Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update versioning section in api design guidelines #215

Merged
merged 15 commits into from
Jun 19, 2024
Merged

Update versioning section in api design guidelines #215

Changes from 6 commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
05ffc4e
Update API-design-guidelines.md
tanjadegroot May 16, 2024
02b78ef
Update API-design-guidelines.md
tanjadegroot May 17, 2024
2cdfba6
Merge branch 'Update-versioning-section-in-API-design-guidelines' int…
tanjadegroot May 19, 2024
86969e4
Merge pull request #1 from nokia/tanjadegroot-patch-1
tanjadegroot May 20, 2024
ed7035c
Update API-design-guidelines.md
tanjadegroot May 20, 2024
142c5f6
Update API-design-guidelines.md
tanjadegroot May 24, 2024
8e2c4e6
Update documentation/API-design-guidelines.md
tanjadegroot Jun 11, 2024
633bc14
Update API-design-guidelines.md
tanjadegroot Jun 11, 2024
f1ef812
Update API-design-guidelines.md - removing release aspects
tanjadegroot Jun 12, 2024
50bc2f7
Delete documentation/Camara_Versioning_Guidelines.md
tanjadegroot Jun 12, 2024
b817b7d
Update API-design-guidelines.md
tanjadegroot Jun 12, 2024
528f320
Update README.md
tanjadegroot Jun 12, 2024
85ceb7a
Update API-design-guidelines.md
tanjadegroot Jun 13, 2024
8f1ffc6
Update API-design-guidelines.md
tanjadegroot Jun 14, 2024
0556740
Update documentation/API-design-guidelines.md
tanjadegroot Jun 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
130 changes: 91 additions & 39 deletions documentation/API-design-guidelines.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,10 @@ This document captures guidelines for the API design in CAMARA project. These gu
- [4.1 URL Definition](#41-url-definition)
- [4.2 Input/Output Resource Definition](#42-inputoutput-resource-definition)
- [5. Versioning](#5-versioning)
- [5.1 Versioning Strategy](#51-versioning-strategy)
- [5.2 Backwards and Forward Compatibility](#52-backwards-and-forward-compatibility)
- [5.1 API version (OAS Info object)](#51-api-version-oas-info-object)
- [5.2 API version in URL (OAS servers object)](#52-api-version-in-url-oas-servers-object)
- [5.3 API versions throughout the release process](#53-api-versions-throughout-the-release-process)
- [5.4 Backwards and Forward Compatibility](#54-backwards-and-forward-compatibility)
- [6. Error Responses](#6-error-responses)
- [7. Common Data Types](#7-common-data-types)
- [8. Pagination, Sorting and Filtering](#8-pagination-sorting-and-filtering)
Expand Down Expand Up @@ -537,45 +539,85 @@ These considerations are below:

## 5. Versioning

### 5.1 Versioning Strategy
Versioning is a practice by which, when a change occurs in the API, a new version of that API is released so that the new version and the previous one coexists for a certain period of time.

Service versioning is a practice by which, when a change occurs in the API of a service, a new version of that service is released so that the new version and the previous one coexists for a certain period of time.
API versions use a numbering scheme in the format: x.y.z

Consumers will be migrated to the new version of the service sequentially. When everyone is consuming the latest version of the service, the previous version is removed.
* x, y and z are numbers corresponding to MAJOR, MINOR and PATCH versions.
* MAJOR, MINOR and PATCH refer to the types of changes made to an API through its evolution.
* Depending on the change type, the corresponding number is incremented.
* This is defined in the [Semantic Versioning 2.0.0 (semver.org)](https://semver.org/) standard.

Consumers can distinguish between one version of the service and another, the technique of adding the API version to the context of the base URL will be used, since this technique is the most used in the main reference APIs.
### 5.1 API version (OAS Info object)

The structure of the URL would have the following form:
```http
https://host:port/api/v1/resource
The API version is defined in the "version" field (in the Info object) of the OAS definition file of an API. 

```yaml
info:
title: Number Verification
description: text describing the API
version: 2.2.0  
...
```

In line with Semantic Versioning 2.0.0, the API with MAJOR.MINOR.PATCH version number, increments as follows:

1. The MAJOR version when an incompatible / breaking API change is introduced
2. The MINOR version when functionality is added that is backwards compatible
3. The PATCH version when backward compatible bugs are fixed

For more details on MAJOR, MINOR and PATCH versions, and how to evolve API versions, please see [versioning in the API release process](https://wiki.camaraproject.org/x/a4BaAQ) in the Release Management wiki. 

It is recommended to avoid breaking backwards compatibility unless strictly necessary: new versions should be backwards compatible with previous versions. More information on how to avoid breaking changes can be found below.

### 5.2 API version in URL (OAS servers object)

The OAS file also defines the API version used in the URL of the API endpoint (in the servers object).

The API version in the URL only includes the "x" (MAJOR version) number of the API version as follows:

```yaml
servers:
    url: {apiRoot}/qod/v2
```

NOTE: CAMARA exceptionally allows to use both the MAJOR and the MINOR version number (v0.y) separated by a dot (".") in initial API versions (x=0) in the API version in the URL.

This allows for test and usage of initial API versions as they are evolving rapidly, e.g. /qod/v0.10, or /qod/v0.11alpha1. However, it should be acknowledged that any initial API version may change.

When we version through the URL, only the "MAJOR version" is included since this would change when a change incompatible with the previous version occurs.
### 5.3 API versions throughout the release process

API implementation versioning will follow semantic versioning. Given a `MAJOR.MINOR.PATCH` version number, it increments:
1) The `MAJOR` version when you make an incompatible API change.
2) The `MINOR` version when you add functionality that is backwards compatible.
3) The `PATCH` version when you fix backward compatible bugs.
In preparation for its public-release, an API will go through various intermediate versions indicated by version extensions: alpha and release-candidate.

Related to the versioning of rest parts involved in Apification projects, best practises are detailed below:
Overall, an API can have any of the following versions:

SHARED CODE ON REPOSITORIES
* work-in-progress (wip) API versions used during the development of an API before the first pre-release or in between pre-releases. Such API versions cannot be released and are not usable by API consumers.
* alpha (x.y.z-alpha.m) API versions (with extensions) for CAMARA internal API rapid development purposes
* release-candidate (x.y.z-rc.n) API versions (with extensions) for CAMARA internal API release bug fixing purposes
* public-release (x.y.z) API versions for publication as part of a meta-release. These API versions only have API version number x.y.z (semver 2.0), no extension. The public-release API can have one of two maturity states: 
* initial - indicating that the API is still not fully stable (x=0)
* stable - indicate that the API has reached a certain level of maturity (x>0)

1) MAJOR - Major of API Contract
2) MINOR - Minor of API Contract
3) PATCH - New Updates / Contributions of shared code
The following table gives the values of the API version (Info object) and the API version in the URL used in the release process of the API, and dependent on whether it is an initial API version (x=0) or a stable API version (x>0).

MICROSERVICE DEPLOYMENTS (NOT MANDATORY BUT RECOMMENDED)
| API version in  release process | API version | initial (x=0) API version in URL | stable (x>0) API version in URL | API version can be released |
|---------------|:------:|:------:|:------:|:------:|
| work-in-progress | wip | vwip | vwip | No |
| alpha | x.y.z-alpha.m | v0.yalpham | vxalpham |Yes (internal) |
| release-candidate | x.y.z-rc.n | v0.yrcn | vxrcn | Yes (internal) |
| public-release | x.y.z | v0.y | vx | Yes |

1) MAJOR - Major of API Contract
2) MINOR - Minor of API Contract
3) PATCH - New Microservice Deployments
Precedence examples:

* 1.0.0 < 2.0.0 < 2.1.0 < 2.1.1 < 3.0.0.
* 0.1.0 < 0.2.0-alpha.1 < 0.2.0-alpha.2 < 0.2.0-rc.1 < 0.2.0-rc.2 < 0.2.0 (initial public-release)
* 1.0.0 < 1.1.0-alpha.1 < 1.1.0-alpha.2 < 1.1.0-rc.1 < 1.1.0-rc.2 < 1.1.0 (stable public-release)

### 5.2 Backwards and Forward Compatibility
For more information, please see [API versioning](https://wiki.camaraproject.org/x/a4BaAQ) in the Release Management project Wiki.

Avoid breaking backwards compatibility unless strictly necessary, that means, new versions should be compatible with previous versions.
### 5.4 Backwards and Forward Compatibility

Avoid breaking backwards compatibility, unless strictly necessary, means that new versions should be compatible with previous versions.

Bearing in mind that APIs are continually evolving and certain operations will no longer be supported, the following considerations must be taken into account:

Expand All @@ -585,30 +627,36 @@ Bearing in mind that APIs are continually evolving and certain operations will n
- Remove deprecated APIs documentation.
- Never start using already deprecated APIs.

<font size="3"><span style="color: blue"> Types of modification: </span></font>

<font size="3"><span style="color: blue"> Types of modification </span></font>
- Not all API changes have an impact on API consumers. Such changes are referred to as backward compatible changes.
- If the API undergoes changes of this type, it shall be provided through a maintenance-release which will replace the current one.
- Consumers shall be notified of the new release so that they take them into account.

Not all API changes have an impact on API consumers. These changes are often referred to as backward compatible changes. If the API undergoes changes of this type, it should not be necessary to release a new version, it will suffice to replace the current one. What would be very convenient is to notify our consumers with the new changes so that they take them into account.
Backward compatible changes to an API that **DO NOT** affect consumers:

This is a list of changes to an API that **DO NOT** affect consumers:
- Adding a new endpoint
- Adding new operations on a resource (`PUT`, `POST`, ...).
- Adding optional input parameters to requests on existing resources. For example, adding a new filter parameter in a GET on a collection of resources.
- Changing an input parameter from reqmandatory to optional. For example: when creating a resource, a property of said resource that was previously mandatory becomes optional.
- Adding new properties in the representation of a resource returned by the server. For example, adding a new age field to a Person resource, which originally was made up of nationality and name.

- Add new operations to the service. Translated to REST, it would be to add new actions on a resource (`PUT`, `POST`, ...).
- Add optional input parameters to requests on existing resources. For example, adding a new filter parameter in a GET on a collection of resources.
- Modify input parameters from required to optional. For example: when creating a resource, a property of said resource that was previously mandatory becomes optional.
- Add new properties in the representation of a resource returned by the server. For example, adding a new age field to a Person resource, which originally was made up of nationality and name.
Breaking changes to an API that **DO** affect consumers:

This other list shows changes that **DO** affect consumers:
- Delete operations or actions on a resource. For example: POST requests on a resource are no longer accepted.
- Add new mandatory input parameters. For example: now, to register a resource, a new required field must be sent in the body of the request.
- Modify input parameters from optional to mandatory. For example: when creating a Person resource, the age field, which was previously optional, is now mandatory.
- Modify a parameter in existing operations (resource verbs). Also applicable to parameter removal. For example, when consulting a resource, a certain field is no longer returned. Another example: a field that was previously a string is now numeric.
- Add new responses to existing operations. For example: creating a resource can return a 412 response code.
- Deleting operations or actions on a resource. For example: POST requests on a resource are no longer accepted.
- Adding new mandatory input parameters. For example: now, to register a resource, a new required field must be sent in the body of the request.
- Modifying or removing an endpoint (breaks existing queries)
- Changing input parameters from optional to mandatory. For example: when creating a Person resource, the age field, which was previously optional, is now mandatory.
- Modifying or removing a mandatory parameter in existing operations (resource verbs). For example, when consulting a resource, a certain field is no longer returned. Another example: a field that was previously a string is now numeric.
- Modifying or adding new responses to existing operations. For example: creating a resource can return a 412 response code.

<font size="3"><span style="color: blue"> Compatibility management </span></font>

Tho ensure this compatibility, the following must be followed.

**As API producer**:
**As API provider**:
- Never change an endpoint name; instead, add a new one and mark the original one for deprecation in a minor release and remove it in a later major release (see semver FAQ entry: https://semver.org/#how-should-i-handle-deprecating-functionality)
- If possible, do the same for attributes
- New fields should always be added as optional.
- Postel's Law: “<em>Be conservative in what you do, be liberal in what you accept from others</em>”. When you have input fields that need to be removed, mark them as unused, so they can be ignored.
- Do not change the field’s semantics.
Expand All @@ -617,6 +665,10 @@ Tho ensure this compatibility, the following must be followed.
- If you use collections that can be returned with no content, then answer with an empty collection and not null.
- Layout pagination support from the start.

Make the information available:
- provide an access to the new API version definition file (via a link or dedicated endpoint)
- if possible, do the same to obtain the currently implemented API version definition file

**As API consumer**:
- Tolerant reader: if it does not recognize a field when faced with a response from a service, do not process it, but record it through the log (or resend it if applicable).
- Ignore fields with null values.
Expand Down