gsadmin/certctl
1
0
Fork 0
mirror of https://github.com/shankar0123/certctl.git synced 2026-06-12 15:48:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: complete V2 audit remediation — OpenAPI spec, demos, and features

Browse Source 
- Add 15 missing operations to openapi.yaml (M18b discovery, M20 deployments,
  M21 network scan, M22 Prometheus) — spec now has 93 operations matching all
  93 router routes
- Add 6 new component schemas (DiscoveredCertificate, DiscoveryScan,
  DiscoveryReport, NetworkScanTarget, NetworkScanTargetCreate,
  StatusMessageResponse)
- Add Discovery and Network Scan tags to OpenAPI spec
- Fix stale "Prometheus format deferred to V3" claim in metrics description
- Add Part 4.5 (Target CRUD) to demo-advanced.md with create/update/delete
  curl examples
- Expand Certificate Profiles section in features.md with list/get/update
  curl examples
- Add Deployment Trigger section to features.md with curl examples
- Add discovery-summary and discovery-scans curl examples to features.md
- Remove 3 empty directories (internal/agent/, internal/audit/, internal/policy/)
- Update features.md OpenAPI scope from "78 documented" to "93 operations"

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Shankar
2026-03-25 00:42:58 -04:00
parent 18f0da7f56
commit c907cff4c3
3 changed files with 670 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/demo-advanced.md
+33
View File
@@ -372,6 +372,39 @@ curl -s "$API/api/v1/jobs" | jq '.data[] | select(.certificate_id == "mc-demo-ap
---
## Part 4.5: Manage Deployment Targets
Before deploying, you need targets. The demo seeds 5 targets, but you can also create, update, and delete them via API:
```bash
# List all targets
curl -s "$API/api/v1/targets" | jq '.data[] | {id, name, type, agent_id}'
# Create a new NGINX target
curl -s -X POST "$API/api/v1/targets" \
-H "Content-Type: application/json" \
-d '{
"id": "tgt-nginx-api",
"name": "API NGINX",
"type": "nginx",
"agent_id": "ag-web-prod",
"config": {"cert_path": "/etc/nginx/certs/api.crt", "key_path": "/etc/nginx/certs/api.key", "reload_command": "systemctl reload nginx"},
"enabled": true
}' | jq .
# Update a target
curl -s -X PUT "$API/api/v1/targets/tgt-nginx-api" \
-H "Content-Type: application/json" \
-d '{"name": "API NGINX (updated)", "type": "nginx", "agent_id": "ag-web-prod", "config": {"cert_path": "/etc/nginx/certs/api.crt"}, "enabled": true}' | jq .
# Delete a target
curl -s -X DELETE "$API/api/v1/targets/tgt-nginx-api"
```
Each target type (NGINX, Apache, HAProxy, F5, IIS) accepts different configuration fields. The `config` JSON is validated at deployment time by the target connector.
---
## Part 5: Deploy the Certificate
Trigger deployment to see the deployment workflow: