.. _validation-sets: ======================== Validation Sets ======================== Introduction ------------ The *Validation Sets API* enables Validation Set assertions management. All endpoints require a macaroon authenticated request with no special permissions. See :ref:`macaroon-api` for details on how to obtain a suitable macaroon for interacting with this API. You could also use the ``surl`` command line, available as a snap: ``snap install surl`` to exercise this (and other) store APIs. The following example authenticates to the store and saves the macaroon locally for use in subsequent requests: ``surl -a prod -s production -e [[-p ]]`` ``surl -a prod -X https://dashboard.snapcraft.io/ [[-d '']]`` See ``surl help`` for the details about these and other surl options. The *Validation Sets API* is exposed at the following base URLs: * Staging: https://dashboard.staging.snapcraft.io/api/v2/validation-sets * Production: https://dashboard.snapcraft.io/api/v2/validation-sets Response Format _______________ JSON_ will be returned in all responses from the API, including error responses, please refer to the following section for details about the format. .. _JSON: http://www.json.org .. _api-validation-sets-build-assertion: Prepare Validation Set assertion headers ready for signing. ------------------------------------------------------------------- *Introduced in version 16* .. http:POST:: /api/v2/validation-sets/build-assertion Prepare Validation Set headers for local signing. Return Validation Set assertion headers ready for local signing by the publisher. :reqheader Authorization: macaroon authorization header for an active user :status 200: success :status 400: error :status 401: authentication required Usage _____ As mentioned in the introduction, this endpoint can be exercised using the ``surl`` command as follows: ``surl -s production -e your-email@example.com -X POST https://dashboard.snapcraft.io/api/v2/validation-sets/build-assertion -d ''`` where ``your-email@example.com`` has to be an existing account. Example _______ .. include:: ../../examples/requests/validation_sets_build_assertion Errors ______ .. include:: ../../examples/requests/validation_sets_build_assertion_errors Changelog _________ * Version 16: New API endpoints for Validation Sets management. Request JSON Schema ___________________ .. code-block:: json { "additionalProperties": false, "properties": { "account-id": { "description": "Issuer of the Validation Set", "maxLength": 100, "type": "string" }, "name": { "description": "Validation Set name", "maxLength": 100, "type": "string" }, "sequence": { "description": "Validation Set sequence", "minimum": 1, "type": "integer" }, "snaps": { "items": { "additionalProperties": false, "description": "List of snaps in a Validation Set assertion", "properties": { "components": { "additionalProperties": false, "description": "Snap components", "patternProperties": { "^[a-z0-9](?:-?[a-z0-9])*$": { "oneOf": [ { "description": "Snap component presence", "enum": [ "required", "optional", "invalid" ], "type": "string" }, { "additionalProperties": false, "properties": { "presence": { "description": "Snap component presence", "enum": [ "required", "optional", "invalid" ], "type": "string" }, "revision": { "description": "Snap component revision", "minimum": 1, "type": "integer" } }, "type": "object" } ] } }, "type": "object" }, "id": { "description": "Snap ID", "maxLength": 100, "type": "string" }, "name": { "description": "Snap name", "maxLength": 100, "type": "string" }, "presence": { "description": "Snap presence", "enum": [ "required", "optional", "invalid" ], "type": "string" }, "revision": { "description": "Snap revision", "minimum": 0, "type": "integer" } }, "required": [ "name" ], "type": "object" }, "minItems": 1, "type": "array" } }, "required": [ "account-id", "name", "sequence", "snaps" ], "type": "object" } Response JSON Schema ____________________ .. code-block:: json { "additionalProperties": false, "properties": { "account-id": { "description": "The \"account-id\" assertion header", "type": "string" }, "authority-id": { "description": "The \"authority-id\" assertion header", "type": "string" }, "name": { "description": "The \"name\" assertion header", "type": "string" }, "revision": { "description": "The \"revision\" assertion header", "type": "string" }, "sequence": { "description": "The \"sequence\" assertion header", "type": "string" }, "series": { "description": "The \"series\" assertion header", "type": "string" }, "snaps": { "items": { "additionalProperties": false, "description": "List of snaps in a Validation Set assertion", "properties": { "components": { "additionalProperties": false, "description": "Snap components", "patternProperties": { "^[a-z0-9](?:-?[a-z0-9])*$": { "oneOf": [ { "description": "Snap component presence", "enum": [ "required", "optional", "invalid" ], "type": "string" }, { "additionalProperties": false, "properties": { "presence": { "description": "Snap component presence", "enum": [ "required", "optional", "invalid" ], "type": "string" }, "revision": { "description": "Snap component revision", "type": "string" } }, "type": "object" } ] } }, "type": "object" }, "id": { "description": "Snap ID", "maxLength": 100, "type": "string" }, "name": { "description": "Snap name", "maxLength": 100, "type": "string" }, "presence": { "description": "Snap presence", "enum": [ "required", "optional", "invalid" ], "type": "string" }, "revision": { "description": "Snap revision", "type": "string" } }, "required": [ "name" ], "type": "object" }, "minItems": 1, "type": "array" }, "timestamp": { "description": "The \"timestamp\" assertion header", "type": "string" }, "type": { "const": "validation-set", "description": "The \"type\" assertion header", "type": "string" } }, "required": [ "type", "authority-id", "series", "account-id", "name", "sequence", "revision", "timestamp", "snaps" ], "type": "object" } .. _api-validation-sets: Manage account's validation-set assertions. ------------------------------------------------------------------- *Introduced in version 16* .. http:GET:: /api/v2/validation-sets/(?P[\\w-]+) .. http:POST:: /api/v2/validation-sets/(?P[\\w-]+) Manage account's validation-set assertions. Usage _____ As mentioned in the introduction, this endpoint can be exercised using the ``surl`` command as follows: ``surl -s production -e your-email@example.com -X GET https://dashboard.snapcraft.io/api/v2/validation-sets`` where ``your-email@example.com`` has to be an existing account. .. http:get:: /api/v2/validation-sets[/] :reqheader Authorization: macaroon authorization header for a registered user :status 200: success :status 400: error :status 401: authentication required GET requests to * ``/api/v2/validation-sets`` and * ``/api/v2/validation-sets/``, return a list of headers for validation set assertions registered by the requesting user, that match requested criteria. By default, a GET request to ``/api/v2/validation-sets`` returns headers for all validation sets owned by the requesting account, each at their latest sequence and latest revision. The same applies to ``/api/v2/validation-sets/``, except that the result will contain headers for one specific assertion. In both cases * ``sequence=all`` query parameter can be added to request all sequences of the relevant assertions at their latest revisions. * ``sequence=latest`` query parameter is also supported (this is the default behavior). The ``/api/v2/validation-sets/`` endpoint additionally supports a ``sequence=N`` query parameter, where ``N`` is a specific sequence number. GET Examples ____________ .. include:: ../../examples/requests/validation_sets_get GET Errors __________ .. include:: ../../examples/requests/validation_sets_get_errors .. http:post:: /api/v2/validation-sets :reqheader Authorization: macaroon authorization header for a registered user :status 201: success :status 400: error :status 409: conflict :status 401: authentication required POST requests to ``/api/v2/validation-sets`` are used to register new validation set assertions with the store. The endpoint expects a valid validation-set type assertion, signed with a signing key registered with the store. The endpoint expects an ``x.ubuntu.assertion`` content-type request. ``/api/v2/validation-sets/build-assertion`` endpoint can be used to obtain validation-set assertion headers as JSON, to be used as an input to ``snap sign``, which will sign the assertion and output it in the ``x.ubuntu.assertion`` format, ready for sending to ``/api/v2/validation-sets`` in a POST request. POST Examples _____________ .. include:: ../../examples/requests/validation_sets_post POST Errors ___________ .. include:: ../../examples/requests/validation_sets_post_errors Changelog _________ * Version 16: New API endpoints for Validation Sets management. Response JSON Schema ____________________ .. code-block:: json { "additionalProperties": false, "properties": { "assertions": { "description": "List of validation-set assertions", "items": { "additionalProperties": false, "properties": { "headers": { "additionalProperties": false, "description": "Assertion headers", "properties": { "account-id": { "description": "The \"account-id\" assertion header", "type": "string" }, "authority-id": { "description": "The \"authority-id\" assertion header", "type": "string" }, "name": { "description": "The \"name\" assertion header", "type": "string" }, "revision": { "description": "The \"revision\" assertion header", "type": "string" }, "sequence": { "description": "The \"sequence\" assertion header", "type": "string" }, "series": { "description": "The \"series\" assertion header", "type": "string" }, "sign-key-sha3-384": { "description": "Signing key ID", "type": "string" }, "snaps": { "items": { "additionalProperties": false, "description": "List of snaps in a Validation Set assertion", "properties": { "components": { "additionalProperties": false, "description": "Snap components", "patternProperties": { "^[a-z0-9](?:-?[a-z0-9])*$": { "oneOf": [ { "description": "Snap component presence", "enum": [ "required", "optional", "invalid" ], "type": "string" }, { "additionalProperties": false, "properties": { "presence": { "description": "Snap component presence", "enum": [ "required", "optional", "invalid" ], "type": "string" }, "revision": { "description": "Snap component revision", "type": "string" } }, "type": "object" } ] } }, "type": "object" }, "id": { "description": "Snap ID", "maxLength": 100, "type": "string" }, "name": { "description": "Snap name", "maxLength": 100, "type": "string" }, "presence": { "description": "Snap presence", "enum": [ "required", "optional", "invalid" ], "type": "string" }, "revision": { "description": "Snap revision", "type": "string" } }, "required": [ "name" ], "type": "object" }, "minItems": 1, "type": "array" }, "timestamp": { "description": "The \"timestamp\" assertion header", "type": "string" }, "type": { "const": "validation-set", "description": "The \"type\" assertion header", "type": "string" } }, "required": [ "type", "authority-id", "series", "account-id", "name", "sequence", "snaps", "sign-key-sha3-384", "timestamp" ], "type": "object" } }, "required": [ "headers" ], "type": "object" }, "type": "array" } }, "required": [ "assertions" ], "type": "object" }