Bump, oxide.json to omicron:71fe60ac (#763)

Co-authored-by: oxide-reflector-bot[bot] <130185838+oxide-reflector-bot[bot]@users.noreply.github.com>

Author: oxide-reflector-bot[bot]

cli/docs/cli.json

@@ -4176,6 +4176,7 @@
             {
               "name": "update",
               "about": "Replace firewall rules",
+              "long_about": "The maximum number of rules per VPC is 1024.\nTargets are used to specify the set of instances to which a firewall rule applies. You can target instances directly by name, or specify a VPC, VPC subnet, IP, or IP subnet, which will apply the rule to traffic going to all matching instances. Targets are additive: the rule applies to instances matching ANY target. The maximum number of targets is 256.\nFilters reduce the scope of a firewall rule. Without filters, the rule applies to all packets to the targets (or from the targets, if it's an outbound rule). With multiple filters, the rule applies only to packets matching ALL filters. The maximum number of each type of filter is 256.",
               "args": [
                 {
                   "long": "json-body",

cli/src/generated_cli.rs

@@ -5074,6 +5074,17 @@ impl<T: CliConfig> Cli<T> {
                     .help("XXX"),
             )
             .about("Replace firewall rules")
+            .long_about(
+                "The maximum number of rules per VPC is 1024.\nTargets are used to specify the \
+                 set of instances to which a firewall rule applies. You can target instances \
+                 directly by name, or specify a VPC, VPC subnet, IP, or IP subnet, which will \
+                 apply the rule to traffic going to all matching instances. Targets are additive: \
+                 the rule applies to instances matching ANY target. The maximum number of targets \
+                 is 256.\nFilters reduce the scope of a firewall rule. Without filters, the rule \
+                 applies to all packets to the targets (or from the targets, if it's an outbound \
+                 rule). With multiple filters, the rule applies only to packets matching ALL \
+                 filters. The maximum number of each type of filter is 256.",
+            )
     }
 
     pub fn cli_vpc_router_route_list() -> clap::Command {

oxide.json

@@ -8297,6 +8297,7 @@
           "vpcs"
         ],
         "summary": "Replace firewall rules",
+        "description": "The maximum number of rules per VPC is 1024.\nTargets are used to specify the set of instances to which a firewall rule applies. You can target instances directly by name, or specify a VPC, VPC subnet, IP, or IP subnet, which will apply the rule to traffic going to all matching instances. Targets are additive: the rule applies to instances matching ANY target. The maximum number of targets is 256.\nFilters reduce the scope of a firewall rule. Without filters, the rule applies to all packets to the targets (or from the targets, if it's an outbound rule). With multiple filters, the rule applies only to packets matching ALL filters. The maximum number of each type of filter is 256.",
         "operationId": "vpc_firewall_rules_update",
         "parameters": [
           {
@@ -16026,7 +16027,7 @@
       "L4PortRange": {
         "example": "22",
         "title": "A range of IP ports",
-        "description": "An inclusive-inclusive range of IP ports. The second port may be omitted to represent a single port",
+        "description": "An inclusive-inclusive range of IP ports. The second port may be omitted to represent a single port.",
         "type": "string",
         "pattern": "^[0-9]{1,5}(-[0-9]{1,5})?$",
         "minLength": 1,
@@ -19797,12 +19798,23 @@
       },
       "Units": {
         "description": "Measurement units for timeseries samples.",
-        "type": "string",
-        "enum": [
-          "count",
-          "bytes",
-          "seconds",
-          "nanoseconds"
+        "oneOf": [
+          {
+            "type": "string",
+            "enum": [
+              "count",
+              "bytes",
+              "seconds",
+              "nanoseconds"
+            ]
+          },
+          {
+            "description": "No meaningful units, e.g. a dimensionless quanity.",
+            "type": "string",
+            "enum": [
+              "none"
+            ]
+          }
         ]
       },
       "User": {
@@ -19917,8 +19929,8 @@
         ]
       },
       "UserId": {
-        "title": "A name unique within the parent collection",
-        "description": "Names must begin with a lower case ASCII letter, be composed exclusively of lowercase ASCII, uppercase ASCII, numbers, and '-', and may not end with a '-'. Names cannot be a UUID, but they may contain a UUID. They can be at most 63 characters long.",
+        "title": "A username for a local-only user",
+        "description": "Usernames must begin with a lower case ASCII letter, be composed exclusively of lowercase ASCII, uppercase ASCII, numbers, and '-', and may not end with a '-'. Usernames cannot be a UUID, but they may contain a UUID. They can be at most 63 characters long.",
         "type": "string",
         "pattern": "^(?![0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$)^[a-z]([a-zA-Z0-9-]*[a-zA-Z0-9]+)?$",
         "minLength": 1,
@@ -20331,7 +20343,7 @@
         "type": "object",
         "properties": {
           "action": {
-            "description": "whether traffic matching the rule should be allowed or dropped",
+            "description": "Whether traffic matching the rule should be allowed or dropped",
             "allOf": [
               {
                 "$ref": "#/components/schemas/VpcFirewallRuleAction"
@@ -20343,15 +20355,15 @@
             "type": "string"
           },
           "direction": {
-            "description": "whether this rule is for incoming or outgoing traffic",
+            "description": "Whether this rule is for incoming or outgoing traffic",
             "allOf": [
               {
                 "$ref": "#/components/schemas/VpcFirewallRuleDirection"
               }
             ]
           },
           "filters": {
-            "description": "reductions on the scope of the rule",
+            "description": "Reductions on the scope of the rule",
             "allOf": [
               {
                 "$ref": "#/components/schemas/VpcFirewallRuleFilter"
@@ -20372,21 +20384,21 @@
             ]
           },
           "priority": {
-            "description": "the relative priority of this rule",
+            "description": "The relative priority of this rule",
             "type": "integer",
             "format": "uint16",
             "minimum": 0
           },
           "status": {
-            "description": "whether this rule is in effect",
+            "description": "Whether this rule is in effect",
             "allOf": [
               {
                 "$ref": "#/components/schemas/VpcFirewallRuleStatus"
               }
             ]
           },
           "targets": {
-            "description": "list of sets of instances that the rule applies to",
+            "description": "Determine the set of instances that the rule applies to",
             "type": "array",
             "items": {
               "$ref": "#/components/schemas/VpcFirewallRuleTarget"
@@ -20403,7 +20415,7 @@
             "format": "date-time"
           },
           "vpc_id": {
-            "description": "the VPC to which this rule belongs",
+            "description": "The VPC to which this rule belongs",
             "type": "string",
             "format": "uuid"
           }
@@ -20438,32 +20450,35 @@
         ]
       },
       "VpcFirewallRuleFilter": {
-        "description": "Filter for a firewall rule. A given packet must match every field that is present for the rule to apply to it. A packet matches a field if any entry in that field matches the packet.",
+        "description": "Filters reduce the scope of a firewall rule. Without filters, the rule applies to all packets to the targets (or from the targets, if it's an outbound rule). With multiple filters, the rule applies only to packets matching ALL filters. The maximum number of each type of filter is 256.",
         "type": "object",
         "properties": {
           "hosts": {
             "nullable": true,
-            "description": "If present, the sources (if incoming) or destinations (if outgoing) this rule applies to.",
+            "description": "If present, host filters match the \"other end\" of traffic from the target’s perspective: for an inbound rule, they match the source of traffic. For an outbound rule, they match the destination.",
             "type": "array",
             "items": {
               "$ref": "#/components/schemas/VpcFirewallRuleHostFilter"
-            }
+            },
+            "maxItems": 256
           },
           "ports": {
             "nullable": true,
-            "description": "If present, the destination ports this rule applies to.",
+            "description": "If present, the destination ports or port ranges this rule applies to.",
             "type": "array",
             "items": {
               "$ref": "#/components/schemas/L4PortRange"
-            }
+            },
+            "maxItems": 256
           },
           "protocols": {
             "nullable": true,
             "description": "If present, the networking protocols this rule applies to.",
             "type": "array",
             "items": {
               "$ref": "#/components/schemas/VpcFirewallRuleProtocol"
-            }
+            },
+            "maxItems": 256
           }
         }
       },
@@ -20585,7 +20600,7 @@
         ]
       },
       "VpcFirewallRuleTarget": {
-        "description": "A `VpcFirewallRuleTarget` is used to specify the set of `Instance`s to which a firewall rule applies.",
+        "description": "A `VpcFirewallRuleTarget` is used to specify the set of instances to which a firewall rule applies. You can target instances directly by name, or specify a VPC, VPC subnet, IP, or IP subnet, which will apply the rule to traffic going to all matching instances. Targets are additive: the rule applies to instances matching ANY target.",
         "oneOf": [
           {
             "description": "The rule applies to all instances in the VPC",
@@ -20690,61 +20705,62 @@
         "type": "object",
         "properties": {
           "action": {
-            "description": "whether traffic matching the rule should be allowed or dropped",
+            "description": "Whether traffic matching the rule should be allowed or dropped",
             "allOf": [
               {
                 "$ref": "#/components/schemas/VpcFirewallRuleAction"
               }
             ]
           },
           "description": {
-            "description": "human-readable free-form text about a resource",
+            "description": "Human-readable free-form text about a resource",
             "type": "string"
           },
           "direction": {
-            "description": "whether this rule is for incoming or outgoing traffic",
+            "description": "Whether this rule is for incoming or outgoing traffic",
             "allOf": [
               {
                 "$ref": "#/components/schemas/VpcFirewallRuleDirection"
               }
             ]
           },
           "filters": {
-            "description": "reductions on the scope of the rule",
+            "description": "Reductions on the scope of the rule",
             "allOf": [
               {
                 "$ref": "#/components/schemas/VpcFirewallRuleFilter"
               }
             ]
           },
           "name": {
-            "description": "name of the rule, unique to this VPC",
+            "description": "Name of the rule, unique to this VPC",
             "allOf": [
               {
                 "$ref": "#/components/schemas/Name"
               }
             ]
           },
           "priority": {
-            "description": "the relative priority of this rule",
+            "description": "The relative priority of this rule",
             "type": "integer",
             "format": "uint16",
             "minimum": 0
           },
           "status": {
-            "description": "whether this rule is in effect",
+            "description": "Whether this rule is in effect",
             "allOf": [
               {
                 "$ref": "#/components/schemas/VpcFirewallRuleStatus"
               }
             ]
           },
           "targets": {
-            "description": "list of sets of instances that the rule applies to",
+            "description": "Determine the set of instances that the rule applies to",
             "type": "array",
             "items": {
               "$ref": "#/components/schemas/VpcFirewallRuleTarget"
-            }
+            },
+            "maxItems": 256
           }
         },
         "required": [
@@ -20759,14 +20775,15 @@
         ]
       },
       "VpcFirewallRuleUpdateParams": {
-        "description": "Updateable properties of a `Vpc`'s firewall Note that VpcFirewallRules are implicitly created along with a Vpc, so there is no explicit creation.",
+        "description": "Updated list of firewall rules. Will replace all existing rules.",
         "type": "object",
         "properties": {
           "rules": {
             "type": "array",
             "items": {
               "$ref": "#/components/schemas/VpcFirewallRuleUpdate"
-            }
+            },
+            "maxItems": 1024
           }
         },
         "required": [