Albato · API Governance Rules

Albato API Rules

Spectral linting rules defining API design standards and conventions for Albato.

24 Rules error 15 warn 9
View Rules File View on GitHub

Rule Categories

albato

Rules

error
albato-auth-apikey-required
Albato APIs must define API key authentication
$.components.securitySchemes
error
albato-global-security
Global security must be defined
$
error
albato-info-title
API must have a title
$.info
error
albato-info-description
API must have a description
$.info
error
albato-info-version
API must have a version
$.info
error
albato-path-lowercase
Paths must be lowercase
$.paths
error
albato-operation-id
Operations must have operationId
$.paths[*][get,post,put,patch,delete]
error
albato-operation-summary
Operations must have a summary
$.paths[*][get,post,put,patch,delete]
warn
albato-operation-description
Operations should have a description
$.paths[*][get,post,put,patch,delete]
error
albato-operation-tags
Operations must have tags
$.paths[*][get,post,put,patch,delete]
error
albato-response-200-get
GET operations must return 200
$.paths[*].get.responses
warn
albato-response-201-post
POST operations should return 201
$.paths[*].post.responses
warn
albato-response-401
Operations should document 401
$.paths[*].get.responses
error
albato-response-json
Responses must use application/json
$.paths[*][get,post,put].responses[200,201].content
warn
albato-schema-description
Schemas must have descriptions
$.components.schemas[*]
error
albato-property-type
Properties must have types
$.components.schemas[*].properties[*]
warn
albato-parameter-description
Parameters should have descriptions
$.paths[*][*].parameters[*]
error
albato-path-param-schema
Path parameters must have schemas
$.paths[*][*].parameters[?(@.in=='path')]
warn
albato-operation-id-camel-case
operationId must use camelCase
$.paths[*][*].operationId
warn
albato-schema-pascal-case
Schema names must use PascalCase
$.components.schemas
error
albato-request-body-json
Request bodies must use application/json
$.paths[*][post,put,patch].requestBody.content
warn
albato-request-body-required
POST request bodies should be required
$.paths[*].post.requestBody
error
albato-servers-defined
API must define servers
$
warn
albato-tags-at-root
Tags must be documented at root
$

Spectral Ruleset

Raw ↑ 
rules:
  albato-auth-apikey-required:
    description: Albato APIs must define API key authentication
    message: Security scheme must include ApiKeyAuth
    severity: error
    given: "$.components.securitySchemes"
    then:
      field: ApiKeyAuth
      function: truthy

  albato-global-security:
    description: Global security must be defined
    message: Top-level security must be set
    severity: error
    given: "$"
    then:
      field: security
      function: truthy

  albato-info-title:
    description: API must have a title
    message: Info must have a title
    severity: error
    given: "$.info"
    then:
      field: title
      function: truthy

  albato-info-description:
    description: API must have a description
    message: Info must have a description
    severity: error
    given: "$.info"
    then:
      field: description
      function: truthy

  albato-info-version:
    description: API must have a version
    message: Info must have a version
    severity: error
    given: "$.info"
    then:
      field: version
      function: truthy

  albato-path-lowercase:
    description: Paths must be lowercase
    message: "Path '{{property}}' must use lowercase"
    severity: error
    given: "$.paths"
    then:
      function: pattern
      functionOptions:
        notMatch: "[A-Z_]"

  albato-operation-id:
    description: Operations must have operationId
    message: Operation must have an operationId
    severity: error
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: operationId
      function: truthy

  albato-operation-summary:
    description: Operations must have a summary
    message: Operation must have a summary
    severity: error
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: summary
      function: truthy

  albato-operation-description:
    description: Operations should have a description
    message: Operation should have a description
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: description
      function: truthy

  albato-operation-tags:
    description: Operations must have tags
    message: Operation must have tags
    severity: error
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: tags
      function: truthy

  albato-response-200-get:
    description: GET operations must return 200
    message: GET must define a 200 response
    severity: error
    given: "$.paths[*].get.responses"
    then:
      field: "200"
      function: defined

  albato-response-201-post:
    description: POST operations should return 201
    message: POST should define a 201 response
    severity: warn
    given: "$.paths[*].post.responses"
    then:
      field: "201"
      function: defined

  albato-response-401:
    description: Operations should document 401
    message: Operations should define a 401 response
    severity: warn
    given: "$.paths[*].get.responses"
    then:
      field: "401"
      function: defined

  albato-response-json:
    description: Responses must use application/json
    message: Response must define application/json
    severity: error
    given: "$.paths[*][get,post,put].responses[200,201].content"
    then:
      field: application/json
      function: defined

  albato-schema-description:
    description: Schemas must have descriptions
    message: Schema must have a description
    severity: warn
    given: "$.components.schemas[*]"
    then:
      field: description
      function: truthy

  albato-property-type:
    description: Properties must have types
    message: Property must define a type
    severity: error
    given: "$.components.schemas[*].properties[*]"
    then:
      field: type
      function: truthy

  albato-parameter-description:
    description: Parameters should have descriptions
    message: Parameter should have a description
    severity: warn
    given: "$.paths[*][*].parameters[*]"
    then:
      field: description
      function: truthy

  albato-path-param-schema:
    description: Path parameters must have schemas
    message: Path parameter must define a schema
    severity: error
    given: "$.paths[*][*].parameters[?(@.in=='path')]"
    then:
      field: schema
      function: truthy

  albato-operation-id-camel-case:
    description: operationId must use camelCase
    message: "operationId '{{value}}' must be camelCase"
    severity: warn
    given: "$.paths[*][*].operationId"
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]*$"

  albato-schema-pascal-case:
    description: Schema names must use PascalCase
    message: "Schema '{{property}}' must be PascalCase"
    severity: warn
    given: "$.components.schemas"
    then:
      function: pattern
      functionOptions:
        match: "^[A-Z][a-zA-Z0-9]*$"

  albato-request-body-json:
    description: Request bodies must use application/json
    message: Request body must define application/json
    severity: error
    given: "$.paths[*][post,put,patch].requestBody.content"
    then:
      field: application/json
      function: defined

  albato-request-body-required:
    description: POST request bodies should be required
    message: POST request body should be marked required
    severity: warn
    given: "$.paths[*].post.requestBody"
    then:
      field: required
      function: truthy

  albato-servers-defined:
    description: API must define servers
    message: API must include servers
    severity: error
    given: "$"
    then:
      field: servers
      function: truthy

  albato-tags-at-root:
    description: Tags must be documented at root
    message: Tags should be defined at root level
    severity: warn
    given: "$"
    then:
      field: tags
      function: truthy