feat: allow HTTP requests with effective subnet ID#6224
Conversation
github-actions
Bot
added
the
interface-spec
There was a problem hiding this comment.
Pull request overview
This PR updates the IC HTTPS interface specification to allow submitting update calls using an effective subnet ID in the URL (in addition to effective canister IDs), primarily to support create_canister submissions by subnet admins.
Changes:
- Document new
/api/v2/subnet/<effective_subnet_id>/calland/api/v4/subnet/<effective_subnet_id>/callendpoints alongside existing canister call endpoints. - Add a new “Effective subnet id” section and corresponding formalization (
is_effective_subnet_id). - Extend the formal state-transition and read_state access-control rules to cover subnet-call submission and request-status polling.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
This PR adds a new public HTTP endpoint `/api/v4/subnet/<effective_subnet_id>/call` on the replica that supports call to the `create_canister` endpoint of the management canister (`aaaaa-aa`). It is specified in this [PR](dfinity/portal#6224). --------- Co-authored-by: IDX GitHub Automation <infra+github-automation@dfinity.org>
…RL (dfinity#9977) This PR adds a new public HTTP endpoint `/api/v3/subnet/<effective_subnet_id>/query` on the replica that supports call to the `list_canisters` endpoint of the management canister (`aaaaa-aa`). It is specified in this [PR](dfinity/portal#6224). Note. PocketIC support will be added in a separate PR. --------- Co-authored-by: Leo Eichhorn <99166915+eichhorl@users.noreply.github.com>
…dfinity#9982) This PR enables to retrieve the status of an (asynchronous) update call via the (existing) public HTTP endpoint `/api/v3/subnet/<effective_subnet_id>/read_state` on the replica. It is specified in this [PR](dfinity/portal#6224). In more detail, this PR is needed if the synchronous update call endpoint `/api/v4/subnet/.../call` returns 202 and thus the user needs to process the update call (to create canister as nothing else is allowed on `/api/v4/subnet/.../call`) asynchronously (by polling `/api/v3/subnet/.../read_state` for the `/request_status/...`). --------- Co-authored-by: IDX GitHub Automation <infra+github-automation@dfinity.org>
|
@r-birkner The replica implementation of this PR has been merged to master of |
…finity#10008) This PR adds PocketIC support for the new HTTP endpoints - `/api/v4/subnet/<effective_subnet_id>/call`; - `/api/v3/subnet/<effective_subnet_id>/query`; specified in this [PR](dfinity/portal#6224). Tests will be added once the new endpoints are supported in `ic-agent`.
There was a problem hiding this comment.
Pull request overview
Updates the IC interface specification to document and formally specify new subnet-scoped HTTPS endpoints that accept an effective subnet ID directly in the URL, improving the UX for subnet-admin canister creation and canister enumeration flows.
Changes:
- Document
/api/v4/subnet/<effective_subnet_id>/callas a restricted management-canister canister-creation endpoint. - Document
/api/v3/subnet/<effective_subnet_id>/queryas a restricted management-canisterlist_canistersendpoint. - Extend the formal spec and access-control rules around effective subnet IDs and subnet
read_staterequest-status access.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Updates the IC HTTPS interface specification to allow subnet-admin operations to be addressed by effective subnet ID in the request URL (for canister creation and subnet canister enumeration), reducing the need for dummy canister IDs for routing.
Changes:
- Document new endpoints
/api/v4/subnet/<effective_subnet_id>/calland/api/v3/subnet/<effective_subnet_id>/querywith restricted Management Canister usage. - Extend the read_state and certification/verification text to cover subnet-scoped requests and subnet query signature verification.
- Add/extend formal rules for “effective subnet id” and subnet-scoped call submission and read_state access control.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
This PR updates the IC HTTPS interface specification to allow subnet-admin management calls to be routed via URLs containing an effective subnet ID (instead of using a dummy effective canister ID from routing-table ranges), improving ergonomics for canister creation and subnet canister enumeration.
Changes:
- Document new endpoints
/api/v4/subnet/<effective_subnet_id>/calland/api/v3/subnet/<effective_subnet_id>/query, and clarify their restricted scope (Management Canister only). - Extend certificate/verification and effective-id rules to cover subnet-scoped calls/queries and subnet-scoped
read_staterequest-status polling. - Add a formal transition for submitting a subnet-scoped management
callto/api/v4/subnet/<ESID>/call.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Updates the IC HTTPS interface specification to support submitting certain management-canister calls via URLs that use an effective subnet ID (instead of a “dummy” effective canister ID), aligning the documented API surface with the intended subnet-admin workflows.
Changes:
- Document new endpoints
/api/v4/subnet/<effective_subnet_id>/call(restricted canister-creation updates) and/api/v3/subnet/<effective_subnet_id>/query(restrictedlist_canistersquery). - Extend the spec with “Effective subnet id” rules and update certificate verification predicates for subnet queries.
- Add formal state/spec transitions and access-control rules related to subnet-scoped requests (including
subnet_adminsand request submission semantics).
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
This PR updates the IC HTTPS interface specification to allow submitting restricted management-canister operations via subnet-scoped URLs that carry an effective subnet ID, improving the admin/developer workflow for canister creation and subnet canister enumeration.
Changes:
- Document new subnet-scoped endpoints:
/api/v4/subnet/<effective_subnet_id>/calland/api/v3/subnet/<effective_subnet_id>/query. - Extend/update spec text and formal predicates to define “effective subnet id” handling and corresponding certificate verification logic.
- Update the abstract state model/spec transitions to incorporate subnet-admin authorization for these subnet-scoped operations.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This PR enables update calls (to create a canister by subnet admins) and query calls (to list all canisters on a subnet by subnet admins) to be submitted to URLs with the (effective) subnet ID on which the canister is created or whose canisters should be enumerated (instead of a dummy canister ID from the canister ranges of the subnet according to the routing table). This streamlines the developer experience.
New endpoints:
/api/v4/subnet/<effective_subnet_id>/call;/api/v3/subnet/<effective_subnet_id>/query.Modified (existing) endpoints:
/api/v3/subnet/<effective_subnet_id>/read_state.