Key Vault: Resolve inconsistency between spec and service/client implementation

[docschmidt]

This PR intents to resolve two final inconsistencies between the spec and how the service and client are implemented. These inconsistencies are:

• Switch GET /securitydomain/transferkey to GET /securitydomain/upload
• Remove format attribute of the value property of SecurityDomainObject

These are not breaking changes to the spec, these are rather a reconciliation of an existing mismatch between the specification and existing implementations.

MSFT employees can try out our new experience at OpenAPI Hub - one location for using our validation tools and finding your workflow.

Changelog

Please ensure to add changelog with this PR by answering the following questions.

1. What's the purpose of the update?

   • new service onboarding
   • new API version
   • update existing version for new feature
   • update existing version to fix swagger quality issue in s360
   • Other, please clarify
     • Reconcile disparity between the specification and existing client and service implementations

2. When you are targeting to deploy new service/feature to public regions? Please provide date, or month to public if date is not available yet.

   • April 2021

3. When you expect to publish swagger? Please provide date, or month to public if date is not available yet.

   • April 2021

4. If it's an update to existing version, please select SDKs of specific language and CLIs that require refresh after swagger is published.

   • SDK of .NET (need service team to ensure code readiness)
   • SDK of Python
   • SDK of Java
   • SDK of Js
   • SDK of Go
   • PowerShell
   • CLI
   • Terraform
   • No, no need to refresh for updates in this PR

Contribution checklist:

• I commit to follow the Breaking Change Policy of "no breaking changes"
• I have reviewed the documentation for the workflow.
• Validation tools were run on swagger spec(s) and errors have all been fixed in this PR. How to fix?

If any further question about AME onboarding or validation tools, please view the FAQ.

ARM API Review Checklist

• Ensure to check this box if one of the following scenarios meet updates in the PR, so that label “WaitForARMFeedback” will be added automatically to involve ARM API Review. Failure to comply may result in delays for manifest application. Note this does not apply to data plane APIs, all “removals” and “adding a new property” no more require ARM API review.

  • Adding new API(s)
  • Adding a new API version
  • Adding a new service

• Please ensure you've reviewed following guidelines including ARM resource provider contract and REST guidelines. Estimated time (4 hours). This is required before you can request review from ARM API Review board.

• If you are blocked on ARM review and want to get the PR merged with urgency, please get the ARM oncall for reviews (RP Manifest Approvers team under Azure Resource Manager service) from IcM and reach out to them.

Breaking Change Review Checklist

If there are following updates in the PR, ensure to request an approval from Breaking Change Review Board as defined in the Breaking Change Policy.

• Removing API(s) in stable version
• Removing properties in stable version
• Removing API version(s) in stable version
• Updating API in stable or public preview version with Breaking Change Validation errors
• Updating API(s) in public preview over 1 year (refer to Retirement of Previews)

Action: to initiate an evaluation of the breaking change, create a new intake using the template for breaking changes. Addition details on the process and office hours are on the Breaking change Wiki.

Please follow the link to find more details on PR review process.

[openapi-workflow-bot]

Hi, @docschmidt Thanks for your PR. I am workflow bot for review process. Here are some small tips.

Please ensure to do self-check against checklists in first PR comment.

PR assignee is the person auto-assigned and responsible for your current PR reviewing and merging.

For specs comparison cross API versions, Use API Specs Comparison Report Generator

If there is CI failure(s), to fix CI error(s) is mandatory for PR merging; or you need to provide justification in PR comment for explanation. How to fix?

Any feedback about review process or workflow bot, pls contact swagger and tools team. vsswagger@microsoft.com

[heaths]

A format is still required. This blob must be encoded somehow. Even if a valid UTF-8 string now (e.g. JavaScript or Python source, as @herveyw-msft pondered as a thought experiment), this format might change in the future. The encoding rules would need to stay the same for SDKs to continue working properly.

Thus, the required format (which is most often base64url in KV) must be specified in swagger.

[heaths]

As we discussed offline, I'm concerned this isn't future-proof. The fact this blob is opaque and could be anything is exactly why it shouldn't be simply string-encoded, which also requires that it's valid UTF-8 or can be transcoded correctly and automatically by the language SDK.

For a "v1" (specifically, 7.2) you could always assume it's UTF-8 string-encoded JSON, but I do recommend that in 7.3-preview you add a contentType or contentEncoding property (like the HTTP headers) like we did for Secure Key Release (now in 7.3-preview) that provides a "hint" to both the client and service as to what it really is. Absence of this continues to imply UTF-8 string-encoded JSON, but presence could indicate whatever the property says - be it encoded binary data or even just "application/json".

To note, the format here only dictates the encoding over the wire. It does not and should not affect how the data is stored by the client or service. So, for example, security domains that are JSON files today would still be JSON files even if you were to leave this "base64url". The only thing that changes it that the CLI and service would base64url-encode or -decode it before hand.

/cc @herveyw-msft @vickm

[openapi-pipeline-app]

Swagger Generation Artifacts

️🔄 azure-sdk-for-go inProgress [Detail]

_{Posted by Swagger Pipeline | How to fix these errors?}