UtilityAPI · API Governance Rules

UtilityAPI API Rules

Spectral linting rules defining API design standards and conventions for UtilityAPI.

8 Rules error 2 warn 6
View Rules File View on GitHub

Rule Categories

utilityapi

Rules

error
utilityapi-bearer-auth-required
All operations must use bearerAuth security
$.paths[*][*]
warn
utilityapi-uid-path-parameters
Path parameters for resource IDs should be named 'uid'
$.paths[*][*].parameters[*]
warn
utilityapi-pagination-next-cursor
List endpoints should support 'next' cursor pagination
$.paths[*].get
warn
utilityapi-list-response-envelope
List responses should use plural noun envelope
$.paths[*].get.responses.200.content.application/json.schema
error
utilityapi-operations-must-have-summaries
All operations must have a summary
$.paths[*][get,post,put,delete,patch]
warn
utilityapi-operations-must-have-tags
All operations must have at least one tag
$.paths[*][get,post,put,delete,patch]
warn
utilityapi-error-response-defined
Operations should define 401 error responses
$.paths[*][get,post,put,delete,patch].responses
warn
utilityapi-operation-ids-camel-case
Operation IDs should use camelCase
$.paths[*][*].operationId

Spectral Ruleset

Raw ↑ 
extends:
  - spectral:oas
rules:
  utilityapi-bearer-auth-required:
    description: All operations must use bearerAuth security
    message: Operation must use bearerAuth security scheme
    severity: error
    given: "$.paths[*][*]"
    then:
      function: schema
      functionOptions:
        schema:
          type: object
          properties:
            security:
              type: array
          required:
            - security

  utilityapi-uid-path-parameters:
    description: Path parameters for resource IDs should be named 'uid'
    message: Resource identifier path parameters should be named 'uid'
    severity: warn
    given: "$.paths[*][*].parameters[*]"
    then:
      function: pattern
      field: name
      functionOptions:
        match: "^(uid|username|name|provider|architecture|version)$"

  utilityapi-pagination-next-cursor:
    description: List endpoints should support 'next' cursor pagination
    message: List operations should include 'next' cursor parameter
    severity: warn
    given: "$.paths[*].get"
    then:
      function: truthy
      field: parameters

  utilityapi-list-response-envelope:
    description: List responses should use plural noun envelope
    message: List responses should wrap items in a plural noun envelope
    severity: warn
    given: "$.paths[*].get.responses.200.content.application/json.schema"
    then:
      function: truthy
      field: properties

  utilityapi-operations-must-have-summaries:
    description: All operations must have a summary
    message: Operations must have a summary field
    severity: error
    given: "$.paths[*][get,post,put,delete,patch]"
    then:
      function: truthy
      field: summary

  utilityapi-operations-must-have-tags:
    description: All operations must have at least one tag
    message: Operations should be tagged for organization
    severity: warn
    given: "$.paths[*][get,post,put,delete,patch]"
    then:
      function: truthy
      field: tags

  utilityapi-error-response-defined:
    description: Operations should define 401 error responses
    message: Operations should document 401 Unauthorized responses
    severity: warn
    given: "$.paths[*][get,post,put,delete,patch].responses"
    then:
      function: truthy
      field: '401'

  utilityapi-operation-ids-camel-case:
    description: Operation IDs should use camelCase
    message: OperationId should use camelCase naming
    severity: warn
    given: "$.paths[*][*].operationId"
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]+$"