-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathabstract-api-spectral-rules.yml
More file actions
317 lines (283 loc) · 7.86 KB
/
abstract-api-spectral-rules.yml
File metadata and controls
317 lines (283 loc) · 7.86 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
rules:
# INFO / METADATA
info-title-required:
description: Info title must be present and start with "Abstract API"
severity: error
given: '$.info'
then:
field: title
function: pattern
functionOptions:
match: '^Abstract API'
info-description-required:
description: Info description must be present
severity: error
given: '$.info'
then:
field: description
function: truthy
info-version-required:
description: Info version must be present
severity: error
given: '$.info'
then:
field: version
function: truthy
# OPENAPI VERSION
openapi-version-3:
description: Must use OpenAPI 3.0.x
severity: error
given: '$'
then:
field: openapi
function: pattern
functionOptions:
match: '^3\.0\.'
# SERVERS
servers-required:
description: At least one server must be defined
severity: error
given: '$'
then:
field: servers
function: truthy
servers-https-only:
description: All server URLs must use HTTPS
severity: error
given: '$.servers[*]'
then:
field: url
function: pattern
functionOptions:
match: '^https://'
servers-abstractapi-domain:
description: Server URLs should be under abstractapi.com domain
severity: warn
given: '$.servers[*]'
then:
field: url
function: pattern
functionOptions:
match: 'abstractapi\.com'
# PATHS — NAMING CONVENTIONS
paths-kebab-case:
description: Path segments must use kebab-case (lowercase with hyphens)
severity: warn
given: '$.paths'
then:
field: '@key'
function: pattern
functionOptions:
match: '^(\/[a-z0-9_\-\{\}]*)*$'
paths-no-trailing-slash:
description: Paths must not have trailing slashes (except root /)
severity: warn
given: '$.paths'
then:
field: '@key'
function: pattern
functionOptions:
notMatch: '.+\/$'
# OPERATIONS
operation-summary-required:
description: Every operation must have a summary
severity: error
given: '$.paths[*][get,post,put,patch,delete]'
then:
field: summary
function: truthy
operation-summary-title-case:
description: Operation summary must start with "Abstract API"
severity: warn
given: '$.paths[*][get,post,put,patch,delete]'
then:
field: summary
function: pattern
functionOptions:
match: '^Abstract API'
operation-description-required:
description: Every operation must have a description
severity: error
given: '$.paths[*][get,post,put,patch,delete]'
then:
field: description
function: truthy
operation-id-required:
description: Every operation must have an operationId
severity: error
given: '$.paths[*][get,post,put,patch,delete]'
then:
field: operationId
function: truthy
operation-id-camel-case:
description: operationId must use camelCase
severity: warn
given: '$.paths[*][get,post,put,patch,delete]'
then:
field: operationId
function: pattern
functionOptions:
match: '^[a-z][a-zA-Z0-9]+$'
operation-tags-required:
description: Every operation must have at least one tag
severity: error
given: '$.paths[*][get,post,put,patch,delete]'
then:
field: tags
function: truthy
operation-microcks-extension:
description: Operations should have x-microcks-operation extension for mock server compatibility
severity: info
given: '$.paths[*][get,post,put,patch,delete]'
then:
field: x-microcks-operation
function: truthy
# TAGS
tags-title-case:
description: Tags should use Title Case
severity: warn
given: '$.tags[*]'
then:
field: name
function: pattern
functionOptions:
match: '^[A-Z]'
# PARAMETERS
parameter-description-required:
description: Every parameter must have a description
severity: error
given: '$.paths[*][get,post,put,patch,delete].parameters[*]'
then:
field: description
function: truthy
parameter-api-key-query:
description: Abstract API uses api_key as the query parameter name for authentication
severity: warn
given: '$.paths[*][get,post,put,patch,delete].parameters[?(@.name == "api_key")]'
then:
field: in
function: enumeration
functionOptions:
values:
- query
- header
parameter-schema-required:
description: Every parameter must have a schema with type
severity: error
given: '$.paths[*][get,post,put,patch,delete].parameters[*]'
then:
field: schema
function: truthy
parameter-example-recommended:
description: Parameters should have example values
severity: info
given: '$.paths[*][get,post,put,patch,delete].parameters[*]'
then:
field: example
function: truthy
# RESPONSES
response-success-required:
description: Every operation must have a 2xx success response
severity: error
given: '$.paths[*][get,post,put,patch,delete].responses'
then:
function: schema
functionOptions:
schema:
anyOf:
- required: ['200']
- required: ['201']
- required: ['204']
response-401-required:
description: Operations secured with API key should document 401 response
severity: warn
given: '$.paths[*][get,post,put,patch,delete].responses'
then:
field: '401'
function: truthy
response-429-recommended:
description: Rate-limited APIs should document 429 response
severity: info
given: '$.paths[*][get,post,put,patch,delete].responses'
then:
field: '429'
function: truthy
response-description-required:
description: Every response must have a description
severity: error
given: '$.paths[*][get,post,put,patch,delete].responses[*]'
then:
field: description
function: truthy
# SCHEMAS — PROPERTY NAMING
schema-property-description:
description: Schema properties should have descriptions
severity: info
given: '$.components.schemas[*].properties[*]'
then:
field: description
function: truthy
schema-property-example:
description: Schema properties should have example values
severity: info
given: '$.components.schemas[*].properties[*]'
then:
field: example
function: truthy
schema-top-level-description:
description: Top-level schemas should have descriptions
severity: warn
given: '$.components.schemas[*]'
then:
field: description
function: truthy
# SECURITY
security-schemes-defined:
description: Security schemes must be defined in components
severity: error
given: '$'
then:
field: components.securitySchemes
function: truthy
security-api-key-scheme:
description: Abstract API uses apiKey security scheme
severity: warn
given: '$.components.securitySchemes[*]'
then:
field: type
function: enumeration
functionOptions:
values:
- apiKey
- http
# HTTP METHOD CONVENTIONS
get-no-request-body:
description: GET operations must not have a request body
severity: error
given: '$.paths[*].get'
then:
field: requestBody
function: falsy
delete-no-request-body:
description: DELETE operations should not have a request body
severity: warn
given: '$.paths[*].delete'
then:
field: requestBody
function: falsy
# GENERAL QUALITY
no-empty-descriptions:
description: Descriptions must not be empty strings
severity: error
given: '$..description'
then:
function: pattern
functionOptions:
match: '.+'
generated-from-docs-marked:
description: Generated specs should be marked with x-generated-from
severity: info
given: '$.info'
then:
field: x-generated-from
function: truthy