Skip to content

Fix SecurityInsights Swagger breaking-change compatibility regressions#43548

Open
AdiMegid wants to merge 39 commits into
mainfrom
securityinsights-add-versions
Open

Fix SecurityInsights Swagger breaking-change compatibility regressions#43548
AdiMegid wants to merge 39 commits into
mainfrom
securityinsights-add-versions

Conversation

@AdiMegid

@AdiMegid AdiMegid commented May 27, 2026

Copy link
Copy Markdown
Member

ARM (Control Plane) API Specification Update Pull Request

Tip

Overwhelmed by all this guidance? See the Getting help section at the bottom of this PR description.

PR review workflow diagram

Please understand this diagram before proceeding. It explains how to get your PR approved & merged.

spec_pr_review_workflow_diagram

Purpose of this PR

What's the purpose of this PR? Check the specific option that applies. This is mandatory!

  • New resource provider.
  • New API version for an existing resource provider. (If API spec is not defined in TypeSpec, the PR should have been created in adherence to OpenAPI specs PR creation guidance).
  • Update existing version for a new feature. (This is applicable only when you are revising a private preview API version.)
  • Update existing version to fix OpenAPI spec quality issues in S360.
  • Convert existing OpenAPI spec to TypeSpec spec (do not combine this with implementing changes for a new API version).
  • Other, please clarify:
    • Fix the failing Swagger BreakingChange - Analyze Code job for Microsoft.SecurityInsights by restoring schema compatibility in the generated ARM OpenAPI for stable/2025-09-01 and preview/2025-10-01-preview.

Due diligence checklist

To merge this PR, you must go through the following checklist and confirm you understood
and followed the instructions by checking all the boxes:

  • I confirm this PR is modifying Azure Resource Manager (ARM) related specifications, and not data plane related specifications.
  • I have reviewed following Resource Provider guidelines, including
    ARM resource provider contract and
    REST guidelines (estimated time: 4 hours).
    I understand this is required before I can proceed to the diagram Step 2, "ARM API changes review", for this PR.
  • A release plan has been created. If not, please create one as it will help guide you through the REST API and SDK creation process.

Additional information

This PR updates the SecurityInsights TypeSpec source and regenerated OpenAPI to remove breaking-change regressions introduced by the generated swagger shape.

Implemented fixes include:

  • restoring DataConnectorDefinitionArmCollectionWrapper compatibility so value is no longer newly required
  • restoring the named AvailabilityStatus schema reference for connector availability
  • making InstructionStepDetails.parameters an explicit object again
  • inlining Operation.display to match the previous stable contract

Validation performed:

  • npm exec -- tsp compile specification/securityinsights/resource-manager/Microsoft.SecurityInsights/SecurityInsights/main.tsp
  • npm exec --no -- openapi-diff-runner ... with errorCnt: 0 and oadViolationsCnt: 0
Viewing API changes

For convenient view of the API changes made by this PR, refer to the URLs provided in the table
in the Generated ApiView comment added to this PR. You can use ApiView to show API versions diff.

Suppressing failures

If one or multiple validation error/warning suppression(s) is detected in your PR, please follow the
suppressions guide to get approval.

Getting help

  • First, please carefully read through this PR description, from top to bottom. Please fill out the Purpose of this PR and Due diligence checklist.
  • If you don't have permissions to remove or add labels to the PR, request write access per aka.ms/azsdk/access#request-access-to-rest-api-or-sdk-repositories
  • To understand what you must do next to merge this PR, see the Next Steps to Merge comment. It will appear within few minutes of submitting this PR and will continue to be up-to-date with current PR state.
  • For guidance on fixing this PR CI check failures, see the hyperlinks provided in given failure
    and https://aka.ms/ci-fix.
  • For help with ARM review (PR workflow diagram Step 2), see https://aka.ms/azsdk/pr-arm-review.
  • If the PR CI checks appear to be stuck in queued state, please add a comment with contents /azp run.
    This should result in a new comment denoting a PR validation pipeline has started and the checks should be updated after few minutes.
  • If the help provided by the previous points is not enough, post to https://aka.ms/azsdk/support/specreview-channel and link to this PR.
  • For guidance on SDK breaking change review, refer to https://aka.ms/ci-fix.

@github-actions

github-actions Bot commented May 27, 2026

Copy link
Copy Markdown

Next Steps to Merge

Next steps that must be taken to merge this PR:
  • ❌ This PR is in purview of the ARM review (label: ARMReview). This PR must get ARMSignedOff label from an ARM reviewer.
    This PR is awaiting ARM reviewer feedback (label: WaitForARMFeedback).
    To learn when this PR will get reviewed, see ARM review queue at aka.ms/azsdk/pr-arm-review
    For details of the ARM review, see aka.ms/azsdk/pr-arm-review


Comment generated by summarize-checks workflow run.

@github-actions github-actions Bot added ARMReview resource-manager TypeSpec Authored with TypeSpec WaitForARMFeedback <valid label in PR review process> add this label when ARM review is required ARMAutoSignedOff-Trivial ARMSignedOff <valid label in PR review process>add this label when ARM approve updates after review and removed WaitForARMFeedback <valid label in PR review process> add this label when ARM review is required labels May 27, 2026
@github-actions github-actions Bot added new-api-version WaitForARMFeedback <valid label in PR review process> add this label when ARM review is required and removed ARMAutoSignedOff-Trivial ARMSignedOff <valid label in PR review process>add this label when ARM approve updates after review labels Jun 3, 2026
@github-actions

github-actions Bot commented Jun 3, 2026

Copy link
Copy Markdown

API Change Check

APIView identified API level changes in this PR and created the following API reviews

Language API Review for Package
Swagger Microsoft.SecurityInsights-SecurityInsights
TypeSpec Microsoft.SecurityInsights
Go sdk/resourcemanager/securityinsights/armsecurityinsights
JavaScript @azure/arm-securityinsight
Java com.azure.resourcemanager:azure-resourcemanager-securityinsights
Python azure-mgmt-securityinsight
C# Azure.ResourceManager.SecurityInsights

Comment generated by After APIView workflow run.

@github-actions github-actions Bot added the BreakingChangeReviewRequired <valid label in PR review process>add this label when breaking change review is required label Jun 3, 2026
@AdiMegid AdiMegid added NotReadyForReview <valid label in PR review process>It is in draft for swagger or not swagger PR and removed BreakingChangeReviewRequired <valid label in PR review process>add this label when breaking change review is required WaitForARMFeedback <valid label in PR review process> add this label when ARM review is required labels Jun 3, 2026
@github-actions github-actions Bot added the WaitForARMFeedback <valid label in PR review process> add this label when ARM review is required label Jun 3, 2026
@AdiMegid AdiMegid added PublishToCustomers Acknowledgement the changes will be published to Azure customers. and removed WaitForARMFeedback <valid label in PR review process> add this label when ARM review is required labels Jun 3, 2026
@github-actions github-actions Bot added the WaitForARMFeedback <valid label in PR review process> add this label when ARM review is required label Jun 3, 2026

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we need this change?

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the incident task list is not supporting all requirement that Azure.Core.Page has, for example it marks the "value" as required whereas it wasn't like that in the previous version

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we add finalresult to a delete operation?

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is an async operation same as we have with createOrReplace few lines above
We did the change because the RetryAfterHeaders is not supported in the BE for this operation

@guywilfshukrun

Copy link
Copy Markdown
Member

/azp run

@azure-pipelines

Copy link
Copy Markdown
You have several pipelines (over 10) configured to build pull requests in this repository. Specify which pipelines you would like to run by using /azp run [pipelines] command. You can specify multiple pipelines using a comma separated list.

@pshao25

pshao25 commented Jul 7, 2026

Copy link
Copy Markdown
Member

Hi arm reviewers, previously we converted version 2025-07-01-preview which includes the APIs from 2025-09-01 and the APIs from 2025-07-01-preview itself.

In this PR, it added the version 2025-09-01 whose APIs already converted by us before. Therefore, the breaking changes introduced for 2025-09-01 are by design.

For the other APIs in v2025_10_01_preview added in this PR, please follow your process to review.

I added BreakingChange label and LintDiff label so that service team could proceed.

@pshao25 pshao25 added BreakingChange-Approved-Benign Changes are not breaking at the REST API level and have at most minor impact to generated SDKs. Approved-LintDiff labels Jul 7, 2026
@github-actions github-actions Bot added WaitForARMFeedback <valid label in PR review process> add this label when ARM review is required and removed NotReadyForARMReview labels Jul 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Approved-LintDiff ARMReview BreakingChange-Approved-Benign Changes are not breaking at the REST API level and have at most minor impact to generated SDKs. BreakingChangeReviewRequired <valid label in PR review process>add this label when breaking change review is required new-api-version PublishToCustomers Acknowledgement the changes will be published to Azure customers. resource-manager TypeSpec Authored with TypeSpec WaitForARMFeedback <valid label in PR review process> add this label when ARM review is required

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants