Skip to content

Commit

Permalink
Split validation steps for openapi
Browse files Browse the repository at this point in the history
Split validation steps for openapi

Split validation steps for openapi

Split validation steps for openapi
  • Loading branch information
francbartoli committed Feb 26, 2024
1 parent f80efa0 commit 6f18695
Showing 1 changed file with 38 additions and 10 deletions.
48 changes: 38 additions & 10 deletions .github/workflows/openapi.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,10 @@ on:
- pull_request

jobs:
build:
name: Run Spectral
spectral-oas:
name: Lint and validate OpenAPI document for pygeoapi configuration
runs-on: ubuntu-latest
needs: build
steps:
# Check out the repository
- name: Check out the repository
Expand All @@ -32,25 +33,52 @@ jobs:
run: |
poetry install
poetry run fastgeoapi openapi
# Create OAS3 ruleset
- name: Create OAS 3
run: |
echo 'extends: ["spectral:oas"]' > .spectral.oas3.yaml
# Create OWASP API Security 10 ruleset
- name: Create OWASP API Security 10
run: |
npm install -g @stoplight/spectral-owasp-ruleset@latest
echo 'extends: ["https://unpkg.com/@stoplight/spectral-owasp-ruleset/dist/ruleset.mjs"]' > .spectral.owasp-top-10.yaml
# Run Spectral for OWASP Top 10
# Run Spectral for OAS3
- name: Run Spectral for OAS3
uses: stoplightio/spectral-action@latest
with:
file_glob: "pygeoapi-openapi.json"
spectral_ruleset: ".spectral.oas3.yaml"

spectral-owasp:
name: Validate OpenAPI document against OWASP Top 10 API security rules
runs-on: ubuntu-latest
needs: build
steps:
# Check out the repository
- name: Check out the repository
uses: actions/[email protected]

- name: Set up Python 3.10
uses: actions/[email protected]
with:
python-version: "3.10"

- name: Upgrade pip
run: |
pip install --constraint=.github/workflows/constraints.txt pip
pip --version
- name: Install Poetry
run: |
pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
poetry --version
- name: Install fastgeoapi CLI
run: |
poetry install
poetry run fastgeoapi openapi
# Create OWASP API Security 10 ruleset
- name: Create OWASP API Security 10
run: |
npm install -g @stoplight/spectral-owasp-ruleset@latest
echo 'extends: ["https://unpkg.com/@stoplight/spectral-owasp-ruleset/dist/ruleset.mjs"]' > .spectral.owasp-top-10.yaml
# Run Spectral for OWASP Top 10
- name: Run Spectral for OWASP top 10
uses: stoplightio/spectral-action@latest
Expand Down

0 comments on commit 6f18695

Please sign in to comment.