feat(apim-apps): add external credentials support for new applications

Applications can now declare a `credentials:` list in the YAML manifest.
Each entry holds a static `client_id` (and optional `secret`) that is
provisioned via POST /applications/{id}/extcredentials when the application
is first created. Existing applications are never modified.

Also adds CHANGELOG.md and ROADMAP.md for the v0.1.0 initial release.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-06-29 22:16:48 +02:00
parent 7738a51d16
commit 0f1a6d865d
10 changed files with 251 additions and 3 deletions
+19
View File
@@ -0,0 +1,19 @@
# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [0.1.0] - 2026-06-29
### Added
- **External credentials** — applications can declare a `credentials:` list in the manifest; each entry sets a static `client_id` (and optional `secret`) via `POST /applications/{id}/extcredentials` when the application is first created. Existing applications are never touched.
- **Application management** — creates missing client applications in Axway API Manager from a YAML manifest, scoped to specific environments via `environments:`.
- **Organisation management** — optional `organizations:` section to declaratively manage organisations alongside applications.
- **API subscriptions** — automatically grants front-end API access to newly created applications.
- **Multi-environment support** — runs against all configured environments in `config.json`, or a single one with `--env`.
- **Dry-run mode** — `--dry-run` simulates all actions without making any changes.
- **Append-only safety** — the HTTP session blocks DELETE requests at the transport level; no resource can be removed by this tool.
- **GitLab CI/CD integration** — example pipeline included.