Roundtripping API data results in 400 bad request due to over-validation #7597
Comments
|
👋 @rynowak Thanks for filing this bug report. A project maintainer will review this report and get back to you soon. If you'd like immediate help troubleshooting, please visit our Discord server. For more information on our triage process please visit our triage overview |
|
For triage, this is a minor API behavior bug that seems to impact all APIs currently. Non-blocking for now, but shouldn't get dropped. |
|
When this is fixed, there are workarounds we can remove to validate the fix. Search for the issue number in the code. |
|
👍 We've reviewed this issue and have agreed to add it to our backlog. Please subscribe to this issue for notifications, we'll provide updates when we pick it up. We also welcome community contributions! If you would like to pick this item up sooner and submit a pull request, please visit our contribution guidelines and assign this to yourself by commenting "/assign" on this issue. For more information on our triage process please visit our triage overview |
Steps to reproduce
rad recipe registerto register a recipe (any recipe)Observed behavior
You will see a failure like the following (from functional tests):
cli.go:341: [rad] Failed to register the recipe "redistesttf" to the environment "/planes/radius/local/resourcegroups/kind-radius/providers/Applications.Core/environments/corerp-resources-recipe-env". Cause: PUT https://127.0.0.1:36145/apis/api.ucp.dev/v1alpha3/planes/radius/local/resourceGroups/kind-radius/providers/Applications.Core/environments/corerp-resources-recipe-env cli.go:341: [rad] -------------------------------------------------------------------------------- cli.go:341: [rad] RESPONSE 400: 400 Bad Request cli.go:341: [rad] ERROR CODE: HttpRequestPayloadAPISpecValidationFailed cli.go:341: [rad] -------------------------------------------------------------------------------- cli.go:341: [rad] { cli.go:341: [rad] "error": { cli.go:341: [rad] "code": "HttpRequestPayloadAPISpecValidationFailed", cli.go:341: [rad] "message": "HTTP request payload failed validation against API specification with one or more errors. Please see details for more information.", cli.go:341: [rad] "target": "applications.core/environments", cli.go:341: [rad] "details": [ cli.go:341: [rad] { cli.go:341: [rad] "code": "InvalidProperties", cli.go:341: [rad] "message": "$.systemData.lastModifiedByType in body should be one of [User Application ManagedIdentity Key]" cli.go:341: [rad] }, cli.go:341: [rad] { cli.go:341: [rad] "code": "InvalidProperties", cli.go:341: [rad] "message": "$.systemData.createdByType in body should be one of [User Application ManagedIdentity Key]" cli.go:341: [rad] } cli.go:341: [rad] ] cli.go:341: [rad] } cli.go:341: [rad] }Explanation:
This is a validation error coming from the API on the
$.systemDataproperty. The code in question is:$.properties.recipes)This is getting blocked because
$.systemDatais invalid. But, we didn't change it!Desired behavior
The right semantic here is that
$.systemDatashould be valid when returned by the server (currently it's invalid due to missing fields).$.systemDatais also a readonly property. Users should not be able to modify it, and as such it's not relevant for validation.The desired behavior for readonly properties is as follows. Readonly properties may be omitted from the request, or they may be provided, but should be "unchanged" relative to the server. I think it's reasonable for us to skip validation on Readonly property values as long as they match the correct type and structure.
Workaround
I'm updating the code to blank out the
$.systemDatain these codepaths. However this bug could break any API consumer. This pattern for "get -> change -> update" is a common idiom that doesn't work right now.rad Version
Any version
Operating system
No response
Additional context
No response
Would you like to support us?
AB#12378
The text was updated successfully, but these errors were encountered: