[BUG] OpenAPI spec: Lock and Trigger schemas use wrong models for request bodies

[bburda]

Bug report

Steps to reproduce

1. Generate a typed API client from the OpenAPI spec (GET /api/v1/docs)
2. Try to call POST /{entity}/locks (acquire lock) with the generated client
3. The generated Lock model requires id, lock_expiration (ISO datetime), owned - fields that only exist in the response, not the request

Expected behavior

Request and response schemas should be separate when they differ. The acquire lock endpoint should have a dedicated request schema matching what the handler actually accepts.

Actual behavior

Three endpoints use incorrect schemas for request bodies:

1. POST /{entity}/locks (acquire lock)

• OpenAPI spec uses Lock schema for request body
• Lock requires: id (string), lock_expiration (ISO 8601 datetime), owned (boolean)
• Gateway handler (lock_handlers.cpp:150-156) actually expects: {"lock_expiration": <integer_seconds>, "scopes": [...]}
• Generated clients fail with KeyError: 'id' when constructing the request

2. PUT /{entity}/locks/{id} (extend lock)

• Same issue - uses Lock schema for request body
• Should use AcquireLockRequest or a dedicated ExtendLockRequest

3. POST /{entity}/triggers (create trigger)

• TriggerCreateRequest.trigger_condition requires condition_type field
• Need to verify this matches what trigger_handlers.cpp actually parses

Suggested fix

In schema_builder.cpp:

1. Add AcquireLockRequest schema with lock_expiration (integer, seconds) and scopes (optional array of strings)
2. Use AcquireLockRequest for POST /locks request body (keep Lock for response)
3. Use AcquireLockRequest (or dedicated schema) for PUT /locks/{id} request body
4. Verify TriggerCreateRequest.trigger_condition fields match handler expectations

Environment

• ros2_medkit version: 0.4.0
• Spec version: 0.4.0

[bburda]

Additional finding:

4. GET /{entity}/scripts and GET /{entity}/scripts/{id} - parameters_schema not nullable

Gateway sends "parameters_schema": null (script_handlers.cpp:100) when a script has no parameters schema. But the OpenAPI spec defines parameters_schema as a non-nullable object (ScriptMetadataParametersSchema). The generated client calls ScriptMetadataParametersSchema.from_dict(None) which throws TypeError: 'NoneType' object is not iterable.

Fix: Mark parameters_schema as nullable in the OpenAPI spec schema for ScriptMetadata in schema_builder.cpp.

[bburda]

Additional spec gaps found during web UI migration (PR ros2_medkit_web_ui#53)

While migrating the web UI from a hand-maintained REST client to the generated TypeScript client, we found 8 additional spec issues where generated types don't match actual gateway responses. The generated client works at runtime only because transforms cast through unknown.

#	Endpoint/Schema	Problem	Impact
1	DataItem.x-medkit	Typed as Record<string, never> (empty object)	ros2.topic, ros2.type, type_info.schema etc. invisible to types
2	OperationItem.x-medkit	Same empty object	kind, type_info.request/response/goal/result/feedback invisible
3	BulkDataDescriptor.x-medkit	Same empty object	entity_id, reporting_source invisible
4	GET /configurations response	Schema says {items: {id, name, type}[]}	Gateway returns x-medkit.entity_id, x-medkit.ros2.node, x-medkit.parameters[] - completely different shape
5	GET /faults query params	query?: never (no params)	Web UI sends ?status=all - not in spec
6	FaultListItem.first_occurred	Optional in spec	Web UI treats as required - produces "Invalid Date" if absent
7	OperationExecution.status	Enum: pending|running|completed|failed	Gateway may also return succeeded and canceled
8	FaultDetail vs FaultListItem	Different structures undocumented	List: fields at top level. Detail: fields under x-medkit. No type distinction

Items 1-4 are the most impactful - they make the generated type system useless for the richest parts of the API. The fix needs to happen in the gateway's schema_builder.cpp (OpenAPI export) and then regenerated via export-spec.sh + generate.sh in ros2_medkit_clients.