import "@typespec/rest"; import "@typespec/http"; import "@azure-tools/typespec-azure-core"; import "@typespec/openapi"; import "@azure-tools/typespec-azure-resource-manager"; import "@azure-tools/typespec-client-generator-core"; import "@typespec/versioning"; using TypeSpec.Rest; using TypeSpec.Http; using Azure.Core; using TypeSpec.OpenAPI; using Azure.ResourceManager; using Azure.ResourceManager.Foundations; using TypeSpec.Versioning; namespace Microsoft.CodeSigning; interface Operations extends Azure.ResourceManager.Operations {} @doc("The status of the current operation.") union ProvisioningState { string, @doc("Resource has been created.") Succeeded: "Succeeded", @doc("Resource creation failed.") Failed: "Failed", @doc("Resource creation was canceled.") Canceled: "Canceled", @doc("Updating in progress.") Updating: "Updating", @doc("Deletion in progress.") Deleting: "Deleting", @doc("Resource creation started.") Accepted: "Accepted", } @doc("Type of the certificate") union ProfileType { string, @doc("Used for signing files which are distributed publicly.") PublicTrust: "PublicTrust", @doc("Used for signing files which are distributed internally within organization or group boundary.") PrivateTrust: "PrivateTrust", @doc("Used for signing CI policy files.") PrivateTrustCIPolicy: "PrivateTrustCIPolicy", @doc("Used for signing files which are run in secure vbs enclave.") VBSEnclave: "VBSEnclave", @doc("Used for signing files for testing purpose.") PublicTrustTest: "PublicTrustTest", } @doc("Status of the certificate profiles.") union CertificateProfileStatus { string, @doc("The certificate profile is active.") Active: "Active", @doc("The certificate profile is disabled.") Disabled: "Disabled", @doc("The certificate profile is suspended.") Suspended: "Suspended", } @doc("Status of the certificate") union CertificateStatus { string, @doc("The certificate is active.") Active: "Active", @doc("The certificate is expired.") Expired: "Expired", @doc("The certificate is revoked.") Revoked: "Revoked", } @doc("Revocation status of the certificate.") union RevocationStatus { string, @doc("Certificate revocation succeeded.") Succeeded: "Succeeded", @doc("Certificate revocation is in progress.") InProgress: "InProgress", @doc("Certificate revocation failed.") Failed: "Failed", } @doc("Name of the sku.") union SkuName { string, @doc("Basic sku.") Basic: "Basic", @doc("Premium sku.") Premium: "Premium", } @doc("The reason that an artifact signing account name could not be used. The Reason element is only returned if nameAvailable is false.") union NameUnavailabilityReason { string, @doc("Account name is invalid") AccountNameInvalid: "AccountNameInvalid", @doc("Account name already exists") AlreadyExists: "AlreadyExists", } @doc("Properties of the artifact signing account.") model CodeSigningAccountProperties { @doc("The URI of the artifact signing account which is used during signing files.") @visibility(Lifecycle.Read) accountUri?: string; @doc("SKU of the artifact signing account.") sku?: AccountSku; @doc("Status of the current operation on artifact signing account.") @visibility(Lifecycle.Read) provisioningState?: ProvisioningState; } @doc("SKU of the artifact signing account.") model AccountSku { @doc("Name of the SKU.") name: SkuName; } @doc("Parameters for creating or updating an artifact signing account.") model CodeSigningAccountPatch { #suppress "@azure-tools/typespec-azure-resource-manager/arm-no-record" "existing API" @doc("Resource tags.") tags?: Record; @doc("Properties of the artifact signing account.") properties?: CodeSigningAccountPatchProperties; } @doc("Properties of the artifact signing account.") model CodeSigningAccountPatchProperties { @doc("SKU of the artifact signing account.") @typeChangedFrom(Versions.v2024_09_30_preview, AccountSku) sku?: AccountSkuPatch; } @doc("SKU of the artifact signing account.") @added(Versions.v2024_09_30_preview) model AccountSkuPatch { @doc("Name of the SKU.") name?: SkuName; } @doc("Properties of the certificate profile.") model CertificateProfileProperties { @doc("Profile type of the certificate.") profileType: ProfileType; @removed(Versions.v2024_09_30_preview) @doc("Used as CN in the certificate subject name.") @visibility(Lifecycle.Read) commonName?: string; @removed(Versions.v2024_09_30_preview) @doc("Used as O in the certificate subject name.") @visibility(Lifecycle.Read) organization?: string; @removed(Versions.v2024_09_30_preview) @doc("Used as OU in the private trust certificate subject name.") @visibility(Lifecycle.Read) organizationUnit?: string; @removed(Versions.v2024_09_30_preview) @doc("Used as STREET in the certificate subject name.") @visibility(Lifecycle.Read) streetAddress?: string; @doc("Whether to include STREET in the certificate subject name.") includeStreetAddress?: boolean = false; @removed(Versions.v2024_09_30_preview) @doc("Used as L in the certificate subject name.") @visibility(Lifecycle.Read) city?: string; @doc("Whether to include L in the certificate subject name. Applicable only for private trust, private trust ci profile types") includeCity?: boolean = false; @removed(Versions.v2024_09_30_preview) @doc("Used as S in the certificate subject name.") @visibility(Lifecycle.Read) state?: string; @doc("Whether to include S in the certificate subject name. Applicable only for private trust, private trust ci profile types") includeState?: boolean = false; @removed(Versions.v2024_09_30_preview) @doc("Used as C in the certificate subject name.") @visibility(Lifecycle.Read) country?: string; @doc("Whether to include C in the certificate subject name. Applicable only for private trust, private trust ci profile types") includeCountry?: boolean = false; @removed(Versions.v2024_09_30_preview) @doc("Used as PC in the certificate subject name.") @visibility(Lifecycle.Read) postalCode?: string; @doc("Whether to include PC in the certificate subject name.") includePostalCode?: boolean = false; @removed(Versions.v2024_09_30_preview) @doc("Enhanced key usage of the certificate.") @visibility(Lifecycle.Read) enhancedKeyUsage?: string; @doc("Identity validation id used for the certificate subject name.") @madeRequired(Versions.v2024_09_30_preview) identityValidationId: string; @doc("Indicates whether the resource is intended for a specific usage scenario.") @added(Versions.v2026_05_15_preview) programType?: string; @doc("Status of the current operation on certificate profile.") @visibility(Lifecycle.Read) provisioningState?: ProvisioningState; @doc("Status of the certificate profile.") @visibility(Lifecycle.Read) status?: CertificateProfileStatus; @doc("List of renewed certificates.") @visibility(Lifecycle.Read) @identifiers(#[]) certificates?: Certificate[]; } @doc("Properties of the certificate.") model Certificate { @doc("Serial number of the certificate.") serialNumber?: string; @doc("Enhanced key usage of the certificate.") @added(Versions.v2024_09_30_preview) enhancedKeyUsage?: string; @doc("Subject name of the certificate.") subjectName?: string; @doc("Thumbprint of the certificate.") thumbprint?: string; @doc("Certificate created date.") createdDate?: string; @doc("Certificate expiry date.") expiryDate?: string; @doc("Status of the certificate.") status?: CertificateStatus; @doc("Revocations history of a certificate.") revocation?: Revocation; } @doc("Revocation details of the certificate.") model Revocation { @doc("The timestamp when the revocation is requested.") requestedAt?: utcDateTime; @doc("The timestamp when the revocation is effective.") effectiveAt?: utcDateTime; @doc("Reason for revocation.") reason?: string; @doc("Remarks for the revocation.") remarks?: string; @doc("Status of the revocation.") status?: RevocationStatus; @doc("Reason for the revocation failure.") failureReason?: string; } @doc("Defines the certificate revocation properties.") model RevokeCertificate { @doc("Serial number of the certificate.") serialNumber: string; @doc("Thumbprint of the certificate.") thumbprint: string; // FIXME: (utcDateTime) Please double check that this is the correct type for your scenario. @doc("The timestamp when the revocation is effective.") effectiveAt: utcDateTime; @doc("Reason for the revocation.") reason: string; @doc("Remarks for the revocation.") remarks?: string; } @doc("Defines the list of certificates for revocation in certificate profile.") @added(Versions.v2026_05_15_preview) model RevokeCertificateList { @doc("List of certificates to be revoked in a certificate profile.") @identifiers(#[]) revokeCertificates: RevokeCertificate[]; } @doc("The parameters used to check the availability of the artifact signing account name.") model CheckNameAvailability { @doc("The type of the resource, \"Microsoft.CodeSigning/codeSigningAccounts\".") type: string; @doc("Artifact signing account name.") name: string; } @doc("The CheckNameAvailability operation response.") model CheckNameAvailabilityResult { @doc("A boolean value that indicates whether the name is available for you to use. If true, the name is available. If false, the name has already been taken or is invalid and cannot be used.") @visibility(Lifecycle.Read) nameAvailable?: boolean; @doc("The reason that an artifact signing account name could not be used. The Reason element is only returned if nameAvailable is false.") @visibility(Lifecycle.Read) reason?: NameUnavailabilityReason; @doc("An error message explaining the Reason value in more detail.") @visibility(Lifecycle.Read) message?: string; }