-
Notifications
You must be signed in to change notification settings - Fork 4
/
spectral.yml
100 lines (100 loc) · 3.4 KB
/
spectral.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
extends:
- ["spectral:oas", recommended]
rules:
operation-tag-defined: off
path-must-match-api-standards:
description: API Path must match company API uri standards
message: "{{description}}; {{property}} incorrect. Example: /digital-twin/api/v1/products"
severity: error
resolved: false
given: $.paths[?(!@property.match(/well-known/ig))~]
then:
function: pattern
functionOptions:
match: ^\/([a-z-]+)\/api\/(v[1-9])\/([a-z]+(\w+s\b.*))
servers-must-match-api-standards:
description: Schema and host in URL must match company API standards
message: "{{description}}; {{property}}:{{value}} incorrect. Example: https://live.api.schwarz/digital-twin/api/v1/products"
severity: error
resolved: false
given: "$.servers..url"
then:
function: pattern
functionOptions:
match: ^((http[s]?):\/\/)([a-z]+)([.+])api.schwarz
info-description:
description: Every API must have a global description
message: "OpenAPI object info `description` must be present and at least 100 chars long."
severity: error
given: $.info
then:
- field: description
function: truthy
- field: description
function: length
functionOptions:
min: 100
contact-information:
description: Every API must have a contact containing name, email and a url
message: "{{description}}; property {{property}} is missing"
severity: error
given: $.info.contact
then:
- field: name
function: truthy
- field: email
function: truthy
- field: url
function: truthy
must-have-path:
description: Every API must have at least one path
message: "{{description}}; property `paths` is empty"
severity: error
given: $
then:
- field: paths
function: length
functionOptions:
min: 1
common-responses-unauthorized:
description: Responses should contain common response - 401 (unauthorized)
message: "{{description}}. Missing {{property}}"
severity: error
given: $.paths[?(!@property.match(/well-known/ig))]..responses
then:
- field: '401'
function: truthy
no-http-verbs-in-resources:
description: The HTTP Verbs should not be used in the route path to define different actions on a resource
message: "{{description}}; {{property}} Instead use HTTP verbs to define actions on a resource. Example: PUT - /digital-twin/api/v1/products/42"
severity: error
given: $.paths[?(!@property.match(/well-known/ig))]~
then:
function: pattern
functionOptions:
notMatch: \/(get|post|put|patch|delete)(\/|$)
must-define-example-schema:
description: Every DTO must define at least one example
message: "{{description}}; DTO is lacking an example {{path}}"
severity: error
given: $.components.schemas.*
then:
- function: xor
functionOptions:
properties:
- example
- examples
path-must-specify-tags:
description: Every route must specify at least one tag it belongs to
message: "{{description}}; property tags is missing at: {{path}}"
severity: error
given: $.paths[?(!@property.match(/well-known/ig))][get,post,put,delete,patch,options,head,trace]
then:
- field: tags
function: truthy
- field: tags
function: length
functionOptions:
min: 1
formats:
- oas3