Enable API analysis in your API center - self-managed
This article explains how to enable API analysis in Azure API Center by manually setting up a linting engine and triggers. These capabilities analyze your API definitions for adherence to organizational style rules, generating both individual and summary reports. API analysis helps identify and correct common errors and inconsistencies in your API definitions.
Note
In preview, Azure API Center automatically configures a default linting engine and dependencies for API analysis. If you enable self-managed analysis as described in this article, you override these built-in features.
Scenario overview
In this scenario, you analyze API definitions in your API center by using the Spectral open source linting engine. An Azure Functions app runs the linting engine in response to events in your API center. Spectral checks that the APIs defined in a JSON or YAML specification document conform to the rules in a customizable API style guide. An analysis report is generated that you can view in your API center.
The following diagram shows the steps to enable linting and analysis in your API center.
Deploy an Azure Functions app that runs the Spectral linting engine on an API definition.
Configure an event subscription in an Azure API center to trigger the function app.
An event is triggered by adding or replacing an API definition in the API center.
On receiving the event, the function app invokes the Spectral linting engine.
The linting engine checks that the APIs defined in the definition conform to the organization's API style guide and generates a report.
View the analysis report in the API center.
Options to deploy the linting engine and event subscription
This article provides two options to deploy the linting engine and event subscription in your API center:
Automated deployment - Use the Azure developer CLI (
azd
) for one-step deployment of linting infrastructure. This option is recommended for a streamlined deployment process.Manual deployment - Follow step-by-step guidance to deploy the Azure Functions app and configure the event subscription. This option is recommended if you prefer to deploy and manage the resources manually.
Limitations
- Linting currently supports only JSON or YAML specification files, such as OpenAPI or AsyncAPI specification documents.
- By default, the linting engine uses the built-in
spectral:oas
ruleset. To extend the ruleset or create custom API style guides, see the Spectral GitHub repo. - The Azure function app that invokes linting is charged separately, and you manage and maintain it.
Prerequisites
An API center in your Azure subscription. If you haven't created one already, see Quickstart: Create your API center.
The Event Grid resource provider registered in your subscription. If you need to register the Event Grid resource provider, see Subscribe to events published by a partner with Azure Event Grid.
For Azure CLI:
Use the Bash environment in Azure Cloud Shell. For more information, see Quickstart for Bash in Azure Cloud Shell.
If you prefer to run CLI reference commands locally, install the Azure CLI. If you're running on Windows or macOS, consider running Azure CLI in a Docker container. For more information, see How to run the Azure CLI in a Docker container.
If you're using a local installation, sign in to the Azure CLI by using the az login command. To finish the authentication process, follow the steps displayed in your terminal. For other sign-in options, see Sign in with the Azure CLI.
When you're prompted, install the Azure CLI extension on first use. For more information about extensions, see Use extensions with the Azure CLI.
Run az version to find the version and dependent libraries that are installed. To upgrade to the latest version, run az upgrade.
Note
az apic
commands require theapic-extension
Azure CLI extension. If you haven't usedaz apic
commands, the extension can be installed dynamically when you run your firstaz apic
command, or you can install the extension manually. Learn more about Azure CLI extensions.See the release notes for the latest changes and updates in the
apic-extension
. Certain features may require a preview or specific version of the extension.Note
Azure CLI command examples in this article can run in PowerShell or a bash shell. Where needed because of different variable syntax, separate command examples are provided for the two shells.
azd
deployment of Azure Functions app and event subscription
This section provides automated steps using the Azure Developer CLI to configure the Azure Functions app and event subscription that enable linting and analysis in your API center. You can also configure the resources manually.
Other prerequisites for this option
Run the sample using azd
Clone the GitHub repository and open it in Visual Studio Code.
Change directory to the
APICenter-Analyzer
folder in the repository.In the
resources/rulesets
folder, you can find anoas.yaml
file. This file reflects your current API style guide and can be modified based on your organizational needs and requirements.Authenticate with the Azure Developer CLI and the Azure CLI using the following commands:
azd auth login az login
Run the following command to deploy the linting infrastructure to your Azure subscription.
azd up
Follow the prompts to provide the required deployment information and settings, such as the environment name and API center name. For details, see Running the sample using the Azure Developer CLI (azd).
Note
The deployment might take a few minutes.
After the deployment is complete, navigate to your API center in the Azure portal. In the left menu, select Events > Event subscriptions to view the event subscription that was created.
You can now upload an API definition file to your API center to trigger the event subscription and run the linting engine.
Manual steps to configure Azure Functions app and event subscription
This section provides the manual deployment steps to configure the Azure Functions app and event subscription to enable linting and analysis in your API center. You can also use the Azure Developer CLI for automated deployment.
Other prerequisites for this option
- Visual Studio Code with the Azure Functions extension v1.10.4 or later.
Step 1. Deploy your Azure Functions app
To deploy the Azure Functions app that runs the linting function on API definitions:
Clone the GitHub repository and open it in Visual Studio Code.
In the
resources/rulesets
folder, you can find anoas.yaml
file. This file reflects your current API style guide and can be modified based on your organizational needs and requirements.Optionally, run the function app locally to test it. For details, see the README file in the repository.
Deploy the function app to Azure. For steps, see Quickstart: Create a function in Azure with TypeScript using Visual Studio Code.
Note
Deploying the function app might take a few minutes.
Sign in to the Azure portal, and go to the function app.
On the Overview page, check the following details:
- Confirm that the Status of the function app is Running.
- Under Functions, confirm that the Status of the apicenter-analyzer function is Enabled.
Step 2. Configure managed identity in your function app
To enable the function app to access the API center, configure a managed identity for the function app. The following steps show how to enable and configure a system-assigned managed identity for the function app using the Azure portal or the Azure CLI.
- In the Azure portal, navigate to your function app and select Identity under the Settings section.
- On the System assigned tab, set the Status to On and then select Save.
Now that the managed identity is enabled, assign it the Azure API Center Compliance Manager role to access the API center.
- In the Azure portal, navigate to your API center and select Access control (IAM).
- Select + Add > Add role assignment.
- Select Job function roles and then select Azure API Center Compliance Manager. Select Next.
- On the Members page, in Assign access to, select Managed identity > + Select members.
- On the Select managed identities page, search for and select the managed identity of the function app. Click Select and then Next.
- Review the role assignment, and select Review + assign.
Step 3. Configure event subscription in your API center
Now create an event subscription in your API center to trigger the function app when an API definition file is uploaded or updated. The following steps show how to create the event subscription using the Azure portal or the Azure CLI.
In the Azure portal, navigate to your API center and select Events.
On the Get started tab, select Azure Function.
On the Create Event Subscription page, do the following:
Enter a descriptive Name for the event subscription, and select Event Grid Schema.
In Topic details, enter a System topic name of your choice.
In Event Types, select the following events:
- API definition added
- API definition updated
In Endpoint Details, select Azure Function > Configure an endpoint.
On the Select Azure Function page, select the function app and the apicenter-linter function that you configured. Click Confirm selection.
Select Create.
Select the Event subscriptions tab and select Refresh. Confirm that the Provisioning state of the event subscription is Succeeded.
Note
It might take a short time for the event subscription to propagate to the function app.
Trigger event in your API center
To test the event subscription, try uploading or updating an API definition file associated with an API version in your API center. For example, upload an OpenAPI or AsyncAPI document. After the event subscription is triggered, the function app invokes the API linting engine to analyze the API definition.
- For detailed steps to add an API, API version, and API definition to your API center, see Tutorial: Register APIs in your API center.
- To create an API by uploading an API definition file using the Azure CLI, see Register API from a specification file.
To confirm that the event subscription was triggered:
Navigate to your API center, and select Events in the left menu.
Select the Event Subscriptions tab and select the event subscription for your function app.
Review the metrics to confirm that the event subscription was triggered and that linting was invoked successfully.
Note
It might take a few minutes for the metrics to appear.
After analyzing the API definition, the linting engine generates a report based on the configured API style guide.
View API analysis reports
You can view the analysis report for your API definition in the Azure portal. After an API definition is analyzed, the report lists errors, warnings, and information based on the configured API style guide.
In the portal, you can also view a summary of analysis reports for all API definitions in your API center.
Analysis report for an API definition
To view the analysis report for an API definition in your API center:
- In the portal, navigate to the API version in your API center where you added or updated an API definition.
- In the left menu, under Details, select Definitions.
- Select the API definition that you uploaded or updated.
- Select the Analysis tab.
The API Analysis Report opens, and it displays the API definition and errors, warnings, and information based on the configured API style guide. The following screenshot shows an example of an API analysis report.
API analysis summary
To view a summary of analysis reports for all API definitions in your API center:
In the portal, navigate to your API center.
In the left-hand menu, under Governance, select API Analysis. The summary appears.
Related content
Learn more about Event Grid: