CI/CD Integration Examples
Integrate de.iterate into your CI/CD pipeline.
GitHub Actions Integration
yaml
# .github/workflows/compliance-check.yml
name: Compliance Check
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
compliance:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
- name: Install dependencies
run: npm ci
- name: Run compliance check
env:
DEITERATE_API_KEY: ${{ secrets.DEITERATE_API_KEY }}
DEITERATE_ORG_ID: ${{ secrets.DEITERATE_ORG_ID }}
run: node scripts/compliance-check.jsCompliance Check Script
typescript
// scripts/compliance-check.ts
import { DeIterateClient } from '@deiterate/sdk';
const client = new DeIterateClient({
apiKey: process.env.DEITERATE_API_KEY!,
organizationId: process.env.DEITERATE_ORG_ID,
});
async function checkCompliance() {
const errors: string[] = [];
// Check for overdue tasks
const overdueTasks = await client.assurance.getOverdue();
if (overdueTasks.length > 0) {
errors.push(`${overdueTasks.length} overdue assurance tasks`);
}
// Check SOA implementation
const soaSummary = await client.soa.getSummary();
if (soaSummary.implementationPercentage < 80) {
errors.push(`SOA implementation at ${soaSummary.implementationPercentage}% (minimum: 80%)`);
}
// Check for high-severity risks
const risks = await client.risks.list();
const criticalRisks = risks.risks.filter(r =>
r.inherentRisk === 'Extreme' || r.inherentRisk === 'High'
);
if (criticalRisks.length > 10) {
errors.push(`${criticalRisks.length} high/critical risks (threshold: 10)`);
}
if (errors.length > 0) {
console.error('Compliance check failed:');
errors.forEach(e => console.error(` - ${e}`));
process.exit(1);
}
console.log('Compliance check passed');
}
checkCompliance().catch(err => {
console.error('Error:', err);
process.exit(1);
});Post-Deployment Risk Creation
typescript
// scripts/post-deploy.ts
import { DeIterateClient } from '@deiterate/sdk';
const client = new DeIterateClient({
apiKey: process.env.DEITERATE_API_KEY!,
organizationId: process.env.DEITERATE_ORG_ID,
});
async function createDeploymentRisk() {
const deploymentInfo = {
version: process.env.VERSION || 'unknown',
environment: process.env.ENVIRONMENT || 'production',
commit: process.env.COMMIT_SHA || 'unknown',
};
// Create a deployment-related assurance task
await client.assurance.create({
description: `Post-deployment verification for ${deploymentInfo.version}`,
assignedTo: 'devops-team@company.com',
dueDate: new Date(Date.now() + 24 * 60 * 60 * 1000), // 24 hours
evidenceRequired: true,
});
console.log('Created post-deployment verification task');
}
createDeploymentRisk();Security Scan Results Integration
typescript
// scripts/import-security-findings.ts
import { DeIterateClient } from '@deiterate/sdk';
interface SecurityFinding {
id: string;
title: string;
severity: 'low' | 'medium' | 'high' | 'critical';
description: string;
}
const client = new DeIterateClient({
apiKey: process.env.DEITERATE_API_KEY!,
organizationId: process.env.DEITERATE_ORG_ID,
});
async function importSecurityFindings(findings: SecurityFinding[]) {
let created = 0;
for (const finding of findings) {
await client.findings.create({
title: finding.title,
description: finding.description,
severity: finding.severity,
status: 'open',
});
created++;
}
console.log(`Imported ${created} security findings`);
}
// Example: Parse from security scanner output
const findings: SecurityFinding[] = JSON.parse(
process.env.SECURITY_FINDINGS || '[]'
);
importSecurityFindings(findings);