GitHub Code Scanning Alert to Datadog Event to Slack

arazzo: 1.0.1
info:
  title: GitHub Code Scanning Alert to Datadog Event to Slack
  summary: Pull a GitHub code-scanning alert, post a Datadog event, then notify Slack.
  description: >-
    A DevSecOps correlation workflow that lists code-scanning alerts for a GitHub
    repository, records the top finding as a Datadog event so it appears on the
    observability timeline, and notifies a Slack channel. Demonstrates chaining a
    source-control provider, an observability provider, and a chat provider in a
    single Arazzo workflow.
  version: 1.0.0
sourceDescriptions:
  - name: githubCodeScanning
    url: https://raw.githubusercontent.com/api-evangelist/github/refs/heads/main/openapi/github-repo-code-scanning-api-openapi.yml
    type: openapi
  - name: datadogEvents
    url: https://raw.githubusercontent.com/api-evangelist/datadog/refs/heads/main/openapi/datadog-events-openapi.yml
    type: openapi
  - name: slackChat
    url: https://raw.githubusercontent.com/api-evangelist/slack/refs/heads/main/openapi/slack-chat-openapi.yml
    type: openapi
workflows:
  - workflowId: codescan-to-datadog-event-to-slack
    summary: List a code-scanning alert, post a Datadog event, and notify Slack.
    description: >-
      Retrieves code-scanning alerts for a repository, records the top finding
      as a Datadog event, and posts a Slack message about the alert.
    inputs:
      type: object
      properties:
        owner:
          type: string
        repo:
          type: string
        slackChannel:
          type: string
    steps:
      - stepId: list-alerts
        description: List code-scanning alerts for the GitHub repository.
        operationId: $sourceDescriptions.githubCodeScanning.listCodeScanningAlertsForRepository
        successCriteria:
          - condition: $statusCode == 200
        outputs:
          alertRule: $response.body#/0/rule/description
          alertUrl: $response.body#/0/html_url
      - stepId: post-datadog-event
        description: Record the code-scanning alert as a Datadog event.
        operationId: $sourceDescriptions.datadogEvents.createEvent
        requestBody:
          contentType: application/json
          payload:
            title: $steps.list-alerts.outputs.alertRule
            text: $steps.list-alerts.outputs.alertUrl
            alert_type: warning
            tags:
              - source:github-code-scanning
        successCriteria:
          - condition: $statusCode == 202
        outputs:
          eventId: $response.body#/event/id
      - stepId: notify-slack
        description: Notify a Slack channel about the code-scanning alert.
        operationId: $sourceDescriptions.slackChat.postChatPostmessage
        requestBody:
          contentType: application/json
          payload:
            channel: $inputs.slackChannel
            text: $steps.list-alerts.outputs.alertUrl
        successCriteria:
          - condition: $statusCode == 200
        outputs:
          messageTs: $response.body#/ts
    outputs:
      alertRule: $steps.list-alerts.outputs.alertRule
      eventId: $steps.post-datadog-event.outputs.eventId
      messageTs: $steps.notify-slack.outputs.messageTs