Skip to content

chore: audit api spec with vacuum #166

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pranavjain97 merged 1 commit into from
Dec 16, 2025
Merged

chore: audit api spec with vacuum #166

pranavjain97 merged 1 commit into from
Dec 16, 2025

Conversation

@starfy84
Copy link
Contributor

@starfy84 starfy84 commented Dec 9, 2025

Ticket: DX-2457

@starfy84 starfy84 self-assigned this Dec 9, 2025
@starfy84 starfy84 force-pushed the DX-2457-audit-api-specs branch from ba98825 to 4585e72 Compare December 10, 2025 17:35
@starfy84 starfy84 marked this pull request as ready for review December 10, 2025 17:41
@starfy84 starfy84 requested a review from a team as a code owner December 10, 2025 17:41
@starfy84 starfy84 requested a review from mrdanish26 December 10, 2025 17:41
mrdanish26
mrdanish26 reviewed Dec 10, 2025
View reviewed changes
Copy link

@mrdanish26 mrdanish26 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you fix the CI failure please

@starfy84 starfy84 force-pushed the DX-2457-audit-api-specs branch from 4585e72 to 3ada1a1 Compare December 12, 2025 19:18
@starfy84 starfy84 requested a review from mrdanish26 December 12, 2025 19:19
@starfy84
Copy link
Contributor Author

starfy84 commented Dec 12, 2025
edited
Loading

Can you fix the CI failure please

Should be good now, thanks!

Also, feel free to merge the PR after approving, I don't have permissions to merge to master

@mrdanish26 mrdanish26 requested a review from Copilot December 12, 2025 20:45
Copilot AI reviewed Dec 12, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR introduces automated API specification auditing using the Vacuum tool to ensure OpenAPI specification quality. The changes add a comprehensive ruleset configuration and integrate the auditing process into the CI/CD pipeline to catch API specification issues early in the development cycle.

Key Changes:

  • Added a custom ruleset.yaml configuration with 27 validation rules covering schemas, operations, security, and best practices
  • Integrated Vacuum v0.18.1 into the pull request workflow to automatically audit generated API specifications
  • New CI job generates OpenAPI specs and validates them against the ruleset, failing the build on errors

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 9 comments.

File Description
ruleset.yaml Defines comprehensive validation rules for OpenAPI specifications including schema validation, security checks, and operation requirements with BitGo-specific customizations for tags and operationIds
.github/workflows/pull_request.yaml Adds new audit-api-spec job that installs dependencies, downloads Vacuum CLI tool, generates API spec from source, and validates it with custom ruleset

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

mrdanish26
mrdanish26 previously requested changes Dec 12, 2025
View reviewed changes
Copy link

@mrdanish26 mrdanish26 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you address the copilot's comments

@starfy84 starfy84 force-pushed the DX-2457-audit-api-specs branch from 103edee to e88f439 Compare December 12, 2025 22:56
@starfy84 starfy84 requested a review from mrdanish26 December 12, 2025 22:58
Copilot AI mentioned this pull request Dec 15, 2025
Closed
@BitGo BitGo deleted a comment from Copilot AI Dec 15, 2025
@mrdanish26 mrdanish26 requested a review from Copilot December 15, 2025 20:05
Copilot AI reviewed Dec 15, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@starfy84 starfy84 force-pushed the DX-2457-audit-api-specs branch from d3c2184 to 84a464f Compare December 16, 2025 19:33
@starfy84 starfy84 requested a review from Copilot December 16, 2025 19:33
Copilot AI reviewed Dec 16, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@starfy84 starfy84 force-pushed the DX-2457-audit-api-specs branch from 84a464f to dbf12d1 Compare December 16, 2025 19:48
pranavjain97
pranavjain97 approved these changes Dec 16, 2025
View reviewed changes
Copy link
Contributor

@pranavjain97 pranavjain97 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

@pranavjain97 pranavjain97 dismissed mrdanish26’s stale review December 16, 2025 19:54

Comments addressed

@pranavjain97 pranavjain97 merged commit 45a47e9 into master Dec 16, 2025
8 checks passed
@pranavjain97 pranavjain97 deleted the DX-2457-audit-api-specs branch December 16, 2025 19:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@pranavjain97 pranavjain97 pranavjain97 approved these changes

@mohammadalfaiyazbitgo mohammadalfaiyazbitgo mohammadalfaiyazbitgo approved these changes

@mrdanish26 mrdanish26 Awaiting requested review from mrdanish26

Assignees

@starfy84 starfy84

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@starfy84 @pranavjain97 @mohammadalfaiyazbitgo @mrdanish26