Skip to Content

Self-service

Last modified by Tiina Silvonen on 2025/04/02 14:10

For ease of use, Dependency Track uses AWX to enable self-service functionality.

The self-service tools can be found at awx.web.helsinki.fi. They can be found by logging in using SAML (icon of a person at the bottom of the login panel), and then from the left bar select Resources -> Templates and then search for "dtrack".

1740046303875-190.png

Using self-service

A workflow can be started by clicking on the rocket icon. This will open a screen with information for the user to enter

1740046629990-853.png

After filling out the form and clicking next, a series of Ansible playbooks are executed in sequence. If everything checks out, the requested action is performed. If not, an email describing the error is usually sent to the specified email address.

Current self-service options

For operations that handle existing teams, the user starting a workflow must belong to one of the IAM-groups that have access to the team in the dependency track.

Create a team

Creates a new team inside Dependency Track with the name of the IAM-group. Will also allow the group members to log in to Dependency Track. Creating a team return an API key for the team as a Securemail to the specified email address (appended with .s).

Team name will be the IAM-group's name (e.g. grp-test-group).

Fails if

  • The IAM-group doesn't exist, or you are not member of it.
  • Team with the group name already exists in the Dependency Track. You can just log in.

Create alert

Creates an alert for automatic notifications about SBOM alerts. The possible notification channels are Slack notifications, Teams notifications, Jira tickets and emails. For Jira tickets you can also specify the ticket type.

Notifications for a project are enabled by adding a tag with IAM-group's name e.g. "grp-test-group" to the project.

OBS. You have to add a tag with a team-name for at least one project, before creating an alert. Add a tag by opening a project view from the Projects section and selecting View Details below the project name.

You can create one alert for each notification channel, per team. If you create a new one with the existing channel, old one will be overwritten.

Fails if

  • You are not a member of the IAM-groups mapped to the team.
  • The team does not exist.
  • The tag does not exist.

API Key Management

Used to manage API keys for a team. Allows you to order new keys, replace existing ones, delete all or a specific key, and retrieve all currently enabled API keys. Requested API keys will be delivered via Securemail, notification of deletions and error reports will be delivered as regular mail.

Fails if

  • You are not a member of the IAM-groups mapped to the team.
  • The team does not exist.