extends: spectral:oas
rules:
  ssl-tls-operation-summary-title-case:
    description: All operation summaries must use Title Case
    severity: warn
    given: "$.paths[*][*].summary"
    then:
      function: pattern
      functionOptions:
        match: "^([A-Z][a-z0-9]*\\s?)+$"

  ssl-tls-operationid-camel-case:
    description: operationId must use camelCase
    severity: warn
    given: "$.paths[*][*].operationId"
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]*$"

  ssl-tls-tags-required:
    description: Every operation must have at least one tag
    severity: error
    given: "$.paths[*][*]"
    then:
      field: tags
      function: truthy

  ssl-tls-description-required:
    description: All operations must have a description
    severity: warn
    given: "$.paths[*][*].description"
    then:
      function: truthy

  ssl-tls-certificates-require-auth:
    description: Certificate management operations must require authentication
    severity: error
    given: "$.paths[*/certificates*][post,delete]"
    then:
      field: security
      function: truthy

  ssl-tls-date-fields-format:
    description: Date fields in schemas should use date-time format
    severity: warn
    given: "$.components.schemas[*].properties[?(@.name =~ /(At|Before|After|Date|Expiry)$/)]"
    then:
      field: format
      function: enumeration
      functionOptions:
        values:
          - date
          - date-time

  ssl-tls-response-success-defined:
    description: All operations must define at least one success response
    severity: error
    given: "$.paths[*][*].responses"
    then:
      function: truthy