Mulesoft
Mulesoft Anypoint Platform is Roche’s enterprise API management layer. The roche-data pipeline publishes generated OpenAPI specifications as managed API proxies with authentication, rate limiting, and monitoring. Additionally, Mulesoft proxies the Collibra API — all Collibra access from this pipeline goes through Mulesoft.
Connection Details
Section titled “Connection Details”| Property | Value |
|---|---|
| URL | TBD (awaiting A09 resolution) |
| Auth method | OAuth client credentials (Anypoint Platform) |
| Network | Roche corporate network |
| Access task | A09 |
| GitHub issue | #26 |
Environment Variables
Section titled “Environment Variables”| Variable | Source | Description |
|---|---|---|
MULESOFT_BASE_URL | Vault common/mulesoft | Anypoint Platform API base URL |
MULESOFT_CLIENT_ID | GitHub Actions secrets | OAuth client ID for Anypoint Platform |
MULESOFT_CLIENT_SECRET | GitHub Actions secrets | OAuth client secret for Anypoint Platform |
MULESOFT_ORG_ID | GitHub Actions secrets | Anypoint Platform organization ID |
MULESOFT_MODEL_CLIENT_ID | Vault {env}/collibra | Client ID for Collibra proxy access |
MULESOFT_MODEL_CLIENT_SECRET | Vault {env}/collibra | Client secret for Collibra proxy access |
CLI Modules
Section titled “CLI Modules”| Module | Usage |
|---|---|
rdt-model-api | Publishes generated OpenAPI specs to Anypoint Platform as managed API proxies |
rdt-model-govern | Uses Mulesoft as proxy to reach Collibra REST API |
Dual Role
Section titled “Dual Role”Mulesoft serves two distinct purposes in this pipeline:
1. API Publication (rdt-model-api)
Section titled “1. API Publication (rdt-model-api)”Generated OpenAPI specs are pushed to Anypoint Platform, creating managed API proxies that provide:
- Authentication and authorization enforcement
- Rate limiting and throttling
- Request/response monitoring
- SLA tier management
2. Collibra Proxy (rdt-model-govern)
Section titled “2. Collibra Proxy (rdt-model-govern)”All Collibra API access is proxied through Mulesoft using client credentials headers:
curl -H "client_id: $MULESOFT_MODEL_CLIENT_ID" \ -H "client_secret: $MULESOFT_MODEL_CLIENT_SECRET" \ "https://roche.collibra.com/rest/2.0/communities"Access Verification
Section titled “Access Verification”Script: scripts/access/check-mulesoft.sh
Required tools: curl
Checks performed:
- HTTP connectivity to Anypoint Platform (if
MULESOFT_BASE_URLis set) - HTTP status code validation
Expected state: skip — A09 not yet resolved.
Current Status
Section titled “Current Status”- Collibra proxy: Working (read path confirmed via
MULESOFT_MODEL_CLIENT_ID) - API publication: Not started — needed for Phase 3 (Consumer access)
- Workaround:
StubClientfor API publication; live proxy for Collibra reads
Output
Section titled “Output”The rdt-model-api module generates and publishes:
| Artifact | Path | Deployed to |
|---|---|---|
| OpenAPI spec | apis/{entity}/openapi.yaml | Anypoint Platform |