Change should to must for Resources #926
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am not sure if this is clear.
I am guessing the intent here is to enforce existence of
getunless justified otherwise.As in: "do not leave this field blank" Either implement or justify why not. Right?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it a field or an rpc?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
metafor for RPC
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reasons to not provide a Get method cannot not be open-ended. There must be a specified set of permitted exceptions and specific guidance regarding what to do for each exceptional case instead.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm confused by this wording also.... It sounds like we're saying "You must unless ", which is not what "must" means... We copy RFC-2119 (as stated in AIP-8), so if we're going to make this must, there can be no exceptions. If we want exceptions, this must remain as "should". I also agree it should be should.
Assuming that it remains "should", I agree with @bgrant0607 that we should be explicit about guidance for not providing a Get method. Do we have a list of those cases? If not, we might have to leave it ambiguous and circle back with a list of specific exceptions based on our experience.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The omission of Get from https://google.aip.dev/128 was an oversight. We could constrain "must" to declarative-friendly APIs.
Are there legitimate cases for not providing Get of a resource, at least for new services? Good question. I'm not aware of any offhand.
One case that comes up is resources containing sensitive data. However, sensitive user data really should not be represented in resource attributes. Resources ideally should be considered non-sensitive "metadata" rather than user data. Sensitive user data belongs in an appropriate storage system like a secret manager.
Other cases I'm aware of require performing a List, then extracting the specific resource in the client. We should definitely recommend against that.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I also don't have one on the top of my head, but I can say for sure there have been scenarios where this came up, and I recall thinking "OK yea, that makes sense. Go ahead."
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The 2 cases I mentioned were the ones I've seen. I would include both and indicate what the recommended alternatives are.
@loudej has thoughts also