Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v3] Skip flattening if properties would clash #3016

Draft
wants to merge 5 commits into
base: master
Choose a base branch
from
Draft

[v3] Skip flattening if properties would clash #3016

wants to merge 5 commits into from

Conversation

thomas11
Copy link
Contributor

@thomas11 thomas11 commented Jan 12, 2024
edited
Loading

Skip the flattening of nested properties indicated by x-ms-client-flatten if it would lead to overwriting a property, creating incorrect schema and SDKs. This case happens when inner and outer property have the same name, for a report on all occurrences see #3013.

This change is breaking and could therefore only be applied to v3 of the provider. The purpose of the PR is mainly to illustrate the SDK changes that would result.

Note: remember to remove exception added in #3007.

@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 12, 2024
edited
Loading

Does the PR have any schema changes?

Found 123 breaking changes:

Resources

  • "azure-native:authorization:AccessReviewHistoryDefinitionById":
    • inputs:
      • 🟡 "endDate" missing
      • 🟡 "numberOfOccurrences" missing
      • 🟡 "startDate" missing
    • properties:
      • 🟡 "endDate" missing output "endDate"
      • 🟡 "numberOfOccurrences" missing output "numberOfOccurrences"
      • 🟡 "startDate" missing output "startDate"
  • "azure-native:authorization:AccessReviewScheduleDefinitionById":
    • inputs:
      • 🟡 "endDate" missing
      • 🟡 "numberOfOccurrences" missing
      • 🟡 "startDate" missing
    • properties:
      • 🟡 "assignmentState" missing output "assignmentState"
      • 🟡 "endDate" missing output "endDate"
      • 🟡 "excludeResourceId" missing output "excludeResourceId"
      • 🟡 "excludeRoleDefinitionId" missing output "excludeRoleDefinitionId"
      • 🟡 "expandNestedMemberships" missing output "expandNestedMemberships"
      • 🟡 "inactiveDuration" missing output "inactiveDuration"
      • 🟡 "includeAccessBelowResource" missing output "includeAccessBelowResource"
      • 🟡 "includeInheritedAccess" missing output "includeInheritedAccess"
      • 🟡 "numberOfOccurrences" missing output "numberOfOccurrences"
      • 🟡 "resourceId" missing output "resourceId"
      • 🟡 "roleDefinitionId" missing output "roleDefinitionId"
      • 🟡 "startDate" missing output "startDate"
  • "azure-native:authorization:ScopeAccessReviewHistoryDefinitionById":
    • inputs:
      • 🟡 "endDate" missing
      • 🟡 "numberOfOccurrences" missing
      • 🟡 "startDate" missing
    • properties:
      • 🟡 "endDate" missing output "endDate"
      • 🟡 "numberOfOccurrences" missing output "numberOfOccurrences"
      • 🟡 "startDate" missing output "startDate"
  • "azure-native:authorization:ScopeAccessReviewScheduleDefinitionById":
    • inputs:
      • 🟡 "endDate" missing
      • 🟡 "numberOfOccurrences" missing
      • 🟡 "startDate" missing
    • properties:
      • 🟡 "assignmentState" missing output "assignmentState"
      • 🟡 "endDate" missing output "endDate"
      • 🟡 "excludeResourceId" missing output "excludeResourceId"
      • 🟡 "excludeRoleDefinitionId" missing output "excludeRoleDefinitionId"
      • 🟡 "expandNestedMemberships" missing output "expandNestedMemberships"
      • 🟡 "inactiveDuration" missing output "inactiveDuration"
      • 🟡 "includeAccessBelowResource" missing output "includeAccessBelowResource"
      • 🟡 "includeInheritedAccess" missing output "includeInheritedAccess"
      • 🟡 "numberOfOccurrences" missing output "numberOfOccurrences"
      • 🟡 "resourceId" missing output "resourceId"
      • 🟡 "roleDefinitionId" missing output "roleDefinitionId"
      • 🟡 "startDate" missing output "startDate"
  • "azure-native:devhub:Workflow":
    • inputs:
      • 🟡 "acr" missing
      • 🟡 "aksResourceId" missing
      • 🟡 "branchName" missing
      • 🟡 "deploymentProperties" missing
      • 🟡 "dockerBuildContext" missing
      • 🟡 "dockerfile" missing
      • 🟡 "lastWorkflowRun" missing
      • 🟡 "oidcCredentials" missing
      • 🟡 "repositoryName" missing
      • 🟡 "repositoryOwner" missing
    • properties:
      • 🟡 "acr" missing output "acr"
      • 🟡 "aksResourceId" missing output "aksResourceId"
      • 🟡 "authStatus" missing output "authStatus"
      • 🟡 "branchName" missing output "branchName"
      • 🟡 "deploymentProperties" missing output "deploymentProperties"
      • 🟡 "dockerBuildContext" missing output "dockerBuildContext"
      • 🟡 "dockerfile" missing output "dockerfile"
      • 🟡 "lastWorkflowRun" missing output "lastWorkflowRun"
      • 🟡 "oidcCredentials" missing output "oidcCredentials"
      • 🟡 "prStatus" missing output "prStatus"
      • 🟡 "prURL" missing output "prURL"
      • 🟡 "pullNumber" missing output "pullNumber"
      • 🟡 "repositoryName" missing output "repositoryName"
      • 🟡 "repositoryOwner" missing output "repositoryOwner"
  • "azure-native:network:P2sVpnServerConfiguration":
    • inputs:
      • 🟡 "p2SVpnServerConfigRadiusClientRootCertificates" missing
      • 🟡 "p2SVpnServerConfigRadiusServerRootCertificates" missing
      • 🟡 "p2SVpnServerConfigVpnClientRevokedCertificates" missing
      • 🟡 "p2SVpnServerConfigVpnClientRootCertificates" missing
      • 🟡 "radiusServerAddress" missing
      • 🟡 "radiusServerSecret" missing
      • 🟡 "vpnClientIpsecPolicies" missing
      • 🟡 "vpnProtocols" missing
    • properties:
      • 🟡 "p2SVpnGateways" missing output "p2SVpnGateways"
      • 🟡 "p2SVpnServerConfigRadiusClientRootCertificates" missing output "p2SVpnServerConfigRadiusClientRootCertificates"
      • 🟡 "p2SVpnServerConfigRadiusServerRootCertificates" missing output "p2SVpnServerConfigRadiusServerRootCertificates"
      • 🟡 "p2SVpnServerConfigVpnClientRevokedCertificates" missing output "p2SVpnServerConfigVpnClientRevokedCertificates"
      • 🟡 "p2SVpnServerConfigVpnClientRootCertificates" missing output "p2SVpnServerConfigVpnClientRootCertificates"
      • 🟡 "provisioningState" missing output "provisioningState"
      • 🟡 "radiusServerAddress" missing output "radiusServerAddress"
      • 🟡 "radiusServerSecret" missing output "radiusServerSecret"
      • 🟡 "vpnClientIpsecPolicies" missing output "vpnClientIpsecPolicies"
      • 🟡 "vpnProtocols" missing output "vpnProtocols"
  • "azure-native:network:VpnServerConfiguration":
    • inputs:
      • 🟡 "aadAuthenticationParameters" missing
      • 🟡 "configurationPolicyGroups" missing
      • 🟡 "radiusClientRootCertificates" missing
      • 🟡 "radiusServerAddress" missing
      • 🟡 "radiusServerRootCertificates" missing
      • 🟡 "radiusServerSecret" missing
      • 🟡 "radiusServers" missing
      • 🟡 "vpnAuthenticationTypes" missing
      • 🟡 "vpnClientIpsecPolicies" missing
      • 🟡 "vpnClientRevokedCertificates" missing
      • 🟡 "vpnClientRootCertificates" missing
      • 🟡 "vpnProtocols" missing
    • properties:
      • 🟡 "aadAuthenticationParameters" missing output "aadAuthenticationParameters"
      • 🟡 "configurationPolicyGroups" missing output "configurationPolicyGroups"
      • 🟡 "p2SVpnGateways" missing output "p2SVpnGateways"
      • 🟡 "provisioningState" missing output "provisioningState"
      • 🟡 "radiusClientRootCertificates" missing output "radiusClientRootCertificates"
      • 🟡 "radiusServerAddress" missing output "radiusServerAddress"
      • 🟡 "radiusServerRootCertificates" missing output "radiusServerRootCertificates"
      • 🟡 "radiusServerSecret" missing output "radiusServerSecret"
      • 🟡 "radiusServers" missing output "radiusServers"
      • 🟡 "vpnAuthenticationTypes" missing output "vpnAuthenticationTypes"
      • 🟡 "vpnClientIpsecPolicies" missing output "vpnClientIpsecPolicies"
      • 🟡 "vpnClientRevokedCertificates" missing output "vpnClientRevokedCertificates"
      • 🟡 "vpnClientRootCertificates" missing output "vpnClientRootCertificates"
      • 🟡 "vpnProtocols" missing output "vpnProtocols"
  • "azure-native:vmwarecloudsimple:DedicatedCloudNode": properties:
    • 🟡 "availabilityZoneId" missing output "availabilityZoneId"
    • 🟡 "availabilityZoneName" missing output "availabilityZoneName"
    • 🟡 "cloudRackName" missing output "cloudRackName"
    • 🟡 "created" missing output "created"
    • 🟡 "nodesCount" missing output "nodesCount"
    • 🟡 "placementGroupId" missing output "placementGroupId"
    • 🟡 "placementGroupName" missing output "placementGroupName"
    • 🟡 "privateCloudId" missing output "privateCloudId"
    • 🟡 "privateCloudName" missing output "privateCloudName"
    • 🟡 "provisioningState" missing output "provisioningState"
    • 🟡 "purchaseId" missing output "purchaseId"
    • 🟡 "status" missing output "status"
    • 🟡 "vmwareClusterName" missing output "vmwareClusterName"

New resources:

  • security.DefenderForStorage

New functions:

  • security.getDefenderForStorage

@thomas11 thomas11 force-pushed the tkappler/flatten-without-conflict branch from 1cea3da to 7d47186 Compare January 12, 2024 20:18
danielrbradley
danielrbradley reviewed Jan 19, 2024
View reviewed changes
Copy link
Member

@danielrbradley danielrbradley left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yup, in principle the approach looks good for a breaking change in the next release.

Did you managed to identify is this is the same approach taken by official Azure tools when encountering the conflicts with flattening?

@thomas11 thomas11 mentioned this pull request Jan 24, 2024
Merged
thomas11 added a commit that referenced this pull request Jan 24, 2024
@thomas11
Support DefenderForStorageSettings resource by adding default state (#…
4b30867 
…3007)

Support DefenderForStorageSettings resource by adding the default state
to reset it to on delete, since it doesn't have an actual delete
operation.

Without the hard-coded exception in the last commit, the generated
schema is incorrect. The cause is unrelated to the PR. What's happening
is that [the Azure
spec](https://github.com/Azure/azure-rest-api-specs/blob/fa8683f6725e5447cc808420c4542ce8375f0325/specification/security/resource-manager/Microsoft.Security/preview/2022-12-01-preview/defenderForStorageSettings.json)
is defined as such (unrelated properties omitted):
```json
      "properties": {
        "isEnabled": {
          "type": "boolean",
          "description": "Indicates whether Defender for Storage is enabled on this storage account."
        },
        "sensitiveDataDiscovery": {
          "x-ms-client-flatten": true,
          "$ref": "#/definitions/SensitiveDataDiscoveryProperties"
        }
      }
```

Where SensitiveDataDiscoveryProperties is:
```json
      "properties": {
        "isEnabled": {
          "type": "boolean",
          "description": "Indicates whether Sensitive Data Discovery should be enabled."
        }
      }
```

The nested object is annotated with x-ms-client-flatten, causing the
object to be flattened, causing the two identical `isEnabled` properties
to collide. #3016 will fix this in v3.

In the meantime, I added a manual exception.

Resolves #2996
@thomas11 thomas11 changed the title Skip flattening if properties would clash [v3] Skip flattening if properties would clash Feb 1, 2024
@danielrbradley danielrbradley mentioned this pull request Apr 2, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@danielrbradley danielrbradley danielrbradley left review comments

@mjeffryes mjeffryes Awaiting requested review from mjeffryes

@mikhailshilkov mikhailshilkov Awaiting requested review from mikhailshilkov

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@thomas11 @danielrbradley