[Confidential Ledger][Data Plane] Introduce new API version 2023-01-18-preview

[andpiccione]

Data Plane API - Pull Request

This PR adds new Data Plane API specifications for Azure Confidential Ledger. The new API version (2023-01-18-preview) adds a new applicationClaims object field to the response payload of the write transaction receipt returned by a Confidential Ledger resource through the GetReceipt operation.

For context, application claims are arbitrary data that can be attached to write transactions by an Azure Confidential Ledger application, and they effectively represent statements of what was executed during a write operation. When application claims are attached to a transaction, the SHA-256 digest of the claims object is appended to the ledger and committed as part of the write transaction itself (thus, the digest is signed in place and cannot be tampered with).

Application claims can later be revealed in their "plain" / un-digested form in the receipt payload corresponding to the same transaction where claims have been added. Users can leverage the information attached to the receipt to "re-compute" the same claims digest that was attached and signed in place by the Azure Confidential Ledger instance during the transaction. The claims digest can be used as part of the write transaction receipt verification process and allows users to fully verify offline the authenticity of the recorded claims.

More details about application claims can also be found at the following CCF documentation links:

• Application Claims
• User-Defined Claims in Receipts

API Info: The Basics

Most of the information about your service should be captured in the issue that serves as your engagement record.

• Link to engagement record issue: N/A (let me know if I need to create a GitHub issue but I think it shouldn't be needed)

Is this review for (select one):

• a private preview
• a public preview
• GA release

Change Scope

^{This section will help us focus on the specific parts of your API that are new or have been modified.
Please share a link to the design document for the new APIs, a link to the previous Open API document (swagger) if applicable, and the root paths that have been updated.}

• Design Document: Application claims in CCF
• Previous Open API Doc: 2022-05-13 specs
• Updated paths:
  • Path and operation affected (only the response payload was updated)
  • New field in receipt payload response
  • New definitions
  • Updated GetReceipt example and new field example

❔Got questions? Need additional info?? We are here to help!

Contact us!

The Azure API Review Board is dedicated to helping you create amazing APIs. You can read about our mission and learn more about our process on our wiki.

• 💬 Teams Channel
• 💌 email

Click here for links to tools, specs, guidelines & other good stuff

Tooling

• Open API validation tools were run on this PR. Go here to see how to fix errors
• Spectral Linting
• Open API Hub

Guidelines & Specifications

• Azure REST API Guidelines
• OpenAPI Style Guidelines
• Azure Breaking Change Policy

Helpful Links

• Azure DevTools Wiki

fix #21804

[openapi-workflow-bot]

Hi, @andpiccione Thanks for your PR. I am workflow bot for review process. Here are some small tips.

Please ensure to do self-check against checklists in first PR comment.

PR assignee is the person auto-assigned and responsible for your current PR reviewing and merging.

For specs comparison cross API versions, Use API Specs Comparison Report Generator

If there is CI failure(s), to fix CI error(s) is mandatory for PR merging; or you need to provide justification in PR comment for explanation. How to fix?

Any feedback about review process or workflow bot, pls contact swagger and tools team. [email protected]

[openapi-pipeline-app]

Swagger Validation Report

️️✔️BreakingChange succeeded [Detail] [Expand]

There are no breaking changes.

️❌Breaking Change(Cross-Version): 2 Errors, 3 Warnings failed [Detail]

compared swaggers (via Oad v0.10.4)]	new version	base version
common.json	2023-01-18-preview(57d59d4)	2022-05-13(main)
common.json	2023-01-18-preview(57d59d4)	2022-20-04-preview(main)
identityservice.json	2023-01-18-preview(57d59d4)	2022-05-13(main)
identityservice.json	2023-01-18-preview(57d59d4)	2022-20-04-preview(main)

The following breaking changes are detected by comparison with the latest stable version:

Rule

Message

❌ Runtime Exception

"new":"https://github.com/Azure/azure-rest-api-specs/blob/57d59d4c04fd70c6e6f2692e9f32ee823bd990ad/specification/confidentialledger/data-plane/Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json", "old":"https://github.com/Azure/azure-rest-api-specs/blob/main/specification/confidentialledger/data-plane/Microsoft.ConfidentialLedger/stable/2022-05-13/confidentialledger.json", "details":"Command failed: dotnet "/mnt/vss/_work/_tasks/AzureApiValidation_5654d05d-82c1-48da-ad8f-161b817f6d41/0.0.49/common/temp/node_modules/.pnpm/@Azure[email protected]/node_modules/@azure/oad/dlls/OpenApiDiff.dll" -o /tmp/old-resolved.json -n /tmp/new-resolved.json\nUnhandled exception. Newtonsoft.Json.JsonReaderException: JSON integer 9223372036854776000 is too large or small for an Int64. Path 'parameters.CommitParameter.maximum', line 1, position 40197.\n at Newtonsoft.Json.JsonTextReader.ParseNumber(ReadType readType)\n at Newtonsoft.Json.JsonTextReader.ParseValue()\n at Newtonsoft.Json.Linq.JContainer.ReadContentFrom(JsonReader r, JsonLoadSettings settings)\n at Newtonsoft.Json.Linq.JContainer.ReadTokenFrom(JsonReader reader, JsonLoadSettings options)\n at Newtonsoft.Json.Linq.JObject.Load(JsonReader reader, JsonLoadSettings settings)\n at Newtonsoft.Json.Linq.JObject.Parse(String json, JsonLoadSettings settings)\n at Newtonsoft.Json.Linq.JObject.Parse(String json)\n at AutoRest.Swagger.JsonConverters.PathL"

The following breaking changes are detected by comparison with the latest preview version:

Rule	Message
❌ Runtime Exception	"new":"https://github.com/Azure/azure-rest-api-specs/blob/57d59d4c04fd70c6e6f2692e9f32ee823bd990ad/specification/confidentialledger/data-plane/Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json", "old":"https://github.com/Azure/azure-rest-api-specs/blob/main/specification/confidentialledger/data-plane/Microsoft.ConfidentialLedger/preview/2022-20-04-preview/confidentialledger.json", "details":"Command failed: dotnet "/mnt/vss/_work/_tasks/AzureApiValidation_5654d05d-82c1-48da-ad8f-161b817f6d41/0.0.49/common/temp/node_modules/.pnpm/@Azure[email protected]/node_modules/@azure/oad/dlls/OpenApiDiff.dll" -o /tmp/old-resolved.json -n /tmp/new-resolved.json\nUnhandled exception. Newtonsoft.Json.JsonReaderException: JSON integer 9223372036854776000 is too large or small for an Int64. Path 'parameters.CommitParameter.maximum', line 1, position 40081.\n at Newtonsoft.Json.JsonTextReader.ParseNumber(ReadType readType)\n at Newtonsoft.Json.JsonTextReader.ParseValue()\n at Newtonsoft.Json.Linq.JContainer.ReadContentFrom(JsonReader r, JsonLoadSettings settings)\n at Newtonsoft.Json.Linq.JContainer.ReadTokenFrom(JsonReader reader, JsonLoadSettings options)\n at Newtonsoft.Json.Linq.JObject.Load(JsonReader reader, JsonLoadSettings settings)\n at Newtonsoft.Json.Linq.JObject.Parse(String json, JsonLoadSettings settings)\n at Newtonsoft.Json.Linq.JObject.Parse(String json)\n at AutoRest.Swagger.JsonConverters.PathL"
⚠️ 1008 - ModifiedOperationId	The operation id has been changed from 'ConfidentialLedgerIdentityService_GetLedgerIdentity' to 'GetLedgerIdentity'. This will impact generated code. New: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/identityservice.json#L33:7 Old: Microsoft.ConfidentialLedger/preview/2022-20-04-preview/identityservice.json#L33:7
⚠️ 1033 - RemovedProperty	The new version is missing a property found in the old version. Was 'innererror' renamed or removed? New: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/common.json#L22:7 Old: Microsoft.ConfidentialLedger/preview/2022-20-04-preview/common.json#L22:7
⚠️ 1033 - RemovedProperty	The new version is missing a property found in the old version. Was 'innererror' renamed or removed? New: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/common.json#L22:7 Old: Microsoft.ConfidentialLedger/preview/2022-20-04-preview/common.json#L22:7

️️✔️CredScan succeeded [Detail] [Expand]

There is no credential detected.

️❌LintDiff: 2 Errors, 92 Warnings failed [Detail]

compared tags (via openapi-validator v2.0.0)	new version	base version
package-2023-01-18-preview-ledger	package-2023-01-18-preview-ledger(57d59d4)	default(main)
package-2023-01-18-preview-identity	package-2023-01-18-preview-identity(57d59d4)	default(main)

[must fix]The following errors/warnings are introduced by current PR:

Only 30 items are listed, please refer to log for more details.

Rule	Message	Related RPC [For API reviewers]
❌ HostParametersValidation	The host parameter must be called 'endpoint'. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L13
❌ HostParametersValidation	The host parameter must be called 'endpoint'. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/identityservice.json#L13
⚠️ OperationId	OperationId should be of the form 'Noun_Verb' Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L34
⚠️ ErrorResponse	Error response should contain a x-ms-error-code header. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L54
⚠️ ErrorResponse	The error property in the error response schema should be required. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L56
⚠️ ErrorResponse	Error schema should define code and message properties as required. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L56
⚠️ ListInOperationName	Since operation response has model definition in array type, it should be of the form '_list'. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L64
⚠️ OperationId	OperationId should be of the form 'Noun_Verb' Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L65
⚠️ PaginationResponse	Response body schema of pageable response should contain top-level array property value Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L85
⚠️ ErrorResponse	Error response should contain a x-ms-error-code header. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L89
⚠️ ErrorResponse	The error property in the error response schema should be required. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L91
⚠️ ErrorResponse	Error schema should define code and message properties as required. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L91
⚠️ OperationId	OperationId should be of the form 'Noun_Verb' Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L100
⚠️ ErrorResponse	Error response should contain a x-ms-error-code header. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L120
⚠️ ErrorResponse	The error property in the error response schema should be required. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L122
⚠️ ErrorResponse	Error schema should define code and message properties as required. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L122
⚠️ ListInOperationName	Since operation response has model definition in array type, it should be of the form '_list'. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L130
⚠️ OperationId	OperationId should be of the form 'Noun_Verb' Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L131
⚠️ PaginationResponse	Response body schema of pageable response should contain top-level array property value Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L151
⚠️ ErrorResponse	Error response should contain a x-ms-error-code header. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L155
⚠️ ErrorResponse	The error property in the error response schema should be required. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L157
⚠️ ErrorResponse	Error schema should define code and message properties as required. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L157
⚠️ ListInOperationName	Since operation response has model definition in array type, it should be of the form '_list'. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L165
⚠️ OperationId	OperationId should be of the form 'Noun_Verb' Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L166
⚠️ PaginationResponse	Response body schema of pageable response should contain top-level array property value Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L195
⚠️ ErrorResponse	Error response should contain a x-ms-error-code header. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L199
⚠️ ErrorResponse	The error property in the error response schema should be required. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L201
⚠️ ErrorResponse	Error schema should define code and message properties as required. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L201
⚠️ OperationId	OperationId should be of the form 'Noun_Verb' Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L208
⚠️ ErrorResponse	Error response should contain a x-ms-error-code header. Location: Microsoft.ConfidentialLedger/preview/2023-01-18-preview/confidentialledger.json#L246

️️✔️Avocado succeeded [Detail] [Expand]

Validation passes for Avocado.

️️✔️ApiReadinessCheck succeeded [Detail] [Expand]

️⚠️~[Staging] ServiceAPIReadinessTest: 0 Warnings warning [Detail]

API Test is not triggered due to precheck failure. Check pipeline log for details.

️️✔️SwaggerAPIView succeeded [Detail] [Expand]

️️✔️CadlAPIView succeeded [Detail] [Expand]

️️✔️TypeSpecAPIView succeeded [Detail] [Expand]

️️✔️ModelValidation succeeded [Detail] [Expand]

Validation passes for ModelValidation.

️️✔️SemanticValidation succeeded [Detail] [Expand]

Validation passes for SemanticValidation.

️️✔️PoliCheck succeeded [Detail] [Expand]

Validation passed for PoliCheck.

️️✔️PrettierCheck succeeded [Detail] [Expand]

Validation passes for PrettierCheck.

️️✔️SpellCheck succeeded [Detail] [Expand]

Validation passes for SpellCheck.

️️✔️Lint(RPaaS) succeeded [Detail] [Expand]

Validation passes for Lint(RPaaS).

️️✔️CadlValidation succeeded [Detail] [Expand]

Validation passes for CadlValidation.

️️✔️TypeSpec Validation succeeded [Detail] [Expand]

Validation passes for TypeSpec Validation.

️️✔️PR Summary succeeded [Detail] [Expand]

Validation passes for Summary.

_{Posted by Swagger Pipeline | How to fix these errors?}

[openapi-pipeline-app]

Swagger pipeline restarted successfully, please wait for status update in this comment.

[openapi-pipeline-app]

Generated ApiView

Language	Package Name	ApiView Link
Swagger	Microsoft.ConfidentialLedger	https://apiview.dev/Assemblies/Review/fb673414daca456caa9ea8c24dcceb8e

[openapi-workflow-bot]

Hi, @andpiccione, For review efficiency consideration, when creating a new api version, it is required to place API specs of the base version in the first commit, and push new version updates into successive commits. You can use OpenAPIHub to initialize the PR for adding a new version. For more details refer to the wiki. Or you could onboard API spec pipeline

[andpiccione]

Hi, @andpiccione, For review efficiency consideration, when creating a new api version, it is required to place API specs of the base version in the first commit, and push new version updates into successive commits. You can use OpenAPIHub to initialize the PR for adding a new version. For more details refer to the wiki. Or you could onboard API spec pipeline

My first commit included the base API specs version, with just a change to the version number. Hopefully this should suffice.

[mikekistler]

@jhendrixMSFT This PR is approved and ready to merge.

[andpiccione]

@mikekistler Thanks for pushing this through. Before merging, we would like to just resolve the last two unresolved comments above and make the required changes in our backend to comply with the latest model changes. We will drop a message here when we are ready to merge.

[ghost]

Hi, @andpiccione. Your PR has no update for 14 days and it is marked as stale PR. If no further update for over 14 days, the bot will close the PR. If you want to refresh the PR, please remove no-recent-activity label.

[ghost]

Hi, @andpiccione. Your PR has no update for 14 days and it is marked as stale PR. If no further update for over 14 days, the bot will close the PR. If you want to refresh the PR, please remove no-recent-activity label.

[ghost]

Hi, @andpiccione. Your PR has no update for 14 days and it is marked as stale PR. If no further update for over 14 days, the bot will close the PR. If you want to refresh the PR, please remove no-recent-activity label.

[ghost]

Hi, @andpiccione. Your PR has no update for 14 days and it is marked as stale PR. If no further update for over 14 days, the bot will close the PR. If you want to refresh the PR, please remove no-recent-activity label.

[andpiccione]

@jhendrixMSFT The PR is almost ready to be merged (just waiting for a few changes to be finalized on our backend, I'll drop a message here when they are merged so we can close this too), but I just want to make sure there are no other blockers related to the CI checks failing. The failures have been documented in the PR comments above, please let me know if there is anything else that needs to be addressed or if there is some other workaround for these. Thanks!

[andpiccione]

@jhendrixMSFT @lmazuel The PR is ready to be merged.

[lmazuel]

Merging, since I see approval from @mikekistler and @JeffreyRichter after the request changes from @markweitzel , so I assume it's ok to merge.