Skip to main content

New Association of Projects to Applications - API Compatibility

Warning

This page describes upcoming changes that will affect how Projects are associated with Applications. These changes haven’t yet been implemented in production environments. However, we recommend preparing in advance to be ready when the changes occur.

This page describes the changes to the Checkmarx One REST APIs related to assignment of Projects to Applications.

Previously assignment of Projects to Applications was done based a system of “Rules”. Each Application had a series of rules that defined what characteristics a Project needed to have in order to be assigned to that Application (e.g., any Project with the tag Demo is included in the Application “DemoApp”).

The new functionality will be that Projects are assigned directly to Applications by specifying the Project ID of each Project that you want to assign. It will now be possible to assign Projects to Applications as part of the process of creating Applications, creating Projects, or as a separate action.

Old Workflow

Notice

In the old workflow the order of these two steps was irrelevant.

  • Use POST /applications to create an Application and define rules for assigning Projects to that Application.

  • Use POST /projects to create a Project with charechteristics that fit the rules of an Application.

    The Project is automatically assigned to that Application.

New Workflow

  1. Use POST /applications to create an Application.

  2. Use POST /projects to create a Project, specifying the Application IDs of the Applications to which it is assigned.

OR

  1. Use POST /projects to create a Project.

  2. Use POST /applications to create an Application, specifying the Project IDs of each of the Projects that you would like to assign to it.

In addition, you can add existing Projects to existing Applications. To add to the existing assignments, use the new endpoints

POST /applications/{application_id}/projects OR

POST /projects/{project_id}/applications.

To replace the existing assignments, use the existing endpoints

PUT /api/applications/{application_id} OR

PUT /api/projects{project_id}.

New Workflow for Assigning Projects According to Tags

It is still possible to assign Projects to Applications based on the Project tags, using the following workflow.

  1. Create Projects and assign tags using POST /projects.

  2. Obtain a list of Projects that have a specific tag using GET /projects, with a query parameter filtering for the specific tag.

  3. Create an Application using POST /applications, specifying the list of Project IDs that you want to asssign to the Application.

New Endpoints

  • /api/applications

    • POST /{application_id}/projects - add Projects to an application

    • DELETE /{application_id}/Projects - remove projects from an application

  • /api/projects

    • POST /{project_id}/applications - add applications to a Project

    • DELETE /{project_id}/applications - remove applications from a Project

Method

URL

Request

Success Response

Description

POST

/api/applications/{application_id}/projects

Path parameter: application_id

Body:

{
"projectIds": [
        "string"
      ],
}
{
"projectIds": [
        "string"
      ],
}

Assign new projects to the Application specified in the path parameter.

DELETE

/api/applications/{application_id}/projects

Path parameter: application_id

Body:

{
"projectIds": [
        "string"
      ],
}

NO CONTENT

Remove projects from the Application specified in the path parameter.

POST

/api/projects/{project_id}/applications

Path parameter: project_id

Body:

{
"applicationIds": [
        "string"
      ],
}
{
"applicationIds": [
        "string"
      ],
}

Assign new Applications to the Project specified in the path parameter.

DELETE

/api/projects/{project_id}/applications

Path parameter: project_id

Body:

{
"applicationIds": [
        "string"
      ],
}

NO CONTENT

Remove Applications from the Project specified in the path parameter.

Deprecated Endpoints

All of the endpoints related specifically to "project rules" will be deprecated. This includes the following endpoints:

  • POST /applications/{id}/project-rules

  • GET /applications/{id}/project-rules

  • GET /applications/{id}/project-rules/{rule-id}

  • PUT /applications/{id}/project-rules/{rule-id}

  • DELETE /applications/{id}/project-rules/{rule-id}

  • POST /{id}/project-rules

  • GET /{id}/project-rules

  • GET /{id}/project-rules/{rule-id}

  • PUT /{id}/project-rules/{rule-id}

  • DELETE /{id}/project-rules/{rule-id}

Changes to Existing APIs:

  • /api/applications

    • POST - create application

    • GET - get applications

    • /{application_id} GET - get application by ID

    • /{application_id} PUT - update application

  • /api/projects

    • POST - create project

    • GET - get projects

    • /{project_id} GET - get project by ID

    • /{project_id} PUT - update project

Changed Application APIs

Method

url

Old

New

Description

POST

/api/applications

Request body:

{
  "name": "string",
  "description": "string",
  "criticality": 3,
  "rules": [
    {
      "type": "project.tag.key-value.exists",
      "value": "key;value"
    }
  ],
  "tags": {
    "test": "",
    "priority": "high"
  }
}

Request body:

{
  "name": "string",
  "description": "string",
  "criticality": 3,
  "projectIds": [
        "string"
      ],
  "tags": {
    "test": "",
    "priority": "high"
  }
}

Create an Application. Used to have rules key, but now replaced with “projectIds”.

“ProjectIds” is not mandatory. You can create the Application and then assign Projects later.

GET

/api/applications

Success Response:

{
  "totalCount": 0,
  "filteredTotalCount": 0,
  "applications": [
    {
      "id": "string",
      "name": "string",
      "description": "string",
      "criticality": 3,
      "rules": [
        {
          "id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
          "type": "project.tag.key-value.exists",
          "value": "key;value"
        }
      ],
      "projectIds": [
        "string"
      ],
      "createdAt": "2024-06-25T09:38:40.149Z",
      "updatedAt": "2024-06-25T09:38:40.149Z",
      "tags": {
        "test": "",
        "priority": "high"
      }
    }
  ]
}

Success Response:

{
  "totalCount": 0,
  "filteredTotalCount": 0,
  "applications": [
    {
      "id": "string",
      "name": "string",
      "description": "string",
      "criticality": 3,
      "projectIds": [
        "string"
      ],
      "createdAt": "2023-09-14T09:46:13.071Z",
      "updatedAt": "2023-09-14T09:46:13.071Z",
      "tags": {
        "test": "",
        "priority": "high"
      }
    }
  ]
}

Get list of Applications. Removed the rules key.

GET

/api/applications/{application_id}

Path parameter: application_id

Success Response:

{
  "id": "string",
  "name": "string",
  "description": "string",
  "criticality": 3,
  "rules": [
    {
      "id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
      "type": "project.tag.key-value.exists",
      "value": "key;value"
    }
  ],
  "projectIds": [
    "string"
  ],
  "createdAt": "2024-06-25T09:43:47.435Z",
  "updatedAt": "2024-06-25T09:43:47.435Z",
  "tags": {
    "test": "",
    "priority": "high"
  }
}

Path parameter: application_id

Success Response:

{
  "id": "string",
  "name": "string",
  "description": "string",
  "criticality": 3,
  "projectIds": [
    "string"
  ],
  "createdAt": "2023-09-14T09:48:58.328Z",
  "updatedAt": "2023-09-14T09:48:58.328Z",
  "tags": {
    "test": "",
    "priority": "high"
  }
}

Get Application by Application ID. Removed the rules key.

PUT

/api/applications/{application_id}

Path parameter: application_id

Request body:

{
  "name": "string",
  "description": "string",
  "criticality": 3,
  "rules": [
    {
      "type": "project.tag.key-value.exists",
      "value": "key;value"
    }
  ],
  "tags": {
    "test": "",
    "priority": "high"
  }
}

Path parameter: application_id

Request body:

{
  "name": "string",
  "description": "string",
  "criticality": 3,
  "tags": {
    "test": "",
    "priority": "high"
  },
  "projectIds": [
        "string"
  ],
}

Update an Application. Removed the rules key and added “projectIds” parameter.

If the “projectIds” parameter is not set, then the Project assignement is not changed.

If “projectIds” is set, then the previously assigned Projects are overwritten by the submitted Project IDs.

Notice

If you would like to add to the existing assigned Projects, use the new API, POST /applications/{application_id}/projects.

Changed Project APIs

Method

url

Old

New

Description

POST

/api/projects

Request body:

{
  "name": "string",
  "groups": [
    "string"
  ],
  "repoUrl": "string",
  "mainBranch": "string",
  "origin": "string",
  "tags": {
    "test": "",
    "priority": "high"
  },
  "criticality": 3
}

Request body:

{
  "name": "string",
  "groups": [
    "string"
  ],
  "repoUrl": "string",
  "mainBranch": "string",
  "origin": "string",
  "tags": {
    "test": "",
    "priority": "high"
  },
  "applicationIds": [
        "string"
  ],
  "criticality": 3
}

Create a Project. You can now specify Application IDs to assign the Project to Applications.

“applicationIds” is not mandatory.

GET

/api/projects

Success response:

{
  "totalCount": 0,
  "filteredTotalCount": 0,
  "projects": [
    {
      "id": "string",
      "name": "string",
      "groups": [
        "string"
      ],
      "repoUrl": "string",
      "mainBranch": "string",
      "origin": "string",
      "createdAt": "2024-06-26T07:22:21.955Z",
      "updatedAt": "2024-06-26T07:22:21.955Z",
      "tags": {
        "test": "",
        "priority": "high"
      },
      "criticality": 3
    }
  ]
}

Success response:

{
  "totalCount": 0,
  "filteredTotalCount": 0,
  "projects": [
    {
      "id": "string",
      "name": "string",
      "groups": [
        "string"
      ],
      "repoUrl": "string",
      "mainBranch": "string",
      "origin": "string",
      "createdAt": "2023-09-19T13:31:06.431Z",
      "updatedAt": "2023-09-19T13:31:06.431Z",
      "tags": {
        "test": "",
        "priority": "high"
      },
      "applicationIds": [
        "string"
      ],
      "criticality": 3
    }
  ]
}

Get list of Projects with associated Application IDs

GET

/api/projects{project_id}

Path parameter: project_id

Success response:

{
  "id": "string",
  "name": "string",
  "applicationIds": [
    "string"
  ],
  "groups": [
    "string"
  ],
  "repoUrl": "string",
  "mainBranch": "string",
  "origin": "string",
  "createdAt": "2024-06-26T07:44:17.640Z",
  "updatedAt": "2024-06-26T07:44:17.640Z",
  "tags": {
    "test": "",
    "priority": "high"
  },
  "criticality": 3
}

Path parameter: project_id

Success response:

{
  "id": "string",
  "name": "string",
  "applicationIds": [
    "string"
  ],
  "groups": [
    "string"
  ],
  "repoUrl": "string",
  "mainBranch": "string",
  "origin": "string",
  "createdAt": "2023-09-19T13:31:52.875Z",
  "updatedAt": "2023-09-19T13:31:52.875Z",
  "tags": {
    "test": "",
    "priority": "high"
  },
  "applicationIds": [
        "string"
  ],
  "criticality": 3
}

Get Project info with associated Application IDs

PUT

/api/projects{project_id}

Path paremeter: project_id

Request body:

{
  "name": "string",
  "groups": [
    "string"
  ],
  "repoUrl": "string",
  "mainBranch": "string",
  "origin": "string",
  "tags": {
    "test": "",
    "priority": "high"
  },
  "criticality": 3
}

Path parameter: project_id

Request body:

{
  "name": "string",
  "groups": [
    "string"
  ],
  "repoUrl": "string",
  "mainBranch": "string",
  "origin": "string",
  "tags": {
    "test": "",
    "priority": "high"
  },
  "applicationIds": [
        "string"
  ],
  "criticality": 3
}

Update a Project. Added the “applicationIds” parameter.

If the “applicationIds” parameter is not set, then the assignment to Applications is not changed.

If “applicationIds” is set, then the previous assignment to Applications is overwritten by the submitted Application IDs.

Notice

If you would like to add to the existing Application assignments, use the new API, POST /projects/{project_id}/applications.