feat(apim-apps): add external credentials support for new applications

Applications can now declare a `credentials:` list in the YAML manifest.
Each entry holds a static `client_id` (and optional `secret`) that is
provisioned via POST /applications/{id}/extcredentials when the application
is first created. Existing applications are never modified.

Also adds CHANGELOG.md and ROADMAP.md for the v0.1.0 initial release.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-06-29 22:16:48 +02:00
parent 7738a51d16
commit 0f1a6d865d
10 changed files with 251 additions and 3 deletions
+19
View File
@@ -0,0 +1,19 @@
# Roadmap
## Shipped in v0.1.0
- ~~**Application management**~~ — ✓ shipped v0.1.0
- ~~**Organisation management**~~ — ✓ shipped v0.1.0
- ~~**API subscriptions**~~ — ✓ shipped v0.1.0
- ~~**External credentials**~~ — ✓ shipped v0.1.0 (static `client_id`/`secret` per application, set on creation only)
- ~~**Multi-environment support**~~ — ✓ shipped v0.1.0
- ~~**Dry-run mode**~~ — ✓ shipped v0.1.0
- ~~**Append-only safety**~~ — ✓ shipped v0.1.0
## Backlog
- **Update existing applications** — detect drift between manifest and API Manager state and reconcile (currently, only missing resources are created).
- **OAuth credentials** — full OAuth client credential provisioning (`clientId` + `secret` via `/oauth`).
- **Update existing credentials** — reconcile `credentials:` on applications that already exist.
- **Environment variable interpolation** — allow `${VAR}` references in the manifest for values that differ between environments.
- **Report output** — structured JSON/YAML report of actions taken, suitable for CI artefacts.