Application Dependency Management
The Application Dependency Management (ADM) subject area provides visibility into remediation recipes, knowledge bases, and DevOps integrations used to secure software supply chains on OCI. The curated logical model supports tracking of vulnerability thresholds, SCM integrations, and remediation posture across compartments and regions.
Business Questions
The subject area can answer the following business questions:
- How many remediation recipes exist per compartment, region, or tenancy?
- Which recipes are active, inactive, or deleted?
- What CVSS thresholds are configured for detection across recipes?
- Which recipes integrate with specific DevOps repositories or build pipelines?
- How many recipes reference a given knowledge base or subnet?
- What is the trend of recipe creation, updates, or deletions over time?
- Which compartments have recipes without DevOps integrations or network configurations?
- How many recipes use customer-provided DevOps repositories versus OCI DevOps repositories?
- Which recipes have recently changed lifecycle state or configuration details?
Logical Model
The Application Dependency Management subject area centers on remediation recipe facts linked to standard analytical dimensions.
Key relationships include:
- Fact – Application Dependency Management (application_dependency_management_fact)
- Dim – ADM Remediation Recipe (application_dependency_management_remediation_recipe_dim)
- Dim – ADM Knowledge Base (application_dependency_management_knowledge_base_dim)
- Dim – ADM Vulnerability Audit (application_dependency_management_vulnerability_audit_dim)
- Dim – DevOps Repository (devops_repository_dim)
- Dim – DevOps Build Pipeline (devops_build_pipeline_dim)
- Dim – Compartment (compartment_dim_v)
- Dim – Region (region_dim_v)
- Dim – Tenancy (tenancy_dim_v)
- Dim – VCN (vcn_dim_v)
- Dim – Subnet (subnet_dim_v)
- Dim – Date/Time (Hour) (hour_dim_v)
This diagram shows how the Application Dependency Management fact table is related to its dimension tables:
Metric Details
The fact folders in this subject area include the following metrics:
| Metric | Definition |
|---|---|
| Remediation Recipe Count | COUNT(remediationRecipeId) from application_dependency_management_fact.remediationRecipeId |
| Active Recipe Count | COUNT(remediationRecipeId) where lifecycleState = 'ACTIVE' |
| Recipes by CVSS V2 Threshold | AVG(detectConfigurationMaxPermissibleCvssV2Score) grouped by recipe |
| Recipes by CVSS V3 Threshold | AVG(detectConfigurationMaxPermissibleCvssV3Score) grouped by recipe |
| Recipes with DevOps Repo | COUNT(remediationRecipeId) where scmConfigurationOciCodeRepositoryId IS NOT NULL |
| Recipes with DevOps Build Pipeline | COUNT(remediationRecipeId) where verifyConfigurationWorkflowName IS NOT NULL |
| Knowledge Base Coverage | COUNT(remediationRecipeId) grouped by knowledgeBaseId |
| Network-Configured Recipes | COUNT(remediationRecipeId) where networkConfigurationSubnetId IS NOT NULL |
| Recipe Creation Trend | COUNT(remediationRecipeId) grouped by timeCreated buckets |