8 CI/CD for API artifacts 1: Source-stage governance controls
This chapter covers
- Defining the automated governance controls for API artifact source files in your pipeline
- Executing the governance controls in the pipeline
- Creating and managing multifile API definitions
Large software projects can involve multiple teams building many external RESTful APIs for an organization. Centralized manual governance is one way to ensure APIs meet the organization’s API consistency and usability standards. But as discussed in chapter 1, centralized manual governance doesn’t scale, leading to reduced agility, long lead times, and developer frustration. How can governance teams minimize the need for manual design reviews and move toward consistently applied, automated self-service reviews to support many development teams?
Automated governance isn’t the only problem. During the software delivery process, several API artifacts are generated from the API definition files. API artifacts are API definition files and the by-products generated from them, provided for API consumers and other internal stakeholders to use. They include API reference documentation, client SDKs, alternative API definition formats, API score reports, and more. Consistency suffers when dev teams create these artifacts using manual and ad hoc processes. So how can the organization provide a consistent way for teams to generate API artifacts?