Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Application Gateway WAF Rate Limit feature swagger changes #23021

Merged
merged 3 commits into from
Mar 23, 2023
Merged

Application Gateway WAF Rate Limit feature swagger changes #23021

merged 3 commits into from
Mar 23, 2023

Conversation

sraghavan-msft
Copy link
Contributor

Application Gateway WAF Rate Limit feature changes

PR captures configuration model changes to support Application Gateway WAF Rate Limit feature. This feature is built on the existing Custom Rule framework. A new Custom Rule type "RateLimitRule" has been added. Along with this, a new field GroupByUserSession has been added to allow users to configure how to identify unique user sessions or to rate limit requests to an url endpoint by choosing "None"

@openapi-workflow-bot
Copy link

Hi, @sraghavan-msft Thanks for your PR. I am workflow bot for review process. Here are some small tips.

  • Please ensure to do self-check against checklists in first PR comment.
  • PR assignee is the person auto-assigned and responsible for your current PR reviewing and merging.
  • For specs comparison cross API versions, Use API Specs Comparison Report Generator
  • If there is CI failure(s), to fix CI error(s) is mandatory for PR merging; or you need to provide justification in PR comment for explanation. How to fix?

    • Any feedback about review process or workflow bot, pls contact swagger and tools team. [email protected]

    @openapi-pipeline-app
    Copy link

    openapi-pipeline-app bot commented Mar 10, 2023
    edited
    Loading

    Swagger Validation Report

    ️️✔️BreakingChange succeeded [Detail] [Expand] 
    There are no breaking changes.
    ️❌Breaking Change(Cross-Version): 2 Errors, 0 Warnings failed [Detail]
    compared swaggers (via Oad v0.10.4)] new version base version
    webapplicationfirewall.json 2022-11-01(699e41d) 2022-09-01(main)

    The following breaking changes are detected by comparison with the latest stable version:

    Rule Message
    1025 - RequiredStatusChange The 'required' status changed from the old version('True') to the new version('False').
    New: Microsoft.Network/stable/2022-11-01/networkSecurityGroup.json#L720:7
    Old: Microsoft.Network/stable/2022-09-01/networkSecurityGroup.json#L720:7
    1033 - RemovedProperty The new version is missing a property found in the old version. Was 'applicationGatewayIPConfigurations' renamed or removed?
    New: Microsoft.Network/stable/2022-11-01/virtualNetwork.json#L1500:7
    Old: Microsoft.Network/stable/2022-09-01/virtualNetwork.json#L1500:7
    ️⚠️LintDiff: 0 Warnings warning [Detail]
    compared tags (via openapi-validator v2.0.0) new version base version
    package-2022-11 package-2022-11(699e41d) package-2022-11(release-Microsoft.Network-2022-11-01)

    The following errors/warnings exist before current PR submission:

    Only 30 items are listed, please refer to log for more details.

    Rule Message
    PathResourceTypeNameCamelCase Resource type naming must follow camel case. Path: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies'
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L37
    PathResourceTypeNameCamelCase Resource type naming must follow camel case. Path: '/subscriptions/{subscriptionId}/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies'
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L83
    PathResourceTypeNameCamelCase Resource type naming must follow camel case. Path: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/{policyName}'
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L122
    ResourceNameRestriction The resource name parameter 'policyName' should be defined with a 'pattern' restriction.
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L122
    TrackedResourcePatchOperation Tracked resource 'WebApplicationFirewallPolicy' must have patch operation that at least supports the update of tags.
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L122
    LroLocationHeader A 202 response should include an Location response header.
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L271
    MissingTypeObject The schema 'WebApplicationFirewallPolicy' is considered an object but without a 'type:object', please add the missing 'type:object'.
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L295
    RequiredPropertiesMissingInResourceModel Model definition 'WebApplicationFirewallPolicy' must have the properties 'name', 'id' and 'type' in its hierarchy and these properties must be marked as readonly.
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L295
    MissingTypeObject The schema 'WebApplicationFirewallPolicyPropertiesFormat' is considered an object but without a 'type:object', please add the missing 'type:object'.
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L315
    XmsIdentifierValidation Missing identifier id in array item property
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L325
    MissingTypeObject The schema 'WebApplicationFirewallPolicyListResult' is considered an object but without a 'type:object', please add the missing 'type:object'.
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L385
    MissingTypeObject The schema 'ManagedRulesDefinition' is considered an object but without a 'type:object', please add the missing 'type:object'.
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L403
    XmsIdentifierValidation Missing identifier id in array item property
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L409
    XmsIdentifierValidation Missing identifier id in array item property
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L416
    MissingTypeObject The schema 'PolicySettings' is considered an object but without a 'type:object', please add the missing 'type:object'.
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L425
    MissingTypeObject The schema 'WebApplicationFirewallCustomRule' is considered an object but without a 'type:object', please add the missing 'type:object'.
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L484
    IntegerTypeMustHaveFormat The integer type does not have a format, please add it.
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L503
    XmsIdentifierValidation Missing identifier id in array item property
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L550
    MissingTypeObject The schema 'MatchVariable' is considered an object but without a 'type:object', please add the missing 'type:object'.
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L597
    MissingTypeObject The schema 'MatchCondition' is considered an object but without a 'type:object', please add the missing 'type:object'.
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L627
    XmsIdentifierValidation Missing identifier id in array item property
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L635
    XmsIdentifierValidation Missing identifier id in array item property
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L739
    XmsIdentifierValidation Missing identifier id in array item property
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L759
    XmsIdentifierValidation Missing identifier id in array item property
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L813
    XmsIdentifierValidation Missing identifier id in array item property
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L833
    MissingTypeObject The schema 'OwaspCrsExclusionEntry' is considered an object but without a 'type:object', please add the missing 'type:object'.
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L855
    XmsIdentifierValidation Missing identifier id in array item property
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L901
    ⚠️ ParameterNotDefinedInGlobalParameters Parameter 'api-version' is referenced but not defined in the global parameters section of Service Definition
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L49
    ⚠️ ParameterNotDefinedInGlobalParameters Parameter 'api-version' is referenced but not defined in the global parameters section of Service Definition
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L95
    ⚠️ RequiredReadOnlySystemData The response of operation:'WebApplicationFirewallPolicies_Get' is defined without 'systemData'. Consider adding the systemData to the response.
    Location: Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json#L123
    ️️✔️Avocado succeeded [Detail] [Expand] 
    Validation passes for Avocado.
    ️❌SwaggerAPIView: 0 Errors, 0 Warnings failed [Detail]
    ️️✔️CadlAPIView succeeded [Detail] [Expand]
    ️️✔️ModelValidation succeeded [Detail] [Expand] 
    Validation passes for ModelValidation.
    ️️✔️SemanticValidation succeeded [Detail] [Expand] 
    Validation passes for SemanticValidation.
    ️️✔️PrettierCheck succeeded [Detail] [Expand] 
    Validation passes for PrettierCheck.
    ️️✔️SpellCheck succeeded [Detail] [Expand] 
    Validation passes for SpellCheck.
    ️️✔️CadlValidation succeeded [Detail] [Expand] 
    Validation passes for CadlValidation.
    ️️✔️PR Summary succeeded [Detail] [Expand] 
    Validation passes for Summary.
    Posted by Swagger Pipeline | How to fix these errors?

    @openapi-pipeline-app
    Copy link

    openapi-pipeline-app bot commented Mar 10, 2023
    edited
    Loading

    Swagger Generation Artifacts

    ️️✔️ApiDocPreview succeeded [Detail] [Expand] 
     Please click here to preview with your @microsoft account.
    ️⚠️SDK Breaking Change Tracking warning [Detail]

    Breaking Changes Tracking


    ⚠️azure-sdk-for-js - @azure/arm-network - 31.0.0
    +	Interface AdminRuleCollectionsListNextOptionalParams no longer has parameter skipToken
+	Interface AdminRuleCollectionsListNextOptionalParams no longer has parameter top
+	Interface AdminRulesListNextOptionalParams no longer has parameter skipToken
+	Interface AdminRulesListNextOptionalParams no longer has parameter top
+	Interface ConnectivityConfigurationsListNextOptionalParams no longer has parameter skipToken
+	Interface ConnectivityConfigurationsListNextOptionalParams no longer has parameter top
+	Interface ManagementGroupNetworkManagerConnectionsListNextOptionalParams no longer has parameter skipToken
+	Interface ManagementGroupNetworkManagerConnectionsListNextOptionalParams no longer has parameter top
+	Interface NetworkGroupsListNextOptionalParams no longer has parameter skipToken
+	Interface NetworkGroupsListNextOptionalParams no longer has parameter top
+	Interface NetworkInterfacesListVirtualMachineScaleSetIpConfigurationsNextOptionalParams no longer has parameter expand
+	Interface NetworkManagersListBySubscriptionNextOptionalParams no longer has parameter skipToken
+	Interface NetworkManagersListBySubscriptionNextOptionalParams no longer has parameter top
+	Interface NetworkManagersListNextOptionalParams no longer has parameter skipToken
+	Interface NetworkManagersListNextOptionalParams no longer has parameter top
+	Interface ScopeConnectionsListNextOptionalParams no longer has parameter skipToken
+	Interface ScopeConnectionsListNextOptionalParams no longer has parameter top
+	Interface SecurityAdminConfigurationsListNextOptionalParams no longer has parameter skipToken
+	Interface SecurityAdminConfigurationsListNextOptionalParams no longer has parameter top
+	Interface ServiceTagInformationListNextOptionalParams no longer has parameter noAddressPrefixes
+	Interface ServiceTagInformationListNextOptionalParams no longer has parameter tagName
+	Interface StaticMembersListNextOptionalParams no longer has parameter skipToken
+	Interface StaticMembersListNextOptionalParams no longer has parameter top
+	Interface SubscriptionNetworkManagerConnectionsListNextOptionalParams no longer has parameter skipToken
+	Interface SubscriptionNetworkManagerConnectionsListNextOptionalParams no longer has parameter top
+	Interface VirtualNetworksListDdosProtectionStatusNextOptionalParams no longer has parameter skipToken
+	Interface VirtualNetworksListDdosProtectionStatusNextOptionalParams no longer has parameter top
    ️️✔️ azure-sdk-for-net succeeded [Detail] [Expand]
    • ️✔️Succeeded [Logs] Generate from 3c33bab8aa3f3694e53eacf0fc8b23e771bd4d4e. SDK Automation 14.0.0 
      command	pwsh ./eng/scripts/Automation-Sdk-Init.ps1 ../azure-sdk-for-net_tmp/initInput.json ../azure-sdk-for-net_tmp/initOutput.json
command	autorest --version=2.0.4421 --csharp --reflect-api-versions --license-header=MICROSOFT_MIT_NO_VERSION [email protected]/[email protected] --csharp-sdks-folder=/mnt/vss/_work/1/s/azure-sdk-for-net/sdk ../azure-rest-api-specs/specification/network/resource-manager/readme.md
cmderr	[Autorest] realpath(): Permission denied
cmderr	[Autorest] realpath(): Permission denied
cmderr	[Autorest] realpath(): Permission denied
cmderr	[Autorest] realpath(): Permission denied
cmderr	[Autorest] realpath(): Permission denied
cmderr	[Autorest] realpath(): Permission denied
    • ️✔️Microsoft.Azure.Management.Network [View full logs]  [Preview SDK Changes]
    ️️✔️ azure-sdk-for-net-track2 succeeded [Detail] [Expand]
    • ️✔️Succeeded [Logs] Generate from 3c33bab8aa3f3694e53eacf0fc8b23e771bd4d4e. SDK Automation 14.0.0 
      command	pwsh ./eng/scripts/Automation-Sdk-Init.ps1 ../azure-sdk-for-net_tmp/initInput.json ../azure-sdk-for-net_tmp/initOutput.json
command	pwsh ./eng/scripts/Invoke-GenerateAndBuildV2.ps1 ../azure-sdk-for-net_tmp/generateInput.json ../azure-sdk-for-net_tmp/generateOutput.json
    • ️✔️Azure.ResourceManager.Network [View full logs]  [Preview SDK Changes] 
      info	[Changelog]
    ️🔄 azure-sdk-for-python-track2 inProgress [Detail]
    ️️✔️ azure-sdk-for-java succeeded [Detail] [Expand]
    ️️✔️ azure-sdk-for-go succeeded [Detail] [Expand]
    • ️✔️Succeeded [Logs] Generate from 3c33bab8aa3f3694e53eacf0fc8b23e771bd4d4e. SDK Automation 14.0.0 
      command	sh ./eng/scripts/automation_init.sh ../../../../../azure-sdk-for-go_tmp/initInput.json ../../../../../azure-sdk-for-go_tmp/initOutput.json
command	generator automation-v2 ../../../../../azure-sdk-for-go_tmp/generateInput.json ../../../../../azure-sdk-for-go_tmp/generateOutput.json
    • ️✔️sdk/resourcemanager/network/armnetwork [View full logs]  [Preview SDK Changes] 
      info	[Changelog] ### Features Added
info	[Changelog]
info	[Changelog] - New value `ApplicationGatewayCustomErrorStatusCodeHTTPStatus400`, `ApplicationGatewayCustomErrorStatusCodeHTTPStatus404`, `ApplicationGatewayCustomErrorStatusCodeHTTPStatus405`, `ApplicationGatewayCustomErrorStatusCodeHTTPStatus408`, `ApplicationGatewayCustomErrorStatusCodeHTTPStatus499`, `ApplicationGatewayCustomErrorStatusCodeHTTPStatus500`, `ApplicationGatewayCustomErrorStatusCodeHTTPStatus503`, `ApplicationGatewayCustomErrorStatusCodeHTTPStatus504` added to type alias `ApplicationGatewayCustomErrorStatusCode`
info	[Changelog] - New value `WebApplicationFirewallRuleTypeRateLimitRule` added to type alias `WebApplicationFirewallRuleType`
info	[Changelog] - New type alias `ApplicationGatewayFirewallRateLimitDuration` with values `ApplicationGatewayFirewallRateLimitDurationFiveMins`, `ApplicationGatewayFirewallRateLimitDurationOneMin`
info	[Changelog] - New type alias `ApplicationGatewayFirewallUserSessionVariable` with values `ApplicationGatewayFirewallUserSessionVariableClientAddr`, `ApplicationGatewayFirewallUserSessionVariableGeoLocation`, `ApplicationGatewayFirewallUserSessionVariableNone`
info	[Changelog] - New type alias `WebApplicationFirewallState` with values `WebApplicationFirewallStateDisabled`, `WebApplicationFirewallStateEnabled`
info	[Changelog] - New struct `GroupByUserSession`
info	[Changelog] - New struct `GroupByVariable`
info	[Changelog] - New field `AuthorizationStatus` in struct `ExpressRouteCircuitPropertiesFormat`
info	[Changelog] - New field `IPConfigurationID` in struct `VPNGatewaysClientBeginResetOptions`
info	[Changelog] - New field `FlowLogs` in struct `VirtualNetworkPropertiesFormat`
info	[Changelog] - New field `GroupByUserSession` in struct `WebApplicationFirewallCustomRule`
info	[Changelog] - New field `RateLimitDuration` in struct `WebApplicationFirewallCustomRule`
info	[Changelog] - New field `RateLimitThreshold` in struct `WebApplicationFirewallCustomRule`
info	[Changelog] - New field `State` in struct `WebApplicationFirewallCustomRule`
info	[Changelog]
info	[Changelog] Total 0 breaking change(s), 27 additive change(s).
    ️️✔️ azure-sdk-for-js succeeded [Detail] [Expand]
    • ️✔️Succeeded [Logs] Generate from 3c33bab8aa3f3694e53eacf0fc8b23e771bd4d4e. SDK Automation 14.0.0 
      command	sh .scripts/automation_init.sh ../azure-sdk-for-js_tmp/initInput.json ../azure-sdk-for-js_tmp/initOutput.json
warn	File azure-sdk-for-js_tmp/initOutput.json not found to read
command	sh .scripts/automation_generate.sh ../azure-sdk-for-js_tmp/generateInput.json ../azure-sdk-for-js_tmp/generateOutput.json
    • ️✔️@azure/arm-network [View full logs]  [Preview SDK Changes] Breaking Change Detected
      info	[Changelog] **Features**
info	[Changelog]
info	[Changelog]   - Added Interface GroupByUserSession
info	[Changelog]   - Added Interface GroupByVariable
info	[Changelog]   - Added Type Alias ApplicationGatewayFirewallRateLimitDuration
info	[Changelog]   - Added Type Alias ApplicationGatewayFirewallUserSessionVariable
info	[Changelog]   - Added Type Alias WebApplicationFirewallState
info	[Changelog]   - Interface ExpressRouteCircuit has a new optional parameter authorizationStatus
info	[Changelog]   - Interface VirtualNetwork has a new optional parameter flowLogs
info	[Changelog]   - Interface VpnGatewaysResetOptionalParams has a new optional parameter ipConfigurationId
info	[Changelog]   - Interface WebApplicationFirewallCustomRule has a new optional parameter groupByUserSession
info	[Changelog]   - Interface WebApplicationFirewallCustomRule has a new optional parameter rateLimitDuration
info	[Changelog]   - Interface WebApplicationFirewallCustomRule has a new optional parameter rateLimitThreshold
info	[Changelog]   - Interface WebApplicationFirewallCustomRule has a new optional parameter state
info	[Changelog]   - Added Enum KnownApplicationGatewayFirewallRateLimitDuration
info	[Changelog]   - Added Enum KnownApplicationGatewayFirewallUserSessionVariable
info	[Changelog]   - Added Enum KnownWebApplicationFirewallState
info	[Changelog]   - Enum KnownApplicationGatewayCustomErrorStatusCode has a new value HttpStatus400
info	[Changelog]   - Enum KnownApplicationGatewayCustomErrorStatusCode has a new value HttpStatus404
info	[Changelog]   - Enum KnownApplicationGatewayCustomErrorStatusCode has a new value HttpStatus405
info	[Changelog]   - Enum KnownApplicationGatewayCustomErrorStatusCode has a new value HttpStatus408
info	[Changelog]   - Enum KnownApplicationGatewayCustomErrorStatusCode has a new value HttpStatus499
info	[Changelog]   - Enum KnownApplicationGatewayCustomErrorStatusCode has a new value HttpStatus500
info	[Changelog]   - Enum KnownApplicationGatewayCustomErrorStatusCode has a new value HttpStatus503
info	[Changelog]   - Enum KnownApplicationGatewayCustomErrorStatusCode has a new value HttpStatus504
info	[Changelog]   - Enum KnownWebApplicationFirewallRuleType has a new value RateLimitRule
info	[Changelog]
info	[Changelog] **Breaking Changes**
info	[Changelog]
info	[Changelog]   - Interface AdminRuleCollectionsListNextOptionalParams no longer has parameter skipToken
info	[Changelog]   - Interface AdminRuleCollectionsListNextOptionalParams no longer has parameter top
info	[Changelog]   - Interface AdminRulesListNextOptionalParams no longer has parameter skipToken
info	[Changelog]   - Interface AdminRulesListNextOptionalParams no longer has parameter top
info	[Changelog]   - Interface ConnectivityConfigurationsListNextOptionalParams no longer has parameter skipToken
info	[Changelog]   - Interface ConnectivityConfigurationsListNextOptionalParams no longer has parameter top
info	[Changelog]   - Interface ManagementGroupNetworkManagerConnectionsListNextOptionalParams no longer has parameter skipToken
info	[Changelog]   - Interface ManagementGroupNetworkManagerConnectionsListNextOptionalParams no longer has parameter top
info	[Changelog]   - Interface NetworkGroupsListNextOptionalParams no longer has parameter skipToken
info	[Changelog]   - Interface NetworkGroupsListNextOptionalParams no longer has parameter top
info	[Changelog]   - Interface NetworkInterfacesListVirtualMachineScaleSetIpConfigurationsNextOptionalParams no longer has parameter expand
info	[Changelog]   - Interface NetworkManagersListBySubscriptionNextOptionalParams no longer has parameter skipToken
info	[Changelog]   - Interface NetworkManagersListBySubscriptionNextOptionalParams no longer has parameter top
info	[Changelog]   - Interface NetworkManagersListNextOptionalParams no longer has parameter skipToken
info	[Changelog]   - Interface NetworkManagersListNextOptionalParams no longer has parameter top
info	[Changelog]   - Interface ScopeConnectionsListNextOptionalParams no longer has parameter skipToken
info	[Changelog]   - Interface ScopeConnectionsListNextOptionalParams no longer has parameter top
info	[Changelog]   - Interface SecurityAdminConfigurationsListNextOptionalParams no longer has parameter skipToken
info	[Changelog]   - Interface SecurityAdminConfigurationsListNextOptionalParams no longer has parameter top
info	[Changelog]   - Interface ServiceTagInformationListNextOptionalParams no longer has parameter noAddressPrefixes
info	[Changelog]   - Interface ServiceTagInformationListNextOptionalParams no longer has parameter tagName
info	[Changelog]   - Interface StaticMembersListNextOptionalParams no longer has parameter skipToken
info	[Changelog]   - Interface StaticMembersListNextOptionalParams no longer has parameter top
info	[Changelog]   - Interface SubscriptionNetworkManagerConnectionsListNextOptionalParams no longer has parameter skipToken
info	[Changelog]   - Interface SubscriptionNetworkManagerConnectionsListNextOptionalParams no longer has parameter top
info	[Changelog]   - Interface VirtualNetworksListDdosProtectionStatusNextOptionalParams no longer has parameter skipToken
info	[Changelog]   - Interface VirtualNetworksListDdosProtectionStatusNextOptionalParams no longer has parameter top
    ️🔄 azure-resource-manager-schemas inProgress [Detail]
    ️❌ azure-powershell failed [Detail]
    • Code Generator Failed [Logs] Generate from 3c33bab8aa3f3694e53eacf0fc8b23e771bd4d4e. SDK Automation 14.0.0 
      command	sh ./tools/SwaggerCI/init.sh ../azure-powershell_tmp/initInput.json ../azure-powershell_tmp/initOutput.json
error	Script return with result [failed] code [2] signal [null] cwd [azure-powershell]: sh ./tools/SwaggerCI/init.sh
warn	File azure-powershell_tmp/initOutput.json not found to read
error	Fatal error: ENOENT: no such file or directory, open 'azure-powershell_tmp/generateInput.json'
ENOENT: no such file or directory, open 'azure-powershell_tmp/generateInput.json'
Error: ENOENT: no such file or directory, open 'azure-powershell_tmp/generateInput.json'
    at Object.openSync (node:fs:590:3)
    at Object.writeFileSync (node:fs:2202:35)
    at Object.exports.writeTmpJsonFile (/mnt/vss/_work/1/a/unified-pipeline-runtime/private/openapi-sdk-automation/lib/utils/fsUtils.js:121:18)
    at workflowCallGenerateScript (/mnt/vss/_work/1/a/unified-pipeline-runtime/private/openapi-sdk-automation/lib/automation/workflow.js:474:15)
    at workflowHandleReadmeMdOrCadlProject (/mnt/vss/_work/1/a/unified-pipeline-runtime/private/openapi-sdk-automation/lib/automation/workflow.js:205:46)
    at async Object.exports.workflowMain (/mnt/vss/_work/1/a/unified-pipeline-runtime/private/openapi-sdk-automation/lib/automation/workflow.js:94:9)
    at async Object.exports.sdkAutoMain (/mnt/vss/_work/1/a/unified-pipeline-runtime/private/openapi-sdk-automation/lib/automation/entrypoint.js:191:13)
    at async /mnt/vss/_work/1/a/unified-pipeline-runtime/private/openapi-sdk-automation/lib/cli/cli.js:20:18
    Posted by Swagger Pipeline | How to fix these errors?

    @openapi-pipeline-app
    Copy link

    openapi-pipeline-app bot commented Mar 10, 2023
    edited
    Loading

    Generated ApiView

    Language Package Name ApiView Link
    Go sdk/resourcemanager/network/armnetwork Create ApiView failed. Please ask PR assignee for help
    Java azure-resourcemanager-network-generated Create ApiView failed. Please ask PR assignee for help
    .Net Azure.ResourceManager.Network There is no API change compared with the previous version
    JavaScript @azure/arm-network https://apiview.dev/Assemblies/Review/dc7c34874a274f92acc72ea3b75ce8bb

    @ghost ghost added the Network label Mar 10, 2023
    This was referenced Mar 10, 2023
    Closed
    Closed
    @openapi-workflow-bot
    Copy link

    Hi @sraghavan-msft, Your PR has some issues. Please fix the CI sequentially by following the order of Avocado, semantic validation, model validation, breaking change, lintDiff. If you have any questions, please post your questions in this channel https://aka.ms/swaggersupport.

    TaskHow to fixPriority
    AvocadoFix-AvocadoHigh
    Semantic validationFix-SemanticValidation-ErrorHigh
    Model validationFix-ModelValidation-ErrorHigh
    LintDiffFix-LintDiffhigh
     If you need further help, please feedback via swagger feedback.

    This was referenced Mar 10, 2023
    Closed
    Closed
    Closed
    @azure-sdk azure-sdk mentioned this pull request Mar 10, 2023
    Closed
    @raych1
    Copy link
    Member

    raych1 commented Mar 13, 2023

    @sraghavan-msft , please fix lintDiff errors.

    @raych1 raych1 added the Reviewed-ChangesRequested <valid label in PR review process>add this label when assignee request changes after review label Mar 13, 2023
    @AzureRestAPISpecReview AzureRestAPISpecReview added the BreakingChangeReviewRequired <valid label in PR review process>add this label when breaking change review is required label Mar 13, 2023
    @openapi-workflow-bot
    Copy link

    Hi @sraghavan-msft, one or multiple breaking change(s) is detected in your PR. Please check out the breaking change(s), and provide business justification in the PR comment and @ PR assignee why you must have these change(s), and how external customer impact can be mitigated. Please ensure to follow breaking change policy to request breaking change review and approval before proceeding swagger PR review.
    Action: To initiate an evaluation of the breaking change, create a new intake using the template for breaking changes. Addition details on the process and office hours are on the Breaking change Wiki.
    If you want to know the production traffic statistic, please see ARM Traffic statistic.
    If you think it is false positive breaking change, please provide the reasons in the PR comment, report to Swagger Tooling Team via https://aka.ms/swaggerfeedback.
    Note: To avoid breaking change, you can refer to Shift Left Solution for detecting breaking change in early phase at your service code repository.

    @sraghavan-msft
    Copy link
    Contributor Author

    sraghavan-msft commented Mar 20, 2023
    edited
    Loading

    Pasting this comment from #23022 as it applies to this PR as well

    @raych1 The Breaking Change failure in this PR is due to a change that was merged directly in the main branch by Appgw team. It is not related to the changes in this PR. Below is a PR that was approved and merged with the same failure for your reference.

    cc @tejasshah7 @MikhailTryakhov

    #22457

    @raych1 raych1 added Approved-BreakingChange DO NOT USE! OBSOLETE label. See https://github.com/Azure/azure-sdk-tools/issues/6374 and removed Reviewed-ChangesRequested <valid label in PR review process>add this label when assignee request changes after review labels Mar 23, 2023
    @raych1 raych1 merged commit c218cd5 into Azure:release-Microsoft.Network-2022-11-01 Mar 23, 2023
    @sraghavan-msft sraghavan-msft mentioned this pull request Mar 31, 2023
    Closed
    @sraghavan-msft sraghavan-msft mentioned this pull request Apr 17, 2023
    Merged
    MikhailTryakhov
    MikhailTryakhov reviewed Apr 19, 2023
    View reviewed changes
    ...ion/network/resource-manager/Microsoft.Network/stable/2022-11-01/webapplicationfirewall.json
    "description": "Rate Limit threshold to apply in case ruleType is RateLimitRule. Must be greater than or equal to 1",
    "type": "integer",
    "format": "int32",
    "minimum": 1
    Copy link
    Contributor

    Choose a reason for hiding this comment

    The reason will be displayed to describe this comment to others. Learn more.

    This line is reverted

    raych1 pushed a commit that referenced this pull request Apr 25, 2023
    @MikhailTryakhov @htippanaboya
    @tracyMicro @tejasshah7 @sraghavan-msft @navba-MSFT @NiviShenker @sindhualuguvelli1 @phrazfipho @nikhilpadhye1 @JainRah @karanbazaz @yeliMSFT @pr-work @nanditaashok-ms @anvrao1 @baoqihuang0326
    Release of microsoft.network api version: 2022 11 01 (#23652)
    db124c9 
    * Adds base for updating Microsoft.Network from version stable/2022-09-01 to version 2022-11-01

* Updates readme

* Updates API version in new specs and examples

* remove loadDistributionPolicy from appgw PUT request body example (#23144)

* remove loadDistributionPolicy from appgw PUT request body example

* remove loadDistributionPolicy from appgw PUT request body example2

* remove loadDistributionPolicy from appgw PUT request body example

* remove duplicates

* add private link configuration to see if it will fix validation error

* remove privateLinkConfig related

* revert changes to see if still get validation error

* update back to original changes

* add response resource id to fix modelValidation error

* add connection resource

* Selector in Exclusions should not be required as Operator EqualsAny does not need a Selector (#23184)

* Application Gateway WAF Rate Limit feature swagger changes (#23021)

* Application Gateway WAF Rate Limit feature swagger changes

* Fixing lint errors

* Updated rate limit feature examples

* Fix for applicationGatewayIpConfigurations property and make the priority parameter as required for NSG (#23210)

* Fix for applicationGatewayIpConfigurations property

This swagger definition is defining property applicationGatewayIpConfigurations,

```
"applicationGatewayIpConfigurations": {
          "type": "array",
          "items": {
            "$ref": "./applicationGateway.json#/definitions/ApplicationGatewayIPConfiguration"
          },
          "description": "Application gateway IP configurations of virtual network resource."
        }
```
but actual rest api returned applicationGatewayIPConfigurations, the P is upper case while in swagger it is lower case.
```
{
  "name": "subnet-agw",
  "id": "/subscriptions/<sub-id>/resourceGroups/<rg-name>/providers/Microsoft.Network/virtualNetworks/<vnet-name>/subnets/subnet-agw",
  "properties": {
      "applicationGatewayIPConfigurations": [
          {
              "id": "/subscriptions/<sub-id>/resourceGroups/<rg-name>/providers/Microsoft.Network/applicationGateways/<agw-name>/gatewayIPConfigurations/appGatewayIpConfig"
          }
      ]
  },
  "type": "Microsoft.Network/virtualNetworks/subnets"
}
```

* Making priority property required

[This is the API invoked](https://learn.microsoft.com/en-us/rest/api/virtualnetwork/network-security-groups/create-or-update?tabs=HTTP#code-try-0).

For the NSG security rules without priorities, seems like the priority parameter is required. Azure portal works as expected. I don't think that's allowed but according to the schema it is because the priority property is not marked as required. I tried to create a NSG security rule without the priorities and it failed with below.

Request Body:

```
{
  "properties": {
    "securityRules": [
      {
        "name": "rule1",
        "properties": {
          "protocol": "*",
          "sourceAddressPrefix": "*",
          "destinationAddressPrefix": "*",
          "access": "Allow",
          "destinationPortRange": "80",
          "sourcePortRange": "*",
          "direction": "Inbound"
        }
      }
    ]
  },
  "location": "eastus"
}
```
Response received:

```
{
  "error": {
    "code": "SecurityRuleInvalidPriority",
    "message": "Security rule has invalid Priority. Value provided: 0 Allowed range 100-4096.",
    "details": []
  }
}
```
This PR will make the priority parameter as required.

* Update NetworkSecurityGroupDelete.json

* Update NetworkSecurityGroupRuleDelete.json

* Update NetworkSecurityGroupDelete.json

* Undo previous change of making fields optional within Exclusion (#23325)

* Nivishenker/http headers to insert (#23295)

* new app rule property - http header to insert

* prettier

* add to 22-11-01

* removed changes from 22-09-01

* fixed example

* delete RCG example

* fix delete examples

* added a Location header

* prettier fix

* Application Gateway WAF Log scrubbing swagger changes (#23022)

* Log scrubbing API changes

* Update examples

* Addressing comments

* Fix

* Update property in load balancer for Connection Draining Phase 1 (#23082)

* Update property in load balancer for Coneection Draining Phase 1

* Fix model validation

* Azure Firewall Packet Capture API. Cancelled PR from 2022-09-01 and created for 2022-11-01 (#23114)

* moving packet-capture api to 2022-11-01 release from 2022-09-01

* fixing the LRO response header error for model validation

* Changes for Additional nic and corrections (#23522)

* Changes for Additional nic and corrections

* Fixes for tool reported issues

* Fix for SpellCheck, ModelValidation

* Defining Location in NetworkVirtualApplianceDelete for async

* Minor fix

* Minor fix

* Minor fix

* PrettierCheck fixed

* Fixing VirtualApplianceAdditionalNicProperties

* ModelValidation fixed

* Correcting the location header string

* Correcting location header

* Prettied Check Fix

* Fix

* Fix

* Add inspection limit changes (#23536)

* Fixed headers for examples (#23554)

* Fix response of API: List of advertised/learned BGP routes (#23555)

* fix response type

* fix format

* fix example, add x-ms-identifiers

* AuxiliarySku on Nic (#23552)

* Adding auxiliary sku property on nic

* Adding AcceleratedConnections to AuxMode

* modifying the auxSku values

* Removing accidental change

---------

Co-authored-by: Prachi Pravin Bhavsar <[email protected]>

* migrated latest pr from incorrect branch (#23589)

* Changes for NVA connection (#23173)

* Changes for NVA connection

* Changes to address validation failures

* Fix some ModelValidation errors

* Fix some ModelValidation errors

* Fix some ModelValidation errors

* Fix some ModelValidation errors

* Fix some ModelValidation errors

* Addressing some review comments

* Addressing some review comments

* Addressing some review comments

* Addressing some review comments

* Addressing some review comments

* Fix camel case for property name

* Fixing resourceUri to Camel case in example files

* Fix SDK duplication error

* Fix one LintDiff error

* try fix lintdiff errors

* fix lro erro in lintdiff

* fix model validation error

* Bastion S360 for 2022-11 version (#23595)

* Release microsoft.network 2022 11 01 (#23564)

* Application Gateway WAF Rate Limit feature swagger changes

* Fixing lint errors

* Updated rate limit feature examples

* rateLimitDuration and rateLimitThreshold are not mandatory. There are only mandatory if ruleType is RateLimitRule. This validation will be done in NRP.

* Fix attempt 2. Removed minimum constraint from rateLimitThreshold. Validation will be done in NRP

* Remove the minimum number for the option field requestBodyInspectLimitInKB (#23663)

* Remove minimum value for optional field requestBodyInspectLimitInKB

* Remove exlcusiveMinimum

---------

Co-authored-by: htippanaboya <[email protected]>
Co-authored-by: tracyMicro <[email protected]>
Co-authored-by: tejasshah7 <[email protected]>
Co-authored-by: sraghavan-msft <[email protected]>
Co-authored-by: navba-MSFT <[email protected]>
Co-authored-by: NiviShenker <[email protected]>
Co-authored-by: Sindhu Aluguvelli <[email protected]>
Co-authored-by: phrazfipho <[email protected]>
Co-authored-by: nikhilpadhye1 <[email protected]>
Co-authored-by: JainRah <[email protected]>
Co-authored-by: karanbazaz <[email protected]>
Co-authored-by: yeliMSFT <[email protected]>
Co-authored-by: pracsb <[email protected]>
Co-authored-by: Prachi Pravin Bhavsar <[email protected]>
Co-authored-by: nanditaashok-ms <[email protected]>
Co-authored-by: anvrao1 <[email protected]>
Co-authored-by: baoqihuang0326 <[email protected]>
    JoshLove-msft pushed a commit to JoshLove-msft/azure-rest-api-specs that referenced this pull request Apr 25, 2023
    @MikhailTryakhov @htippanaboya
    @tracyMicro @tejasshah7 @sraghavan-msft @navba-MSFT @NiviShenker @sindhualuguvelli1 @phrazfipho @nikhilpadhye1 @JainRah @karanbazaz @yeliMSFT @pr-work @nanditaashok-ms @anvrao1 @baoqihuang0326 @JoshLove-msft
    Release of microsoft.network api version: 2022 11 01 (Azure#23652)
    05404ce 
    * Adds base for updating Microsoft.Network from version stable/2022-09-01 to version 2022-11-01

* Updates readme

* Updates API version in new specs and examples

* remove loadDistributionPolicy from appgw PUT request body example (Azure#23144)

* remove loadDistributionPolicy from appgw PUT request body example

* remove loadDistributionPolicy from appgw PUT request body example2

* remove loadDistributionPolicy from appgw PUT request body example

* remove duplicates

* add private link configuration to see if it will fix validation error

* remove privateLinkConfig related

* revert changes to see if still get validation error

* update back to original changes

* add response resource id to fix modelValidation error

* add connection resource

* Selector in Exclusions should not be required as Operator EqualsAny does not need a Selector (Azure#23184)

* Application Gateway WAF Rate Limit feature swagger changes (Azure#23021)

* Application Gateway WAF Rate Limit feature swagger changes

* Fixing lint errors

* Updated rate limit feature examples

* Fix for applicationGatewayIpConfigurations property and make the priority parameter as required for NSG (Azure#23210)

* Fix for applicationGatewayIpConfigurations property

This swagger definition is defining property applicationGatewayIpConfigurations,

```
"applicationGatewayIpConfigurations": {
          "type": "array",
          "items": {
            "$ref": "./applicationGateway.json#/definitions/ApplicationGatewayIPConfiguration"
          },
          "description": "Application gateway IP configurations of virtual network resource."
        }
```
but actual rest api returned applicationGatewayIPConfigurations, the P is upper case while in swagger it is lower case.
```
{
  "name": "subnet-agw",
  "id": "/subscriptions/<sub-id>/resourceGroups/<rg-name>/providers/Microsoft.Network/virtualNetworks/<vnet-name>/subnets/subnet-agw",
  "properties": {
      "applicationGatewayIPConfigurations": [
          {
              "id": "/subscriptions/<sub-id>/resourceGroups/<rg-name>/providers/Microsoft.Network/applicationGateways/<agw-name>/gatewayIPConfigurations/appGatewayIpConfig"
          }
      ]
  },
  "type": "Microsoft.Network/virtualNetworks/subnets"
}
```

* Making priority property required

[This is the API invoked](https://learn.microsoft.com/en-us/rest/api/virtualnetwork/network-security-groups/create-or-update?tabs=HTTP#code-try-0).

For the NSG security rules without priorities, seems like the priority parameter is required. Azure portal works as expected. I don't think that's allowed but according to the schema it is because the priority property is not marked as required. I tried to create a NSG security rule without the priorities and it failed with below.

Request Body:

```
{
  "properties": {
    "securityRules": [
      {
        "name": "rule1",
        "properties": {
          "protocol": "*",
          "sourceAddressPrefix": "*",
          "destinationAddressPrefix": "*",
          "access": "Allow",
          "destinationPortRange": "80",
          "sourcePortRange": "*",
          "direction": "Inbound"
        }
      }
    ]
  },
  "location": "eastus"
}
```
Response received:

```
{
  "error": {
    "code": "SecurityRuleInvalidPriority",
    "message": "Security rule has invalid Priority. Value provided: 0 Allowed range 100-4096.",
    "details": []
  }
}
```
This PR will make the priority parameter as required.

* Update NetworkSecurityGroupDelete.json

* Update NetworkSecurityGroupRuleDelete.json

* Update NetworkSecurityGroupDelete.json

* Undo previous change of making fields optional within Exclusion (Azure#23325)

* Nivishenker/http headers to insert (Azure#23295)

* new app rule property - http header to insert

* prettier

* add to 22-11-01

* removed changes from 22-09-01

* fixed example

* delete RCG example

* fix delete examples

* added a Location header

* prettier fix

* Application Gateway WAF Log scrubbing swagger changes (Azure#23022)

* Log scrubbing API changes

* Update examples

* Addressing comments

* Fix

* Update property in load balancer for Connection Draining Phase 1 (Azure#23082)

* Update property in load balancer for Coneection Draining Phase 1

* Fix model validation

* Azure Firewall Packet Capture API. Cancelled PR from 2022-09-01 and created for 2022-11-01 (Azure#23114)

* moving packet-capture api to 2022-11-01 release from 2022-09-01

* fixing the LRO response header error for model validation

* Changes for Additional nic and corrections (Azure#23522)

* Changes for Additional nic and corrections

* Fixes for tool reported issues

* Fix for SpellCheck, ModelValidation

* Defining Location in NetworkVirtualApplianceDelete for async

* Minor fix

* Minor fix

* Minor fix

* PrettierCheck fixed

* Fixing VirtualApplianceAdditionalNicProperties

* ModelValidation fixed

* Correcting the location header string

* Correcting location header

* Prettied Check Fix

* Fix

* Fix

* Add inspection limit changes (Azure#23536)

* Fixed headers for examples (Azure#23554)

* Fix response of API: List of advertised/learned BGP routes (Azure#23555)

* fix response type

* fix format

* fix example, add x-ms-identifiers

* AuxiliarySku on Nic (Azure#23552)

* Adding auxiliary sku property on nic

* Adding AcceleratedConnections to AuxMode

* modifying the auxSku values

* Removing accidental change

---------

Co-authored-by: Prachi Pravin Bhavsar <[email protected]>

* migrated latest pr from incorrect branch (Azure#23589)

* Changes for NVA connection (Azure#23173)

* Changes for NVA connection

* Changes to address validation failures

* Fix some ModelValidation errors

* Fix some ModelValidation errors

* Fix some ModelValidation errors

* Fix some ModelValidation errors

* Fix some ModelValidation errors

* Addressing some review comments

* Addressing some review comments

* Addressing some review comments

* Addressing some review comments

* Addressing some review comments

* Fix camel case for property name

* Fixing resourceUri to Camel case in example files

* Fix SDK duplication error

* Fix one LintDiff error

* try fix lintdiff errors

* fix lro erro in lintdiff

* fix model validation error

* Bastion S360 for 2022-11 version (Azure#23595)

* Release microsoft.network 2022 11 01 (Azure#23564)

* Application Gateway WAF Rate Limit feature swagger changes

* Fixing lint errors

* Updated rate limit feature examples

* rateLimitDuration and rateLimitThreshold are not mandatory. There are only mandatory if ruleType is RateLimitRule. This validation will be done in NRP.

* Fix attempt 2. Removed minimum constraint from rateLimitThreshold. Validation will be done in NRP

* Remove the minimum number for the option field requestBodyInspectLimitInKB (Azure#23663)

* Remove minimum value for optional field requestBodyInspectLimitInKB

* Remove exlcusiveMinimum

---------

Co-authored-by: htippanaboya <[email protected]>
Co-authored-by: tracyMicro <[email protected]>
Co-authored-by: tejasshah7 <[email protected]>
Co-authored-by: sraghavan-msft <[email protected]>
Co-authored-by: navba-MSFT <[email protected]>
Co-authored-by: NiviShenker <[email protected]>
Co-authored-by: Sindhu Aluguvelli <[email protected]>
Co-authored-by: phrazfipho <[email protected]>
Co-authored-by: nikhilpadhye1 <[email protected]>
Co-authored-by: JainRah <[email protected]>
Co-authored-by: karanbazaz <[email protected]>
Co-authored-by: yeliMSFT <[email protected]>
Co-authored-by: pracsb <[email protected]>
Co-authored-by: Prachi Pravin Bhavsar <[email protected]>
Co-authored-by: nanditaashok-ms <[email protected]>
Co-authored-by: anvrao1 <[email protected]>
Co-authored-by: baoqihuang0326 <[email protected]>
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Reviewers

    @MikhailTryakhov MikhailTryakhov MikhailTryakhov left review comments

    @tejasshah7 tejasshah7 tejasshah7 left review comments

    @raych1 raych1 raych1 approved these changes

    Assignees

    @raych1 raych1

    Labels
    Approved-BreakingChange DO NOT USE! OBSOLETE label. See https://github.com/Azure/azure-sdk-tools/issues/6374 BreakingChangeReviewRequired <valid label in PR review process>add this label when breaking change review is required CI-BreakingChange-JavaScript CI-FixRequiredOnFailure Network resource-manager
    Projects
    None yet
    Milestone
    No milestone
    Development

    Successfully merging this pull request may close these issues.
    5 participants
    @sraghavan-msft @raych1 @MikhailTryakhov @tejasshah7 @AzureRestAPISpecReview