206 lines
5.5 KiB
YAML
206 lines
5.5 KiB
YAML
openapi: 3.1.0
|
|
info:
|
|
title: Clean Release Compliance API
|
|
version: "1.0.0"
|
|
description: >
|
|
API contract for enterprise clean release validation in isolated corporate networks.
|
|
servers:
|
|
- url: https://internal-api.company.local
|
|
paths:
|
|
/api/clean-release/checks:
|
|
post:
|
|
summary: Start enterprise clean compliance check
|
|
operationId: startCleanComplianceCheck
|
|
tags: [clean-release]
|
|
requestBody:
|
|
required: true
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StartCheckRequest'
|
|
examples:
|
|
enterpriseClean:
|
|
value:
|
|
candidate_id: "2026.03.03-rc1"
|
|
profile: "enterprise-clean"
|
|
execution_mode: "tui"
|
|
responses:
|
|
"202":
|
|
description: Check run accepted
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StartCheckResponse'
|
|
"400":
|
|
description: Invalid request
|
|
"403":
|
|
description: Forbidden
|
|
"409":
|
|
description: Candidate is not eligible for check
|
|
/api/clean-release/checks/{check_run_id}:
|
|
get:
|
|
summary: Get compliance check status
|
|
operationId: getCleanComplianceStatus
|
|
tags: [clean-release]
|
|
parameters:
|
|
- name: check_run_id
|
|
in: path
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
description: Current check status
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CheckStatusResponse'
|
|
"404":
|
|
description: Check run not found
|
|
/api/clean-release/reports/{report_id}:
|
|
get:
|
|
summary: Get compliance report
|
|
operationId: getCleanComplianceReport
|
|
tags: [clean-release]
|
|
parameters:
|
|
- name: report_id
|
|
in: path
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
description: Compliance report
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ComplianceReportResponse'
|
|
"404":
|
|
description: Report not found
|
|
|
|
components:
|
|
schemas:
|
|
StartCheckRequest:
|
|
type: object
|
|
required: [candidate_id, profile, execution_mode]
|
|
properties:
|
|
candidate_id:
|
|
type: string
|
|
profile:
|
|
type: string
|
|
enum: [enterprise-clean, development]
|
|
execution_mode:
|
|
type: string
|
|
enum: [tui, ci]
|
|
StartCheckResponse:
|
|
type: object
|
|
required: [check_run_id, candidate_id, status, started_at]
|
|
properties:
|
|
check_run_id:
|
|
type: string
|
|
candidate_id:
|
|
type: string
|
|
status:
|
|
type: string
|
|
enum: [running]
|
|
started_at:
|
|
type: string
|
|
format: date-time
|
|
|
|
CheckStageResult:
|
|
type: object
|
|
required: [stage, status]
|
|
properties:
|
|
stage:
|
|
type: string
|
|
enum: [data_purity, internal_sources_only, no_external_endpoints, manifest_consistency]
|
|
status:
|
|
type: string
|
|
enum: [pass, fail, skipped]
|
|
details:
|
|
type: string
|
|
duration_ms:
|
|
type: integer
|
|
minimum: 0
|
|
|
|
Violation:
|
|
type: object
|
|
required: [violation_id, category, severity, location, remediation, blocked_release]
|
|
properties:
|
|
violation_id:
|
|
type: string
|
|
category:
|
|
type: string
|
|
enum: [data-purity, external-source, manifest-integrity, policy-conflict, operational-risk]
|
|
severity:
|
|
type: string
|
|
enum: [critical, high, medium, low]
|
|
location:
|
|
type: string
|
|
evidence:
|
|
type: string
|
|
remediation:
|
|
type: string
|
|
blocked_release:
|
|
type: boolean
|
|
detected_at:
|
|
type: string
|
|
format: date-time
|
|
|
|
CheckStatusResponse:
|
|
type: object
|
|
required: [check_run_id, candidate_id, final_status, checks]
|
|
properties:
|
|
check_run_id:
|
|
type: string
|
|
candidate_id:
|
|
type: string
|
|
final_status:
|
|
type: string
|
|
enum: [running, compliant, blocked, failed]
|
|
started_at:
|
|
type: string
|
|
format: date-time
|
|
finished_at:
|
|
type: string
|
|
format: date-time
|
|
checks:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CheckStageResult'
|
|
violations:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Violation'
|
|
|
|
ComplianceReportResponse:
|
|
type: object
|
|
required:
|
|
[report_id, check_run_id, candidate_id, generated_at, final_status, operator_summary, violations_count, blocking_violations_count]
|
|
properties:
|
|
report_id:
|
|
type: string
|
|
check_run_id:
|
|
type: string
|
|
candidate_id:
|
|
type: string
|
|
generated_at:
|
|
type: string
|
|
format: date-time
|
|
final_status:
|
|
type: string
|
|
enum: [compliant, blocked, failed]
|
|
operator_summary:
|
|
type: string
|
|
structured_payload_ref:
|
|
type: string
|
|
violations_count:
|
|
type: integer
|
|
minimum: 0
|
|
blocking_violations_count:
|
|
type: integer
|
|
minimum: 0
|
|
violations:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Violation' |