Hi 

I am currently engaged in developing an Apigee API proxy leveraging the OpenAPI specification. My workflow typically involves the use of Apigee's OpenAPI Spec feature for this purpose. However, due to my organization's policies, I am unable to utilize public repositories for storing or accessing OpenAPI specifications.

Given these constraints, I am exploring alternative approaches to efficiently create and manage Apigee API proxies with OpenAPI specs in a controlled, private environment. Could you kindly share any best practices, tools, or methodologies that can be adopted in such scenarios?

Specifically, I am interested in understanding:

• Secure methods to store and access OpenAPI specs within private repositories.
• Strategies for integrating these private specs with Apigee's API proxy creation process.
• Any relevant experiences or insights from those who have navigated similar challenges.

Your expertise and suggestions will be invaluable in assisting me to streamline this process while adhering to our organizational compliance standards.

Thank you in advance for your time and assistance.