ConnectionMaster · pull · Sep 19, 2025 · Sep 19, 2025 · Sep 19, 2025 · Sep 19, 2025
diff --git a/.generator/schemas/v1/openapi.yaml b/.generator/schemas/v1/openapi.yaml
@@ -2875,6 +2875,7 @@ components:
       - ci_tests
       - ci_pipelines
       - incident_analytics
+      - product_analytics
       example: logs
       type: string
       x-enum-varnames:
@@ -2889,6 +2890,7 @@ components:
       - CI_TESTS
       - CI_PIPELINES
       - INCIDENT_ANALYTICS
+      - PRODUCT_ANALYTICS
     FormulaAndFunctionMetricAggregation:
       description: The aggregation methods available for metrics queries.
       enum:

diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml
@@ -20470,6 +20470,8 @@ components:
           $ref: '#/components/schemas/SecurityMonitoringRuleMaxSignalDuration'
         newValueOptions:
           $ref: '#/components/schemas/SecurityMonitoringRuleNewValueOptions'
+        sequenceDetectionOptions:
+          $ref: '#/components/schemas/SecurityMonitoringRuleSequenceDetectionOptions'
         thirdPartyRuleOptions:
           $ref: '#/components/schemas/SecurityMonitoringRuleThirdPartyOptions'
       type: object
@@ -40786,6 +40788,7 @@ components:
       - hardcoded
       - third_party
       - anomaly_threshold
+      - sequence_detection
       type: string
       x-enum-varnames:
       - THRESHOLD
@@ -40795,6 +40798,7 @@ components:
       - HARDCODED
       - THIRD_PARTY
       - ANOMALY_THRESHOLD
+      - SEQUENCE_DETECTION
     SecurityMonitoringRuleEvaluationWindow:
       description: 'A time window is specified to match when at least one of the cases
         matches true. This is a sliding window
@@ -41008,6 +41012,8 @@ components:
           $ref: '#/components/schemas/SecurityMonitoringRuleMaxSignalDuration'
         newValueOptions:
           $ref: '#/components/schemas/SecurityMonitoringRuleNewValueOptions'
+        sequenceDetectionOptions:
+          $ref: '#/components/schemas/SecurityMonitoringRuleSequenceDetectionOptions'
         thirdPartyRuleOptions:
           $ref: '#/components/schemas/SecurityMonitoringRuleThirdPartyOptions'
       type: object
@@ -41083,6 +41089,47 @@ components:
       oneOf:
       - $ref: '#/components/schemas/SecurityMonitoringStandardRuleResponse'
       - $ref: '#/components/schemas/SecurityMonitoringSignalRuleResponse'
+    SecurityMonitoringRuleSequenceDetectionOptions:
+      description: Options on sequence detection method.
+      properties:
+        stepTransitions:
+          description: Transitions defining the allowed order of steps and their evaluation
+            windows.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringRuleSequenceDetectionStepTransition'
+          type: array
+        steps:
+          description: Steps that define the conditions to be matched in sequence.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringRuleSequenceDetectionStep'
+          type: array
+      type: object
+    SecurityMonitoringRuleSequenceDetectionStep:
+      description: Step definition for sequence detection containing the step name,
+        condition, and evaluation window.
+      properties:
+        condition:
+          description: Condition referencing rule queries (e.g., `a > 0`).
+          type: string
+        evaluationWindow:
+          $ref: '#/components/schemas/SecurityMonitoringRuleEvaluationWindow'
+        name:
+          description: Unique name identifying the step.
+          type: string
+      type: object
+    SecurityMonitoringRuleSequenceDetectionStepTransition:
+      description: Transition from a parent step to a child step within a sequence
+        detection rule.
+      properties:
+        child:
+          description: Name of the child step.
+          type: string
+        evaluationWindow:
+          $ref: '#/components/schemas/SecurityMonitoringRuleEvaluationWindow'
+        parent:
+          description: Name of the parent step.
+          type: string
+      type: object
     SecurityMonitoringRuleSeverity:
       description: Severity of the Security Signal.
       enum:

diff --git a/.github/workflows/reusable-ci.yml b/.github/workflows/reusable-ci.yml
@@ -0,0 +1,58 @@
+name: Reusable Complete CI Workflow
+
+on:
+  workflow_call:
+    inputs:
+      target-branch:
+        description: 'Branch to checkout and test (defaults to the calling branch)'
+        required: false
+        type: string
+        default: ''
+
+    secrets:
+      PIPELINE_GITHUB_APP_ID:
+        required: false
+      PIPELINE_GITHUB_APP_PRIVATE_KEY:
+        required: false
+      # Integration test secrets
+      DD_API_KEY:
+        required: false
+      DD_CLIENT_API_KEY:
+        required: false
+      DD_CLIENT_APP_KEY:
+        required: false
+      SLEEP_AFTER_REQUEST:
+        required: false
+
+jobs:
+  pre-commit:
+    uses: ./.github/workflows/reusable-pre-commit.yml
+    with:
+      target-branch: ${{ inputs.target-branch }}
+      enable-commit-changes: false  # Don't auto-commit in external CI
+    secrets:
+      PIPELINE_GITHUB_APP_ID: ${{ secrets.PIPELINE_GITHUB_APP_ID }}
+      PIPELINE_GITHUB_APP_PRIVATE_KEY: ${{ secrets.PIPELINE_GITHUB_APP_PRIVATE_KEY }}
+
+  test:
+    uses: ./.github/workflows/reusable-go-test.yml
+    with:
+      target-branch: ${{ inputs.target-branch }}
+
+  examples:
+    uses: ./.github/workflows/reusable-examples.yml
+    with:
+      target-branch: ${{ inputs.target-branch }}
+
+  integration:
+    uses: ./.github/workflows/reusable-integration-test.yml
+    with:
+      target-branch: ${{ inputs.target-branch }}
+    secrets:
+      PIPELINE_GITHUB_APP_ID: ${{ secrets.PIPELINE_GITHUB_APP_ID }}
+      PIPELINE_GITHUB_APP_PRIVATE_KEY: ${{ secrets.PIPELINE_GITHUB_APP_PRIVATE_KEY }}
+      DD_API_KEY: ${{ secrets.DD_API_KEY }}
+      DD_CLIENT_API_KEY: ${{ secrets.DD_CLIENT_API_KEY }}
+      DD_CLIENT_APP_KEY: ${{ secrets.DD_CLIENT_APP_KEY }}
+      SLEEP_AFTER_REQUEST: ${{ secrets.SLEEP_AFTER_REQUEST }}
+
diff --git a/.github/workflows/reusable-examples.yml b/.github/workflows/reusable-examples.yml
@@ -0,0 +1,33 @@
+name: Reusable Examples Workflow
+
+on:
+  workflow_call:
+    inputs:
+      target-branch:
+        description: 'Branch to checkout and test (defaults to the calling branch)'
+        required: false
+        type: string
+        default: ''
+
+jobs:
+  examples:
+    runs-on: ubuntu-latest
+    if: >
+      (github.event.pull_request.draft == false &&
+       !contains(github.event.pull_request.labels.*.name, 'ci/skip') &&
+       !contains(github.event.pull_request.head.ref, 'datadog-api-spec/test/')) ||
+      github.event_name == 'schedule'
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          repository: DataDog/datadog-api-client-go
+          ref: ${{ inputs.target-branch || github.ref }}
+      - name: Install Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: 1.22.x
+          cache: true
+          cache-dependency-path: tests/go.sum
+      - name: Check examples
+        run: ./check-examples.sh
+        shell: bash
diff --git a/.github/workflows/reusable-go-test.yml b/.github/workflows/reusable-go-test.yml
@@ -8,23 +8,6 @@ on:
         required: false
         type: string
         default: ''
-      enable-status-reporting:
-        description: 'Whether to post status checks to datadog-api-spec repo'
-        required: false
-        type: boolean
-        default: false
-      status-context:
-        description: 'Context for status checks'
-        required: false
-        type: string
-        default: 'master/unit'
-    secrets:
-      # Optional: Only needed for cross-repository status reporting when called
-      # from external repos (e.g., datadog-api-spec) for generated code changes
-      PIPELINE_GITHUB_APP_ID:
-        required: false
-      PIPELINE_GITHUB_APP_PRIVATE_KEY:
-        required: false
 
 jobs:
   test:
@@ -51,24 +34,3 @@ jobs:
         env:
           TESTARGS: ${{ matrix.go-build-tags }}
 
-  report:
-    runs-on: ubuntu-latest
-    if: always() && github.event_name == 'pull_request' && contains(github.event.pull_request.head.ref, 'datadog-api-spec/generated/') && inputs.enable-status-reporting
-    needs:
-      - test
-    steps:
-      - name: Get GitHub App token
-        if: github.event_name == 'pull_request'
-        id: get_token
-        uses: actions/create-github-app-token@v1
-        with:
-          app-id: ${{ secrets.PIPELINE_GITHUB_APP_ID }}
-          private-key: ${{ secrets.PIPELINE_GITHUB_APP_PRIVATE_KEY }}
-          repositories: datadog-api-spec
-      - name: Post status check
-        uses: DataDog/github-actions/post-status-check@v2
-        with:
-          github-token: ${{ steps.get_token.outputs.token }}
-          repo: datadog-api-spec
-          status: ${{ needs.test.result == 'cancelled' && 'pending' || needs.test.result == 'success' && 'success' || 'failure' }}
-          context: ${{ inputs.status-context }}
diff --git a/.github/workflows/test_integration.yml → ...b/workflows/reusable-integration-test.yml b/.github/workflows/test_integration.yml → ...b/workflows/reusable-integration-test.yml
@@ -1,4 +1,4 @@
-name: Run Integration Tests
+name: Reusable Integration Test Workflow
 
 permissions:
   contents: read
@@ -16,6 +16,41 @@ on:
       - unlabeled
   schedule:
     - cron: "0 0 * * *"
+  workflow_call:
+    inputs:
+      target-branch:
+        description: 'Branch to checkout and test (defaults to the calling branch)'
+        required: false
+        type: string
+        default: ''
+      enable-status-reporting:
+        description: 'Whether to post status checks to datadog-api-spec repo'
+        required: false
+        type: boolean
+        default: false
+      status-context:
+        description: 'Context for status checks'
+        required: false
+        type: string
+        default: 'integration'
+      target-repo:
+        description: 'Repository to post status to'
+        required: false
+        type: string
+        default: 'datadog-api-spec'
+    secrets:
+      PIPELINE_GITHUB_APP_ID:
+        required: false
+      PIPELINE_GITHUB_APP_PRIVATE_KEY:
+        required: false
+      DD_API_KEY:
+        required: true
+      DD_CLIENT_API_KEY:
+        required: true
+      DD_CLIENT_APP_KEY:
+        required: true
+      SLEEP_AFTER_REQUEST:
+        required: false
 
 concurrency:
   group: integration-${{ github.head_ref }}
@@ -48,17 +83,20 @@ jobs:
         with:
           app-id: ${{ secrets.PIPELINE_GITHUB_APP_ID }}
           private-key: ${{ secrets.PIPELINE_GITHUB_APP_PRIVATE_KEY }}
-          repositories: datadog-api-spec
+          repositories: ${{ inputs.target-repo || 'datadog-api-spec' }}
       - name: Checkout code
         uses: actions/checkout@v3
+        with:
+          repository: DataDog/datadog-api-client-go
+          ref: ${{ inputs.target-branch || github.ref }}
       - name: Post pending status check
-        if: github.event_name == 'pull_request' && contains(github.event.pull_request.head.ref, 'datadog-api-spec/generated/')
+        if: github.event_name == 'pull_request' && contains(github.event.pull_request.head.ref, 'datadog-api-spec/generated/') && (inputs.enable-status-reporting || github.event_name != 'workflow_call')
         uses: DataDog/github-actions/post-status-check@v2
         with:
           github-token: ${{ steps.get_token.outputs.token }}
-          repo: datadog-api-spec
+          repo: ${{ inputs.target-repo || 'datadog-api-spec' }}
           status: pending
-          context: integration
+          context: ${{ inputs.status-context || 'integration' }}
       - name: Install Go
         uses: actions/setup-go@v4
         with:
@@ -77,20 +115,20 @@ jobs:
           DD_TEST_CLIENT_API_KEY: ${{ secrets.DD_CLIENT_API_KEY }}
           DD_TEST_CLIENT_APP_KEY: ${{ secrets.DD_CLIENT_APP_KEY }}
           RECORD: "none"
-          SLEEP_AFTER_REQUEST: "${{ vars.SLEEP_AFTER_REQUEST }}"
+          SLEEP_AFTER_REQUEST: ${{ secrets.SLEEP_AFTER_REQUEST || vars.SLEEP_AFTER_REQUEST }}
       - name: Post failure status check
-        if: failure() && github.event_name == 'pull_request' && contains(github.event.pull_request.head.ref, 'datadog-api-spec/generated/')
+        if: failure() && github.event_name == 'pull_request' && contains(github.event.pull_request.head.ref, 'datadog-api-spec/generated/') && (inputs.enable-status-reporting || github.event_name != 'workflow_call')
         uses: DataDog/github-actions/post-status-check@v2
         with:
           github-token: ${{ steps.get_token.outputs.token }}
-          repo: datadog-api-spec
+          repo: ${{ inputs.target-repo || 'datadog-api-spec' }}
           status: failure
-          context: integration
+          context: ${{ inputs.status-context || 'integration' }}
       - name: Post success status check
-        if: "!failure() && github.event_name == 'pull_request' && contains(github.event.pull_request.head.ref, 'datadog-api-spec/generated/')"
+        if: "!failure() && github.event_name == 'pull_request' && contains(github.event.pull_request.head.ref, 'datadog-api-spec/generated/') && (inputs.enable-status-reporting || github.event_name != 'workflow_call')"
         uses: DataDog/github-actions/post-status-check@v2
         with:
           github-token: ${{ steps.get_token.outputs.token }}
-          repo: datadog-api-spec
+          repo: ${{ inputs.target-repo || 'datadog-api-spec' }}
           status: success
-          context: integration
+          context: ${{ inputs.status-context || 'integration' }}