sentinel content hub package and template API #23151
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Hi, @xuhumsft Thanks for your PR. I am workflow bot for review process. Here are some small tips. Any feedback about review process or workflow bot, pls contact swagger and tools team. vscswagger@microsoft.com |
Swagger Validation Report
|
| compared tags (via openapi-validator v2.0.0) | new version | base version |
|---|---|---|
| package-preview-2023-04 | package-preview-2023-04(6feb597) | package-preview-2023-04(release-Sentinel-2023-04-01-preview) |
[must fix]The following errors/warnings are introduced by current PR:
| Rule | Message | Related RPC [For API reviewers] |
|---|---|---|
| 'PUT' operation 'ContentPackage_Install' should use method name 'Create'. Note: If you have already shipped an SDK on top of this spec, fixing this warning may introduce a breaking change. Location: Microsoft.SecurityInsights/preview/2023-04-01-preview/ContentPackages.json#L148 |
||
| 'DELETE' operation 'ContentPackage_Uninstall' should use method name 'Delete'. Note: If you have already shipped an SDK on top of this spec, fixing this warning may introduce a breaking change. Location: Microsoft.SecurityInsights/preview/2023-04-01-preview/ContentPackages.json#L200 |
||
| 'PUT' operation 'ContentTemplate_Install' should use method name 'Create'. Note: If you have already shipped an SDK on top of this spec, fixing this warning may introduce a breaking change. Location: Microsoft.SecurityInsights/preview/2023-04-01-preview/ContentTemplates.json#L105 |
||
| Do not have duplicate name of x-ms-example, make sure every x-ms-example name unique. Duplicate x-ms-example: Get a template. Location: Microsoft.SecurityInsights/preview/2023-04-01-preview/ContentTemplates.json#L148 |
️️✔️Avocado succeeded [Detail] [Expand]
Validation passes for Avocado.
️️✔️SwaggerAPIView succeeded [Detail] [Expand]
️️✔️CadlAPIView succeeded [Detail] [Expand]
️️✔️TypeSpecAPIView succeeded [Detail] [Expand]
️️✔️ModelValidation succeeded [Detail] [Expand]
Validation passes for ModelValidation.
️️✔️SemanticValidation succeeded [Detail] [Expand]
Validation passes for SemanticValidation.
️️✔️PrettierCheck succeeded [Detail] [Expand]
Validation passes for PrettierCheck.
️️✔️SpellCheck succeeded [Detail] [Expand]
Validation passes for SpellCheck.
️️✔️CadlValidation succeeded [Detail] [Expand]
Validation passes for CadlValidation.
️️✔️TypeSpec Validation succeeded [Detail] [Expand]
Validation passes for TypeSpec Validation.
️️✔️PR Summary succeeded [Detail] [Expand]
Validation passes for Summary.
Swagger Generation Artifacts
|
Generated ApiView
|
This was referenced Mar 17, 2023
AzureRestAPISpecReview
added
ARMReview
CI-FixRequiredOnFailure
resource-manager
WaitForARMFeedback
|
Hi @xuhumsft, Your PR has some issues. Please fix the CI sequentially by following the order of
|
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
raosuhas
reviewed
Mar 23, 2023
| "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}": { | ||
| "get": { | ||
| "x-ms-examples": { | ||
| "Get all available packages.": { |
raosuhas
reviewed
Mar 23, 2023
| "$ref": "../../../common/2.0/types.json#/parameters/ODataTop" | ||
| }, | ||
| { | ||
| "$ref": "../../../common/2.0/types.json#/parameters/ODataSkipToken" |
There was a problem hiding this comment.
why do you need ODATA filters for a GET on a specific resource ? #Resolved
raosuhas
reviewed
Mar 23, 2023
| "$ref": "#/parameters/PackageIdParameter" | ||
| }, | ||
| { | ||
| "$ref": "#/parameters/PackageInstallationProperties" |
There was a problem hiding this comment.
@raosuhas It was package model. But I got an error from the scanner says the package Id should be removed because it is already in the url. So I removed it to satisfy the scanner.
There was a problem hiding this comment.
Since packageId is part of "id" property of packageModel anyway, why is packageId property needed explicitly needed in packageModel? That would eliminate the need of separate model for request and response.
Also, ARM requires RPs to have same model for request and response in PUT APIs.
There was a problem hiding this comment.
@visingla-ms
One of the scanner, I think it is the ~[Staging] Swagger LintDiff scanner, suggests me to remove PackageIdParameter in the body as it is already in the URL. If I should ignore it. please let me know.
There was a problem hiding this comment.
Sorry, my question was, why not remove "packageId" property from "packageModel" itself. Then if you will use
packageModel" in request payload also, Linter won't have any issue. And, you don't "packageId" in "packageModel", as it is already part of "id" property of "packageModel"
There was a problem hiding this comment.
@visingla-ms
I believe there is another rule. If the get by id API return a response object, the list APIs should return a collection of the same object. packageModel is our response object for package API. The packageId is our identifier of response object. A user would need this id to call get by id from the list in our workflow. That is the reason that we have that in the packageModel.
There was a problem hiding this comment.
@xuhumsft Let's catch up offline for this point. I am finding more details about usage of free-form objects, will ping you after that.
There was a problem hiding this comment.
Sure, please feel free to ping me. If you would like to schedule a meeting, please let me know I can schedule it. Thank you.
There was a problem hiding this comment.
Hi @visingla-ms,
I have a discussion with the same. We would change the packageId to contentId and we still need the conentId in the body.
The contentId can be the same as the {id} part of the url but It is also possible that they are not equal.
In some cases, we allow the contentId to be the same with different contentKind. In that case, the {id} in the url would have those information to make sure no collisions. However, we still need the conentId for searching. So, we decide to have the decidated contentId in the body. the {id} could be different to avoid collisions.
raosuhas
reviewed
Mar 23, 2023
...ce-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/ContentProductPackages.json
Show resolved
Hide resolved
raosuhas
reviewed
Mar 23, 2023
| "packagedContent": { | ||
| "type": "object", | ||
| "description": "the json to deploy" | ||
| } |
There was a problem hiding this comment.
free form objects are not allowed , please use the correct schema for this #Resolved
There was a problem hiding this comment.
Please use valid schema or a valid primitive type for this.
There was a problem hiding this comment.
@visingla-ms
This is the field of ARM templates. The schema varies from case to case. We also checked the Template Spec. They shipped the ARM template as well. It is also a free form object. If there is a better presentation of the arm templates. Please let me know and I will follow up.
raosuhas
reviewed
Mar 23, 2023
| "$ref": "#/parameters/templateIdParameter" | ||
| }, | ||
| { | ||
| "$ref": "#/parameters/templateInstallationProperties" |
There was a problem hiding this comment.
@raosuhas the same as the packageInstallationProperties. id was removed due to the scanner result
There was a problem hiding this comment.
Sorry, didn't this part: "id was removed due to the scanner result", can you please explain?
There was a problem hiding this comment.
The same as the packageIdParameter. One of the scanners tells me that the id is already in the URL and I should remove it. Previously, I do include it in the body. If I should ignore that complaint, please let me know and I will reverse it back.
There was a problem hiding this comment.
See my other comment on this.
There was a problem hiding this comment.
please check my comment
raosuhas
reviewed
Mar 23, 2023
| }, | ||
| "mainTemplate": { | ||
| "description": "The JSON string of the template", | ||
| "type": "object" |
There was a problem hiding this comment.
again using freeform object like this is not allowed.
Can you please explain your scenario a bit ? How are you using the template here ? Can the user provide any template they want ? #Resolved
There was a problem hiding this comment.
Please address this comment.
There was a problem hiding this comment.
This is the same as the packagedContent. The mainTemplate would be the ARM templates and it varies from case to case. If there is any alternative or suggestion, please let me know. I can follow up.
raosuhas
added
the
ARMChangesRequested
|
Please ensure to respond feedbacks from the ARM API reviewer. When you are ready to continue the ARM API review, please remove |
openapi-workflow-bot
bot
removed
the
WaitForARMFeedback
|
Added a few comments. Please send me an email (Check current on call from the ICM for RP Manifest Approvers) if you want to further discuss the issue about using free form objects |
visingla-ms
reviewed
Mar 29, 2023
| "$ref": "#/parameters/PackageIdParameter" | ||
| }, | ||
| { | ||
| "$ref": "#/parameters/PackageInstallationProperties" |
There was a problem hiding this comment.
Since packageId is part of "id" property of packageModel anyway, why is packageId property needed explicitly needed in packageModel? That would eliminate the need of separate model for request and response.
Also, ARM requires RPs to have same model for request and response in PUT APIs.
There was a problem hiding this comment.
Please check my previous comment
There was a problem hiding this comment.
@visingla-ms
Please check my latest comment. I can follow up with you on Team or via emails if you have time. Thank you!
There was a problem hiding this comment.
See my other comment on this.
There was a problem hiding this comment.
please check my comment
visingla-ms
added
the
WaitForARMFeedback
openapi-workflow-bot
bot
removed
the
ARMChangesRequested
visingla-ms
reviewed
Mar 30, 2023
| "description": "the name of the package contains this template" | ||
| }, | ||
| "mainTemplate": { | ||
| "description": "The JSON string of the template", |
Swagger Validation Report
|
visingla-ms
added
the
ARMSignedOff
openapi-workflow-bot
bot
removed
the
WaitForARMFeedback
live1206
approved these changes
Apr 3, 2023
tadelesh
pushed a commit
that referenced
this pull request
Apr 14, 2023
* Adds base for updating Microsoft.SecurityInsights from version preview/2023-03-01-preview to version 2023-04-01-preview * Updates readme * Updates API version in new specs and examples * Workspace Manager Members (#23134) * Adds base for updating Microsoft.SecurityInsights from version preview/2023-02-01-preview to version 2023-04-01-preview * Updates readme * Updates API version in new specs and examples * Workspace Manager Members * udpate pattern * Workspace manager configurations (#23133) * Adds base for updating Microsoft.SecurityInsights from version preview/2023-02-01-preview to version 2023-04-01-preview * Updates readme * Updates API version in new specs and examples * adding april configurations swagger * update pattern * prettier update * update readme * Workspace manager assignments (#23130) * Adds base for updating Microsoft.SecurityInsights from version preview/2023-02-01-preview to version 2023-04-01-preview * Updates readme * Updates API version in new specs and examples * Workspace Manager Assignments/Jobs * update readme * updated from comments * update from lint diff errors * updated descriptions * Workspace manager groups (#23135) * Adds base for updating Microsoft.SecurityInsights from version preview/2023-02-01-preview to version 2023-04-01-preview * Updates readme * Updates API version in new specs and examples * april swagger for groups * update path name & pattern * [Hunts] Add hunts to Sentinel 2023-04-01-preview version (#23139) * Add hunts files * Include update in 200 description and add defaults * Add back 201 * Update relation properties * Update example --------- Co-authored-by: Derrick Lee <derricklee@microsoft.com> * Add readonly flag to providerName property (#23259) * sentinel content hub package and template API (#23151) * commit for content template and content package API * fix issues reported by swagger lint * add 201 for put requests in template service * resolve the comments * resolve comments in packageId * resolve comments * update descriptions due to lint error (#23392) * Fix policheck issue by updating the description. (#23415) * Fix polich issue by updating the description. * update the description to fix a typo. * Release sentinel 2023 04 01 preview (#23420) * Fix polich issue by updating the description. * update the description to fix a typo. * fix policheck by updating description * rename enum name to stable version to fix cross-version breaking change failure. * fix typo (#23463) --------- Co-authored-by: rheabansal <93624991+rheabansal@users.noreply.github.com> Co-authored-by: Derrick Lee <derricklee91@gmail.com> Co-authored-by: Derrick Lee <derricklee@microsoft.com> Co-authored-by: Anat Gilenson <53407600+anat-gilenson@users.noreply.github.com> Co-authored-by: xuhumsft <116764429+xuhumsft@users.noreply.github.com> Co-authored-by: Nan Zang <nazang@microsoft.com>
JoshLove-msft
pushed a commit
to JoshLove-msft/azure-rest-api-specs
that referenced
this pull request
Apr 25, 2023
* Adds base for updating Microsoft.SecurityInsights from version preview/2023-03-01-preview to version 2023-04-01-preview * Updates readme * Updates API version in new specs and examples * Workspace Manager Members (Azure#23134) * Adds base for updating Microsoft.SecurityInsights from version preview/2023-02-01-preview to version 2023-04-01-preview * Updates readme * Updates API version in new specs and examples * Workspace Manager Members * udpate pattern * Workspace manager configurations (Azure#23133) * Adds base for updating Microsoft.SecurityInsights from version preview/2023-02-01-preview to version 2023-04-01-preview * Updates readme * Updates API version in new specs and examples * adding april configurations swagger * update pattern * prettier update * update readme * Workspace manager assignments (Azure#23130) * Adds base for updating Microsoft.SecurityInsights from version preview/2023-02-01-preview to version 2023-04-01-preview * Updates readme * Updates API version in new specs and examples * Workspace Manager Assignments/Jobs * update readme * updated from comments * update from lint diff errors * updated descriptions * Workspace manager groups (Azure#23135) * Adds base for updating Microsoft.SecurityInsights from version preview/2023-02-01-preview to version 2023-04-01-preview * Updates readme * Updates API version in new specs and examples * april swagger for groups * update path name & pattern * [Hunts] Add hunts to Sentinel 2023-04-01-preview version (Azure#23139) * Add hunts files * Include update in 200 description and add defaults * Add back 201 * Update relation properties * Update example --------- Co-authored-by: Derrick Lee <derricklee@microsoft.com> * Add readonly flag to providerName property (Azure#23259) * sentinel content hub package and template API (Azure#23151) * commit for content template and content package API * fix issues reported by swagger lint * add 201 for put requests in template service * resolve the comments * resolve comments in packageId * resolve comments * update descriptions due to lint error (Azure#23392) * Fix policheck issue by updating the description. (Azure#23415) * Fix polich issue by updating the description. * update the description to fix a typo. * Release sentinel 2023 04 01 preview (Azure#23420) * Fix polich issue by updating the description. * update the description to fix a typo. * fix policheck by updating description * rename enum name to stable version to fix cross-version breaking change failure. * fix typo (Azure#23463) --------- Co-authored-by: rheabansal <93624991+rheabansal@users.noreply.github.com> Co-authored-by: Derrick Lee <derricklee91@gmail.com> Co-authored-by: Derrick Lee <derricklee@microsoft.com> Co-authored-by: Anat Gilenson <53407600+anat-gilenson@users.noreply.github.com> Co-authored-by: xuhumsft <116764429+xuhumsft@users.noreply.github.com> Co-authored-by: Nan Zang <nazang@microsoft.com>
6 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
ARM API Information (Control Plane)
MSFT employees can try out our new experience at OpenAPI Hub - one location for using our validation tools and finding your workflow.
Azure 1st Party Service can try out the Shift Left experience to initiate API design review from ADO code repo. If you are interested, may request engineering support by filling in with the form https://aka.ms/ShiftLeftSupportForm.
Changelog
Add a changelog entry for this PR by answering the following questions:
Contribution checklist (MS Employees Only):
If any further question about AME onboarding or validation tools, please view the FAQ.
ARM API Review Checklist
Otherwise your PR may be subject to ARM review requirements. Complete the following:
Check this box if any of the following apply to the PR so that the label "ARMReview" and "WaitForARMFeedback" will be added by bot to kick off ARM API Review. Missing to check this box in the following scenario may result in delays to the ARM manifest review and deployment.
-[ ] To review changes efficiently, ensure you copy the existing version into the new directory structure for first commit and then push new changes, including version updates, in separate commits. You can use OpenAPIHub to initialize the PR for adding a new version. For more details refer to the wiki.
Ensure you've reviewed following guidelines including ARM resource provider contract and REST guidelines. Estimated time (4 hours). This is required before you can request review from ARM API Review board.
If you are blocked on ARM review and want to get the PR merged with urgency, please get the ARM oncall for reviews (RP Manifest Approvers team under Azure Resource Manager service) from IcM and reach out to them.
Breaking Change Review Checklist
If you have any breaking changes as defined in the Breaking Change Policy, request approval from the Breaking Change Review Board.
Action: to initiate an evaluation of the breaking change, create a new intake using the template for breaking changes. Additional details on the process and office hours are on the Breaking Change Wiki.
NOTE: To update API(s) in public preview for over 1 year (refer to Retirement of Previews)
Please follow the link to find more details on PR review process.