search

kunalnagarco / action-cve

A GitHub action that sends Dependabot Vulnerability Alerts to multiple sources.
https://github.com/marketplace/actions/check-cve
MIT License
22 stars 22 forks source link

Use Zenduty alert API endpoint #135

Open SilentEntity opened 1 year ago

SilentEntity commented 1 year ago

We should use Zenduty alerts api endpoint to create alerts in Zenduty. This will skip using any token for creating alert.

Zenduty API URL: https://docs.zenduty.com/docs/api

kunalnagar commented 1 year ago

@SilentEntity - This action uses the Zenduty Services feature: https://docs.zenduty.com/docs/services

Any particular reason to switch to this method? Either way you have to create a unique token - in this method you are creating an integration key.

SilentEntity commented 1 year ago

The current way needs an API token [auth token] that needs to be generated and provided, which is not required. From UI the incident is created this way but I think that is for sample/demo or manual incident creation. You can also observe that all the other integrations are also provided on this page, which sends an alert to Zenduty. I think in Zenduty, integrations are used as a point of getting alerts, which creates incidents in services, that belong to a team in an account.

The hierarchy is like this: [ Alert > Integration > service > team > account ]

I think API [auth token] 's better use case will be Zenduty's terraform provider.