Pipelines

This endpoint demonstrates the pipeline YAML configuration functionality. It accepts a YAML document as the request body and processes it accordingly. This is primarily used for testing and demonstration purposes to validate YAML configurations for pipelines.

Use Cases

• YAML Configuration Testing: Validate and test pipeline configurations provided in YAML format.

• Integration Testing: Use this endpoint to ensure that pipeline YAML configurations are correctly parsed and handled.

• Demonstration: Showcase how pipeline configurations can be submitted via the API.

Required Access

• Authentication: Bearer token in the Authorization header.

• Permissions: User must have appropriate roles and rights to use this endpoint.

Important Notes!

• YAML Parsing: The request body must contain a valid YAML document.

• Mandatory Fields: The targetPipelines field is required in the request body.

• Response Data: The endpoint echoes back the received YAML content for confirmation.

• Error Handling: Appropriate HTTP status codes are returned in case of errors.

This endpoint updates one or more pipelines with new source repository settings. This endpoint allows you to configure repository settings at both the pipeline and step levels for supported steps such as SonarQube, Command-Line, and Jenkins.

Use Cases

• Bulk Configuration: Apply repository settings to multiple pipelines simultaneously.

• Automated Updates: Automate the update of repository settings across pipelines and tools.

• Standardization: Ensure consistent repository configurations across different pipelines and steps.

Required Access

• Authentication: Bearer token in the Authorization header.

• Permissions: User must have appropriate roles and rights to configure pipeline settings.

Important Notes!

• Supported Actions: The action field in the request body must be set to "update-source".

• Mandatory Fields:

  • targetPipelines: An array of pipeline identifiers to be updated.

  • targetTools: An array of tool identifiers associated with the pipelines.

  • settings: An object containing the new repository settings.

• Supported Steps: Applies to steps like SonarQube, Command-Line, and Jenkins.

• Error Handling: Appropriate HTTP status codes are returned for different error scenarios.

• Asynchronous Processing: The endpoint may trigger background processes; ensure idempotency in repeated calls.

This endpoint deletes one or more pipelines specified by their unique IDs. This operation is irreversible and will permanently remove the pipelines from the system.

Use Cases

• Pipeline Cleanup: Remove outdated, unused, or deprecated pipelines.

• Project Decommissioning: Delete pipelines as part of the retirement of projects or systems.

• Compliance: Ensure data retention policies are adhered to by removing unnecessary pipelines.

Required Access

• Authentication: Bearer token in the Authorization header.

• Permissions: User must have the appropriate roles and rights to delete pipelines.

Process Details

• Request Validation:

  • Validates that the request contains a properly formatted body with pipeline IDs.

  • Ensures the user has the necessary permissions to perform the action.

• Audit Logging:

  • Logs the deletion activity for traceability.

  • Tracks which pipelines were deleted and by whom.

• Deletion:

  • Deletes the specified pipelines from the database.

Important Notes!

• Irreversible Action: Once pipelines are deleted, they cannot be recovered.

• Required Input: Ensure that all target pipeline IDs are included in the request body.

This endpoint executes one or more pipelines specified by their unique IDs, using the provided settings. This endpoint enables triggering automated workflows for CI/CD or other pipeline-related tasks.

Use Cases

• CI/CD Automation: Automate the execution of pipelines for building, testing, and deploying applications.

• Orchestration: Coordinate multiple pipelines to support complex workflows or interdependent operations.

• Manual Triggering: Provide users with the ability to manually trigger pipelines as needed.

Required Access

• Authentication: Bearer token in the Authorization header.

• Permissions: User must have the necessary roles to run pipelines.

Process Details

• Input Validation:

  • Ensures that a valid list of pipeline IDs and settings object is provided in the request body.

• Pipeline Execution:

  • Initiates the execution of the specified pipelines using the provided settings.

• Response Generation:

  • Returns the status and details of the pipeline execution process.

Important Notes!

• Ensure that pipeline IDs in the request body are valid and belong to the authorized user.

• This action may trigger resource-intensive workflows. Monitor system usage accordingly.

Returns a paginated list of all pipelines accessible to the authenticated user. Supports keyword search and status filtering. Results are RBAC-restricted.

Creates a new pipeline with automatic step dependency resolution. Supports step name-to-ID translation and validation of dependency relationships.

• Step Name Resolution: Converts step names to IDs

• Dependency Validation: Validates relationships, detects cycles

• Audit Logging: Records pipeline creation

Returns the full configuration and metadata for a specific pipeline, including stages, triggers, parameters, and owner information. Access is restricted by RBAC.

Returns a lightweight list of the most recent runs for a given pipeline, ordered from newest to oldest by run count.

Use the limit query parameter to control how many runs are returned. The value is clamped between 5 (minimum) and 10 (maximum), defaulting to 5.

Each run includes its overall status (derived from step statuses), trigger information, timing, and a summary of stage outcomes. For full run details including console logs, stage-level runs, and artifacts, use the GET /api/v2/pipelines/{pipelineId}/runs/{runCount} endpoint.

Returns an audit-log-style envelope for a specific pipeline run, including overall status (derived from step statuses), per-stage run details with console logs, timing information, and the user who triggered the run.

For in-progress runs (RUNNING, QUEUED), endTime and duration are null. For terminal states (SUCCESS, FAILED, DENIED, ABORTED, STOPPED), endTime falls back to the run-status record's updatedAt when no explicit pipeline-end activity log exists, and duration is calculated accordingly.

The response uses a { count, data } wrapper (not the standard V2 envelope).

Triggers pipeline execution with integrated notifications for approval gates. Supports both top-level and nested identifier shapes and optional custom approval message.

Updates RBAC (Role-Based Access Control) roles for multiple pipelines in a single operation. Pipelines can be selected either by providing explicit pipeline IDs or by specifying a folder path.

Selection Methods (mutually exclusive):

• By Pipeline IDs: Provide an array of specific pipeline IDs to update

• By Folder Path: Provide a folder path to update all pipelines in that folder

Role Update Modes:

• Overwrite Mode (default, overwriteRoles: true): Replaces the entire roles array with the provided roles

• Append Mode (overwriteRoles: false): Adds new roles to existing roles without removing current ones (uses $addToSet to prevent duplicates)

Access Control:

• User must have access to each pipeline to update its roles

• Pipelines the user cannot access will be reported in the failed array

• Requires Administrator, Power User, or Opsera Administrator role

Role Structure: Each role object should contain:

• role: The access level (e.g., "administrator", "manager", "user", "guest")

• user: Email address of the user (optional if group is provided)

• group: Group identifier (optional if user is provided, set to null for individual users)

Unified endpoint that creates new pipelines or updates existing ones with comprehensive step metadata validation. Automatically detects create vs update based on _id presence.

CREATE MODE (no _id in body):

• Creates new pipeline with validated steps

• MongoDB auto-generates step IDs

• Returns created pipeline with all IDs

UPDATE MODE (_id or pipelineId in body):

• Updates existing pipeline (must exist in database)

• Invalid or non-existing pipeline _id returns 404 error

• Can add/update/remove steps in a single call

• Validates all step configurations

• Step ID Behavior:

  • Steps WITH valid _id: Updates existing step (must belong to this pipeline)

  • Steps WITHOUT _id: Creates new step with auto-generated ID

  • Steps with invalid/non-existing _id: Returns 400 validation error

Features:

• Step Metadata Validation: Validates configuration against tool schemas

• Field-Level Errors: Returns specific field errors with validation details

• Auto-ID Generation: Step IDs automatically generated for new steps

• Step ID Security: Validates step IDs belong to pipeline (UPDATE mode)

• Auto Dependency Resolution: Step names in dependencies resolved to IDs

• MongoDB Field Sanitization: Removes internal fields from input and output

• Flexible Operations: Add/update/remove steps in single call

• Audit Logging: Records all operations with mode (CREATE/UPDATE)

Retrieves comprehensive metadata schema for a given pipeline step tool identifier. Returns field specifications, AI context for intelligent assistance, validation rules, conditional logic, and deployment mode configurations.

Response Structure

The metadata response includes:

• fields: Array of field definitions with AI context

• newObjectFields: Default values for creating new step configurations

• deploymentModes (optional): Different configuration scenarios for complex tools

AI Context (aiContext)

Each field includes an aiContext object to help AI agents understand:

• description: Human-readable explanation of the field's purpose

• valueType: Data type (string, boolean, mongoDbId, enum, etc.)

• examples: Annotated examples with descriptions

• valueSource: Where to get valid values (API, static list, computed, etc.)

• conditionalLogic: When the field is required, visible, or hidden

• dependsOn: Fields that must be set before this one

Deployment Modes (deploymentModes)

For tools with multiple configuration scenarios (e.g., ArgoCD with Helm vs Kustomize), the response includes a deploymentModes array. Each mode specifies:

• triggerField: The field that activates this mode

• requiredFields: Fields required for this mode

• optionalFields: Additional optional fields

• example: Complete working configuration

AI Agent Workflow

1. Get tool identifiers from /api/v2/tools/identifiers

2. Get registered tool instances from /api/v2/tools/registry

3. Call this endpoint for each tool type to understand configuration requirements

4. Use aiContext.valueSource to fetch valid values for each field

5. Check deploymentModes to understand different configuration scenarios

6. Build step configurations using the metadata schema

7. Validate with /api/v2/pipelines/validate before creating

Value Source Types

The aiContext.valueSource.type indicates where field values come from:

• api: Fetch from an API endpoint (see endpoint property)

• static: Predefined list of values (see values property)

• computed: Automatically calculated from other fields

• previousStep: Reference to an earlier pipeline step

• userInput: Manual user entry

• customParameter: From pipeline custom parameters

Conditional Logic Operators

The conditionalLogic uses these operators:

• equals, notEquals: Exact match comparison

• contains, notContains: String/array containment

• isEmpty, isNotEmpty: Null/empty checks

• in, notIn: Value in array of options

AI Agent Best Practices

1. Check aiContext.alwaysRequired - These fields are mandatory in all scenarios

2. Use deploymentModes - Pick the right mode based on user requirements

3. Follow dependsOn order - Set dependent fields first

4. Use valueSource.endpoint - Fetch valid values from the specified API

5. Check conditionalLogic.requiredWhen - Field may be required conditionally

6. Use valid tool identifiers - Use values from /api/v2/tools/identifiers (e.g., "docker-push", not "docker_push"). Resolution is case-insensitive.

7. Use mode examples - Each deploymentModes[].example is a complete, valid config

Common Tool Identifiers

Tool identifiers are resolved case-insensitively. Use the values returned by /api/v2/tools/identifiers.

• Build: run_script, jenkins, npm, build

• Security: snyk, sonar, anchore-scan, twistlock

• Container: docker-push, docker-cli

• Deploy: helm, terraform, argo

• Approval: approval, user-action

Validates a pipeline configuration without creating it.

This endpoint performs the same validation as the pipeline creation endpoint, but does not persist the pipeline. Use this for:

• Pre-flight validation: Check configuration before creating

• AI agent validation: Verify payloads before submission

• Form validation: Real-time feedback during pipeline construction

• Iterative refinement: Test configurations until all validation passes

AI Agent Workflow

This is typically the fourth endpoint to call when building a pipeline:

1. Get tool identifiers from /api/v2/tools/identifiers

2. Get registered tool instances from /api/v2/tools/registry

3. Get metadata for each tool type from /api/v2/pipelines/step-metadata

4. Build pipeline configuration

5. Call this endpoint to validate before creating

6. If valid, create via MCP post_api_v2_pipeline_create tool

7. If invalid, fix errors and validate again

Validation Checks

• Pipeline Metadata: Name is required, workflow structure is valid

• Step Structure: Each step has name, tool_identifier, and configuration

• Tool Identifiers: Tool identifiers exist and are valid

• Step Configuration: Configuration matches the tool's metadata schema

• Required Fields: All required fields from metadata are present

• Field Validation: Field types, lengths, and formats are correct

• Dependencies: Step dependencies reference valid step names/IDs

Response Structure

The response always returns 200 status with validation results, even if validation fails. Check the data.valid field to determine if the configuration passed validation.

Example: Iterative Validation Process

AI Agent Best Practices

1. Always validate before creating - Prevents failed creation attempts

2. Check both pipeline and step-level validity - Review pipelineMetadata.valid and each steps[].valid

3. Use field-level errors for fixes - Each error includes field, message, and code

4. Validate iteratively - Fix errors and re-validate until valid: true

5. Check summary counts - Quick overview with totalSteps, validSteps, invalidSteps

6. Use valid tool identifiers - Use values from /api/v2/tools/identifiers (e.g., "docker-push", not "docker_push"). Resolution is case-insensitive.

Common Validation Errors

• MISSING_REQUIRED_FIELD - Required field is missing from configuration

• INVALID_TOOL_IDENTIFIER - Tool identifier doesn't exist or wrong case

• VALIDATION_ERROR - Field value doesn't meet validation rules

• MISSING_WORKFLOW_PLAN - workflow.plan array is missing or empty

Retrieves all available pipeline templates (both platform and customer templates). Supports pagination, filtering by type/status, and keyword search.

Use Cases

• Template Discovery: Browse available pipeline templates before creating a new pipeline

• AI Agent Workflow: Get templates to understand available pipeline patterns

• Template Selection: Find templates by type, status, or keyword search

Template Types

• Platform Templates: Pre-built templates provided by Opsera for common CI/CD patterns

• Customer Templates: Custom templates created and shared within your organization

Retrieves a specific pipeline template configuration by its ID. Searches both platform and customer templates.

Use Cases

• Template Details: Get full configuration of a specific template

• Pipeline Creation: Retrieve template to use as base for new pipeline

• AI Agent Workflow: Get template configuration to understand step structure

Response Structure

The template includes:

• name: Template display name

• description: Template purpose and usage

• plan: Array of pipeline steps with tool configurations

• type: Template category (ci-cd, security, deployment, etc.)

• tags: Searchable tags for categorization

• active: Whether the template is currently available for use