[KeyVault] - Suppress known validation false-positives

[maorleger]

MSFT employees can try out our new experience at OpenAPI Hub - one location for using our validation tools and finding your workflow.

There are a few validation errors that came up in #18028 that we would want to suppress, so that future merges can have a clean build.

note to reviewers: This is my first attempt at suppressing these, and am not familiar with the repo guidelines. So, please feel free to let me know if there are better ways to support what we're trying to do. Also please assume this is entirely incorrect 😄 I just did the simplest thing that suppresses these errors when running oav locally.

The errors that are being suppressed:

• DOUBLE_FORWARD_SLASHES_IN_URL - There are two acceptable values for scope and both start with a forward slash. / for the global scope and /keys for the keys scope. When scope is part of the path parameters in the RBAC case, the resulting URL will have multiple slashes. They are parsed correctly by the service and while may not be ideal, are already in production as of 7.2
• OBJECT_MISSING_REQUIRED_PROPERTY - I think this is a validation bug, and will create an issue for it assuming the reviewers agree. In this case, "scope" is provided as a parameter but I think the linter doesn't like that it starts with a "/"? When I manually changed the example to pass a scope that does not start with "/" the validation was happy. Unfortunately passing a scope such as "/keys" also triggers the validation error.

Changelog

Add a changelog entry for this PR by answering the following questions:

1. What's the purpose of the update?
   • new service onboarding
   • new API version
   • update existing version for new feature
   • update existing version to fix swagger quality issue in s360
2. When are you targeting to deploy the new service/feature to public regions? Please provide the date or, if the date is not yet available, the month.
3. When do you expect to publish the swagger? Please provide date or, the the date is not yet available, the month.
4. If updating an existing version, please select the specific language SDKs and CLIs that must be refreshed after the swagger is published.
   • SDK of .NET (need service team to ensure code readiness)
   • SDK of Python
   • SDK of Java
   • SDK of Js
   • SDK of Go
   • PowerShell
   • CLI
   • Terraform
   • No refresh required for updates in this PR
   • Other, please clarify

Contribution checklist:

• I commit to follow the Breaking Change Policy of "no breaking changes"
• I have reviewed the documentation for the workflow.
• Validation tools were run on swagger spec(s) and errors have all been fixed in this PR. How to fix?

If any further question about AME onboarding or validation tools, please view the FAQ.

ARM API Review Checklist

Applicability: ⚠️

If your changes encompass only the following scenarios, you should SKIP this section, as these scenarios do not require ARM review.

• Change to data plane APIs
• Adding new properties
• All removals

Otherwise your PR may be subject to ARM review requirements. Complete the following:

• Check this box if any of the following apply to the PR so that label "WaitForARMFeedback" will be added automatically to begin ARM API Review. Failure to comply may result in delays to the manifest.

  • Adding a new service
  • Adding new API(s)
  • Adding a new API version
    -[ ] To review changes efficiently, ensure you are using OpenAPIHub to initialize the PR for adding a new version. More details, refer to the wiki.

• Ensure you've reviewed following guidelines including ARM resource provider contract and REST guidelines. Estimated time (4 hours). This is required before you can request review from ARM API Review board.

• If you are blocked on ARM review and want to get the PR merged with urgency, please get the ARM oncall for reviews (RP Manifest Approvers team under Azure Resource Manager service) from IcM and reach out to them.

Breaking Change Review Checklist

If any of the following scenarios apply to the PR, request approval from the Breaking Change Review Board as defined in the Breaking Change Policy.

• Removing API(s) in a stable version
• Removing properties in a stable version
• Removing API version(s) in a stable version
• Updating API in a stable or public preview version with Breaking Change Validation errors
• Updating API(s) in public preview over 1 year (refer to Retirement of Previews)

Action: to initiate an evaluation of the breaking change, create a new intake using the template for breaking changes. Addition details on the process and office hours are on the Breaking change Wiki.

Please follow the link to find more details on PR review process.

[openapi-pipeline-app]

Swagger Validation Report

️️✔️BreakingChange succeeded [Detail] [Expand]

There are no breaking changes.

️️✔️LintDiff succeeded [Detail] [Expand]

Validation passes for LintDiff.

• Linted configuring files (Based on source branch, openapi-validator v1.12.1 , classic-openapi-validator v1.2.2 )
  • keyvault/data-plane/readme.md tag:package-7.0
  • keyvault/data-plane/readme.md tag:package-7.0-preview
  • keyvault/data-plane/readme.md tag:package-2016-10
  • keyvault/data-plane/readme.md tag:package-2015-06
  • keyvault/data-plane/readme.md tag:package-7.1
  • keyvault/data-plane/readme.md tag:package-7.1-preview
  • keyvault/data-plane/readme.md tag:package-7.3
  • keyvault/data-plane/readme.md tag:package-preview-7.3-preview
  • keyvault/data-plane/readme.md tag:package-7.2
  • keyvault/data-plane/readme.md tag:package-7.2-preview
• Linted configuring files (Based on target branch, openapi-validator v1.12.1 , classic-openapi-validator v1.2.2 )
  • keyvault/data-plane/readme.md tag:package-7.0
  • keyvault/data-plane/readme.md tag:package-7.0-preview
  • keyvault/data-plane/readme.md tag:package-2016-10
  • keyvault/data-plane/readme.md tag:package-2015-06
  • keyvault/data-plane/readme.md tag:package-7.1
  • keyvault/data-plane/readme.md tag:package-7.1-preview
  • keyvault/data-plane/readme.md tag:package-7.3
  • keyvault/data-plane/readme.md tag:package-preview-7.3-preview
  • keyvault/data-plane/readme.md tag:package-7.2
  • keyvault/data-plane/readme.md tag:package-7.2-preview

️️✔️Avocado succeeded [Detail] [Expand]

Validation passes for Avocado.

️️✔️~[Staging] ApiReadinessCheck succeeded [Detail] [Expand]

️️✔️ModelValidation succeeded [Detail] [Expand]

Validation passes for ModelValidation.

️️✔️SemanticValidation succeeded [Detail] [Expand]

Validation passes for SemanticValidation.

️️✔️Cross-Version Breaking Changes succeeded [Detail] [Expand]

There are no breaking changes.

️️✔️CredScan succeeded [Detail] [Expand]

There is no credential detected.

️️✔️SDK Track2 Validation succeeded [Detail] [Expand]

Validation passes for SDKTrack2Validation

• The following tags are being changed in this PR
• keyvault/data-plane/readme.md#package-7.3
• keyvault/data-plane/readme.md#package-preview-7.3-preview
• keyvault/data-plane/readme.md#package-7.2
• keyvault/data-plane/readme.md#package-7.2-preview
• keyvault/data-plane/readme.md#package-7.1
• keyvault/data-plane/readme.md#package-7.1-preview
• keyvault/data-plane/readme.md#package-7.0
• keyvault/data-plane/readme.md#package-7.0-preview
• keyvault/data-plane/readme.md#package-2016-10
• keyvault/data-plane/readme.md#package-2015-06

️️✔️PrettierCheck succeeded [Detail] [Expand]

Validation passes for PrettierCheck.

️️✔️SpellCheck succeeded [Detail] [Expand]

Validation passes for SpellCheck.

️️✔️Lint(RPaaS) succeeded [Detail] [Expand]

Validation passes for Lint(RPaaS).

_{Posted by Swagger Pipeline | How to fix these errors?}

[openapi-workflow-bot]

Hi, @maorleger Thanks for your PR. I am workflow bot for review process. Here are some small tips.

Please ensure to do self-check against checklists in first PR comment.

PR assignee is the person auto-assigned and responsible for your current PR reviewing and merging.

For specs comparison cross API versions, Use API Specs Comparison Report Generator

If there is CI failure(s), to fix CI error(s) is mandatory for PR merging; or you need to provide justification in PR comment for explanation. How to fix?

Any feedback about review process or workflow bot, pls contact swagger and tools team. vscswagger@microsoft.com

[openapi-workflow-bot]

[Call for Action] To better understand Azure service dev/test scenario, and support Azure service developer better on Swagger and REST API related tests in early phase, please help to fill in with this survey https://aka.ms/SurveyForEarlyPhase. It will take 5 to 10 minutes. If you already complete survey, please neglect this comment. Thanks.

[openapi-pipeline-app]

Swagger pipeline restarted successfully, please wait for status update in this comment.

[heaths]

We could merge this, but I'd prefer it's not limited to just rbac.json. Though, the fact this succeeded makes me wonder if the from is ignored for this level of validation errors (previously wasn't suppressable).

[heaths]

Still, since both of these problems happen in other files, does suppression work if you get rid of from: rbac.json? Is it required?

[weidongxu-microsoft]

OK for me. But I didn't find the double slash in rbac.json?
https://github.com/Azure/azure-rest-api-specs/blob/main/specification/keyvault/data-plane/Microsoft.KeyVault/stable/7.3/rbac.json

[maorleger]

@jhendrixMSFT / @heaths I'd like to merge this if possible - mind merging this for me?

@weidongxu-microsoft - The error comes up because the scope "/" is valid. If you look at the https://github.com/Azure/azure-rest-api-specs/blob/main/specification/keyvault/data-plane/Microsoft.KeyVault/stable/7.2/examples/GetRoleDefinition-example.json#L4 sample for example.

The only valid values today are / and /keys - both trigger this double slash error as they are part of the URL