. The action
|
|
|
165
167
|
Before any onboarding write, the action can verify that `postman-api-key` and `postman-access-token` resolve to the same parent organization. The default `warn` mode logs a note and continues. Set `credential-preflight` to `enforce` to fail fast on mismatched credentials:
|
|
166
168
|
|
|
167
169
|
```yaml
|
|
168
|
-
- uses: postman-cs/postman-insights-onboarding-action@
|
|
170
|
+
- uses: postman-cs/postman-insights-onboarding-action@v2
|
|
169
171
|
with:
|
|
170
172
|
project-name: core-payments
|
|
171
173
|
workspace-id: ${{ vars.POSTMAN_WORKSPACE_ID }}
|
|
@@ -201,13 +203,13 @@ See [CLI Usage](docs/cli.md) for provider auto-detection, output formats, and Gi
|
|
|
201
203
|
<!-- inputs-table:start -->
|
|
202
204
|
| Name | Description | Required | Default |
|
|
203
205
|
| --- | --- | --- | --- |
|
|
204
|
-
| `project-name` | Service name or
|
|
206
|
+
| `project-name` | Service name or Jira/Xray project key to match against the final discovered-service segment | Yes | |
|
|
205
207
|
| `workspace-id` | Postman workspace ID to link the discovered service to | Yes | |
|
|
206
208
|
| `environment-id` | Postman environment UID for the onboarding association | Yes | |
|
|
207
209
|
| `system-environment-id` | Postman system environment UUID for service-level Insights acknowledgment | No | |
|
|
208
|
-
| `cluster-name` | Insights cluster name.
|
|
210
|
+
| `cluster-name` | Insights cluster name. When set, matches {cluster-name}/{project-name} exactly in discovered services | No | |
|
|
209
211
|
| `repo-url` | Repository URL for Git onboarding. Auto-detected from CI context when omitted. | No | |
|
|
210
|
-
| `postman-access-token` |
|
|
212
|
+
| `postman-access-token` | Postman access token (x-access-token) for the Bifrost linking calls. The api-catalog discovery and git-link steps accept a service-account token (mint it with postman-resolve-service-token-action); the Insights (akita) acknowledgment and application-binding steps require a token carrying a Postman user identity — a service-account token answers 401 "Postman User not found" there. | Yes | |
|
|
211
213
|
| `postman-team-id` | Explicit Postman team ID for org-mode integration request headers. When omitted, x-entity-team-id is not sent. | No | |
|
|
212
214
|
| `github-token` | Optional GitHub token passed as git_api_key when repository auth is required by onboarding/git | No | |
|
|
213
215
|
| `postman-api-key` | Service-account Postman API key (PMAK-*) for the application binding call. Auto-created from postman-access-token when omitted or invalid after a clear 401/403 validation failure. | No | |
|
package/action.yml
CHANGED
|
@@ -6,7 +6,7 @@ branding:
|
|
|
6
6
|
color: orange
|
|
7
7
|
inputs:
|
|
8
8
|
project-name:
|
|
9
|
-
description: 'Service name or
|
|
9
|
+
description: 'Service name or Jira/Xray project key to match against the final discovered-service segment'
|
|
10
10
|
required: true
|
|
11
11
|
workspace-id:
|
|
12
12
|
description: 'Postman workspace ID to link the discovered service to'
|
|
@@ -18,13 +18,13 @@ inputs:
|
|
|
18
18
|
description: 'Postman system environment UUID for service-level Insights acknowledgment'
|
|
19
19
|
required: false
|
|
20
20
|
cluster-name:
|
|
21
|
-
description: 'Insights cluster name.
|
|
21
|
+
description: 'Insights cluster name. When set, matches {cluster-name}/{project-name} exactly in discovered services'
|
|
22
22
|
required: false
|
|
23
23
|
repo-url:
|
|
24
24
|
description: 'Repository URL for Git onboarding. Auto-detected from CI context when omitted.'
|
|
25
25
|
required: false
|
|
26
26
|
postman-access-token:
|
|
27
|
-
description: '
|
|
27
|
+
description: 'Postman access token (x-access-token) for the Bifrost linking calls. The api-catalog discovery and git-link steps accept a service-account token (mint it with postman-resolve-service-token-action); the Insights (akita) acknowledgment and application-binding steps require a token carrying a Postman user identity — a service-account token answers 401 "Postman User not found" there.'
|
|
28
28
|
required: true
|
|
29
29
|
postman-team-id:
|
|
30
30
|
description: 'Explicit Postman team ID for org-mode integration request headers. When omitted, x-entity-team-id is not sent.'
|