Add swagger for client cert & CORS policy (Azure#21126)

zhenqxuMSFT · Oct 31, 2022 · 55b3f4c · 55b3f4c
1 parent 5533d83
commit 55b3f4c
Show file tree

Hide file tree

Showing 2 changed files with 85 additions and 1 deletion.
diff --git a/specification/app/resource-manager/Microsoft.App/stable/2022-10-01/ContainerApps.json b/specification/app/resource-manager/Microsoft.App/stable/2022-10-01/ContainerApps.json
@@ -782,6 +782,23 @@
           "x-ms-identifiers": [
             "name"
           ]
+        },
+        "clientCertificateMode": {
+          "description": "Client certificate mode for mTLS authentication. Ignore indicates server drops client certificate on forwarding. Accept indicates server forwards client certificate but does not require a client certificate. Require indicates server requires a client certificate.",
+          "enum": [
+            "ignore",
+            "accept",
+            "require"
+          ],
+          "type": "string",
+          "x-ms-enum": {
+            "name": "IngressClientCertificateMode",
+            "modelAsString": true
+          }
+        },
+        "corsPolicy": {
+          "description": "CORS policy for container app",
+          "$ref": "#/definitions/CorsPolicy"
         }
       }
     },
@@ -932,6 +949,52 @@
         }
       }
     },
+    "CorsPolicy": {
+      "description": "Cross-Origin-Resource-Sharing policy",
+      "type": "object",
+      "required": [
+        "allowedOrigins"
+      ],
+      "properties": {
+        "allowedOrigins": {
+          "description": "allowed origins",
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "allowedMethods": {
+          "description": "allowed HTTP methods",
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "allowedHeaders": {
+          "description": "allowed HTTP headers",
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "exposeHeaders": {
+          "description": "expose HTTP headers ",
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "maxAge": {
+          "format": "int32",
+          "description": "max time client can cache the result",
+          "type": "integer"
+        },
+        "allowCredentials": {
+          "description": "allow credential or not",
+          "type": "boolean"
+        }
+      }
+    },
     "CustomHostnameAnalysisResult": {
       "description": "Custom domain analysis.",
       "type": "object",

diff --git a/...source-manager/Microsoft.App/stable/2022-10-01/examples/ContainerApps_CreateOrUpdate.json b/...source-manager/Microsoft.App/stable/2022-10-01/examples/ContainerApps_CreateOrUpdate.json
@@ -46,7 +46,28 @@
                 "ipAddressRange": "192.168.1.1/8",
                 "action": "Allow"
               }
-            ]
+            ],
+            "clientCertificateMode": "accept",
+            "corsPolicy": {
+              "allowedOrigins": [
+                "https://a.test.com",
+                "https://b.test.com"
+              ],
+              "allowedMethods": [
+                "GET",
+                "POST"
+              ],
+              "allowedHeaders": [
+                "HEADER1",
+                "HEADER2"
+              ],
+              "exposeHeaders": [
+                "HEADER3",
+                "HEADER4"
+              ],
+              "maxAge": 1234,
+              "allowCredentials": true
+            }
           },
           "dapr": {
             "enabled": true,