-
Notifications
You must be signed in to change notification settings - Fork 5.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[DO NOT MERGE] Introducing Per-Site Waf Policy Support #6907
Conversation
…limit as 1, upper limit is based on the Skw and AppGw Version so we shouldnt enforce the upper limit
…P. Swagger only have to protect against potential negative values
Pulling latest Master to my repo
* Add swagger specification for firewall policy resource * Add the firewall policy spec to the list of files in readme.md * Add priority to the Filter Rule in example for Rule Group Get * Encapsulate the response body in a body property * Suppress errors due to missing properties inhertied from base resource: * Fix typo * Fix Build errors * Address review comments * Revert capitalization of Tags and OperationId as Semantic valiation expects lower case * Drop 201 response from examples * Capitalize first letter of the operationId and tags values * Add swagger changes for azure firewall in vHub * Add a ref to the example file for Azure Firewall in vHub * Fix validation check * Address review comments
…to publicIpPrefix (Azure#6693)
Pulling latest code changes
Automation for azure-sdk-for-pythonEncountered an unknown error: (azure-sdk-for-python)
Traceback (most recent call last):
File "/usr/local/lib/python3.6/dist-packages/azure_devtools/ci_tools/github_tools.py", line 33, in exception_to_github
yield context
File "/usr/local/lib/python3.6/dist-packages/swaggertosdk/restapi/github.py", line 170, in rest_handle_action
return rest_pull_close(body, restapi_repo, sdk_pr_target_repo, sdkbase, sdk_tag)
File "/usr/local/lib/python3.6/dist-packages/swaggertosdk/restapi/github.py", line 185, in rest_pull_close
rest_pr_management(rest_pr, sdk_pr_target_repo, sdk_tag, sdk_default_base)
File "/usr/local/lib/python3.6/dist-packages/swaggertosdk/restapi/github_handler.py", line 151, in rest_pr_management
sdk_tag=sdk_tag
File "/usr/local/lib/python3.6/dist-packages/swaggertosdk/SwaggerToSdkNewCLI.py", line 254, in generate_sdk_from_git_object
with manage_git_folder(gh_token, Path(temp_dir) / Path("rest"), branched_rest_api_id, pr_number=pr_number) as restapi_git_folder, \
File "/usr/lib/python3.6/contextlib.py", line 81, in __enter__
return next(self.gen)
File "/usr/local/lib/python3.6/dist-packages/azure_devtools/ci_tools/github_tools.py", line 272, in manage_git_folder
clone_to_path(gh_token, temp_dir, split_git_id[0], branch_or_commit=branch, pr_number=pr_number)
File "/usr/local/lib/python3.6/dist-packages/azure_devtools/ci_tools/github_tools.py", line 212, in clone_to_path
repo.git.checkout(branch_or_commit)
File "/usr/local/lib/python3.6/dist-packages/git/cmd.py", line 548, in <lambda>
return lambda *args, **kwargs: self._call_process(name, *args, **kwargs)
File "/usr/local/lib/python3.6/dist-packages/git/cmd.py", line 1014, in _call_process
return self.execute(call, **exec_kwargs)
File "/usr/local/lib/python3.6/dist-packages/git/cmd.py", line 825, in execute
raise GitCommandError(command, status, stderr_value, stdout_value)
git.exc.GitCommandError: Cmd('git') failed due to: exit code(128)
cmdline: git checkout 862838d5dbe0b003ebbae3820a2a2a5eb8377476
stderr: 'fatal: reference is not a tree: 862838d5dbe0b003ebbae3820a2a2a5eb8377476' |
Automation for azure-sdk-for-goEncountered an unknown error: (azure-sdk-for-go)
Traceback (most recent call last):
File "/usr/local/lib/python3.6/dist-packages/azure_devtools/ci_tools/github_tools.py", line 33, in exception_to_github
yield context
File "/usr/local/lib/python3.6/dist-packages/swaggertosdk/restapi/github.py", line 170, in rest_handle_action
return rest_pull_close(body, restapi_repo, sdk_pr_target_repo, sdkbase, sdk_tag)
File "/usr/local/lib/python3.6/dist-packages/swaggertosdk/restapi/github.py", line 185, in rest_pull_close
rest_pr_management(rest_pr, sdk_pr_target_repo, sdk_tag, sdk_default_base)
File "/usr/local/lib/python3.6/dist-packages/swaggertosdk/restapi/github_handler.py", line 151, in rest_pr_management
sdk_tag=sdk_tag
File "/usr/local/lib/python3.6/dist-packages/swaggertosdk/SwaggerToSdkNewCLI.py", line 254, in generate_sdk_from_git_object
with manage_git_folder(gh_token, Path(temp_dir) / Path("rest"), branched_rest_api_id, pr_number=pr_number) as restapi_git_folder, \
File "/usr/lib/python3.6/contextlib.py", line 81, in __enter__
return next(self.gen)
File "/usr/local/lib/python3.6/dist-packages/azure_devtools/ci_tools/github_tools.py", line 272, in manage_git_folder
clone_to_path(gh_token, temp_dir, split_git_id[0], branch_or_commit=branch, pr_number=pr_number)
File "/usr/local/lib/python3.6/dist-packages/azure_devtools/ci_tools/github_tools.py", line 212, in clone_to_path
repo.git.checkout(branch_or_commit)
File "/usr/local/lib/python3.6/dist-packages/git/cmd.py", line 548, in <lambda>
return lambda *args, **kwargs: self._call_process(name, *args, **kwargs)
File "/usr/local/lib/python3.6/dist-packages/git/cmd.py", line 1014, in _call_process
return self.execute(call, **exec_kwargs)
File "/usr/local/lib/python3.6/dist-packages/git/cmd.py", line 825, in execute
raise GitCommandError(command, status, stderr_value, stdout_value)
git.exc.GitCommandError: Cmd('git') failed due to: exit code(128)
cmdline: git checkout 862838d5dbe0b003ebbae3820a2a2a5eb8377476
stderr: 'fatal: reference is not a tree: 862838d5dbe0b003ebbae3820a2a2a5eb8377476' |
Can one of the admins verify this patch? |
|
In Testing, Please Ignore[Logs] (Generated from af749ae, Iteration 6).NET: test-repo-billy/azure-sdk-for-net [Logs] [Diff]
Python: test-repo-billy/azure-sdk-for-python [Logs]
Java: test-repo-billy/azure-sdk-for-java [Logs]
Go: test-repo-billy/azure-sdk-for-go [Logs]
JavaScript: test-repo-billy/azure-sdk-for-js [Logs]
Ruby: test-repo-billy/azure-sdk-for-ruby [Logs] [Diff]
|
…into perSiteUri
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We also need to add firewallPolicy
to ApplicationGatewayHttpListenerPropertiesFormat for the per-site case. The current cases cover per-URI scenario (routing rules) only.
}, | ||
"firewallPolicy": { | ||
"$ref": "./network.json#/definitions/SubResource", | ||
"description": "Reference of the FirewallPolicy resource." |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(minor) "Reference TO..."?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done!
@@ -1681,6 +1685,10 @@ | |||
"$ref": "./network.json#/definitions/SubResource", | |||
"description": "Redirect configuration resource of the application gateway." | |||
}, | |||
"firewallPolicy": { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For routing rules of 'Basic' type we should add a map of new objects.
That new object should be similar to ApplicationGatewayPathRulePropertiesFormat but only have
"paths"
and "firewallPolicy"
. We can have multiple path prefixes with different WAF policies per a single Basic rule.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Addressed!
hi @venkatsvpr @zikalino what's the status on the PR? |
Latest improvements:
MSFT employees can try out our new experience at OpenAPI Hub - one location for using our validation tools and finding your workflow.
Contribution checklist:
ARM API Review Checklist
Failure to comply may result in delays for manifest application. Note this does not apply to data plane APIs.
Please follow the link to find more details on API review process.