Techcle Wiki

Cga 183

3 min read

Implementation Plan: Re-integrate Actions Catalogue (CGA-183)

Summary

Re-integrate the existing actions catalogue into the user dashboard. The catalogue infrastructure already exists but was disconnected when the dashboard was rebuilt. This involves connecting the existing ActionsTab component to the main dashboard navigation, enhancing the YAML data with managed secure versions, and ensuring end-to-end functionality for GitHub Actions supply-chain security tracking.

Approach

  1. Frontend Integration

    • packages/web/src/pages/dashboard/index.tsx: Add ‘actions’ to DashboardTab type and tabs array
    • Import ActionsTab component and render when tab === ‘actions’
    • Update tab navigation to include ”🔍 Actions Catalog” option
    • Position actions tab between subscriptions and settings for logical flow

  2. Data Enhancement

    • actions.yaml: Expand catalog with additional security-focused actions
    • Add managed secure versions section with pinned SHAs for critical actions
    • Include CascadeGuard’s own cascadeguard-actions repository entries
    • Add more comprehensive coverage of CI/CD, security, and deployment actions

  3. API Integration Verification

    • api/src/routes/catalog_actions.py: Verify YAML ingestion workflow is functional
    • Test that backend properly serves catalog data to frontend
    • Confirm filtering and compliance status tracking works correctly

  4. Backend Data Pipeline

    • Ensure scan-actions workflow properly processes the expanded YAML file
    • Verify trust scores, CVE counts, and compliance statuses are computed correctly
    • Test that managed secure versions appear with proper pinned SHA indicators

  5. UI/UX Polish

    • Update dashboard page title and description to mention actions catalogue
    • Ensure responsive design works with three tabs instead of two
    • Add appropriate loading and error states for actions data

  6. Testing & Validation

    • Test actions tab navigation and filtering functionality
    • Verify API endpoints return proper data for expanded catalog
    • Confirm managed secure versions display correctly with pinning indicators
    • Test policy compliance panel functionality

Repos

  • cascadeguard-app (primary): Frontend integration, YAML data enhancement
  • cascadeguard-data (if exists): Additional YAML catalog data
  • cascadeguard-actions (reference): Include our own actions in the catalog

Layers

  • frontend: Dashboard tab integration, ActionsTab component connection
  • backend: API verification, data ingestion pipeline validation
  • data: YAML catalog expansion with managed secure versions
  • api: REST endpoint validation and filtering functionality

Skill

fullstack - Requires both frontend React/TypeScript work and backend Python API validation with data pipeline understanding.

Risks

  1. Data Quality: Expanded YAML might have formatting issues that break ingestion
  2. Performance: Larger catalog might require pagination or lazy loading
  3. API Breaking Changes: Backend API might need updates for new data fields
  4. UI Consistency: Third tab might break existing dashboard responsive design
  5. Security Validation: New managed secure versions need proper vetting

Open Questions

  1. Should the actions catalogue include community actions beyond official ones?
  2. What criteria determine which actions qualify for “managed secure versions”?
  3. Do we need separate tabs for “All Actions” vs “Managed Secure Actions”?
  4. Should actions compliance policies be configurable per organization?
  5. Is there a separate cascadeguard-data repo that should be referenced instead of embedded YAML?
  6. What’s the scanning frequency for new actions added to the catalog?

Graph View