Credentials and Parameters should have the same structure

[astrieanna]

Currently, credentials cannot have definitions and cannot apply to only some actions. Parameters can do both of these things.

Since the main difference between credentials and parameters is the semantic one (does the invocation image use the credentials or does the application-being-installed), I think these should be identical in structure in the bundle.

This would also impact stateless custom actions: they would no longer need to bypass the runtime checking for required credentials because the credentials could indicate what actions they apply to.

cc @youreddy

[carolynvs]

I agree that if they are supposed to only be semantically different, it would really help if they had the same capabilities.

Also it's super annoying to have to specify credentials for actions that don't need them. 😀

[jeremyrickard]

I'm super in favor of this, thanks for opening @astrieanna.

I think this introduces a question, we've made the spec 1.0. Does this necessitate a 1.1? Thoughts @technosophos? I'm happy to open a new milestone for 1.1 and we can start tracking things.

[technosophos]

It would need a 1.1, which is fine with me. If it introduces backward compatibility breaks, it would need a 2.0, so I would prefer not to do that. But... judging by the description of what @astrieanna would like to change, I don't think we'll have any breaking changes.

[technosophos]

This issue seems to be dead. Is anyone working on it?