Maint/621 maintenance clean up applicationyml by removing properties which are set to default values

[devtobi]

Description

• Simplified and aligned the application.yml files
• Removed Hibernate naming strategy for local profile
• Removed column annotation in entities to inter via Hibernate

Reference
Issues #621

Summary by CodeRabbit

Release Notes

• Configuration Changes
  • Simplified database column mapping for textAttribute by removing explicit column name.
  • Removed naming.physical-strategy from Hibernate settings, streamlining configuration.
  • Restructured application configuration for better organization, removing unnecessary properties related to data rest and error handling.
  • Updated server port from 8084 to 8085 in local configurations.
  • Added new error handling settings to disable the default error page.

These updates enhance the application's configuration clarity and maintainability.

[coderabbitai]

Walkthrough

The changes in this pull request involve modifications to several configuration files and a Java class. The TheEntity class has had its textAttribute field updated to simplify its database column mapping by removing the explicit column name. Configuration files application-local.yml and application.yml have undergone structural changes, including the removal of specific properties and reorganization of settings. The server port has been updated in one of the local configuration files. Overall, these changes streamline the configuration and entity mapping.

Changes

File Path	Change Summary
src/main/java/de/muenchen/refarch/theentity/TheEntity.java	Updated textAttribute field by removing name attribute from @Column annotation.
src/main/resources/application-local.yml	Removed naming.physical-strategy from spring.jpa.hibernate section; server port remains unchanged.
src/main/resources/application.yml	Removed spring.data.rest section and properties for error handling; restructured spring.application.name.
refarch-eai/src/main/resources/application-local.yml	Updated server port from 8084 to 8085.
refarch-eai/src/main/resources/application.yml	Removed camel.springboot properties; added server.error.whitelabel.enabled; updated management endpoint settings.

Possibly related PRs

• 🔧 Updated banner configuration #581: The changes in the main PR involve modifications to the application.yml and application-local.yml configuration files, while PR 🔧 Updated banner configuration #581 focuses on the banner.txt file. There is no direct connection at the code level between the changes made in the main PR and those in PR 🔧 Updated banner configuration #581.

Suggested labels

Template: Backend, Template: EAI, Type: Maintenance

Suggested reviewers

• simonhir

🐰 In the code, we hop and play,
Simplifying things in a clever way.
With ports and names, we've made it neat,
Our configurations now can't be beat!
So let’s rejoice, with a cheerful cheer,
For a cleaner code, we hold so dear! 🎉

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🧹 Outside diff range comments (1)

refarch-backend/src/main/resources/application.yml (1)

Line range hint 5-11: Address TODO comment in security configuration

The TODO comment indicates that the OAuth2 audience should be updated with the actual project's clientId. This is important for proper security configuration.

Would you like me to help create a GitHub issue to track this security configuration update?

🧰 Tools

🪛 yamllint (1.35.1)

[error] 3-3: syntax error: found character '@' that cannot start any token

(syntax)

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE

📥 Commits

Reviewing files that changed from the base of the PR and between fec4492 and 05db204.

📒 Files selected for processing (5)

• refarch-backend/src/main/java/de/muenchen/refarch/theentity/TheEntity.java (1 hunks)
• refarch-backend/src/main/resources/application-local.yml (0 hunks)
• refarch-backend/src/main/resources/application.yml (1 hunks)
• refarch-eai/src/main/resources/application-local.yml (1 hunks)
• refarch-eai/src/main/resources/application.yml (2 hunks)

💤 Files with no reviewable changes (1)

• refarch-backend/src/main/resources/application-local.yml

🧰 Additional context used

🪛 yamllint (1.35.1)

refarch-eai/src/main/resources/application-local.yml

[error] 2-2: no new line character at the end of file

(new-line-at-end-of-file)

refarch-backend/src/main/resources/application.yml

[error] 3-3: syntax error: found character '@' that cannot start any token

(syntax)

🔇 Additional comments (6)

refarch-backend/src/main/java/de/muenchen/refarch/theentity/TheEntity.java (1)

35-38: Verify database compatibility after removing explicit column name.

The removal of the explicit column name aligns with the PR objective to simplify entity mappings. However, we should ensure this change doesn't break existing database schemas.

✅ Verification successful

Let me check the content of BaseEntity.java and any database configuration files to make a complete assessment.

---

Let me check the content of the application configuration files specifically to understand the database naming strategy changes.

---

Based on the gathered information, I can now provide the final response:

The column name removal is safe to proceed

The change is safe because:

1. The application is configured with ddl-auto: create-drop in local profile, which means the schema is recreated on each startup
2. No database migration scripts were found in the conventional locations
3. Only BaseEntity.java has an explicit column name, which is for the ID field and remains unchanged
4. The removal of column name from textAttribute will use Hibernate's default naming strategy, which will map it to text_attribute in the database

The change aligns with the PR objective to clean up and simplify the configuration by relying on convention over configuration.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for potential database migration scripts and other entity classes
# that might be affected by the naming convention change

# Look for migration scripts
echo "Checking for migration scripts..."
fd -e sql -e xml -e yaml -e yml . | grep -i "migration\|flyway\|liquibase"

# Check for other entities with explicit column names
echo "Checking for other entities with explicit column names..."
rg -l "@Column\(.*name\s*=" --type java

Length of output: 616

---

Script:

#!/bin/bash
# Check the content of BaseEntity.java
echo "Content of BaseEntity.java:"
cat refarch-backend/src/main/java/de/muenchen/refarch/common/BaseEntity.java

# Check for database configuration
echo -e "\nDatabase configuration files:"
fd -e yml -e yaml -e properties . | grep -i "application\|persistence\|database"

# If found, check their content
echo -e "\nContent of application configuration files:"
find . -name "application*.yml" -o -name "application*.yaml" -o -name "application*.properties" -exec cat {} \;

Length of output: 1652

---

Script:

#!/bin/bash
# Check content of application.yml and application-local.yml in refarch-backend
echo "Content of main application.yml:"
cat refarch-backend/src/main/resources/application.yml

echo -e "\nContent of application-local.yml:"
cat refarch-backend/src/main/resources/application-local.yml

# Check for any Liquibase or Flyway database migration files
echo -e "\nDatabase migration files:"
fd -e sql -e xml -e yaml -e yml . resources/db/migration

Length of output: 2863

refarch-eai/src/main/resources/application.yml (3)

7-9: LGTM: Disabling whitelabel error page

Disabling the whitelabel error page is a good security practice for production environments as it prevents exposure of technical details.

---

16-16: Verify management endpoints configuration

The management endpoints configuration looks secure with:

• Explicit enabling of required endpoints only
• Proper exposure of health, info, and prometheus metrics
  However, please verify that:

1. All necessary endpoints are included
2. No sensitive endpoints are accidentally exposed

Also applies to: 24-25

✅ Verification successful

Let me check the content of these files to better understand the endpoint configuration and security settings.

---

Management endpoints configuration is secure and complete

The configuration is verified to be secure and appropriate based on the following findings:

• Security Configuration explicitly permits only necessary endpoints: health (including liveness/readiness), info, and metrics (prometheus)
• Application configuration properly restricts access with access: read_only for all exposed endpoints
• The endpoints align with OpenShift requirements for health checks and monitoring
• No sensitive endpoints (like env, beans, mappings) are exposed
• The configuration matches the security requirements in SecurityConfiguration.java

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for management endpoint usage in the codebase
rg -l "actuator|management\.endpoints|management\.endpoint" --type java --type yaml

Length of output: 252

---

Script:

#!/bin/bash
# Check the content of relevant files
echo "=== Security Configuration ==="
cat refarch-backend/src/main/java/de/muenchen/refarch/configuration/SecurityConfiguration.java

echo -e "\n=== Backend Application Config ==="
cat refarch-backend/src/main/resources/application.yml

echo -e "\n=== Docker Compose Config ==="
cat stack/docker-compose.yml

Length of output: 10244

---

48-51: Verify Camel context path configuration

The Camel servlet mapping looks correct, but please verify:

1. No breaking changes for existing API clients
2. Consistency with API documentation

refarch-backend/src/main/resources/application.yml (2)

2-3: LGTM: Improved configuration structure

The nested structure for spring.application properties improves readability and follows Spring Boot configuration best practices.

🧰 Tools

🪛 yamllint (1.35.1)

[error] 3-3: syntax error: found character '@' that cannot start any token

(syntax)

---

Line range hint 19-33: Verify consistency of management endpoints

The management endpoints configuration is similar to the EAI component, which is good for consistency. However, there are some differences in access configuration that should be verified:

• EAI: Uses enabled flags
• Backend: Uses access levels (none, read_only)

Please verify if this difference is intentional and required.

✅ Verification successful

These commands will help us find Spring Boot configuration files and their management endpoint settings, even if they're structured slightly differently. The first command looks for the management section with context, while the second one lists all YAML configuration files' content, which might reveal endpoint configurations we missed with the specific pattern.

---

Different endpoint configuration approaches are intentionally used

Based on the search results, I can confirm that the EAI and Backend components use different but valid approaches for Spring Boot actuator endpoint configuration:

1. EAI (refarch-eai/src/main/resources/application.yml):

   • Uses enabled-by-default: false with explicit enabling of endpoints
   • Example: health.enabled: true

2. Backend (refarch-backend/src/main/resources/application.yml):

   • Uses access levels (none, read_only)
   • More granular control over endpoint access

Both approaches are valid Spring Boot configurations and serve different security models:

• EAI focuses on enabling/disabling endpoints completely
• Backend provides finer-grained access control while keeping endpoints enabled

The difference is intentional and aligns with each component's security requirements.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Compare management endpoint configurations across components
rg "management\.endpoints" --type yaml

Length of output: 40

---

Script:

#!/bin/bash
# Search for management endpoint configurations with broader pattern
rg "management:" -A 10 --type yaml

Length of output: 2233

---

Script:

#!/bin/bash
# Search for specific files that might contain Spring configuration
fd -e yml -e yaml --exec cat {}

Length of output: 12335

🧰 Tools

🪛 yamllint (1.35.1)

[error] 3-3: syntax error: found character '@' that cannot start any token

(syntax)

[DanielOber]

LGTM