Skip to main content

Internal Ticketing Runtime

OneProtect internal ticketing is the canonical Phase 1 ticket/work-item runtime. It is implemented inside the existing FastAPI, Postgres/RLS, NATS/EventBus, worker, and Next.js console stack.

The accepted contract lives in:

  • docs/adr/ADR-0010-internal-ticketing-contracts.md
  • docs/architecture/internal-ticketing-contracts.md
  • specs/openapi.yaml
  • specs/asyncapi.yaml
  • specs/events/ticket.*.v1.schema.json

Runtime Summary

OneProtect owns the canonical tenant-scoped ticket/work-item model. Alerts can create tickets idempotently. Tickets can link to alerts, assets, evidence, delivery records, audit records, and external references.

External Jira, ServiceNow, Freshdesk, Zendesk, HaloPSA, and similar products are future outbound integrations. They do not own OneProtect ticket IDs or lifecycle state.

API Surface

The OpenAPI contract marks these paths as implemented:

  • POST /api/v1/alerts/{alert_id}/ticket
  • GET /api/v1/tickets
  • POST /api/v1/tickets
  • GET /api/v1/tickets/{ticket_id}
  • PATCH /api/v1/tickets/{ticket_id}
  • GET /api/v1/tickets/{ticket_id}/comments
  • POST /api/v1/tickets/{ticket_id}/comments
  • POST /api/v1/tickets/{ticket_id}/links

These routes are backed by tenant-scoped storage and emit audit records plus ticket lifecycle events for mutations.

Events

AsyncAPI and JSON Schema cover:

  • ticket.created
  • ticket.status_changed
  • ticket.assigned
  • ticket.comment_added
  • ticket.linked

Existing ticket.delivery.* events are outbound integration delivery events, not internal ticket lifecycle events.

Security Rules

  • Ticket storage is tenant-scoped.
  • Ticket mutations are audited.
  • Denied mutations are audited.
  • Auditor reads are read-only and redacted.
  • Internal comments are hidden from auditor views unless explicitly auditor_visible and redacted.

Runtime Boundary

Implemented:

  • Postgres/RLS migration: db/postgres/007_internal_ticketing_runtime.sql
  • SQLite local convenience tables through init_db
  • Service layer: poc/ingest_api/ticket_service.py
  • FastAPI routes in poc/ingest_api/http_routes.py
  • Worker handling for ticket.created
  • Console Tickets page backed by GET /api/v1/tickets
  • OP-066a ticket mutation UI for create, status/priority/assignee updates, comments, and related-record links through API-backed handlers
  • OP-024/OP-066b alert triage actions on the existing alert model: PATCH /api/v1/alerts/{alert_id} and POST /api/v1/alerts/{alert_id}/ticket

Still out of scope:

  • External Jira, ServiceNow, Freshdesk, Zendesk, and HaloPSA adapters
  • Ticket mirroring into third-party systems
  • Export/download flows, which must follow ADR-0014
  • SLA automation, approval policies, and visual workflow builders
  • Bulk actions and external adapter mirroring UI