Skip to content

Commit 67e897d

Browse files
stephenokeefestephenokeefe
authored
Merge branch 'master' into DMP-5271-AddApiValidationGetTranscriptionsDocument
2 parents 7e0ad0c + 101c73e commit 67e897d

File tree

6 files changed

+355
-45
lines changed

6 files changed

+355
-45
lines changed

.spectral.yaml

Lines changed: 84 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,84 @@
1+
extends: [ "spectral:oas" ]
2+
rules:
3+
oas3-valid-media-example: off
4+
oas3-valid-schema-example: off
5+
strings-need-bounds:
6+
description: Strings must be bounded unless they already use format/enum/pattern
7+
given:
8+
- "$.components.schemas.*"
9+
- "$.paths.*.*.parameters[*].schema"
10+
- "$.paths.*.*.requestBody.content.*.schema"
11+
- "$.paths.*.*.responses.*.content.*.schema"
12+
then:
13+
function: schema
14+
functionOptions:
15+
schema:
16+
if:
17+
properties: { type: { const: string } }
18+
required: [ type ]
19+
then:
20+
anyOf:
21+
- required: [ maxLength ]
22+
- required: [ enum ]
23+
- required: [ pattern ]
24+
- required: [ format ]
25+
severity: warn
26+
27+
arrays-need-maxitems:
28+
given:
29+
- "$.components.schemas.*"
30+
- "$.paths.*.*.parameters[*].schema"
31+
- "$.paths.*.*.requestBody.content.*.schema"
32+
- "$.paths.*.*.responses.*.content.*.schema"
33+
then:
34+
function: schema
35+
functionOptions:
36+
schema:
37+
if:
38+
properties: { type: { const: array } }
39+
required: [ type ]
40+
then:
41+
required: [ maxItems ]
42+
severity: warn
43+
44+
path-string-params-need-format-or-pattern:
45+
given:
46+
- "$.paths.*.*.parameters[?(@.in=='path')].schema"
47+
then:
48+
function: schema
49+
functionOptions:
50+
schema:
51+
if:
52+
properties: { type: { const: string } }
53+
required: [ type ]
54+
then:
55+
anyOf:
56+
- required: [ format ]
57+
- required: [ pattern ]
58+
severity: warn
59+
60+
param-id-needs-format-or-pattern:
61+
given:
62+
- "$.paths.*.*.parameters[?(@.name=='id')].schema"
63+
then:
64+
function: schema
65+
functionOptions:
66+
schema:
67+
anyOf:
68+
- required: [ format ]
69+
- required: [ pattern ]
70+
severity: warn
71+
72+
schema-id-prop-needs-format-or-pattern:
73+
given:
74+
- "$.components.schemas.*.properties.id"
75+
- "$.paths.*.*.requestBody.content.*.schema.properties.id"
76+
then:
77+
function: schema
78+
functionOptions:
79+
schema:
80+
anyOf:
81+
- required: [ format ]
82+
- required: [ pattern ]
83+
severity: warn
84+

README.md

Lines changed: 21 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -328,12 +328,12 @@ There is no need to remove postgres and java or similar core images.
328328
The following Spring Profiles are defined. "External Components" are defined as any service upon which the application
329329
is dependent, such as database servers, web services etc.
330330
331-
| Profile | Config Location | Purpose | External Components |
332-
|------------------|----------------------------------------------------------------|------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
333-
| `local` | `src/main/resources/application-local.yaml` | For running the application locally as a docker compose stack with `docker-compose-local.yml`. | Provided as needed by `docker-compose-local.yml`. No external connectivity permitted outside the network boundary of the stack. |
331+
| Profile | Config Location | Purpose | External Components |
332+
|------------------|----------------------------------------------------------------|------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
333+
| `local` | `src/main/resources/application-local.yaml` | For running the application locally as a docker compose stack with `docker-compose-local.yml`. | Provided as needed by `docker-compose-local.yml`. No external connectivity permitted outside the network boundary of the stack. |
334334
| `intTest` | `src/integrationTest/resources/application-intTest.yaml` | For running integration tests under `src/integrationTest`. | No interaction required or permitted, all external calls are mocked via embedded wiremock (for HTTP requests), an embedded database (for db queries) or `@MockitoBean` for anything else. Spring Security is explicitly disabled. |
335-
| `functionalTest` | `src/functionalTest/resources/application-functionalTest.yaml` | For running functional tests under `src/functionalTest`. | Functional tests execute API calls against the application deployed in the PR environment. That application is deployed with the `dev` profile (see below). |
336-
| `dev` | `src/main/resources/application-dev.yaml` | For running the application in the Pull Request (dev) environment. | Interaction permitted with "real" components, which may be services deployed to a test environment. |
335+
| `functionalTest` | `src/functionalTest/resources/application-functionalTest.yaml` | For running functional tests under `src/functionalTest`. | Functional tests execute API calls against the application deployed in the PR environment. That application is deployed with the `dev` profile (see below). |
336+
| `dev` | `src/main/resources/application-dev.yaml` | For running the application in the Pull Request (dev) environment. | Interaction permitted with "real" components, which may be services deployed to a test environment. |
337337
338338
## Automated Tasks
339339
@@ -393,6 +393,22 @@ Please see the separate [Dev environment](https://tools.hmcts.net/confluence/dis
393393
394394
This repo contains overrides for the default dev environment configuration, controlled by PR labels.
395395
396+
## OpenAPI Specification and Data Schema Validation
397+
398+
This repository uses spectral to validate OpenAPI specifications. To install spectral, you can use npm or yarn:
399+
400+
https://docs.stoplight.io/docs/spectral/b8391e051b7d8-installation
401+
402+
To validate the OpenAPI specification:
403+
404+
```bash
405+
spectral lint --verbose "src/main/resources/openapi/**/*.{yml,yaml}"
406+
```
407+
408+
Documentation: https://stoplight.io/open-source/spectral
409+
410+
Validate the data payload JSON Schemas:
411+
396412
### Supported labels
397413
398414
| Label | Usages |

build.gradle

Lines changed: 28 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -5,29 +5,29 @@ buildscript {
55
}
66

77
plugins {
8-
id 'application'
9-
id 'checkstyle'
10-
id 'pmd'
11-
id 'jacoco'
12-
id 'idea'
13-
id 'io.spring.dependency-management' version '1.1.7'
14-
id 'org.springframework.boot' version '3.4.5'
15-
id 'org.owasp.dependencycheck' version '12.1.3'
16-
id 'com.github.ben-manes.versions' version '0.52.0'
17-
id 'org.sonarqube' version '6.2.0.5505'
18-
id "io.freefair.lombok" version "8.14"
19-
id "org.openapi.generator" version "7.13.0"
20-
id "org.flywaydb.flyway" version "11.11.0"
21-
id 'maven-publish'
22-
id("com.dorongold.task-tree") version "4.0.1"
8+
id 'application'
9+
id 'checkstyle'
10+
id 'pmd'
11+
id 'jacoco'
12+
id 'idea'
13+
id 'io.spring.dependency-management' version '1.1.7'
14+
id 'org.springframework.boot' version '3.5.4'
15+
id 'org.owasp.dependencycheck' version '12.1.3'
16+
id 'com.github.ben-manes.versions' version '0.52.0'
17+
id 'org.sonarqube' version '6.2.0.5505'
18+
id "io.freefair.lombok" version "8.14"
19+
id "org.openapi.generator" version "7.13.0"
20+
id "org.flywaydb.flyway" version "11.11.0"
21+
id 'maven-publish'
22+
id("com.dorongold.task-tree") version "4.0.1"
2323
}
2424

2525
jacoco {
2626
toolVersion = "0.8.13"
2727
reportsDirectory.set(layout.buildDirectory.dir("jacocoHtml"))
2828
}
2929

30-
def buildNumber = System.getenv("RELEASE_VERSION")?: "DEV-SNAPSHOT"
30+
def buildNumber = System.getenv("RELEASE_VERSION") ?: "DEV-SNAPSHOT"
3131

3232
group 'com.github.hmcts'
3333
version buildNumber
@@ -235,10 +235,10 @@ checkstyle {
235235
}
236236

237237
pmd {
238-
toolVersion = "7.16.0"
239-
reportsDir = file("$project.buildDir/reports/pmd")
240-
// https://github.com/pmd/pmd/issues/876
241-
ruleSets = []
238+
toolVersion = "7.16.0"
239+
reportsDir = file("$project.buildDir/reports/pmd")
240+
// https://github.com/pmd/pmd/issues/876
241+
ruleSets = []
242242
}
243243

244244

@@ -437,26 +437,26 @@ dependencies {
437437
implementation 'org.zalando:problem-spring-web-starter:0.29.1'
438438

439439
implementation group: 'org.springdoc', name: 'springdoc-openapi-starter-webmvc-ui', version: '2.8.9'
440-
implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-openfeign', version: '4.2.1'
440+
implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-openfeign', version: '4.3.0'
441441
implementation 'org.springframework.retry:spring-retry:2.0.12'
442442

443443
implementation 'net.javacrumbs.shedlock:shedlock-spring:6.9.2'
444444
implementation 'net.javacrumbs.shedlock:shedlock-provider-jdbc-template:6.9.2'
445445

446-
implementation group: 'com.github.hmcts.java-logging', name: 'logging', version: '6.1.9'
447-
implementation group: 'org.apache.logging.log4j', name: 'log4j-api', version: log4JVersion
448-
implementation group: 'org.apache.logging.log4j', name: 'log4j-to-slf4j', version: log4JVersion
449-
implementation group: 'org.apache.commons', name: 'commons-exec', version: '1.5.0'
446+
implementation group: 'com.github.hmcts.java-logging', name: 'logging', version: '6.1.9'
447+
implementation group: 'org.apache.logging.log4j', name: 'log4j-api', version: log4JVersion
448+
implementation group: 'org.apache.logging.log4j', name: 'log4j-to-slf4j', version: log4JVersion
449+
implementation group: 'org.apache.commons', name: 'commons-exec', version: '1.5.0'
450450
implementation group: 'org.apache.commons', name: 'commons-text', version: '1.14.0'
451451

452452
//CVE-2023-44487
453453
implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: tomcatEmbedVersion
454454
implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-websocket', version: tomcatEmbedVersion
455455

456456
implementation platform('com.azure:azure-sdk-bom:1.2.37')
457-
implementation 'com.azure:azure-storage-blob'
457+
implementation 'com.azure:azure-storage-blob'
458458

459-
implementation group: 'io.rest-assured', name: 'rest-assured'
459+
implementation group: 'io.rest-assured', name: 'rest-assured'
460460
implementation group: 'org.flywaydb', name: 'flyway-core', version: '11.11.0'
461461
implementation group: 'org.flywaydb', name: 'flyway-database-postgresql', version: '11.11.0'
462462
implementation group: 'io.hypersistence', name: 'hypersistence-utils-hibernate-63', version: '3.10.3'
@@ -500,7 +500,7 @@ dependencies {
500500
exclude group: 'junit', module: 'junit'
501501
exclude group: 'org.junit.vintage', module: 'junit-vintage-engine'
502502
}
503-
testImplementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-contract-stub-runner', version: '4.2.1'
503+
testImplementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-contract-stub-runner', version: '4.3.0'
504504
testImplementation 'org.junit.jupiter:junit-jupiter:5.13.4'
505505
testImplementation group: 'io.projectreactor', name: 'reactor-test', version: '3.7.9'
506506
testImplementation 'org.springframework.security:spring-security-test:6.5.2'

0 commit comments

Comments
 (0)