Acceptance Criteria · API Governance Rules

Acceptance Criteria API Rules

Spectral linting rules defining API design standards and conventions for Acceptance Criteria.

27 Rules error 9 warn 14 info 4
View Rules File View on GitHub

Rule Categories

ac

Rules

error
ac-require-security-scheme
APIs managing acceptance criteria must require authentication
$.paths[*][get,post,put,patch,delete]
warn
ac-path-kebab-case
API paths must use kebab-case naming
$.paths[*]~
warn
ac-no-trailing-slash
API paths must not have trailing slashes
$.paths[*]~
error
ac-operations-require-summary
All operations must have a summary
$.paths[*][get,post,put,patch,delete]
error
ac-operations-require-operation-id
All operations must have an operationId
$.paths[*][get,post,put,patch,delete]
warn
ac-operation-id-camel-case
OperationIds must use camelCase
$.paths[*][get,post,put,patch,delete].operationId
warn
ac-operations-require-tags
All operations must have at least one tag
$.paths[*][get,post,put,patch,delete]
info
ac-operations-require-description
All operations should have a description
$.paths[*][get,post,put,patch,delete]
error
ac-require-200-response
GET operations must define a 200 response
$.paths[*].get.responses
warn
ac-require-201-on-post
POST operations should define a 201 created response
$.paths[*].post.responses
warn
ac-require-401-response
Operations must define a 401 unauthorized response
$.paths[*][get,post,put,patch,delete].responses
warn
ac-require-404-on-parameterized-paths
Operations on parameterized paths must define a 404 response
$.paths[?(@~.match(/\{.*\}/))][get,put,patch,delete].responses
warn
ac-require-500-response
All operations must define a 500 server error response
$.paths[*][get,post,put,patch,delete].responses
warn
ac-schema-require-description
All schema components must have a description
$.components.schemas[*]
info
ac-schema-properties-require-description
Schema properties should have descriptions for self-documenting APIs
$.components.schemas[*].properties[*]
warn
ac-require-id-property
Resource schemas must include an id property
$.components.schemas[?([email protected] =~ /(List|Request)$/)]
error
ac-timestamp-format
Timestamp fields must use date-time format
$.components.schemas[*].properties[?(@.description =~ /[Tt]imestamp|At$|[Dd]ate/)]
info
ac-gherkin-given-when-then
Gherkin-format acceptance criteria must include given, when, and then fields
$.components.schemas.AcceptanceCriterion.properties
warn
ac-status-enum-values
Status fields must use defined enum values
$.components.schemas[*].properties.status
warn
ac-priority-enum-values
Priority fields must use defined enum values
$.components.schemas[*].properties.priority
error
ac-require-json-request-body
Request bodies must use application/json content type
$.paths[*][post,put,patch].requestBody.content
error
ac-require-json-response
Success responses must return application/json
$.paths[*][get,post,put,patch].responses[200,201].content
warn
ac-list-responses-require-total
List schema responses must include a total count
$.components.schemas[?(@.title =~ /List$/)]
warn
ac-list-responses-require-page
List schema responses must include page for pagination
$.components.schemas[?(@.title =~ /List$/)]
error
ac-info-require-version
API spec must include a version
$.info
error
ac-info-require-description
API spec must include a description
$.info
info
ac-info-require-contact
API spec should include contact information
$.info

Spectral Ruleset

acceptance-criteria-spectral-rules.yml Raw ↑ 
extends: spectral:oas
rules:
  # Authentication Rules
  ac-require-security-scheme:
    description: APIs managing acceptance criteria must require authentication
    message: "Operation '{{path}}' must define security requirements"
    severity: error
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: security
      function: truthy

  # Path Naming Rules
  ac-path-kebab-case:
    description: API paths must use kebab-case naming
    message: "Path '{{value}}' must use kebab-case"
    severity: warn
    given: "$.paths[*]~"
    then:
      function: pattern
      functionOptions:
        match: "^(/[a-z0-9-]+({[a-zA-Z]+})?)*$"

  ac-no-trailing-slash:
    description: API paths must not have trailing slashes
    message: "Path '{{value}}' must not have a trailing slash"
    severity: warn
    given: "$.paths[*]~"
    then:
      function: pattern
      functionOptions:
        notMatch: "/$"

  # Operation Rules
  ac-operations-require-summary:
    description: All operations must have a summary
    message: "Operation at '{{path}}' must have a summary"
    severity: error
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: summary
      function: truthy

  ac-operations-require-operation-id:
    description: All operations must have an operationId
    message: "Operation at '{{path}}' must have an operationId"
    severity: error
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: operationId
      function: truthy

  ac-operation-id-camel-case:
    description: OperationIds must use camelCase
    message: "OperationId '{{value}}' must use camelCase"
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete].operationId"
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]*$"

  ac-operations-require-tags:
    description: All operations must have at least one tag
    message: "Operation at '{{path}}' must have at least one tag"
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: tags
      function: truthy

  ac-operations-require-description:
    description: All operations should have a description
    message: "Operation at '{{path}}' should have a description"
    severity: info
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: description
      function: truthy

  # Response Rules
  ac-require-200-response:
    description: GET operations must define a 200 response
    message: "GET operation at '{{path}}' must define a 200 response"
    severity: error
    given: "$.paths[*].get.responses"
    then:
      field: "200"
      function: truthy

  ac-require-201-on-post:
    description: POST operations should define a 201 created response
    message: "POST operation at '{{path}}' should define a 201 response"
    severity: warn
    given: "$.paths[*].post.responses"
    then:
      field: "201"
      function: truthy

  ac-require-401-response:
    description: Operations must define a 401 unauthorized response
    message: "Operation at '{{path}}' must define a 401 response"
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete].responses"
    then:
      field: "401"
      function: truthy

  ac-require-404-on-parameterized-paths:
    description: Operations on parameterized paths must define a 404 response
    message: "Operation at '{{path}}' must define a 404 response"
    severity: warn
    given: "$.paths[?(@~.match(/\\{.*\\}/))][get,put,patch,delete].responses"
    then:
      field: "404"
      function: truthy

  ac-require-500-response:
    description: All operations must define a 500 server error response
    message: "Operation at '{{path}}' must define a 500 response"
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete].responses"
    then:
      field: "500"
      function: truthy

  # Schema Rules
  ac-schema-require-description:
    description: All schema components must have a description
    message: "Schema '{{path}}' must have a description"
    severity: warn
    given: "$.components.schemas[*]"
    then:
      field: description
      function: truthy

  ac-schema-properties-require-description:
    description: Schema properties should have descriptions for self-documenting APIs
    message: "Property at '{{path}}' should have a description"
    severity: info
    given: "$.components.schemas[*].properties[*]"
    then:
      field: description
      function: truthy

  ac-require-id-property:
    description: Resource schemas must include an id property
    message: "Schema '{{path}}' must include an 'id' property"
    severity: warn
    given: "$.components.schemas[?([email protected] =~ /(List|Request)$/)]"
    then:
      field: properties.id
      function: truthy

  ac-timestamp-format:
    description: Timestamp fields must use date-time format
    message: "Timestamp property at '{{path}}' must use format: date-time"
    severity: error
    given: "$.components.schemas[*].properties[?(@.description =~ /[Tt]imestamp|At$|[Dd]ate/)]"
    then:
      field: format
      function: enumeration
      functionOptions:
        values:
          - date-time
          - date

  # Acceptance Criteria Specific Rules
  ac-gherkin-given-when-then:
    description: Gherkin-format acceptance criteria must include given, when, and then fields
    message: "Gherkin acceptance criterion at '{{path}}' should include 'given', 'when', and 'then' properties"
    severity: info
    given: "$.components.schemas.AcceptanceCriterion.properties"
    then:
      function: schema
      functionOptions:
        schema:
          required: [given, when, then]

  ac-status-enum-values:
    description: Status fields must use defined enum values
    message: "Status property at '{{path}}' must define enum values"
    severity: warn
    given: "$.components.schemas[*].properties.status"
    then:
      field: enum
      function: truthy

  ac-priority-enum-values:
    description: Priority fields must use defined enum values
    message: "Priority property at '{{path}}' must define enum values"
    severity: warn
    given: "$.components.schemas[*].properties.priority"
    then:
      field: enum
      function: truthy

  # Content Type Rules
  ac-require-json-request-body:
    description: Request bodies must use application/json content type
    message: "Request body at '{{path}}' must use application/json"
    severity: error
    given: "$.paths[*][post,put,patch].requestBody.content"
    then:
      field: application/json
      function: truthy

  ac-require-json-response:
    description: Success responses must return application/json
    message: "Response at '{{path}}' must return application/json"
    severity: error
    given: "$.paths[*][get,post,put,patch].responses[200,201].content"
    then:
      field: application/json
      function: truthy

  # Pagination Rules
  ac-list-responses-require-total:
    description: List schema responses must include a total count
    message: "List schema '{{path}}' must include a 'total' property"
    severity: warn
    given: "$.components.schemas[?(@.title =~ /List$/)]"
    then:
      field: properties.total
      function: truthy

  ac-list-responses-require-page:
    description: List schema responses must include page for pagination
    message: "List schema '{{path}}' must include a 'page' property"
    severity: warn
    given: "$.components.schemas[?(@.title =~ /List$/)]"
    then:
      field: properties.page
      function: truthy

  # Info Rules
  ac-info-require-version:
    description: API spec must include a version
    message: "API info must include a version"
    severity: error
    given: "$.info"
    then:
      field: version
      function: truthy

  ac-info-require-description:
    description: API spec must include a description
    message: "API info must include a description"
    severity: error
    given: "$.info"
    then:
      field: description
      function: truthy

  ac-info-require-contact:
    description: API spec should include contact information
    message: "API info should include a contact object"
    severity: info
    given: "$.info"
    then:
      field: contact
      function: truthy