extends:
  - spectral:oas
rules:
  cloudally-info-contact:
    description: API info MUST contain a contact email or URL.
    severity: warn
    given: $.info
    then:
      field: contact
      function: truthy
  cloudally-https-only:
    description: All CloudAlly API servers MUST use HTTPS.
    severity: error
    given: $.servers[*].url
    then:
      function: pattern
      functionOptions:
        match: '^https://'
  cloudally-operation-id:
    description: Operations MUST have an operationId.
    severity: error
    given: $.paths[*][get,post,put,delete,patch]
    then:
      field: operationId
      function: truthy
  cloudally-tag-required:
    description: Operations MUST be tagged for resource grouping (Authentication, Partners, Users, Backups, Restore, Billing, Tasks).
    severity: warn
    given: $.paths[*][get,post,put,delete,patch].tags
    then:
      function: truthy
  cloudally-bearer-auth-required:
    description: API MUST define a bearer-token security scheme since CloudAlly authenticates with access tokens issued via /auth or /auth/partner.
    severity: error
    given: $.components.securitySchemes
    then:
      function: truthy
  cloudally-server-url:
    description: API MUST declare at least one server URL pointing at api.cloudally.com.
    severity: error
    given: $.servers
    then:
      function: truthy