From 573c46533beed7090e986003ad1c226b220e2555 Mon Sep 17 00:00:00 2001
From: Rafal Artych <121048129+rartych@users.noreply.github.com>
Date: Thu, 4 Sep 2025 12:00:52 +0200
Subject: [PATCH 1/4] Delete .github/workflows/temp/megalinter._yml

---
 .github/workflows/temp/megalinter._yml | 78 --------------------------
 1 file changed, 78 deletions(-)
 delete mode 100644 .github/workflows/temp/megalinter._yml

diff --git a/.github/workflows/temp/megalinter._yml b/.github/workflows/temp/megalinter._yml
deleted file mode 100644
index 6bda700..0000000
--- a/.github/workflows/temp/megalinter._yml
+++ /dev/null
@@ -1,78 +0,0 @@
----
-# MegaLinter GitHub Action configuration file
-# More info at https://megalinter.io
-# CAMARA Project - Github Action for Pull Reqests
-# 31.01.2024 - initial version
-
-name: MegaLinter
-
-on: # yamllint disable-line rule:truthy
-  # Pull Requests to main
-  pull_request:
-    branches: [master, main]
-
-env: # Comment env block if you do not want to apply fixes
-  # Apply linter fixes configuration
-  APPLY_FIXES: all # When active, APPLY_FIXES must also be defined as environment variable (in github/workflows/mega-linter.yml or other CI tool)
-  APPLY_FIXES_EVENT: pull_request # Decide which event triggers application of fixes in a commit or a PR (pull_request, push, all)
-  APPLY_FIXES_MODE: commit # If APPLY_FIXES is used, defines if the fixes are directly committed (commit) or posted in a PR (pull_request)
-
-concurrency:
-  group: ${{ github.ref }}-${{ github.workflow }}
-  cancel-in-progress: true
-
-jobs:
-  build:
-    name: MegaLinter
-    runs-on: ubuntu-latest
-    permissions:
-      # Give the default GITHUB_TOKEN write permission to commit and push, comment issues & post new PR
-      # Remove the ones you do not need
-      contents: write
-      issues: write
-      pull-requests: write
-    steps:
-      # Git Checkout
-      - name: Checkout Code
-        uses: actions/checkout@v4
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          fetch-depth: 0 # If you use VALIDATE_ALL_CODEBASE = true, you can remove this line to improve performances
-      - name: Install Spectral
-        run: npm install -g @stoplight/spectral
-      - name: Install Spectral functions
-        run: npm install -g @stoplight/spectral-functions
-    # - name: Run spectral:oas Spectral Linting
-    #   run: spectral lint code/API_definitions/*.yaml --verbose --ruleset .spectral.yml
-        # Replace openapi.yaml file with your API specification file
-
-      # MegaLinter
-      - name: MegaLinter
-        id: ml
-        # You can override MegaLinter flavor used to have faster performances
-        # More info at https://megalinter.io/flavors/
-        uses: oxsecurity/megalinter/flavors/java@v7.3.0
-        env:
-          # All available variables are described in documentation
-          # https://megalinter.io/configuration/
-          PRINT_ALPACA: false
-          # VALIDATE_ALL_CODEBASE: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} # Validates all source when push on main, else just the git diff with main. Override with true if you always want to lint all sources
-          VALIDATE_ALL_CODEBASE: true
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          # ADD YOUR CUSTOM ENV VARIABLES HERE OR DEFINE THEM IN A FILE .mega-linter.yml AT THE ROOT OF YOUR REPOSITORY
-          DISABLE: COPYPASTE,MARKDOWN
-          DISABLE_LINTERS: SPELL_CSPELL,SPELL_LYCHEE,YAML_PRETTIER,REPOSITORY_GRYPE, REPOSITORY_SEMGREP,REPOSITORY_DEVSKIM,REPOSITORY_KICS,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,REPOSITORY_CHECKOV,REPOSITORY_GITLEAKS,YAML_V8R,JAVA_PMD,JAVA_CHECKSTYLE
-          YAML_YAMLLINT_CONFIG_FILE: ".yamllint.yaml"
-          OPENAPI_SPECTRAL_CONFIG_FILE: ".spectral.yml"
-          YAML_YAMLLINT_FILTER_REGEX_INCLUDE: "(code/)"
-          OPENAPI_SPECTRAL_FILTER_REGEX_INCLUDE: "(code/)"
-
-          # Upload MegaLinter artifacts
-      - name: Archive production artifacts
-        if: ${{ success() }} || ${{ failure() }}
-        uses: actions/upload-artifact@v4
-        with:
-          name: MegaLinter reports
-          path: |
-            megalinter-reports
-            mega-linter.log

From d7c7ff6c655f9359a3a6db38ae8723c87d5b23b8 Mon Sep 17 00:00:00 2001
From: Rafal Artych <121048129+rartych@users.noreply.github.com>
Date: Thu, 4 Sep 2025 12:01:05 +0200
Subject: [PATCH 2/4] Delete .github/workflows/temp/spectral_oas_lint.yml

---
 .github/workflows/temp/spectral_oas_lint.yml | 36 --------------------
 1 file changed, 36 deletions(-)
 delete mode 100644 .github/workflows/temp/spectral_oas_lint.yml

diff --git a/.github/workflows/temp/spectral_oas_lint.yml b/.github/workflows/temp/spectral_oas_lint.yml
deleted file mode 100644
index a828fd5..0000000
--- a/.github/workflows/temp/spectral_oas_lint.yml
+++ /dev/null
@@ -1,36 +0,0 @@
----
-# CAMARA Project - workflow configuration to manually run CAMARA OAS rules
-# see https://docs.github.com/en/actions/using-workflows/manually-running-a-workflow
-# 31.01.2024 - initial version
-
-name: Spectral manual run
-
-on: workflow_dispatch
- 
-concurrency:
-  group: ${{ github.ref }}-${{ github.workflow }}
-  cancel-in-progress: true
-
-jobs:
-  build:
-    name: Spectral linting
-    runs-on: ubuntu-latest
-    permissions:
-      # Give the default GITHUB_TOKEN write permission to commit and push, comment issues & post new PR
-      # Remove the ones you do not need
-      contents: write
-      issues: write
-      pull-requests: write
-    steps:
-      # Git Checkout
-      - name: Checkout Code
-        uses: actions/checkout@v4
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          fetch-depth: 0 # If you use VALIDATE_ALL_CODEBASE = true, you can remove this line to improve performances
-      - name: Install Spectral
-        run: npm install -g @stoplight/spectral
-      - name: Install Spectral functions
-        run: npm install -g @stoplight/spectral-functions
-      - name: Run Spectral linting
-        run: spectral lint code/API_definitions/*.yaml --verbose --ruleset .spectral.yml

From 6eac6f7e7605f0f05163ee48636a9ea2b06db27a Mon Sep 17 00:00:00 2001
From: Rafal Artych <121048129+rartych@users.noreply.github.com>
Date: Thu, 4 Sep 2025 12:02:23 +0200
Subject: [PATCH 3/4] Update pr_validation_caller.yml

---
 .github/workflows/pr_validation_caller.yml | 38 +++++++++++++++++-----
 1 file changed, 29 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/pr_validation_caller.yml b/.github/workflows/pr_validation_caller.yml
index 1373d1a..d847f6e 100644
--- a/.github/workflows/pr_validation_caller.yml
+++ b/.github/workflows/pr_validation_caller.yml
@@ -1,13 +1,30 @@
+# =========================================================================================
+# CAMARA Project - Pull Request Validation Workflow Caller
+#
+# This GitHub Actions workflow is responsible for invoking a reusable PR validation workflow
+# from the camaraproject/tooling repository. It is intended to ensure consistent validation
+# steps for all PRs targeting the main branch in this repository.
+#
+# CHANGELOG:
+# - 2025-08-01: Initial version for v0
+#
+# USAGE:
+# - Automatically triggers on pull requests targeting main.
+# - Can be triggered manually via workflow_dispatch.
+# - Calls by default the reusable workflow at 
+#   camaraproject/tooling/.github/workflows/pr_validation.yml@v0
+#
+# DOCUMENTATION:
+# see https://github.com/camaraproject/tooling/tree/main/linting/docs
+# =========================================================================================
+
 name: Caller for PR validation workflow
-# CAMARA Project - Github Action for Pull Reqests
-# This workflow calls the reusable workflow from the tooling repository
-# initial version
 
 on:
-  # Pull Requests to main
+  # Trigger on pull requests to the main branch only
   pull_request:
     branches: main
-  # manual workflow triggering
+  # Enable manual trigger via the GitHub UI
   workflow_dispatch:
   
 concurrency:
@@ -15,15 +32,18 @@ concurrency:
   cancel-in-progress: true
 
 permissions:
+  # Grant necessary write permissions for PRs, contents, and issues
   pull-requests: write
   contents: write
   issues: write
+  statuses: write
 
 jobs:
   pr_validation:
-    uses: camaraproject/tooling/.github/workflows/pr_validation.yml@main
+    # Invoke the reusable PR validation workflow from "v0" tag of camaraproject/tooling
+    uses: camaraproject/tooling/.github/workflows/pr_validation.yml@v0
     secrets: inherit
-# This workflow calls the reusable workflow from tooling repository
-# Tools configuration from the tooling repository branch indicated by `configurations` variable    
+# Tools configuration from the tooling repository subfolder of /linting/config/ indicated by `configurations` variable
+# If needed, you can specify a configuration from another subfolder of camaraproject/tooling/linting/config/ (uncomment below)
 #    with:
-#      configurations: staging
+#      configurations: api-name

From 15d2a508821ceb4e6833da0da23a5f451bc33635 Mon Sep 17 00:00:00 2001
From: Rafal Artych <121048129+rartych@users.noreply.github.com>
Date: Thu, 4 Sep 2025 12:03:06 +0200
Subject: [PATCH 4/4] Update spectral-oas-caller.yml

---
 .github/workflows/spectral-oas-caller.yml | 34 +++++++++++++++++------
 1 file changed, 26 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/spectral-oas-caller.yml b/.github/workflows/spectral-oas-caller.yml
index cbe1596..05cde3f 100644
--- a/.github/workflows/spectral-oas-caller.yml
+++ b/.github/workflows/spectral-oas-caller.yml
@@ -1,7 +1,23 @@
+# =========================================================================================
+# CAMARA Project - Linting OpenAPI Specification with CAMARA Ruleset Caller
+#
+# This GitHub Actions workflow is responsible for invoking a reusable "Spectral linting with 
+# CAMARA ruleset" workflow from the camaraproject/tooling repository. It is intended to 
+# provide more detailed output from Spectral tool (warnings, hints)  
+#
+# CHANGELOG:
+# - 2025-08-01: Initial version for v0
+#
+# USAGE:
+# - Can be triggered manually via workflow_dispatch.
+# - Calls by default the reusable workflow at 
+#   camaraproject/tooling/.github/workflows/spectral-oas.yml@v0
+#
+# DOCUMENTATION:
+# see https://github.com/camaraproject/tooling/tree/main/linting/docs
+# =========================================================================================
+
 name: Caller for Spectral linting with CAMARA ruleset
-# CAMARA Project - Github Action for Pull Reqests
-# This workflow calls the reusable workflow from the tooling repository
-# initial version
 
 on: 
   workflow_dispatch:
@@ -11,14 +27,16 @@ concurrency:
   cancel-in-progress: true
 
 permissions:
+  # Grant necessary write permissions for PRs and issues
   pull-requests: write
-  contents: write
+  contents: read
   issues: write
 
 jobs:
   spectral:
-    uses: camaraproject/tooling/.github/workflows/spectral-oas.yml@main
-# This workflow calls the reusable workflow from the tooling repository
-# Tools configuration from the tooling repository branch indicated by `configurations` variable    
+  # Invoke the reusable PR validation workflow from the main branch of camaraproject/tooling
+    uses: camaraproject/tooling/.github/workflows/spectral-oas.yml@v0
+# Spectral configuration from the tooling repository subfolder of /linting/config/ indicated by `configurations` variable
+# If needed, you can specify a configuration from another subfolder of camaraproject/tooling/linting/config/ (uncomment below)
 #    with:
-#      configurations: staging
+#      configurations: api-name