Annotations type in Resource Scheme seems wrong

[zoltan-magyar]

Summary

I am currently using the specification to generate TypeScript interfaces with openapi-typescript. Unfortunately, I stumbled upon a problem with the specification. It seems that annotations are in fact not of type string[], they are rather an object in application/json Content-Type.

Steps to Reproduce

1. Genrate the OSS OpenAPI spec with version 5.3.1
2. Install Conjur OSS with the quickstart (latest Docker image: 1.20.1-4405)
3. Upload a test policy with an annotation (found on CyberArk Blog):

   - !policy
   id: store-n-fetch
   annotations:
   purpose: demonstrate storing & fetching secrets using Conjur
   body:
   - !layer
   - !host_factory
     layers: [ !layer ]
   - !variable secret
   - !permit
     resource: !variable secret
     privilege: [ read, execute ]
     role: !layer

4. Fetch the policy resource through https://localhost:8443/resources/{account}/policy/store-n-fetch
5. Check annotations in the response

Expected Results

An annotations field with the correct type.

Actual Results

The JSON I get back is:

{
    "created_at": "2023-11-29T03:52:06.661+00:00",
    "id": "default:policy:store-n-fetch",
    "owner": "default:user:admin",
    "policy": "default:policy:root",
    "permissions": [],
    "annotations": [
        {
            "name": "purpose",
            "value": "demonstrate storing & fetching secrets using Conjur",
            "policy": "default:policy:root"
        }
    ],
    "policy_versions": []
}

Version/Tag number

• Conjur: 1.20.1-4405
• OpenAPI Spec version: 5.3.1

Environment setup

• Conjur running in Docker using the quickstart (latest Docker image: 1.20.1-4405)
• OpenAPI OSS spec generated following the instructions on the tag 5.3.1 of this repo.