-
Notifications
You must be signed in to change notification settings - Fork 6
85 lines (72 loc) · 2.48 KB
/
openapi.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
name: Validate OpenAPI with Spectral
on:
- push
- pull_request
jobs:
spectral-oas:
name: Lint and validate OpenAPI document for pygeoapi configuration
runs-on: ubuntu-latest
steps:
# Check out the repository
- name: Check out the repository
uses: actions/[email protected]
- name: Set up Python 3.10
uses: actions/[email protected]
with:
python-version: "3.10"
- name: Upgrade pip
run: |
pip install --constraint=.github/workflows/constraints.txt pip
pip --version
- name: Install Poetry
run: |
pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
poetry --version
- name: Install fastgeoapi CLI
run: |
poetry install
poetry run fastgeoapi openapi
# Create OAS3 ruleset
- name: Create OAS 3
run: |
echo 'extends: ["spectral:oas"]' > .spectral.oas3.yaml
# Run Spectral for OAS3
- name: Run Spectral for OAS3
uses: stoplightio/spectral-action@latest
with:
file_glob: "pygeoapi-openapi.json"
spectral_ruleset: ".spectral.oas3.yaml"
spectral-owasp:
name: Validate OpenAPI document against OWASP Top 10 API security rules
runs-on: ubuntu-latest
steps:
# Check out the repository
- name: Check out the repository
uses: actions/[email protected]
- name: Set up Python 3.10
uses: actions/[email protected]
with:
python-version: "3.10"
- name: Upgrade pip
run: |
pip install --constraint=.github/workflows/constraints.txt pip
pip --version
- name: Install Poetry
run: |
pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
poetry --version
- name: Install fastgeoapi CLI
run: |
poetry install
poetry run fastgeoapi openapi
# Create OWASP API Security 10 ruleset
- name: Create OWASP API Security 10
run: |
npm install -g @stoplight/spectral-owasp-ruleset@latest
echo 'extends: ["https://unpkg.com/@stoplight/spectral-owasp-ruleset/dist/ruleset.mjs"]' > .spectral.owasp-top-10.yaml
# Run Spectral for OWASP Top 10
- name: Run Spectral for OWASP top 10
uses: stoplightio/spectral-action@latest
with:
file_glob: "pygeoapi-openapi.json"
spectral_ruleset: ".spectral.owasp-top-10.yaml"