Cisco Expressway · API Governance Rules

Cisco Expressway API Rules

Spectral linting rules defining API design standards and conventions for Cisco Expressway.

8 Rules error 4 warn 3 info 1
View Rules File View on GitHub

Rule Categories

expressway

Rules

error
expressway-info-contact
API contact information must be present.
$.info
error
expressway-server-https
All server URLs must use HTTPS.
$.servers[*].url
warn
expressway-server-base-path
Servers must include /api/provisioning or /api/status.
$.servers[*].url
error
expressway-basic-auth
A basic-auth security scheme must be defined.
$.components.securitySchemes[*]
error
expressway-operation-id
Every operation must declare a unique operationId.
$.paths[*][get,post,put,patch,delete]
warn
expressway-operation-tags
Operations must declare at least one tag.
$.paths[*][get,post,put,patch,delete]
info
expressway-zone-collection-naming
Provisioning collection paths should be plural nouns.
$.paths[?(@property.indexOf('/api/provisioning/') > -1)]~
warn
expressway-error-responses
Mutating operations should declare 4xx error responses.
$.paths[*][post,put,patch,delete].responses

Spectral Ruleset

Raw ↑ 
extends:
  - spectral:oas

# Spectral linting tuned for Cisco Expressway REST APIs.
# Per the X14.x REST API summary guide, Expressway uses HTTP Basic auth
# over HTTPS, /api/provisioning/* for configuration, /api/status/* for
# observability, JSON Schema Draft-04 request/response shapes, and
# returns 200/201/204 on success.
rules:
  expressway-info-contact:
    description: API contact information must be present.
    severity: error
    given: "$.info"
    then:
      field: contact
      function: truthy

  expressway-server-https:
    description: All server URLs must use HTTPS.
    severity: error
    given: "$.servers[*].url"
    then:
      function: pattern
      functionOptions:
        match: "^https://"

  expressway-server-base-path:
    description: Servers must include /api/provisioning or /api/status.
    severity: warn
    given: "$.servers[*].url"
    then:
      function: pattern
      functionOptions:
        match: "/api/(provisioning|status|xmlapi)"

  expressway-basic-auth:
    description: A basic-auth security scheme must be defined.
    severity: error
    given: "$.components.securitySchemes[*]"
    then:
      function: schema
      functionOptions:
        schema:
          type: object
          properties:
            type:
              enum: ["http"]
            scheme:
              enum: ["basic"]

  expressway-operation-id:
    description: Every operation must declare a unique operationId.
    severity: error
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: operationId
      function: truthy

  expressway-operation-tags:
    description: Operations must declare at least one tag.
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: tags
      function: schema
      functionOptions:
        schema:
          type: array
          minItems: 1

  expressway-zone-collection-naming:
    description: Provisioning collection paths should be plural nouns.
    severity: info
    given: "$.paths[?(@property.indexOf('/api/provisioning/') > -1)]~"
    then:
      function: pattern
      functionOptions:
        match: "(zones|searchrules|transforms|dns|ntp|users|peers)"

  expressway-error-responses:
    description: Mutating operations should declare 4xx error responses.
    severity: warn
    given: "$.paths[*][post,put,patch,delete].responses"
    then:
      function: schema
      functionOptions:
        schema:
          type: object
          anyOf:
            - required: ["400"]
            - required: ["401"]
            - required: ["403"]
            - required: ["404"]
            - required: ["409"]