ref(api): resolve UNKNOWN publish_status for release and deprecated endpoints#116650
ref(api): resolve UNKNOWN publish_status for release and deprecated endpoints#116650gricha wants to merge 5 commits into
Conversation
These endpoints were ApiPublishStatus.UNKNOWN. They are not public API surface, so mark them PRIVATE to record intent (docs-only change, no runtime effect): - group stats/tags/integration-details: already @deprecated (cell-silo retirement) - project releases token: provisions/rotates a deploy-token credential
Promote release CRUD endpoints from ApiPublishStatus.UNKNOWN to PUBLIC with full OpenAPI documentation (extend_schema params/responses/descriptions), and remove their entries from the publish-status allowlist: - OrganizationReleases (GET+POST), OrganizationReleasesStats (GET), OrganizationReleaseCommits (GET) - ProjectReleases (POST), ProjectReleaseDetails (GET/PUT/DELETE), ProjectReleaseCommits (GET) Supporting schema fixes: - annotate UserField with extend_schema_field(STR) so serializers using it resolve cleanly (matches actor.py / sentry_slug.py) - add help_text to ReleaseSerializer status/version/owner fields
github-actions
Bot
added
the
Scope: Backend
cvxluo
left a comment
cvxluo
left a comment
There was a problem hiding this comment.
lgtm, though i'm not familiar enough with the releases API to feel confident approving. one thing that might be helpful is to add api doc examples. i've also generally found that there's a decent bit of type drift between the actual response schemas for endpoints vs their serializers, so it may be worth verifying that the schemas line up (e.g. i spot checked ProjectReleaseDetailsEndpoint and it seems like the HealthData schema returns floats instead of ints)
There was a problem hiding this comment.
fyi i'm looking to publish this one
| class GroupStatsEndpoint(GroupEndpoint, StatsMixin): | ||
| publish_status = { | ||
| "GET": ApiPublishStatus.UNKNOWN, | ||
| "GET": ApiPublishStatus.PRIVATE, |
There was a problem hiding this comment.
i think it's fine to mark these are private, but for i believe these are getting deprecated as part of the cell project, so it shouldn't matter in the long run
There was a problem hiding this comment.
yeah, they can remove them then, im fine with that, i just want to kill the unknown allowlist
|
yeah @azulus is helping with making sure drift isn't present via linters, i'll check the Health ones you mention! |
Match the established public-endpoint style (examples= alongside responses=, as the sibling ProjectReleases GET already does). Reuse the existing RELEASE fixture for release-shaped responses and add COMMIT + release-timeseries example fixtures.
| publish_status = { | ||
| "GET": ApiPublishStatus.UNKNOWN, | ||
| "POST": ApiPublishStatus.UNKNOWN, | ||
| "GET": ApiPublishStatus.PUBLIC, |
| owner = ApiOwner.TELEMETRY_EXPERIENCE | ||
| publish_status = { | ||
| "GET": ApiPublishStatus.UNKNOWN, | ||
| "GET": ApiPublishStatus.PUBLIC, |
There was a problem hiding this comment.
should we consider going unknown -> private instead of straight to public? what are the implications here?
| owner = ApiOwner.TELEMETRY_EXPERIENCE | ||
| publish_status = { | ||
| "GET": ApiPublishStatus.UNKNOWN, | ||
| "GET": ApiPublishStatus.PUBLIC, |
There was a problem hiding this comment.
similar question about unknown -> public. Remember that anything going to public likely needs to be supported forever. I don't think we want this?
|
|
||
| @extend_schema( | ||
| operation_id="List an Organization Release's Commits", | ||
| parameters=[CursorQueryParam], |
There was a problem hiding this comment.
similar question about schema shape changes
| owner = ApiOwner.TELEMETRY_EXPERIENCE | ||
| publish_status = { | ||
| "GET": ApiPublishStatus.UNKNOWN, | ||
| "GET": ApiPublishStatus.PUBLIC, |
|
|
||
| @extend_schema( | ||
| operation_id="List a Project Release's Commits", | ||
| parameters=[CursorQueryParam], |
| "DELETE": ApiPublishStatus.UNKNOWN, | ||
| "GET": ApiPublishStatus.UNKNOWN, | ||
| "PUT": ApiPublishStatus.UNKNOWN, | ||
| "DELETE": ApiPublishStatus.PUBLIC, |
| ) | ||
| ) | ||
|
|
||
| @extend_schema( |
There was a problem hiding this comment.
I'm guessing default w/ no visibility is public? should probably be private annotated?
| ), | ||
| ) | ||
|
|
||
| @extend_schema( |
Keep the @extend_schema documentation (params/responses/examples) but set publish_status to PRIVATE rather than PUBLIC. We want this documentation present -- and intend to start requiring it on private endpoints to drive internal changes off the schema -- without yet committing these as public API. project_releases GET stays PUBLIC (pre-existing); only the POST we touched flips.
gricha
changed the title
3 participants
Resolves the
ApiPublishStatus.UNKNOWNplaceholder on 10 endpoints and removes their entries from the publish-status allowlist. First batch of an effort to drainapi_publish_status_allowlist_dont_modify.pyand eventually delete theUNKNOWNstatus.publish_statusis docs-only, so there is no runtime, routing, or auth change here.All touched endpoints →
PRIVATEFor now these are marked
PRIVATE(not published as public API), clearing them out ofUNKNOWN: the release CRUD endpoints (OrganizationReleases,OrganizationReleasesStats,OrganizationReleaseCommits,ProjectReleasesPOST,ProjectReleaseDetails,ProjectReleaseCommits), the@deprecatedgroup stats/tags/integration-details endpoints, and the project releases deploy-token endpoint.ProjectReleasesGET staysPUBLIC— it was already public before this branch; only thePOSTwe touched flips.OpenAPI documentation is kept (intentionally)
Even though these are
PRIVATE, they keep full@extend_schemadocumentation (params, responses, descriptions, examples). We want this documentation in place and intend to start requiring it on private endpoints, since internal changes will be driven off the generated schema/types. The docs are dormant in the public schema today but ready.Shared schema/type fixes
UserFieldwith@extend_schema_field(OpenApiTypes.STR)(matchesapi/fields/actor.py/sentry_slug.py).help_texttoReleaseSerializer'sstatus/version/ownerfields.COMMITand release-timeseries example fixtures torelease_examples.py.Design note
Reviewed against the API design guidelines. One pre-existing deviation documented inline on
ReleaseSerializerResponse.id: the releaseidis an integer rather than a string. Long-standing, codebase-wide; not introduced here.Verified:
make build-api-docs(--validate --fail-on-warn) clean, andmypyclean on all touched files.