From 24aaab1f81acc737c9374ae042b47c66b3b56620 Mon Sep 17 00:00:00 2001 From: Eivind Grimstad Date: Mon, 16 Mar 2026 15:59:25 +0100 Subject: [PATCH] feat(ETU-66996)!: Add entur extensions as errors to spectral-required --- .spectral-required.yml | 124 +++++++++++++++++++++++++++++++++++++++++ .spectral.yml | 12 ++-- 2 files changed, 130 insertions(+), 6 deletions(-) diff --git a/.spectral-required.yml b/.spectral-required.yml index 68ad69e..154c7f4 100644 --- a/.spectral-required.yml +++ b/.spectral-required.yml @@ -6,3 +6,127 @@ extends: [spectral:oas] rules: no-$ref-siblings: "off" + + # ------------------------------------------------------------------------- + # 2.3 Authentication and authorization + # ------------------------------------------------------------------------- + + entur-permissions: + message: "x-entur-permissions must match the schema" + documentationUrl: "https://github.com/entur/api-guidelines/blob/main/guidelines.md#233-documenting-permissions-for-partner-endpoints" + severity: error + given: $.paths.*[get,post,put,patch,delete,options,head,trace].x-entur-permissions + then: + function: schema + functionOptions: + schema: + type: object + required: + - value + properties: + description: + type: string + value: + $ref: "#/$defs/permission-node" + $defs: + permission-node: + oneOf: + - $ref: "#/$defs/permission-leaf" + - $ref: "#/$defs/permission-all" + - $ref: "#/$defs/permission-any" + + permission-leaf: + type: string + pattern: "^[0-9a-zA-ZæøåØÆÅ][0-9a-zA-ZæøåØÆÅ.\\-]{0,99}:(les|opprett|endre|slett)$" + + permission-all: + type: object + required: + - all + properties: + all: + type: array + items: + - $ref: "#/$defs/permission-node" + + permission-any: + type: object + required: + - any + properties: + any: + type: array + items: + - $ref: "#/$defs/permission-node" + + # ------------------------------------------------------------------------- + # 2.4 Entur Metadata + # ------------------------------------------------------------------------- + + entur-info-metadata-id: + message: "The OpenAPI info section MUST include \"x-entur-metadata.id\"." + documentationUrl: "https://github.com/entur/api-guidelines/blob/main/guidelines.md#241-identifying-a-specification" + severity: error + given: $ + then: + field: info.x-entur-metadata.id + function: truthy + + entur-info-metadata-id-kebab-case: + message: "The \"x-entur-metadata.id\" MUST be in lower-kebab-case format. Invalid value: {{value}}" + documentationUrl: "https://github.com/entur/api-guidelines/blob/main/guidelines.md#241-identifying-a-specification" + severity: error + given: $.info.x-entur-metadata.id + then: + function: pattern + functionOptions: + match: ^[a-z0-9]+(-[a-z0-9]+)*$ + + entur-info-metadata-audience: + message: "The OpenAPI info section MUST include \"x-entur-metadata.audience\"." + documentationUrl: "https://github.com/entur/api-guidelines/blob/main/guidelines.md#24-entur-metadata" + severity: error + given: $ + then: + field: info.x-entur-metadata.audience + function: truthy + + entur-info-metadata-audience-valid: + documentationUrl: "https://github.com/entur/api-guidelines/blob/main/guidelines.md#24-entur-metadata" + severity: error + given: $.info.x-entur-metadata.audience + then: + function: enumeration + functionOptions: + values: + - open + - partner + - internal + + entur-info-metadata-owner: + message: "The OpenAPI info section MUST include \"x-entur-metadata.owner\"." + documentationUrl: "https://github.com/entur/api-guidelines/blob/main/guidelines.md#242-specification-owner" + severity: error + given: $ + then: + field: info.x-entur-metadata.owner + function: truthy + + entur-info-metadata-owner-valid: + documentationUrl: "https://github.com/entur/api-guidelines/blob/main/guidelines.md#242-specification-owner" + severity: error + given: $.info.x-entur-metadata.owner + then: + function: pattern + functionOptions: + match: ^team-[a-z0-9]+(-[a-z0-9]+)*$ + + entur-info-metadata-parent-id-kebab-case: + message: "The \"x-entur-metadata.parentId\" MUST be in lower-kebab-case format. Invalid value: {{value}}" + documentationUrl: "https://github.com/entur/api-guidelines/blob/main/guidelines.md#243-merging-specifications" + severity: error + given: $.info.x-entur-metadata.parentId + then: + function: pattern + functionOptions: + match: ^[a-z0-9]+(-[a-z0-9]+)*$ diff --git a/.spectral.yml b/.spectral.yml index d13bc69..e2071f8 100644 --- a/.spectral.yml +++ b/.spectral.yml @@ -214,9 +214,9 @@ rules: # ------------------------------------------------------------------------- entur-info-metadata-id: - message: "The OpenAPI info section SHOULD include \"x-entur-metadata.id\"." + message: "The OpenAPI info section MUST include \"x-entur-metadata.id\"." documentationUrl: "https://github.com/entur/api-guidelines/blob/main/guidelines.md#241-identifying-a-specification" - severity: warn + severity: error given: $ then: field: info.x-entur-metadata.id @@ -233,9 +233,9 @@ rules: match: ^[a-z0-9]+(-[a-z0-9]+)*$ entur-info-metadata-audience: - message: "The OpenAPI info section SHOULD include \"x-entur-metadata.audience\"." + message: "The OpenAPI info section MUST include \"x-entur-metadata.audience\"." documentationUrl: "https://github.com/entur/api-guidelines/blob/main/guidelines.md#24-entur-metadata" - severity: warn + severity: error given: $ then: field: info.x-entur-metadata.audience @@ -254,9 +254,9 @@ rules: - internal entur-info-metadata-owner: - message: "The OpenAPI info section SHOULD include \"x-entur-metadata.owner\"." + message: "The OpenAPI info section MUST include \"x-entur-metadata.owner\"." documentationUrl: "https://github.com/entur/api-guidelines/blob/main/guidelines.md#242-specification-owner" - severity: warn + severity: error given: $ then: field: info.x-entur-metadata.owner