forked from italia/api-oas-checker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
https.yml
35 lines (33 loc) · 987 Bytes
/
https.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
rules:
servers-description:
description: |-
Servers must have a description.
message: >-
Server {{path}} must have a description.
given:
- $.servers[*]
- $.paths..servers
severity: error
recommended: true
then:
field: description
function: truthy
servers-use-https:
description: |-
Servers must use https to ensure the origin of the responses
and protect the integrity and the confidentiality of the communication.
You can use `http://` only on sandboxes environment.
Use `x-sandbox: true` to skip this kind of check.
message: >-
Non-sandbox url {{value}} {{error}}.
Add `x-sandbox: true` to skip this check on a specific server.
given:
- $.servers[?(@["x-sandbox"] != true)]
- $.paths..servers[?(@["x-sandbox"] != true)]
severity: error
recommended: true
then:
field: url
function: pattern
functionOptions:
match: ^https://.*