[management] Feature/fleetdm api spec

[mlsmaycon]

Describe your changes

Issue ticket number and link

Stack

Checklist

• Is it a bug fix
• Is a typo/documentation fix
• Is a feature enhancement
• It is a refactor
• Created tests that fail without the change (if possible)

By submitting this pull request, you confirm that you have read and agree to the terms of the Contributor License Agreement.

Documentation

Select exactly one:

• I added/updated documentation for this change
• Documentation is not needed for this change (explain why)

Docs PR URL (required if "docs added" is checked)

Paste the PR link from https://github.com/netbirdio/docs here:

netbirdio/docs#673

Summary by CodeRabbit

New Features

• Added EDR FleetDM integration endpoints supporting create, read, update, and delete operations for managing FleetDM configuration with API credentials, group synchronization, and host-approval attribute matching.

[coderabbitai]

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description is incomplete; it lacks specific details about the changes, no issue ticket is provided, and critical sections like 'Describe your changes' are left empty.	Fill in the 'Describe your changes' section with a clear summary of what was implemented, and provide the issue ticket number and link if applicable.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Title check	✅ Passed	The title '[management] Feature/fleetdm api spec' directly describes the main change: adding FleetDM integration API specification and client methods to the management module.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feature/fleetdm

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

shared/management/http/api/openapi.yml (1)

4286-4288: Constrain api_url as a URI in the contract.

Right now any arbitrary string satisfies the schema, so generated clients and docs will not catch malformed Fleet URLs before the request hits the server.

Proposed schema tweak

         api_url:
           type: string
+          format: uri
           description: FleetDM server URL

         api_url:
           type: string
+          format: uri
           description: FleetDM server URL

Also applies to: 4338-4340

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@shared/management/http/api/openapi.yml` around lines 4286 - 4288, The api_url
property in the OpenAPI contract currently allows any string; update its schema
to require a URI by adding format: uri (or format: uri-reference if relative
URIs are allowed) and optionally a pattern or example to clarify expected
values; apply this change to the api_url definitions at both locations (the one
around api_url and the other occurrence referenced in the comment) so generated
clients and docs will validate FleetDM server URLs as URIs.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@shared/management/http/api/openapi.yml`:
- Around line 10852-10883: The OpenAPI docs for the singleton route
/api/integrations/edr/fleetdm contain incorrect references to an "integration
ID" (e.g., in the 400 and 404 response descriptions); update the descriptions
under the GET/PUT/DELETE responses for this path so they do not mention an ID or
"the given ID" and instead describe errors in terms appropriate for a singleton
resource (e.g., "Bad Request (e.g., invalid request format)" and "Not Found
(integration does not exist)"), and apply the same wording cleanup to the
equivalent blocks referenced (the other occurrences around lines 10904-10920 and
10931-10958).

---

Nitpick comments:
In `@shared/management/http/api/openapi.yml`:
- Around line 4286-4288: The api_url property in the OpenAPI contract currently
allows any string; update its schema to require a URI by adding format: uri (or
format: uri-reference if relative URIs are allowed) and optionally a pattern or
example to clarify expected values; apply this change to the api_url definitions
at both locations (the one around api_url and the other occurrence referenced in
the comment) so generated clients and docs will validate FleetDM server URLs as
URIs.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d7514f1a-1df7-40ba-8557-52463abd3ce4

📥 Commits

Reviewing files that changed from the base of the PR and between a62d472 and 50c1a60.

📒 Files selected for processing (3)

• shared/management/client/rest/edr.go
• shared/management/http/api/openapi.yml
• shared/management/http/api/types.gen.go

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Drop the nonexistent “integration ID” wording from this singleton route.

/api/integrations/edr/fleetdm has no {id} parameter, but the GET/PUT/DELETE docs still talk about invalid IDs and “the given ID”. That makes the contract self-contradictory for SDK consumers.

Suggested wording cleanup

     get:
       tags:
         - EDR FleetDM Integrations
       summary: Get EDR FleetDM Integration
-      description: Retrieves a specific EDR FleetDM integration by its ID.
+      description: Retrieves the FleetDM EDR integration configured for the authenticated account.
@@
-        '400':
-          description: Bad Request (e.g., invalid integration ID format).
+        '400':
+          description: Bad Request.
@@
-        '404':
-          description: Not Found (e.g., integration with the given ID does not exist).
+        '404':
+          description: Not Found (e.g., no FleetDM integration is configured for the authenticated account).
@@
     delete:
       tags:
         - EDR FleetDM Integrations
       summary: Delete EDR FleetDM Integration
-      description: Deletes an EDR FleetDM Integration by its ID.
+      description: Deletes the FleetDM EDR integration configured for the authenticated account.

Also applies to: 10904-10920, 10931-10958

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@shared/management/http/api/openapi.yml` around lines 10852 - 10883, The
OpenAPI docs for the singleton route /api/integrations/edr/fleetdm contain
incorrect references to an "integration ID" (e.g., in the 400 and 404 response
descriptions); update the descriptions under the GET/PUT/DELETE responses for
this path so they do not mention an ID or "the given ID" and instead describe
errors in terms appropriate for a singleton resource (e.g., "Bad Request (e.g.,
invalid request format)" and "Not Found (integration does not exist)"), and
apply the same wording cleanup to the equivalent blocks referenced (the other
occurrences around lines 10904-10920 and 10931-10958).