Artifacts linting

.github/workflows/pr_validation.yml

@@ -0,0 +1,65 @@
+# =========================================================================================
+# CAMARA Project - Pull Request Validation Workflow for Commonalities repository
+#
+# =========================================================================================
+
+name: PR validation for CAMARA Commonalities
+
+on: 
+  # Pull Requests to main
+  pull_request:
+    branches: [master, main]
+
+jobs:
+  general:
+    name: MegaLinter
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v6
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Checkout linting config
+        uses: actions/checkout@v6
+        with:
+          repository: rartych/tooling
+          path: lint-config
+          # using configurations from v0 floating tag
+          ref: main
+          sparse-checkout: |
+            linting/config/
+          sparse-checkout-cone-mode: false
+      - name: Copy specified folder to workspace root
+        # --strip-trailing-slashes remove any trailing slashes from each SOURCE argument - when ${{ inputs.configurations }} is empty
+        run: cp -RT --strip-trailing-slashes ${{ github.workspace }}/lint-config/linting/config/ ${{ github.workspace }}
+      - name: MegaLinter
+        id: ml
+        # You can override MegaLinter flavor used to have faster performances
+        # c_cpp MegaLinter Flavor https://megalinter.io/latest/flavors/c_cpp/ includes all needed linters - can be upgraded to v8
+        uses: oxsecurity/megalinter/flavors/c_cpp@v8
+        # configuration of Megalinter
+        env:
+          VALIDATE_ALL_CODEBASE: true
+          PRINT_ALPACA: false
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_COMMENT_REPORTER: true
+          GITHUB_STATUS_REPORTER: true
+          DISABLE: COPYPASTE,SPELL,JAVASCRIPT,MARKDOWN
+          DISABLE_LINTERS: ACTION_ACTIONLINT,YAML_PRETTIER,REPOSITORY_GRYPE,REPOSITORY_SEMGREP,REPOSITORY_DEVSKIM,REPOSITORY_KICS,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,REPOSITORY_CHECKOV,REPOSITORY_GITLEAKS,YAML_V8R,JAVA_PMD
+          API_SPECTRAL_CONFIG_FILE: .spectral.yaml
+          YAML_YAMLLINT_CONFIG_FILE: .yamllint.yaml
+          GHERKIN_GHERKIN_LINT_CONFIG_FILE: .gherkin-lintrc
+          API_SPECTRAL_FILTER_REGEX_INCLUDE: (artifacts/)
+          YAML_YAMLLINT_FILTER_REGEX_INCLUDE: (artifacts/)
+          YAML_YAMLLINT_FILTER_REGEX_EXCLUDE: (artifacts/linting_rules)
+          GHERKIN_GHERKIN_LINT_FILTER_REGEX_INCLUDE: (artifacts/testing/)
+      - name: Archive production artifacts
+        if: success() || failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: MegaLinter reports
+          include-hidden-files: "true"
+          path: |
+            megalinter-reports
+            mega-linter.log

artifacts/CAMARA_common.yaml

@@ -5,9 +5,9 @@ info:
   license:
     name: Apache 2.0
     url: https://www.apache.org/licenses/LICENSE-2.0.html
-  version:  wip
+  version: wip
   x-camara-commonalities: "0.6"
-  
+
 paths: {}
 components:
   securitySchemes:
@@ -234,44 +234,44 @@ components:
       maximum: 180
 
   responses:
-#######################################################
-#######################################################
-# ERROR RESPONSE SCHEMA TEMPLATE
-#   - Objective: Make normative error `status` and `code` values
-#   - Schema Template rationale:
-#     - The `allOf` in content.application/json.schema allows a combination of both the generic ErrorInfo schema and the specific schema for this error response,
-#       which validates that `status` and `code` have only the specified values.
-#       This `allOf` is used without discriminator because it does not imply any hierarchy between the models, just 2 schemas that must be independently validated.
-#######################################################
-#    ErrorResponseSchema:
-#      ...
-#      content:
-#        application/json:
-#          schema:
-#            allOf:
-#              - $ref: '#/components/schemas/ErrorInfo'
-#              - type: object
-#                properties:
-#                  status:
-#                    enum:
-#                      - <status>
-#                  code:
-#                    enum:
-#                      - <code1>
-#                      - <code2>
-#          examples:
-#            ExampleKey1:
-#              value:
-#                status: <status>
-#                code: <code1>
-#                message: <message1>
-#            ExampleKey2:
-#              value:
-#                status: <status>
-#                code: <code2>
-#                message: <message2>
-#######################################################
-#######################################################
+    #######################################################
+    #######################################################
+    # ERROR RESPONSE SCHEMA TEMPLATE
+    #   - Objective: Make normative error `status` and `code` values
+    #   - Schema Template rationale:
+    #     - The `allOf` in content.application/json.schema allows a combination of both the generic ErrorInfo schema and the specific schema for this error response,
+    #       which validates that `status` and `code` have only the specified values.
+    #       This `allOf` is used without discriminator because it does not imply any hierarchy between the models, just 2 schemas that must be independently validated.
+    #######################################################
+    #    ErrorResponseSchema:
+    #      ...
+    #      content:
+    #        application/json:
+    #          schema:
+    #            allOf:
+    #              - $ref: '#/components/schemas/ErrorInfo'
+    #              - type: object
+    #                properties:
+    #                  status:
+    #                    enum:
+    #                      - <status>
+    #                  code:
+    #                    enum:
+    #                      - <code1>
+    #                      - <code2>
+    #          examples:
+    #            ExampleKey1:
+    #              value:
+    #                status: <status>
+    #                code: <code1>
+    #                message: <message1>
+    #            ExampleKey2:
+    #              value:
+    #                status: <status>
+    #                code: <code2>
+    #                message: <message2>
+    #######################################################
+    #######################################################
     Generic400:
       description: Bad Request
       headers:
@@ -510,7 +510,7 @@ components:
               value:
                 status: 409
                 code: INCOMPATIBLE_STATE
-                message: A referenced resource is in an incompatible state.                
+                message: A referenced resource is in an incompatible state.             
             GENERIC_409_{{SPECIFIC_CODE}}:
               description: Specific conflict situation that is relevant in the context of the API
               value:
@@ -802,6 +802,3 @@ components:
                 status: 504
                 code: TIMEOUT
                 message: Request timeout exceeded.
-
-
-

artifacts/Github_templates/.github/ISSUE_TEMPLATE/config.yml

@@ -1,6 +1,6 @@
 blank_issues_enabled: true
 contact_links:
-  - name: 🗣 Subproject discussions 
+  - name: 🗣 Subproject discussions
     url: https://github.com/camaraproject/Commonalities/discussions
     about: Please ask and answer questions here.
   - name: 📖 CAMARA API Design Guidelines

artifacts/camara-cloudevents/event-subscription-template.yaml

@@ -14,14 +14,14 @@ info:
     url: https://www.apache.org/licenses/LICENSE-2.0.html
   version: wip
   x-camara-commonalities: "0.6"
-  
+
 externalDocs:
   description: Product documentation at CAMARA
-  url: https://github.com/camaraproject/{apiRepository}
+  url: https://github.com/camaraproject/apiRepository
   # {apiRepository} MUST be replaced by the CAMARA Subproject Repository name where the API design based on this template is hosted.
 servers:
   - url: "{apiRoot}/api-name/vx.y"
-  # api-name and version should be valued accordingly to the CAMARA API versioning guidelines, e.g. for a version x.y.z, put v0.y for x=0 or just vx for x>0 in the url.
+    # api-name and version should be valued accordingly to the CAMARA API versioning guidelines, e.g. for a version x.y.z, put v0.y for x=0 or just vx for x>0 in the url.
     variables:
       apiRoot:
         default: http://localhost:9091
@@ -352,7 +352,7 @@ components:
             - ACCESSTOKEN
             - REFRESHTOKEN
           description: |
-            The type of the credential. 
+            The type of the credential.
             Note: Type of the credential - MUST be set to ACCESSTOKEN for now
       discriminator:
         propertyName: credentialType
@@ -924,7 +924,7 @@ components:
                 code: INVALID_PROTOCOL
                 message: Only HTTP is supported
             GENERIC_400_INVALID_CREDENTIAL:
-              description: Invalid sink credential type 
+              description: Invalid sink credential type
               value:
                 status: 400
                 code: INVALID_CREDENTIAL
@@ -1046,7 +1046,7 @@ components:
               value:
                 status: 403
                 code: PERMISSION_DENIED
-                message: Client does not have sufficient permissions to perform this action.       
+                message: Client does not have sufficient permissions to perform this action.   
     SubscriptionPermissionDenied403:
       description: Client does not have sufficient permission
       headers:

artifacts/notification-as-cloud-event.yaml

@@ -7,34 +7,34 @@ info:
     # Introduction
 
     A lot of CAMARA APIs offer the capability to API consumer to receive events.
-    Event data are defined in each API definition but in order to provide consistency across CAMARA APIs and to increase 
-    interoperability we will use [cloudevents](https://cloudevents.io/) specifications. In particular, every CAMARA Event will 
+    Event data are defined in each API definition but in order to provide consistency across CAMARA APIs and to increase
+    interoperability we will use [cloudevents](https://cloudevents.io/) specifications. In particular, every CAMARA Event will
     be defined using [cloudevents-json-format](https://github.com/cloudevents/spec/blob/main/cloudevents/formats/json-format.md)
-   
+
     # Relevant terms and definitions
 
       * **Occurrence** : An "occurrence" is the capture of a statement of fact during the operation of a software system.
 
-      * **Event**: An "event" is a data record expressing an occurrence and its context. Events are routed from an 
+      * **Event**: An "event" is a data record expressing an occurrence and its context. Events are routed from an
     event producer (the source) to interested event consumers.
-    
-      * **Producer**: The "producer" is a specific instance, process or device that creates the data structure 
+
+      * **Producer**: The "producer" is a specific instance, process or device that creates the data structure
     describing the CloudEvent.
 
-      * **Source**:  The "source" is the context in which the occurrence happened. In a distributed system it might 
-    consist of multiple producers. If a source is not aware of CloudEvents, an external producer creates 
+      * **Source**:  The "source" is the context in which the occurrence happened. In a distributed system it might
+    consist of multiple producers. If a source is not aware of CloudEvents, an external producer creates
     the CloudEvent on behalf of the source.
-  
-      * **Consumer**: A "consumer" receives the event and acts upon it. It uses the context and data to execute some 
+
+      * **Consumer**: A "consumer" receives the event and acts upon it. It uses the context and data to execute some
     logic, which might lead to the occurrence of new events.
-  
-      * **Data**:  Domain-specific information about the occurrence (i.e. the payload). This might 
+
+      * **Data**:  Domain-specific information about the occurrence (i.e. the payload). This might
     include information about the occurrence, details about the data that was changed, or more.
-  
+
     # API Functionality
-    
+
     Only one endpoint/operation is provided: `POST /your_webhook_notification_url`
-    This endpoint describes the event notification received on subscription listener side when the event occurred. 
+    This endpoint describes the event notification received on subscription listener side when the event occurred.
     A detailed description of the event notification is provided in the [CAMARA API Event Subscription and Notification Guide](https://github.com/camaraproject/Commonalities/blob/main/documentation/CAMARA-API-Event-Subscription-and-Notification-Guide.md#3-event-notification)
 
   termsOfService: http://swagger.io/terms/
@@ -48,8 +48,8 @@ externalDocs:
   description: Product documentation at CAMARA
   url: https://github.com/camaraproject/Commonalities
 security:
-    - notificationsBearerAuth: []
-    - {}
+  - notificationsBearerAuth: []
+  - {}
 
 servers:
   - url: '{apiRoot}'
@@ -62,14 +62,14 @@ tags:
     description: |
       Events received on subscription listener side.
 paths:
-  /your_webhook_notification_url:
+  /your-webhook-notification-url:
     post:
       tags:
         - CAMARA Cloud Event
       summary: "Cloud Event notification endpoint to notify consumer that statement of fact had occurred"
       description: |
         INFORMATIVE ENDPOINT: The value of this endpoint is freely declared by each client app by means of resource-based
-        subscription or instance-based subscription. /your_webhook_notification_url is 
+        subscription or instance-based subscription. /your_webhook_notification_url is
         just a convention naming referring to an absolute URL, indeed the one indicated by API client
         in the triggering of the procedure (resource-based or instance-based).  In this way, it represents an absolute
         URL, i.e.: notifications won't be sent to /event-notification/vX/your_webhook_notification_url.
@@ -87,20 +87,20 @@ paths:
                 $ref: '#/components/examples/QOS_STATUS_CHANGED_EXAMPLE'
 
       responses:
-        204:
+        "204":
           description: No Content
           headers:
             x-correlator:
               $ref: "#/components/headers/x-correlator"
-        400:
+        "400":
           $ref: "#/components/responses/Generic400"
-        401:
+        "401":
           $ref: "#/components/responses/Generic401"
-        403:
+        "403":
           $ref: "#/components/responses/Generic403"
-        410:
+        "410":
           $ref: "#/components/responses/Generic410"
-        429:
+        "429":
           $ref: "#/components/responses/Generic429"
 components:
   securitySchemes:
@@ -125,7 +125,7 @@ components:
         message:
           type: string
           description: A human-readable description of what the event represents
-          
+
     XCorrelator:
       type: string
       pattern: ^[a-zA-Z0-9-_:;.\/<>{}]{0,256}$