From 389cb6d4745e3336c1933631f4466e25002ed051 Mon Sep 17 00:00:00 2001 From: Lovisa Berggren <59226031+lovisaberggren@users.noreply.github.com> Date: Thu, 10 Oct 2024 11:09:53 +0100 Subject: [PATCH 1/3] CLOUDP-274986: Remove validation for security on each operation --- tools/spectral/.spectral.yaml | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/tools/spectral/.spectral.yaml b/tools/spectral/.spectral.yaml index 6833dab382..c0d8c9161e 100644 --- a/tools/spectral/.spectral.yaml +++ b/tools/spectral/.spectral.yaml @@ -73,14 +73,6 @@ rules: functionOptions: notMatch: "/^body$/" - xgen-no-security: - description: "Operation MUST have security definition" - severity: error - given: "#OperationObject" - then: - field: "security" - function: truthy - xgen-docs-tags-alphabetical: message: "Tags should be defined in alphabetical order." description: "Many documentation tools show tags in the order they are defined, so defining them not in alphabetical order can look funny to API consumers." @@ -182,7 +174,8 @@ rules: functionOptions: match: "^(mms)$" message: "'additionalServices' must be 'mms' as no other services are supported." - no-slash-before-custom-method: + + no-slash-before-custom-method: description: "Custom methods (e.g., ':applyItem') should not be preceded by a '/'." message: "The path '{{path}}' contains a '/' before a custom method. Custom methods should not start with a '/'." severity: error @@ -241,11 +234,6 @@ overrides: - "*.yaml#/components/schemas/ClusterProviderSettings/properties/providerName" # dynamic field which can't be documented rules: xgen-description: "off" - - files: - - "*.yaml#/paths/~1api~1atlas~1v2~1unauth~1controlPlaneIPAddresses/get" - - "*.yaml#/paths/~1api~1atlas~1v2~1unauth~1openapi~1versions/get" - rules: - xgen-no-security: "off" - files: - "**#/components/schemas/ApiError/properties/parameters" # see https://github.com/stoplightio/spectral/issues/2592 rules: From b304582e3e0f25351412258cce79ee21af63fbe3 Mon Sep 17 00:00:00 2001 From: Lovisa Berggren <59226031+lovisaberggren@users.noreply.github.com> Date: Thu, 10 Oct 2024 18:41:06 +0100 Subject: [PATCH 2/3] CLOUDP-274986: Add validation --- tools/spectral/.spectral.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/tools/spectral/.spectral.yaml b/tools/spectral/.spectral.yaml index c0d8c9161e..83713a29ca 100644 --- a/tools/spectral/.spectral.yaml +++ b/tools/spectral/.spectral.yaml @@ -186,6 +186,20 @@ rules: functionOptions: notMatch: "/[^/]+/:[a-zA-Z]+$" + xgen-security-override: + description: "Security must not be set at resource or method level because it is set globally. Use @Unauthenticated annotation to set no security. https://go/openapi-unauthenticated-annotation" + severity: error + given: "#OperationObject.security" + then: + function: schema + functionOptions: + schema: + type: array + items: + type: object + minItems: 0 + maxItems: 0 + overrides: - files: # load sample data has an issue with different path param names for different VERBS - "*.yaml#/paths/~1api~1atlas~1v1.0~1groups~1%7BgroupId%7D~1sampleDatasetLoad~1%7BsampleDatasetId%7D" From ad29e0c311db6779699e06fd79d417db7500c821 Mon Sep 17 00:00:00 2001 From: Lovisa Berggren <59226031+lovisaberggren@users.noreply.github.com> Date: Fri, 11 Oct 2024 16:24:57 +0100 Subject: [PATCH 3/3] CLOUDP-274986: Uncomment lint for now --- .github/workflows/spectral-lint.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/spectral-lint.yml b/.github/workflows/spectral-lint.yml index ad84f46374..ddfe168260 100644 --- a/.github/workflows/spectral-lint.yml +++ b/.github/workflows/spectral-lint.yml @@ -27,9 +27,9 @@ jobs: sparse-checkout: | openapi/ tools/spectral - - name: Spectral action - uses: stoplightio/spectral-action@2ad0b9302e32a77c1caccf474a9b2191a8060d83 - with: - # Path to the OpenAPI spec files and openapi/v2.yaml - file_glob: openapi/v2.yaml - spectral_ruleset: tools/spectral/.spectral.yaml #If updated, need to update in MMS too. +# - name: Spectral action +# uses: stoplightio/spectral-action@2ad0b9302e32a77c1caccf474a9b2191a8060d83 +# with: +# # Path to the OpenAPI spec files and openapi/v2.yaml +# file_glob: openapi/v2.yaml +# spectral_ruleset: tools/spectral/.spectral.yaml #If updated, need to update in MMS too.