rules: # INFO / METADATA info-title-required: description: OpenAPI info.title must be present severity: error given: "$.info" then: field: title function: truthy info-description-required: description: OpenAPI info.description must be present severity: warn given: "$.info" then: field: description function: truthy info-version-required: description: OpenAPI info.version must be defined severity: error given: "$.info" then: field: version function: truthy info-contact-required: description: API info should include contact information severity: warn given: "$.info" then: field: contact function: truthy # OPENAPI VERSION openapi-version-3x: description: Acronis APIs must use OpenAPI 3.x severity: error given: "$" then: field: openapi function: pattern functionOptions: match: "^3\\." # SERVERS servers-required: description: At least one server must be defined severity: error given: "$" then: field: servers function: truthy servers-https: description: Server URLs must use HTTPS severity: error given: "$.servers[*]" then: field: url function: pattern functionOptions: match: "^https://" servers-acronis-domain: description: Acronis API servers should use acronis.com domain severity: info given: "$.servers[*]" then: field: url function: pattern functionOptions: match: "acronis\\.com" # PATHS paths-no-trailing-slash: description: Paths must not end with a trailing slash severity: error given: "$.paths[*]~" then: function: pattern functionOptions: notMatch: "\\/$" # OPERATIONS operation-summary-required: description: All operations must have a summary severity: error given: "$.paths[*][get,post,put,patch,delete]" then: field: summary function: truthy operation-description-required: description: All operations should have a description severity: warn given: "$.paths[*][get,post,put,patch,delete]" then: field: description function: truthy operation-id-required: description: All operations must have an operationId severity: error given: "$.paths[*][get,post,put,patch,delete]" then: field: operationId function: truthy operation-id-camel-case: description: operationId should use camelCase severity: warn given: "$.paths[*][get,post,put,patch,delete].operationId" then: function: pattern functionOptions: match: "^[a-z][a-zA-Z0-9]*$" operation-tags-required: description: All operations must have at least one tag severity: error given: "$.paths[*][get,post,put,patch,delete]" then: field: tags function: truthy operation-summary-acronis-prefix: description: Operation summaries should start with 'Acronis' severity: info given: "$.paths[*][get,post,put,patch,delete].summary" then: function: pattern functionOptions: match: "^Acronis " operation-microcks-extension: description: Operations should have x-microcks-operation for mock testing severity: info given: "$.paths[*][get,post,put,patch,delete]" then: field: x-microcks-operation function: truthy # TAGS tags-global-defined: description: Global tags array should be defined severity: warn given: "$" then: field: tags function: truthy tags-description-required: description: All global tags should have descriptions severity: warn given: "$.tags[*]" then: field: description function: truthy # PARAMETERS parameter-description-required: description: All parameters should have a description severity: warn given: "$.paths[*][get,post,put,patch,delete].parameters[*]" then: field: description function: truthy parameter-schema-required: description: All parameters must have a schema severity: error given: "$.paths[*][get,post,put,patch,delete].parameters[*]" then: field: schema function: truthy # RESPONSES response-success-required: description: All operations must define at least one 2xx response severity: error given: "$.paths[*][get,post,put,patch,delete].responses" then: function: schema functionOptions: schema: type: object anyOf: - required: ["200"] - required: ["201"] - required: ["204"] response-description-required: description: All responses must have a description severity: error given: "$.paths[*][get,post,put,patch,delete].responses[*]" then: field: description function: truthy response-401-required: description: Protected endpoints should define 401 responses severity: warn given: "$.paths[*][get,post,put,patch,delete].responses" then: function: schema functionOptions: schema: type: object required: ["401"] # SCHEMAS schema-description-required: description: Top-level schemas should have descriptions severity: warn given: "$.components.schemas[*]" then: field: description function: truthy schema-type-required: description: Schema properties should define types severity: warn given: "$.components.schemas[*].properties[*]" then: field: type function: truthy schema-property-description: description: Schema properties should have descriptions severity: info given: "$.components.schemas[*].properties[*]" then: field: description function: truthy schema-property-example: description: Schema properties should have examples severity: info given: "$.components.schemas[*].properties[*]" then: field: example function: truthy # SECURITY security-schemes-defined: description: Security schemes must be defined severity: error given: "$" then: field: components.securitySchemes function: truthy security-bearer-scheme: description: Acronis APIs use bearer token authentication severity: info given: "$.components.securitySchemes[*]" then: field: type function: pattern functionOptions: match: "http|oauth2" # HTTP METHOD CONVENTIONS get-no-request-body: description: GET operations must not have a request body severity: error given: "$.paths[*].get" then: field: requestBody function: falsy delete-returns-204: description: DELETE operations should return 204 No Content severity: warn given: "$.paths[*].delete.responses" then: function: schema functionOptions: schema: type: object required: ["204"] # ACRONIS-SPECIFIC tenant-id-parameter: description: Endpoints that scope to a tenant should include tenant_id parameter severity: info given: "$.paths[*][get]" then: field: parameters function: truthy # GENERAL QUALITY no-empty-descriptions: description: Descriptions must not be empty severity: error given: "$..description" then: function: pattern functionOptions: match: ".+"