From b58b7d5a94eb4d4c55caf8fee1dc2ea81ca54b7c Mon Sep 17 00:00:00 2001
From: Francesco Bartoli <xbartolone@gmail.com>
Date: Tue, 20 Feb 2024 15:24:06 +0100
Subject: [PATCH] Divide ruleset into two steps

---
 .github/workflows/openapi.yml         | 21 +++++++++++++++++----
 .spectral.yaml => .spectral.oas3.yaml |  0
 .spectral.owasp-top.10.yaml           |  2 ++
 3 files changed, 19 insertions(+), 4 deletions(-)
 rename .spectral.yaml => .spectral.oas3.yaml (100%)
 create mode 100644 .spectral.owasp-top.10.yaml

diff --git a/.github/workflows/openapi.yml b/.github/workflows/openapi.yml
index a22e048..4fc91bf 100644
--- a/.github/workflows/openapi.yml
+++ b/.github/workflows/openapi.yml
@@ -33,15 +33,28 @@ jobs:
           poetry install
           poetry run fastgeoapi openapi
 
+      # Create OAS3 ruleset
+      - name: Create OAS 3
+        run: |
+          echo 'extends: ["spectral:oas"]' > .spectral.oas3.yaml
+
+
       # Create OWASP API Security 10 ruleset
       - name: Create OWASP API Security 10
         run: |
           npm install -g @stoplight/spectral-owasp-ruleset@latest
-          echo 'extends: ["https://unpkg.com/@stoplight/spectral-owasp-ruleset/dist/ruleset.mjs"]' > .spectral.yaml
+          echo 'extends: ["https://unpkg.com/@stoplight/spectral-owasp-ruleset/dist/ruleset.mjs"]' > .spectral.owasp-top-10.yaml
+
+      # Run Spectral for OWASP Top 10
+      - name: Run Spectral for OAS3
+        uses: stoplightio/spectral-action@latest
+        with:
+          file_glob: "pygeoapi-openapi.json"
+          spectral_ruleset: ".spectral.oas3.yaml"
 
-      # Run Spectral
-      - name: Run Spectral
+      # Run Spectral for OWASP Top 10
+      - name: Run Spectral for OWASP top 10
         uses: stoplightio/spectral-action@latest
         with:
           file_glob: "pygeoapi-openapi.json"
-          spectral_ruleset: ".spectral.yaml"
+          spectral_ruleset: ".spectral.owasp-top-10.yaml"
diff --git a/.spectral.yaml b/.spectral.oas3.yaml
similarity index 100%
rename from .spectral.yaml
rename to .spectral.oas3.yaml
diff --git a/.spectral.owasp-top.10.yaml b/.spectral.owasp-top.10.yaml
new file mode 100644
index 0000000..38ace47
--- /dev/null
+++ b/.spectral.owasp-top.10.yaml
@@ -0,0 +1,2 @@
+extends:
+  ["https://unpkg.com/@stoplight/spectral-owasp-ruleset/dist/ruleset.mjs"]