Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

adding feature -2 files #1

Open
wants to merge 20 commits into
base: main
Choose a base branch
from
Open

adding feature -2 files #1

wants to merge 20 commits into from

Conversation

vikas0105
Copy link
Owner

@vikas0105 vikas0105 commented Jan 15, 2024
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • New Features

    • Added comprehensive GitHub Actions workflows for:
      • Automated project build and artifact management
      • Java and Maven environment setup
      • Spring Boot application deployment and testing
      • Code quality analysis with SonarCloud

  • Documentation

    • Updated README with detailed setup instructions for the e-commerce application
    • Added step-by-step guides for manual and automated project initialization

@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Jan 15, 2024
edited
Loading

Warning

Rate limit exceeded

@vikas0105 has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 2 minutes and 5 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between fa3fcf9 and 3726a5d.

📒 Files selected for processing (3)
  • .github/workflows/sonarcloud-analysis.yml (1 hunks)
  • .github/workflows/springboot-run-stop.yml (1 hunks)
  • pom.xml (1 hunks)

Walkthrough

The pull request introduces a comprehensive set of GitHub Actions workflows for an e-commerce application, focusing on continuous integration and deployment. The workflows automate various stages of the development process, including environment setup, building the project, running the application, performing SonarCloud analysis, and managing artifacts. The changes enhance the project's CI/CD pipeline by providing automated processes for building, testing, and validating the Spring Boot application.

Changes

File Change Summary
README.md Added detailed setup guide for Java and Maven installation, project setup instructions, and GitHub Actions workflow documentation
.github/workflows/build-and-artifact.yml New workflow for building the project and managing artifacts
.github/workflows/main.yml Orchestration workflow coordinating multiple jobs including setup, build, deployment, and analysis
.github/workflows/setup-java-maven.yml Workflow for setting up Java and Maven environment with dependency caching
.github/workflows/sonarcloud-analysis.yml Workflow for performing code quality analysis using SonarCloud
.github/workflows/springboot-run-stop.yml Workflow for running and stopping the Spring Boot application

Sequence Diagram

sequenceDiagram
    participant GH as GitHub Actions
    participant Build as Build Job
    participant Run as Run Job
    participant Analyze as SonarCloud Analysis

    GH->>Build: Checkout Code
    Build->>Build: Setup Java & Maven
    Build->>Build: Clean and Install
    Build-->>GH: Upload Artifacts
    
    GH->>Run: Start Spring Boot App
    Run->>Run: Validate Running
    Run->>Run: Wait 3 Minutes
    Run->>Run: Stop Application
    
    GH->>Analyze: Perform Code Analysis
    Analyze-->>GH: Quality Report
Loading

Poem

🐰 Workflows dance, a CI delight,
Maven builds with technical might,
Spring Boot springs, tests take flight,
SonarCloud watches with keen insight,
Automation's rabbit brings pure code's bright! 🚀

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai bot reviewed Jan 15, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review Status

Actionable comments generated: 6

Configuration used: CodeRabbit UI

Commits Files that changed from the base of the PR and between 2d6e534 and 6195045.
Files ignored due to path filters (6)
  • pom.xml is excluded by: !**/*.xml
  • target/classes/com/example/SimpleParcelServiceApp.class is excluded by: !**/*.class
  • target/classes/com/example/controller/ParcelController.class is excluded by: !**/*.class
  • target/classes/com/example/model/Parcel.class is excluded by: !**/*.class
  • target/classes/com/example/service/ParcelService.class is excluded by: !**/*.class
  • target/simple-parcel-service-app-1.0-SNAPSHOT.jar is excluded by: !**/*.jar
Files selected for processing (13)
  • src/main/java/com/example/SimpleParcelServiceApp.java (1 hunks)
  • src/main/java/com/example/controller/ParcelController.java (1 hunks)
  • src/main/java/com/example/model/Parcel.java (1 hunks)
  • src/main/java/com/example/service/ParcelService.java (1 hunks)
  • src/main/resources/application.properties (1 hunks)
  • src/main/resources/templates/confirmation.html (1 hunks)
  • src/main/resources/templates/index.html (1 hunks)
  • target/classes/application.properties (1 hunks)
  • target/classes/templates/confirmation.html (1 hunks)
  • target/classes/templates/index.html (1 hunks)
  • target/maven-archiver/pom.properties (1 hunks)
  • target/maven-status/maven-compiler-plugin/compile/default-compile/createdFiles.lst (1 hunks)
  • target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst (1 hunks)
Files skipped from review due to trivial changes (3)
  • src/main/java/com/example/SimpleParcelServiceApp.java
  • target/classes/application.properties
  • target/maven-archiver/pom.properties
Additional comments: 4
src/main/resources/application.properties (1)
  • 1-4: The Thymeleaf configuration settings are standard and appropriate for a Spring Boot application.
src/main/resources/templates/confirmation.html (1)
  • 1-15: The confirmation.html template is correctly set up to display dynamic content using Thymeleaf.
src/main/resources/templates/index.html (1)
  • 1-34: The index.html template is correctly set up with a form for sending parcels, including required fields and a POST method.
src/main/java/com/example/controller/ParcelController.java (1)
  • 10-37: The ParcelController class is correctly set up with mappings for GET and POST requests and uses the Model to pass data to the views.

src/main/java/com/example/model/Parcel.java
Comment on lines +3 to +5
public class Parcel {
// Add fields as needed
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Parcel class is currently empty. To represent parcel data within the application, fields and possibly methods (such as getters and setters) should be implemented.

target/maven-status/maven-compiler-plugin/compile/default-compile/createdFiles.lst Outdated
Comment on lines 1 to 4
com\example\controller\ParcelController.class
com\example\SimpleParcelServiceApp.class
com\example\service\ParcelService.class
com\example\model\Parcel.class
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Compiled Java class files are typically not included in source control. It is recommended to remove the target/ directory from the repository and add it to .gitignore.

src/main/java/com/example/service/ParcelService.java
Comment on lines +6 to +7
public class ParcelService {
// Add service methods as needed
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The ParcelService class is currently empty. Service methods that contain the business logic for managing parcels should be implemented.

target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst Outdated
Comment on lines 1 to 4
C:\Users\POOJA\e-commerce\src\main\java\com\example\SimpleParcelServiceApp.java
C:\Users\POOJA\e-commerce\src\main\java\com\example\model\Parcel.java
C:\Users\POOJA\e-commerce\src\main\java\com\example\service\ParcelService.java
C:\Users\POOJA\e-commerce\src\main\java\com\example\controller\ParcelController.java
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The list of Maven compilation input file paths should not be included in source control. Consider removing the target/ directory from the repository and adding it to .gitignore.

target/classes/templates/confirmation.html Outdated
Comment on lines 1 to 15
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:th="http://www.thymeleaf.org">
<head>
<title>Parcel Service App - Confirmation</title>
</head>
<body>
<h1>Parcel Sent Successfully!</h1>
<p>Recipient's Name: <span th:text="${recipientName}"></span></p>
<p>Recipient's Address: <span th:text="${recipientAddress}"></span></p>
<p>Sender's Name: <span th:text="${senderName}"></span></p>
<p>Sender's Address: <span th:text="${senderAddress}"></span></p>
<p>Parcel Content: <span th:text="${parcelContent}"></span></p>
</body>
</html>
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Compiled templates, such as confirmation.html, should not be included in source control. It is recommended to remove the target/ directory from the repository and add it to .gitignore.

target/classes/templates/index.html Outdated
Comment on lines 1 to 34
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:th="http://www.thymeleaf.org">
<head>
<title>Parcel Service App</title>
</head>
<body>
<h1>Welcome to the Parcel Service App!</h1>

<form action="/sendParcel" method="post">
<label for="recipientName">Recipient's Name:</label>
<input type="text" id="recipientName" name="recipientName" required>
<br>

<label for="recipientAddress">Recipient's Address:</label>
<input type="text" id="recipientAddress" name="recipientAddress" required>
<br>

<label for="senderName">Sender's Name:</label>
<input type="text" id="senderName" name="senderName" required>
<br>

<label for="senderAddress">Sender's Address:</label>
<input type="text" id="senderAddress" name="senderAddress" required>
<br>

<label for="parcelContent">Parcel Content:</label>
<input type="text" id="parcelContent" name="parcelContent" required>
<br>

<button type="submit">Send Parcel</button>
</form>
</body>
</html>
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Compiled templates, such as index.html, should not be included in source control. It is recommended to remove the target/ directory from the repository and add it to .gitignore.

coderabbitai[bot]
coderabbitai bot reviewed Dec 24, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

🧹 Nitpick comments (4)
.github/workflows/build.yml (4)

3-10: Consider optimizing workflow triggers

The current configuration runs the workflow on pushes to all branches, which might consume GitHub Actions minutes unnecessarily. Consider limiting the triggers to specific branches where builds are actually needed.

 on:
   push:
     branches:
-      - '**'
+      - 'main'
+      - 'develop'
+      - 'feature/**'
   pull_request:
     branches:
       - master

29-36: Update cache action version

Update the cache action to the latest version for improved performance and security.

-        uses: actions/cache@v3
+        uses: actions/cache@v4
🧰 Tools
🪛 actionlint (1.7.4)

30-30: the runner of "actions/cache@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

41-47: Make artifact path more maintainable

The hardcoded version in the artifact path could cause issues when the project version changes.

       - name: Upload JAR as artifact
         uses: actions/upload-artifact@v4
         with:
           name: bus-booking-app
-          path: target/simple-parcel-service-app-1.0-SNAPSHOT.jar
+          path: target/simple-parcel-service-app-*.jar

1-86: Add essential CI pipeline elements

The workflow is missing several crucial elements:

  1. No test execution step
  2. No environment variables management
  3. No error handling strategy
  4. No code quality checks

Consider adding these steps before the build:

      - name: Run Tests
        run: mvn test

      - name: Run Code Quality Checks
        run: mvn verify sonar:sonar
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

      - name: Security Scan
        uses: aquasecurity/trivy-action@master
        with:
          scan-type: 'fs'
          ignore-unfixed: true
🧰 Tools
🪛 actionlint (1.7.4)

19-19: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

23-23: the runner of "actions/setup-java@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

30-30: the runner of "actions/cache@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🪛 yamllint (1.35.1)

[error] 50-50: trailing spaces

(trailing-spaces)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6195045 and bdf5f54.

📒 Files selected for processing (1)
  • .github/workflows/build.yml (1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/build.yml

19-19: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

23-23: the runner of "actions/setup-java@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

30-30: the runner of "actions/cache@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🪛 yamllint (1.35.1)
.github/workflows/build.yml

[error] 50-50: trailing spaces

(trailing-spaces)

.github/workflows/build.yml Outdated
Comment on lines 18 to 27
- name: Checkout Code
uses: actions/checkout@v3

# Set up Java
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: '11'
distribution: 'temurin'

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Update GitHub Actions to latest versions

The workflow uses outdated versions of GitHub Actions. Update them to the latest stable versions for improved security and features.

-        uses: actions/checkout@v3
+        uses: actions/checkout@v4

-        uses: actions/setup-java@v3
+        uses: actions/setup-java@v4

Also, consider upgrading to Java 17 (LTS) for better performance and longer support lifecycle.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: Checkout Code
uses: actions/checkout@v3
# Set up Java
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: '11'
distribution: 'temurin'
- name: Checkout Code
uses: actions/checkout@v4
# Set up Java
- name: Set up Java
uses: actions/setup-java@v4
with:
java-version: '11'
distribution: 'temurin'
🧰 Tools
🪛 actionlint (1.7.4)

19-19: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

23-23: the runner of "actions/setup-java@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

.github/workflows/build.yml Outdated
Comment on lines 76 to 86
# Wait for 5 minutes
- name: Wait for 5 minutes
run: |
echo "App has been running for 5 minutes. Waiting..."
sleep 300 # Wait for 5 minutes (300 seconds)

# Stop the Spring Boot app gracefully using spring-boot:stop
- name: Gracefully Stop Spring Boot App
run: |
echo "Stopping the app gracefully..."
mvn spring-boot:stop
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Improve application shutdown process

The current shutdown process has several areas for improvement:

  1. Fixed 5-minute wait time seems arbitrary
  2. No verification of successful shutdown
  3. No timeout for shutdown operation
-      - name: Wait for 5 minutes
-        run: |
-          echo "App has been running for 5 minutes. Waiting..."
-          sleep 300  # Wait for 5 minutes (300 seconds)

       - name: Gracefully Stop Spring Boot App
         run: |
           echo "Stopping the app gracefully..."
           mvn spring-boot:stop
+          
+          # Verify shutdown
+          max_attempts=10
+          attempt=1
+          while [ $attempt -le $max_attempts ]; do
+            if ! curl -s http://localhost:8080/actuator/health > /dev/null; then
+              echo "Application stopped successfully"
+              exit 0
+            fi
+            echo "Attempt $attempt: Waiting for application to stop..."
+            sleep 5
+            attempt=$((attempt + 1))
+          done
+          
+          echo "Failed to verify application shutdown"
+          exit 1
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
# Wait for 5 minutes
- name: Wait for 5 minutes
run: |
echo "App has been running for 5 minutes. Waiting..."
sleep 300 # Wait for 5 minutes (300 seconds)
# Stop the Spring Boot app gracefully using spring-boot:stop
- name: Gracefully Stop Spring Boot App
run: |
echo "Stopping the app gracefully..."
mvn spring-boot:stop
# Stop the Spring Boot app gracefully using spring-boot:stop
- name: Gracefully Stop Spring Boot App
run: |
echo "Stopping the app gracefully..."
mvn spring-boot:stop
# Verify shutdown
max_attempts=10
attempt=1
while [ $attempt -le $max_attempts ]; do
if ! curl -s http://localhost:8080/actuator/health > /dev/null; then
echo "Application stopped successfully"
exit 0
fi
echo "Attempt $attempt: Waiting for application to stop..."
sleep 5
attempt=$((attempt + 1))
done
echo "Failed to verify application shutdown"
exit 1

.github/workflows/build.yml Outdated
Comment on lines 49 to 74
- name: Run Spring Boot App
run: mvn spring-boot:run &
env:
SPRING_PROFILES_ACTIVE: "test"

# Display the IP address and port number for accessing the app
- name: Display IP Address and Port
run: |
echo "Fetching the runner's IP address..."
IP_ADDRESS=$(curl -s ifconfig.me) # This fetches the public IP of the runner
PORT=8080
echo "The app is accessible at: http://$IP_ADDRESS:$PORT"

# Validate that the application is running by sending a request to the app
- name: Validate App is Running
run: |
echo "Waiting for the app to start..."
sleep 15 # Allow some time for the Spring Boot app to fully start
echo "Checking if the app is running..."
RESPONSE=$(curl --write-out "%{http_code}" --silent --output /dev/null http://localhost:8080)
if [ "$RESPONSE" -eq 200 ]; then
echo "The app is running successfully!"
else
echo "The app failed to start. HTTP response code: $RESPONSE"
exit 1
fi
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Improve application startup validation

The current validation approach has several potential issues:

  1. Fixed 15-second sleep might not be sufficient for app startup
  2. Using root path (/) for health check might not be reliable
  3. No proper error handling for startup failures
       - name: Run Spring Boot App
         run: mvn spring-boot:run & 
         env:
           SPRING_PROFILES_ACTIVE: "test"
+          MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE: "health"
+          MANAGEMENT_ENDPOINT_HEALTH_PROBES_ENABLED: "true"

       - name: Validate App is Running
         run: |
           echo "Waiting for the app to start..."
-          sleep 15
+          max_attempts=30
+          attempt=1
+          while [ $attempt -le $max_attempts ]; do
+            RESPONSE=$(curl --write-out "%{http_code}" --silent --output /dev/null http://localhost:8080/actuator/health)
+            if [ "$RESPONSE" -eq 200 ]; then
+              echo "The app is running successfully!"
+              break
+            fi
+            echo "Attempt $attempt: App is not ready yet. Waiting..."
+            sleep 10
+            attempt=$((attempt + 1))
+          done
+          
+          if [ $attempt -gt $max_attempts ]; then
+            echo "The app failed to start after $max_attempts attempts"
+            exit 1
+          fi
-          echo "Checking if the app is running..."
-          RESPONSE=$(curl --write-out "%{http_code}" --silent --output /dev/null http://localhost:8080)
-          if [ "$RESPONSE" -eq 200 ]; then
-            echo "The app is running successfully!"
-          else
-            echo "The app failed to start. HTTP response code: $RESPONSE"
-            exit 1
-          fi
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: Run Spring Boot App
run: mvn spring-boot:run &
env:
SPRING_PROFILES_ACTIVE: "test"
# Display the IP address and port number for accessing the app
- name: Display IP Address and Port
run: |
echo "Fetching the runner's IP address..."
IP_ADDRESS=$(curl -s ifconfig.me) # This fetches the public IP of the runner
PORT=8080
echo "The app is accessible at: http://$IP_ADDRESS:$PORT"
# Validate that the application is running by sending a request to the app
- name: Validate App is Running
run: |
echo "Waiting for the app to start..."
sleep 15 # Allow some time for the Spring Boot app to fully start
echo "Checking if the app is running..."
RESPONSE=$(curl --write-out "%{http_code}" --silent --output /dev/null http://localhost:8080)
if [ "$RESPONSE" -eq 200 ]; then
echo "The app is running successfully!"
else
echo "The app failed to start. HTTP response code: $RESPONSE"
exit 1
fi
- name: Run Spring Boot App
run: mvn spring-boot:run &
env:
SPRING_PROFILES_ACTIVE: "test"
MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE: "health"
MANAGEMENT_ENDPOINT_HEALTH_PROBES_ENABLED: "true"
# Display the IP address and port number for accessing the app
- name: Display IP Address and Port
run: |
echo "Fetching the runner's IP address..."
IP_ADDRESS=$(curl -s ifconfig.me) # This fetches the public IP of the runner
PORT=8080
echo "The app is accessible at: http://$IP_ADDRESS:$PORT"
# Validate that the application is running by sending a request to the app
- name: Validate App is Running
run: |
echo "Waiting for the app to start..."
max_attempts=30
attempt=1
while [ $attempt -le $max_attempts ]; do
RESPONSE=$(curl --write-out "%{http_code}" --silent --output /dev/null http://localhost:8080/actuator/health)
if [ "$RESPONSE" -eq 200 ]; then
echo "The app is running successfully!"
break
fi
echo "Attempt $attempt: App is not ready yet. Waiting..."
sleep 10
attempt=$((attempt + 1))
done
if [ $attempt -gt $max_attempts ]; then
echo "The app failed to start after $max_attempts attempts"
exit 1
fi
🧰 Tools
🪛 yamllint (1.35.1)

[error] 50-50: trailing spaces

(trailing-spaces)

coderabbitai[bot]
coderabbitai bot reviewed Dec 24, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

🧹 Nitpick comments (2)
README.md (2)

57-58: Fix grammar in script description

The word "setup" is used incorrectly as a verb.

-Shell script to setup the environment.
+Shell script to set up the environment.
🧰 Tools
🪛 LanguageTool

[grammar] ~57-~57: The word “setup” is a noun. The verb is spelled with a white space.
Context: ...======================= Shell script to setup the environment. #!/bin/bash set -e ec...

(NOUN_VERB_CONFUSION)

107-114: Enhance build and run instructions

The build and run instructions need additional details for better user experience:

  1. Configuration requirements
  2. Verification steps
  3. Troubleshooting guidance

Add the following sections:

# Configuration
Before building, ensure you have configured the following:
1. Copy `application.properties.example` to `application.properties`
2. Update the configuration values as needed

# Build and Run
## Build the project
mvn clean install

## Verify the build
- Check the target directory for the generated JAR
- Review the test results in target/surefire-reports

## Run the application
Option 1: Using Maven
```bash
mvn spring-boot:run

Option 2: Using JAR

java -jar target/simple-parcel-service-app-1.0-SNAPSHOT.jar

Troubleshooting

  1. If the build fails:
    • Ensure all dependencies are accessible
    • Check Maven settings.xml
  2. If the application fails to start:
    • Verify port 8080 is available
    • Check application.properties configuration

</blockquote></details>

</blockquote></details>

<details>
<summary>📜 Review details</summary>

**Configuration used: CodeRabbit UI**
**Review profile: CHILL**
**Plan: Pro**

<details>
<summary>📥 Commits</summary>

Reviewing files that changed from the base of the PR and between bdf5f54fc3e49d350a66776ad24fbc929caff5d9 and 2e320f9bb3e9b2df847d97d2fa38ca407653bcfa.

</details>

<details>
<summary>📒 Files selected for processing (1)</summary>

* `README.md` (1 hunks)

</details>

<details>
<summary>🧰 Additional context used</summary>

<details>
<summary>🪛 LanguageTool</summary>

<details>
<summary>README.md</summary>

[grammar] ~57-~57: The word “setup” is a noun. The verb is spelled with a white space.
Context: ...======================= Shell script to setup the environment.  #!/bin/bash set -e ec...

(NOUN_VERB_CONFUSION)

---

[style] ~98-~98: Using many exclamation marks might seem excessive (in this case: 5 exclamation marks for a text that’s 3282 characters long)
Context: ...CT_DIR="simple-parcel-service-app" if [ ! -d "$PROJECT_DIR" ]; then     echo "Clo...

(EN_EXCESSIVE_EXCLAMATION)

</details>

</details>
<details>
<summary>🪛 Markdownlint (0.37.0)</summary>

<details>
<summary>README.md</summary>

63-63: Expected: setext; Actual: atx
Heading style

(MD003, heading-style)

---

73-73: Expected: setext; Actual: atx
Heading style

(MD003, heading-style)

---

86-86: Expected: setext; Actual: atx
Heading style

(MD003, heading-style)

---

95-95: Expected: setext; Actual: atx
Heading style

(MD003, heading-style)

---

59-59: null
No space after hash on atx style heading

(MD018, no-missing-space-atx)

---

54-54: null
Bare URL used

(MD034, no-bare-urls)

---

96-96: null
Bare URL used

(MD034, no-bare-urls)

</details>

</details>

</details>

</details>

<!-- This is an auto-generated comment by CodeRabbit for review status -->

README.md
Comment on lines +116 to +187

on:
push:
branches:
- main
pull_request:

jobs:
build-and-run:
runs-on: ubuntu-latest

steps:
# Step 1: Checkout code
- name: Checkout Code
uses: actions/checkout@v4

# Step 2: Set up Java 11
- name: Set up Java 11
uses: actions/setup-java@v3
with:
java-version: '11'

# Step 3: Set up Maven
- name: Set up Maven
uses: actions/setup-java@v3
with:
distribution: 'maven'

# Step 4: Build the project
- name: Build with Maven
run: mvn clean package

# Step 5: Upload the built JAR as an artifact
- name: Upload Artifact
uses: actions/upload-artifact@v4
with:
name: built-jar
path: target/simple-parcel-service-app-1.0-SNAPSHOT.jar

# Step 6: Run the Spring Boot application
- name: Run Application
run: |
nohup mvn spring-boot:run &
sleep 15 # Allow time for the app to fully start

# Step 7: Validate App is Running
- name: Validate App is Running
run: |
echo "Waiting for the app to start..."
sleep 15 # Allow some time for the Spring Boot app to fully start
echo "Checking if the app is running..."
RESPONSE=$(curl --write-out "%{http_code}" --silent --output /dev/null http://localhost:8080)
if [ "$RESPONSE" -eq 200 ]; then
echo "The app is running successfully!"
else
echo "The app failed to start. HTTP response code: $RESPONSE"
exit 1
fi

# Step 8: Wait for 5 minutes
- name: Wait for 5 minutes
run: |
echo "App has been running for 5 minutes. Waiting..."
sleep 300 # Wait for 5 minutes (300 seconds)

# Step 9: Gracefully Stop Spring Boot App
- name: Gracefully Stop Spring Boot App
run: |
echo "Stopping the app gracefully..."
mvn spring-boot:stop
============================================================================================================================================================================
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Improve GitHub Actions workflow reliability and efficiency

The workflow needs several improvements:

  1. Add Maven dependency caching
  2. Replace sleep commands with proper health checks
  3. Add explicit test execution
  4. Configure minimum required permissions

Apply these changes:

 name: Build, Deploy, and Run
 
 on:
   push:
     branches:
       - main
   pull_request:
 
+permissions:
+  contents: read
+  packages: read
+
 jobs:
   build-and-run:
     runs-on: ubuntu-latest
 
     steps:
     - name: Checkout Code
       uses: actions/checkout@v4
 
     - name: Set up Java 11
       uses: actions/setup-java@v3
       with:
         java-version: '11'
+        distribution: 'temurin'
+        cache: 'maven'
 
-    - name: Set up Maven
-      uses: actions/setup-java@v3
-      with:
-        distribution: 'maven'
+    # Step 4: Run tests
+    - name: Test with Maven
+      run: mvn test
 
     - name: Build with Maven
       run: mvn clean package
 
     - name: Upload Artifact
       uses: actions/upload-artifact@v4
       with:
         name: built-jar
         path: target/simple-parcel-service-app-1.0-SNAPSHOT.jar
 
     - name: Run Application
       run: |
         nohup mvn spring-boot:run &
-        sleep 15 # Allow time for the app to fully start
+        echo "Waiting for application to start..."
+        timeout 60 bash -c 'until curl -s http://localhost:8080/actuator/health | grep -q "UP"; do sleep 1; done'
 
     - name: Validate App is Running
       run: |
-        echo "Waiting for the app to start..."
-        sleep 15  # Allow some time for the Spring Boot app to fully start
         echo "Checking if the app is running..."
-        RESPONSE=$(curl --write-out "%{http_code}" --silent --output /dev/null http://localhost:8080)
+        RESPONSE=$(curl --write-out "%{http_code}" --silent --output /dev/null http://localhost:8080/actuator/health)
         if [ "$RESPONSE" -eq 200 ]; then
           echo "The app is running successfully!"
         else
           echo "The app failed to start. HTTP response code: $RESPONSE"
           exit 1
         fi
 
     - name: Wait for 5 minutes
       run: |
         echo "App has been running for 5 minutes. Waiting..."
-        sleep 300  # Wait for 5 minutes (300 seconds)
+        timeout 300 bash -c 'while curl -s http://localhost:8080/actuator/health | grep -q "UP"; do sleep 10; done'
 
     - name: Gracefully Stop Spring Boot App
       run: |
         echo "Stopping the app gracefully..."
-        mvn spring-boot:stop
+        pkill -f 'java.*simple-parcel-service-app'

Note: This assumes you have the Spring Boot Actuator dependency added to your project for health checks. If not, you'll need to add it to your pom.xml:

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-actuator</artifactId>
</dependency>

README.md
Comment on lines +1 to +54
sudo apt update
sudo apt install -y openjdk-11-jdk
Verify the installation:

bash
java -version
Install Maven: If Maven is not already installed, use:

bash
sudo apt install -y maven
Verify the installation:

bash
mvn -version
Set Environment Variables: Ensure JAVA_HOME is set to the Java 11 installation path. Add the following lines to your .bashrc or .zshrc file:

bash
export JAVA_HOME=$(dirname $(dirname $(readlink -f $(which java))))
export PATH=$JAVA_HOME/bin:$PATH
Apply the changes:

bash
source ~/.bashrc
Build the Project
To build the project, use the following commands:

Navigate to the Project Directory:

bash
cd /path/to/simple-parcel-service-app
Clean and Build the Project:

bash
mvn clean install
This command will:
Download dependencies
Compile the source code
Run tests
Package the application into a JAR file (target/simple-parcel-service-app-1.0-SNAPSHOT.jar)
Run the Application
You can run the application in two ways:

1. Using Maven:
bash

mvn spring-boot:run

3. Using the Packaged JAR:
After building the project, run the packaged JAR file:

bash

java -jar target/simple-parcel-service-app-1.0-SNAPSHOT.jar
The application will start and be accessible at http://localhost:8080
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Enhance installation instructions with security considerations and prerequisites

The installation instructions need several improvements:

  1. Add a prerequisites section mentioning required sudo access
  2. Include package verification steps (checksums/signatures)
  3. Specify the minimum required Maven version
  4. Use proper URL formatting for localhost reference

Apply these changes:

+# Prerequisites
+- sudo access
+- Internet connectivity
+
 sudo apt update
-sudo apt install -y openjdk-11-jdk
+# Download and verify Java 11
+wget -qO - https://adoptopenjdk.jfrog.io/adoptopenjdk/api/gpg/key/public | sudo apt-key add -
+sudo apt install -y openjdk-11-jdk
 
-Verify the installation:
+# Verify Java installation:
 java -version
 
-Install Maven: If Maven is not already installed, use:
+# Install Maven (minimum version 3.6.3):
+wget https://downloads.apache.org/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz.sha512
+wget https://downloads.apache.org/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz
+echo "$(cat apache-maven-3.6.3-bin.tar.gz.sha512) apache-maven-3.6.3-bin.tar.gz" | sha512sum -c
 sudo apt install -y maven
 
-The application will start and be accessible at http://localhost:8080
+The application will start and be accessible at [http://localhost:8080](http://localhost:8080)

Committable suggestion skipped: line range outside the PR's diff.

🧰 Tools
🪛 Markdownlint (0.37.0)

54-54: null
Bare URL used

(MD034, no-bare-urls)

README.md
Comment on lines +59 to +105
#!/bin/bash
set -e
echo "Starting Maven project setup..."

# Step 1: Install Java 11
if ! java -version &>/dev/null; then
echo "Installing Java 11..."
sudo apt update
sudo apt install -y openjdk-11-jdk
else
echo "Java is already installed:"
java -version
fi

# Set JAVA_HOME
JAVA_HOME_PATH=$(dirname $(dirname $(readlink -f $(which java))))
if ! grep -q "JAVA_HOME=$JAVA_HOME_PATH" /etc/environment; then
echo "Setting JAVA_HOME..."
echo "JAVA_HOME=$JAVA_HOME_PATH" | sudo tee -a /etc/environment
echo "export JAVA_HOME=$JAVA_HOME_PATH" | sudo tee -a /etc/profile
echo 'export PATH=$JAVA_HOME/bin:$PATH' | sudo tee -a /etc/profile
source /etc/profile
echo "JAVA_HOME set to $JAVA_HOME_PATH"
else
echo "JAVA_HOME is already set."
fi

# Step 2: Install Maven
if ! mvn -version &>/dev/null; then
echo "Installing Maven..."
sudo apt install -y maven
else
echo "Maven is already installed:"
mvn -version
fi

# Step 3: Clone the Repository
REPO_URL="https://github.com/your-username/simple-parcel-service-app.git"
PROJECT_DIR="simple-parcel-service-app"
if [ ! -d "$PROJECT_DIR" ]; then
echo "Cloning the repository..."
git clone $REPO_URL
else
echo "Repository already cloned."
fi

echo "Environment setup completed. You can now build and run the application manually."
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Improve script robustness and maintainability

The shell script needs several improvements for better reliability and maintainability:

  1. Repository URL should be configurable
  2. Add proper error handling
  3. Validate successful installation of components

Apply these changes:

 #!/bin/bash
-set -e
+set -euo pipefail
+
+# Configuration
+REPO_URL=${REPO_URL:-"https://github.com/your-username/simple-parcel-service-app.git"}
+MIN_JAVA_VERSION="11"
+MIN_MAVEN_VERSION="3.6.3"
+
+# Error handling
+error_exit() {
+    echo "Error: ${1:-"Unknown Error"}" >&2
+    exit 1
+}
+
+# Version validation
+validate_java_version() {
+    local version=$(java -version 2>&1 | awk -F '"' '/version/ {print $2}' | cut -d'.' -f1)
+    [[ "$version" -ge $MIN_JAVA_VERSION ]] || error_exit "Java version $MIN_JAVA_VERSION or higher is required"
+}
+
+validate_maven_version() {
+    local version=$(mvn -version | awk 'NR==1{print $3}' | cut -d'.' -f1-2)
+    [[ "$(echo -e "$version\n$MIN_MAVEN_VERSION" | sort -V | head -n1)" == "$MIN_MAVEN_VERSION" ]] || \
+        error_exit "Maven version $MIN_MAVEN_VERSION or higher is required"
+}

 echo "Starting Maven project setup..."
 
 # Step 1: Install Java 11
 if ! java -version &>/dev/null; then
     echo "Installing Java 11..."
     sudo apt update
     sudo apt install -y openjdk-11-jdk
+    validate_java_version || error_exit "Java installation failed"
 else
     echo "Java is already installed:"
     java -version
+    validate_java_version
 fi

 # Step 2: Install Maven
 if ! mvn -version &>/dev/null; then
     echo "Installing Maven..."
     sudo apt install -y maven
+    validate_maven_version || error_exit "Maven installation failed"
 else
     echo "Maven is already installed:"
     mvn -version
+    validate_maven_version
 fi

-REPO_URL="https://github.com/your-username/simple-parcel-service-app.git"
 PROJECT_DIR="simple-parcel-service-app"
 if [ ! -d "$PROJECT_DIR" ]; then
     echo "Cloning the repository..."
-    git clone $REPO_URL
+    git clone "$REPO_URL" || error_exit "Failed to clone repository"
 else
     echo "Repository already cloned."
 fi
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
#!/bin/bash
set -e
echo "Starting Maven project setup..."
# Step 1: Install Java 11
if ! java -version &>/dev/null; then
echo "Installing Java 11..."
sudo apt update
sudo apt install -y openjdk-11-jdk
else
echo "Java is already installed:"
java -version
fi
# Set JAVA_HOME
JAVA_HOME_PATH=$(dirname $(dirname $(readlink -f $(which java))))
if ! grep -q "JAVA_HOME=$JAVA_HOME_PATH" /etc/environment; then
echo "Setting JAVA_HOME..."
echo "JAVA_HOME=$JAVA_HOME_PATH" | sudo tee -a /etc/environment
echo "export JAVA_HOME=$JAVA_HOME_PATH" | sudo tee -a /etc/profile
echo 'export PATH=$JAVA_HOME/bin:$PATH' | sudo tee -a /etc/profile
source /etc/profile
echo "JAVA_HOME set to $JAVA_HOME_PATH"
else
echo "JAVA_HOME is already set."
fi
# Step 2: Install Maven
if ! mvn -version &>/dev/null; then
echo "Installing Maven..."
sudo apt install -y maven
else
echo "Maven is already installed:"
mvn -version
fi
# Step 3: Clone the Repository
REPO_URL="https://github.com/your-username/simple-parcel-service-app.git"
PROJECT_DIR="simple-parcel-service-app"
if [ ! -d "$PROJECT_DIR" ]; then
echo "Cloning the repository..."
git clone $REPO_URL
else
echo "Repository already cloned."
fi
echo "Environment setup completed. You can now build and run the application manually."
#!/bin/bash
set -euo pipefail
# Configuration
REPO_URL=${REPO_URL:-"https://github.com/your-username/simple-parcel-service-app.git"}
MIN_JAVA_VERSION="11"
MIN_MAVEN_VERSION="3.6.3"
# Error handling
error_exit() {
echo "Error: ${1:-"Unknown Error"}" >&2
exit 1
}
# Version validation
validate_java_version() {
local version=$(java -version 2>&1 | awk -F '"' '/version/ {print $2}' | cut -d'.' -f1)
[[ "$version" -ge $MIN_JAVA_VERSION ]] || error_exit "Java version $MIN_JAVA_VERSION or higher is required"
}
validate_maven_version() {
local version=$(mvn -version | awk 'NR==1{print $3}' | cut -d'.' -f1-2)
[[ "$(echo -e "$version\n$MIN_MAVEN_VERSION" | sort -V | head -n1)" == "$MIN_MAVEN_VERSION" ]] || \
error_exit "Maven version $MIN_MAVEN_VERSION or higher is required"
}
echo "Starting Maven project setup..."
# Step 1: Install Java 11
if ! java -version &>/dev/null; then
echo "Installing Java 11..."
sudo apt update
sudo apt install -y openjdk-11-jdk
validate_java_version || error_exit "Java installation failed"
else
echo "Java is already installed:"
java -version
validate_java_version
fi
# Set JAVA_HOME
JAVA_HOME_PATH=$(dirname $(dirname $(readlink -f $(which java))))
if ! grep -q "JAVA_HOME=$JAVA_HOME_PATH" /etc/environment; then
echo "Setting JAVA_HOME..."
echo "JAVA_HOME=$JAVA_HOME_PATH" | sudo tee -a /etc/environment
echo "export JAVA_HOME=$JAVA_HOME_PATH" | sudo tee -a /etc/profile
echo 'export PATH=$JAVA_HOME/bin:$PATH' | sudo tee -a /etc/profile
source /etc/profile
echo "JAVA_HOME set to $JAVA_HOME_PATH"
else
echo "JAVA_HOME is already set."
fi
# Step 2: Install Maven
if ! mvn -version &>/dev/null; then
echo "Installing Maven..."
sudo apt install -y maven
validate_maven_version || error_exit "Maven installation failed"
else
echo "Maven is already installed:"
mvn -version
validate_maven_version
fi
# Step 3: Clone the Repository
PROJECT_DIR="simple-parcel-service-app"
if [ ! -d "$PROJECT_DIR" ]; then
echo "Cloning the repository..."
git clone "$REPO_URL" || error_exit "Failed to clone repository"
else
echo "Repository already cloned."
fi
echo "Environment setup completed. You can now build and run the application manually."
🧰 Tools
🪛 LanguageTool

[style] ~98-~98: Using many exclamation marks might seem excessive (in this case: 5 exclamation marks for a text that’s 3282 characters long)
Context: ...CT_DIR="simple-parcel-service-app" if [ ! -d "$PROJECT_DIR" ]; then echo "Clo...

(EN_EXCESSIVE_EXCLAMATION)

🪛 Markdownlint (0.37.0)

63-63: Expected: setext; Actual: atx
Heading style

(MD003, heading-style)

73-73: Expected: setext; Actual: atx
Heading style

(MD003, heading-style)

86-86: Expected: setext; Actual: atx
Heading style

(MD003, heading-style)

95-95: Expected: setext; Actual: atx
Heading style

(MD003, heading-style)

59-59: null
No space after hash on atx style heading

(MD018, no-missing-space-atx)

96-96: null
Bare URL used

(MD034, no-bare-urls)

coderabbitai[bot]
coderabbitai bot reviewed Jan 20, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

♻️ Duplicate comments (3)
.github/workflows/build.yml (3)

19-19: ⚠️ Potential issue

Update GitHub Actions to latest versions

Multiple actions are using outdated versions. Update them to the latest stable versions for improved security and features.

-        uses: actions/checkout@v3
+        uses: actions/checkout@v4

-        uses: actions/setup-java@v3
+        uses: actions/setup-java@v4

-        uses: actions/cache@v3
+        uses: actions/cache@v4

-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4

Also applies to: 29-29, 37-37, 49-49, 101-101, 105-105

🧰 Tools
🪛 actionlint (1.7.4)

19-19: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

55-76: 🛠️ Refactor suggestion

Improve application startup validation

The current validation approach needs improvement:

  1. Fixed sleep time might not be sufficient
  2. Health endpoint would be more reliable than root path
  3. IP address validation might fail behind proxies

Add Spring Boot Actuator and implement proper health checks:

       - name: Run Spring Boot App
-        run: mvn spring-boot:run &
+        run: |
+          mvn spring-boot:run -Dmanagement.endpoints.web.exposure.include=health \
+            -Dmanagement.endpoint.health.probes.enabled=true &

       - name: Validate App is Running
         run: |
           echo "Checking if the app is running..."
-          sleep 15
+          max_attempts=30
+          attempt=1
+          while [ $attempt -le $max_attempts ]; do
+            RESPONSE=$(curl -s -o /dev/null -w "%{http_code}" "http://localhost:8080/actuator/health")
+            if [ "$RESPONSE" = "200" ]; then
+              echo "Application is healthy!"
+              exit 0
+            fi
+            echo "Attempt $attempt: Waiting for application to start..."
+            sleep 10
+            attempt=$((attempt + 1))
+          done
+          echo "Application failed to start"
+          exit 1
🧰 Tools
🪛 actionlint (1.7.4)

66-66: shellcheck reported issue in this script: SC2086:info:4:79: Double quote to prevent globbing and word splitting

(shellcheck)

85-93: 🛠️ Refactor suggestion

Improve application shutdown process

The current shutdown process needs improvement:

  1. Fixed wait time is arbitrary
  2. No verification of successful shutdown

Implement proper shutdown verification:

       - name: Gracefully Stop Spring Boot App
         run: |
           echo "Stopping the app gracefully..."
           mvn spring-boot:stop
+          
+          max_attempts=12
+          attempt=1
+          while [ $attempt -le $max_attempts ]; do
+            if ! curl -s "http://localhost:8080/actuator/health" > /dev/null 2>&1; then
+              echo "Application stopped successfully"
+              exit 0
+            fi
+            echo "Attempt $attempt: Waiting for application to stop..."
+            sleep 5
+            attempt=$((attempt + 1))
+          done
+          
+          echo "Failed to verify application shutdown"
+          exit 1
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2e320f9 and b3e0309.

📒 Files selected for processing (1)
  • .github/workflows/build.yml (1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/build.yml

19-19: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

29-29: the runner of "actions/setup-java@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

37-37: the runner of "actions/cache@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

49-49: the runner of "actions/upload-artifact@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

66-66: shellcheck reported issue in this script: SC2086:info:4:79: Double quote to prevent globbing and word splitting

(shellcheck)

101-101: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

105-105: the runner of "actions/setup-java@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

⏰ Context from checks skipped due to timeout of 90000ms (1)
  • GitHub Check: build
🔇 Additional comments (1)
.github/workflows/build.yml (1)

1-11: LGTM! Well-configured workflow triggers

The workflow configuration follows best practices with appropriate triggers for push events, pull requests, and manual dispatches.

.github/workflows/build.yml Outdated
Comment on lines 112 to 120
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_ORG: your-organization # Replace with your actual SonarCloud organization
SONAR_HOST_URL: https://sonarcloud.io
run: |
mvn clean verify sonar:sonar \
-Dsonar.organization=${{ secrets.SONAR_ORG }} \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix SonarCloud configuration security issues

  1. Replace hardcoded organization with a secret
  2. Use consistent approach for configuration values
       - name: SonarCloud Analysis
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-          SONAR_ORG: your-organization # Replace with your actual SonarCloud organization
-          SONAR_HOST_URL: https://sonarcloud.io
+          SONAR_ORG: ${{ secrets.SONAR_ORG }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
         run: |
           mvn clean verify sonar:sonar \
             -Dsonar.organization=${{ secrets.SONAR_ORG }} \
             -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
             -Dsonar.login=${{ secrets.SONAR_TOKEN }}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_ORG: your-organization # Replace with your actual SonarCloud organization
SONAR_HOST_URL: https://sonarcloud.io
run: |
mvn clean verify sonar:sonar \
-Dsonar.organization=${{ secrets.SONAR_ORG }} \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }}
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_ORG: ${{ secrets.SONAR_ORG }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
run: |
mvn clean verify sonar:sonar \
-Dsonar.organization=${{ secrets.SONAR_ORG }} \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }}

.github/workflows/build.yml Outdated
Comment on lines 13 to 15
build:
runs-on: self-hosted

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codebase verification

⚠️ Critical security vulnerabilities in self-hosted runner configuration

Several high-risk security issues identified:

  • Running applications directly on the runner exposes it to potential attacks
  • Unrestricted sudo privileges in workflow
  • Public exposure of runner's IP address and port 8080
  • Missing permissions boundary for the workflow
  • No runner isolation for the running application

Recommendations:

  1. Move application deployment to a separate environment
  2. Remove sudo usage and implement principle of least privilege
  3. Add permissions field to restrict workflow scope
  4. Avoid exposing runner's network interfaces publicly
  5. Consider using GitHub-hosted runners for better security isolation
🔗 Analysis chain

Verify security considerations for self-hosted runner

Using a self-hosted runner requires careful security considerations:

  1. Ensure the runner is properly isolated
  2. Implement appropriate access controls
  3. Regularly update and maintain the runner
🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if this repository has other workflows using this runner
rg -l 'runs-on:\s*self-hosted' .github/workflows/

Length of output: 79

Script:

#!/bin/bash
# Examine the complete workflow file
cat .github/workflows/build.yml

# Check for permissions configurations
rg -i 'permissions:' .github/workflows/build.yml -C 3

Length of output: 4070

coderabbitai[bot]
coderabbitai bot reviewed Jan 20, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 6

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b3e0309 and ad3bce4.

📒 Files selected for processing (5)
  • .github/workflows/build-and-artifact.yml (1 hunks)
  • .github/workflows/main.yml (1 hunks)
  • .github/workflows/setup-java-maven.yml (1 hunks)
  • .github/workflows/sonarcloud-analysis.yml (1 hunks)
  • .github/workflows/springboot-run-stop.yml (1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/build-and-artifact.yml

1-1: "on" section is missing in workflow

(syntax-check)

1-1: "jobs" section is missing in workflow

(syntax-check)

3-3: unexpected key "runs-on" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

5-5: unexpected key "steps" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

.github/workflows/sonarcloud-analysis.yml

1-1: "on" section is missing in workflow

(syntax-check)

1-1: "jobs" section is missing in workflow

(syntax-check)

3-3: unexpected key "runs-on" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

4-4: unexpected key "needs" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

6-6: unexpected key "steps" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

.github/workflows/setup-java-maven.yml

1-1: "on" section is missing in workflow

(syntax-check)

1-1: "jobs" section is missing in workflow

(syntax-check)

3-3: unexpected key "runs-on" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

5-5: unexpected key "steps" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

.github/workflows/springboot-run-stop.yml

1-1: "jobs" section is missing in workflow

(syntax-check)

12-12: unexpected key "runs-on" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

14-14: unexpected key "steps" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

.github/workflows/main.yml

14-14: error while parsing reusable workflow "./.github/workflows/setup-java-maven.yml": "on:" is not found

(expression)

17-17: error while parsing reusable workflow "./.github/workflows/build-and-artifact.yml": "on:" is not found

(workflow-call)

21-21: error while parsing reusable workflow "./.github/workflows/springboot-run-stop.yml": "workflow_call" event trigger is not found in "on:" at line:4, column:3

(workflow-call)

25-25: error while parsing reusable workflow "./.github/workflows/sonarcloud-analysis.yml": "on:" is not found

(workflow-call)

.github/workflows/build-and-artifact.yml Outdated
Comment on lines 1 to 19
name: Build and Artifact

runs-on: self-hosted

steps:
# Checkout the repository
- name: Checkout Code
uses: actions/checkout@v3

# Build the project with Maven
- name: Build with Maven
run: mvn clean install

# Store artifacts with versioning
- name: Upload Artifacts with Versioning
uses: actions/upload-artifact@v3
with:
name: my-app-artifact-${{ github.sha }}
path: target/*.jar
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix workflow syntax and add security controls.

The workflow has several structural and security issues:

  1. The workflow syntax is incorrect. It needs to be restructured with proper on and jobs sections.
  2. Using a self-hosted runner without security controls is risky for building artifacts.

Apply this diff to fix the workflow structure and add security controls:

 name: Build and Artifact
 
-runs-on: self-hosted
+on:
+  workflow_call:
+
+jobs:
+  build:
+    runs-on: self-hosted
+    permissions:
+      contents: read
+      packages: read
 
-steps:
-  # Checkout the repository
-  - name: Checkout Code
-    uses: actions/checkout@v3
+    steps:
+      # Checkout the repository
+      - name: Checkout Code
+        uses: actions/checkout@v3
 
-  # Build the project with Maven
-  - name: Build with Maven
-    run: mvn clean install
+      # Build the project with Maven
+      - name: Build with Maven
+        run: mvn clean install
 
-  # Store artifacts with versioning
-  - name: Upload Artifacts with Versioning
-    uses: actions/upload-artifact@v3
-    with:
-      name: my-app-artifact-${{ github.sha }}
-      path: target/*.jar
+      # Store artifacts with versioning
+      - name: Upload Artifacts with Versioning
+        uses: actions/upload-artifact@v3
+        with:
+          name: my-app-artifact-${{ github.sha }}
+          path: target/*.jar
+          retention-days: 5
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
name: Build and Artifact
runs-on: self-hosted
steps:
# Checkout the repository
- name: Checkout Code
uses: actions/checkout@v3
# Build the project with Maven
- name: Build with Maven
run: mvn clean install
# Store artifacts with versioning
- name: Upload Artifacts with Versioning
uses: actions/upload-artifact@v3
with:
name: my-app-artifact-${{ github.sha }}
path: target/*.jar
name: Build and Artifact
on:
workflow_call:
jobs:
build:
runs-on: self-hosted
permissions:
contents: read
packages: read
steps:
# Checkout the repository
- name: Checkout Code
uses: actions/checkout@v3
# Build the project with Maven
- name: Build with Maven
run: mvn clean install
# Store artifacts with versioning
- name: Upload Artifacts with Versioning
uses: actions/upload-artifact@v3
with:
name: my-app-artifact-${{ github.sha }}
path: target/*.jar
retention-days: 5
🧰 Tools
🪛 actionlint (1.7.4)

1-1: "on" section is missing in workflow

(syntax-check)

1-1: "jobs" section is missing in workflow

(syntax-check)

3-3: unexpected key "runs-on" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

5-5: unexpected key "steps" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

.github/workflows/main.yml Outdated
Comment on lines 3 to 10
on:
push:
branches:
- '**'
pull_request:
branches:
- master
workflow_dispatch:
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Restrict workflow triggers for security.

The workflow is triggered on all branches without restrictions, which could be a security risk. Consider limiting the triggers to specific branches or patterns.

Apply this diff to restrict the triggers:

 on:
   push:
     branches:
-      - '**'
+      - 'main'
+      - 'develop'
+      - 'feature/**'
   pull_request:
     branches:
       - master
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
on:
push:
branches:
- '**'
pull_request:
branches:
- master
workflow_dispatch:
on:
push:
branches:
- 'main'
- 'develop'
- 'feature/**'
pull_request:
branches:
- master
workflow_dispatch:

.github/workflows/main.yml Outdated
Comment on lines 12 to 26
jobs:
setup-java-maven:
uses: ./.github/workflows/setup-java-maven.yml

build-and-artifact:
uses: ./.github/workflows/build-and-artifact.yml
needs: setup-java-maven

springboot-run-stop:
uses: ./.github/workflows/springboot-run-stop.yml
needs: build-and-artifact

sonarcloud-analysis:
uses: ./.github/workflows/sonarcloud-analysis.yml
needs: build-and-artifact
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add permissions and environment protection rules.

The workflow is missing permissions configuration and environment protection rules.

Add these configurations at the workflow level:

 name: Build, Deploy, and Analyze
 
+permissions:
+  contents: read
+
+env:
+  MAVEN_OPTS: "-Dmaven.repo.local=${{ github.workspace }}/.m2/repository"
+
 jobs:
   setup-java-maven:
     uses: ./.github/workflows/setup-java-maven.yml
+    permissions:
+      contents: read
 
   build-and-artifact:
     uses: ./.github/workflows/build-and-artifact.yml
     needs: setup-java-maven
+    permissions:
+      contents: read
+      packages: read
 
   springboot-run-stop:
     uses: ./.github/workflows/springboot-run-stop.yml
     needs: build-and-artifact
+    permissions:
+      contents: read
 
   sonarcloud-analysis:
     uses: ./.github/workflows/sonarcloud-analysis.yml
     needs: build-and-artifact
+    permissions:
+      contents: read
+      security-events: write
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
jobs:
setup-java-maven:
uses: ./.github/workflows/setup-java-maven.yml
build-and-artifact:
uses: ./.github/workflows/build-and-artifact.yml
needs: setup-java-maven
springboot-run-stop:
uses: ./.github/workflows/springboot-run-stop.yml
needs: build-and-artifact
sonarcloud-analysis:
uses: ./.github/workflows/sonarcloud-analysis.yml
needs: build-and-artifact
jobs:
setup-java-maven:
uses: ./.github/workflows/setup-java-maven.yml
permissions:
contents: read
build-and-artifact:
uses: ./.github/workflows/build-and-artifact.yml
needs: setup-java-maven
permissions:
contents: read
packages: read
springboot-run-stop:
uses: ./.github/workflows/springboot-run-stop.yml
needs: build-and-artifact
permissions:
contents: read
sonarcloud-analysis:
uses: ./.github/workflows/sonarcloud-analysis.yml
needs: build-and-artifact
permissions:
contents: read
security-events: write
🧰 Tools
🪛 actionlint (1.7.4)

14-14: error while parsing reusable workflow "./.github/workflows/setup-java-maven.yml": "on:" is not found

(expression)

17-17: error while parsing reusable workflow "./.github/workflows/build-and-artifact.yml": "on:" is not found

(workflow-call)

21-21: error while parsing reusable workflow "./.github/workflows/springboot-run-stop.yml": "workflow_call" event trigger is not found in "on:" at line:4, column:3

(workflow-call)

25-25: error while parsing reusable workflow "./.github/workflows/sonarcloud-analysis.yml": "on:" is not found

(workflow-call)

.github/workflows/setup-java-maven.yml Outdated
Comment on lines 1 to 32
name: Setup Java and Maven

runs-on: ubuntu-latest

steps:
# Checkout the repository
- name: Checkout Code
uses: actions/checkout@v3

# Install Maven
- name: Install Maven
run: |
sudo apt update
sudo apt install maven -y
mvn -v

# Set up Java
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
cache: maven

# Cache Maven dependencies
- name: Cache Maven dependencies
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix workflow syntax and improve Maven installation.

The workflow has several issues:

  1. Incorrect workflow syntax
  2. Maven installation via apt without version pinning
  3. Cache configuration could be improved

Apply this diff to fix the issues:

 name: Setup Java and Maven
 
-runs-on: ubuntu-latest
+on:
+  workflow_call:
+
+jobs:
+  setup:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
 
-steps:
-  # Checkout the repository
-  - name: Checkout Code
-    uses: actions/checkout@v3
+    steps:
+      # Checkout the repository
+      - name: Checkout Code
+        uses: actions/checkout@v3
 
-  # Install Maven
-  - name: Install Maven
-    run: |
-      sudo apt update
-      sudo apt install maven -y
-      mvn -v
+      # Install specific Maven version
+      - name: Install Maven
+        run: |
+          MAVEN_VERSION="3.9.6"
+          wget https://archive.apache.org/dist/maven/maven-3/${MAVEN_VERSION}/binaries/apache-maven-${MAVEN_VERSION}-bin.tar.gz
+          tar xf apache-maven-${MAVEN_VERSION}-bin.tar.gz
+          sudo mv apache-maven-${MAVEN_VERSION} /usr/share/maven
+          sudo ln -s /usr/share/maven/bin/mvn /usr/bin/mvn
+          mvn -v
 
-  # Set up Java
-  - name: Set up Java
-    uses: actions/setup-java@v3
-    with:
-      java-version: '17'
-      distribution: 'temurin'
-      cache: maven
+      # Set up Java
+      - name: Set up Java
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+          cache: maven
 
-  # Cache Maven dependencies
-  - name: Cache Maven dependencies
-    uses: actions/cache@v3
-    with:
-      path: ~/.m2
-      key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
-      restore-keys: |
-        ${{ runner.os }}-maven-
+      # Cache Maven dependencies
+      - name: Cache Maven dependencies
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.m2/repository
+            !~/.m2/repository/org/example
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-maven-
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
name: Setup Java and Maven
runs-on: ubuntu-latest
steps:
# Checkout the repository
- name: Checkout Code
uses: actions/checkout@v3
# Install Maven
- name: Install Maven
run: |
sudo apt update
sudo apt install maven -y
mvn -v
# Set up Java
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
cache: maven
# Cache Maven dependencies
- name: Cache Maven dependencies
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
name: Setup Java and Maven
on:
workflow_call:
jobs:
setup:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
# Checkout the repository
- name: Checkout Code
uses: actions/checkout@v3
# Install specific Maven version
- name: Install Maven
run: |
MAVEN_VERSION="3.9.6"
wget https://archive.apache.org/dist/maven/maven-3/${MAVEN_VERSION}/binaries/apache-maven-${MAVEN_VERSION}-bin.tar.gz
tar xf apache-maven-${MAVEN_VERSION}-bin.tar.gz
sudo mv apache-maven-${MAVEN_VERSION} /usr/share/maven
sudo ln -s /usr/share/maven/bin/mvn /usr/bin/mvn
mvn -v
# Set up Java
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
cache: maven
# Cache Maven dependencies
- name: Cache Maven dependencies
uses: actions/cache@v3
with:
path: |
~/.m2/repository
!~/.m2/repository/org/example
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
🧰 Tools
🪛 actionlint (1.7.4)

1-1: "on" section is missing in workflow

(syntax-check)

1-1: "jobs" section is missing in workflow

(syntax-check)

3-3: unexpected key "runs-on" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

5-5: unexpected key "steps" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

.github/workflows/sonarcloud-analysis.yml Outdated
Comment on lines 1 to 28
name: SonarCloud Analysis

runs-on: self-hosted
needs: build-and-artifact # Ensure the build and artifact job runs before the SonarCloud analysis job

steps:
# Checkout the repository
- name: Checkout Code
uses: actions/checkout@v3

# Set up Java
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'

# SonarCloud Analysis
- name: SonarCloud Analysis
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_ORG: your-organization # Replace with your actual SonarCloud organization
SONAR_HOST_URL: https://sonarcloud.io
run: |
mvn clean verify sonar:sonar \
-Dsonar.organization=${{ secrets.SONAR_ORG }} \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix workflow syntax and improve SonarCloud configuration.

The workflow has several issues:

  1. Incorrect workflow syntax
  2. Hardcoded organization value
  3. Missing error handling

Apply this diff to fix the issues:

 name: SonarCloud Analysis
 
-runs-on: self-hosted
-needs: build-and-artifact  # Ensure the build and artifact job runs before the SonarCloud analysis job
+on:
+  workflow_call:
+
+jobs:
+  analyze:
+    runs-on: self-hosted
+    permissions:
+      contents: read
+      security-events: write
 
-steps:
-  # Checkout the repository
-  - name: Checkout Code
-    uses: actions/checkout@v3
+    steps:
+      # Checkout the repository
+      - name: Checkout Code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
 
-  # Set up Java
-  - name: Set up Java
-    uses: actions/setup-java@v3
-    with:
-      java-version: '17'
-      distribution: 'temurin'
+      # Set up Java
+      - name: Set up Java
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'temurin'
 
-  # SonarCloud Analysis
-  - name: SonarCloud Analysis
-    env:
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-      SONAR_ORG: your-organization # Replace with your actual SonarCloud organization
-      SONAR_HOST_URL: https://sonarcloud.io
-    run: |
-      mvn clean verify sonar:sonar \
-        -Dsonar.organization=${{ secrets.SONAR_ORG }} \
-        -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-        -Dsonar.login=${{ secrets.SONAR_TOKEN }}
+      # SonarCloud Analysis
+      - name: SonarCloud Analysis
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          # Run analysis and capture the exit code
+          mvn clean verify sonar:sonar \
+            -Dsonar.organization=${{ secrets.SONAR_ORG }} \
+            -Dsonar.host.url=https://sonarcloud.io \
+            -Dsonar.login=${{ secrets.SONAR_TOKEN }} \
+            -Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }} \
+            -Dsonar.qualitygate.wait=true || SONAR_EXIT_CODE=$?
+          
+          # Check quality gate status
+          if [ "$SONAR_EXIT_CODE" = "1" ]; then
+            echo "Quality gate failed!"
+            exit 1
+          fi
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
name: SonarCloud Analysis
runs-on: self-hosted
needs: build-and-artifact # Ensure the build and artifact job runs before the SonarCloud analysis job
steps:
# Checkout the repository
- name: Checkout Code
uses: actions/checkout@v3
# Set up Java
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
# SonarCloud Analysis
- name: SonarCloud Analysis
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_ORG: your-organization # Replace with your actual SonarCloud organization
SONAR_HOST_URL: https://sonarcloud.io
run: |
mvn clean verify sonar:sonar \
-Dsonar.organization=${{ secrets.SONAR_ORG }} \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }}
name: SonarCloud Analysis
on:
workflow_call:
jobs:
analyze:
runs-on: self-hosted
permissions:
contents: read
security-events: write
steps:
# Checkout the repository
- name: Checkout Code
uses: actions/checkout@v3
with:
fetch-depth: 0
# Set up Java
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
# SonarCloud Analysis
- name: SonarCloud Analysis
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
# Run analysis and capture the exit code
mvn clean verify sonar:sonar \
-Dsonar.organization=${{ secrets.SONAR_ORG }} \
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.login=${{ secrets.SONAR_TOKEN }} \
-Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }} \
-Dsonar.qualitygate.wait=true || SONAR_EXIT_CODE=$?
# Check quality gate status
if [ "$SONAR_EXIT_CODE" = "1" ]; then
echo "Quality gate failed!"
exit 1
fi
🧰 Tools
🪛 actionlint (1.7.4)

1-1: "on" section is missing in workflow

(syntax-check)

1-1: "jobs" section is missing in workflow

(syntax-check)

3-3: unexpected key "runs-on" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

4-4: unexpected key "needs" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

6-6: unexpected key "steps" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

.github/workflows/springboot-run-stop.yml Outdated
Comment on lines 1 to 59
name: Spring Boot Run and Stop

on:
push:
branches:
- '**' # Trigger for all branches
pull_request:
branches:
- master # Trigger for pull requests targeting the master branch
workflow_dispatch: # Manual trigger via GitHub UI

runs-on: self-hosted

steps:
# Checkout the repository
- name: Checkout Code
uses: actions/checkout@v3

# Run Spring Boot App
- name: Run Spring Boot App
run: mvn spring-boot:run &

# Wait for the Spring Boot app to fully start
- name: Wait for Spring Boot App to Start
run: |
echo "Waiting for the app to start..."
sleep 15
echo "App should now be running."

# Validate that the application is running
- name: Validate App is Running
run: |
echo "Checking if the app is running..."
IP_ADDRESS=$(curl -s ifconfig.me)
PORT=8080
RESPONSE=$(curl --write-out "%{http_code}" --silent --output /dev/null http://$IP_ADDRESS:$PORT)
if [ "$RESPONSE" -eq 200 ]; then
echo "The app is running successfully at http://$IP_ADDRESS:$PORT!"
else
echo "The app failed to start. HTTP response code: $RESPONSE"
exit 1
fi

# Display the IP address and port number
- name: Display IP Address and Port
run: |
echo "The app is accessible at: http://$IP_ADDRESS:$PORT"

# Wait for 3 minutes
- name: Wait for 3 minutes
run: |
echo "App has been running for 3 minutes. Waiting..."
sleep 180

# Gracefully Stop Spring Boot App
- name: Gracefully Stop Spring Boot App
run: |
echo "Stopping the app gracefully..."
mvn spring-boot:stop
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix workflow syntax and improve application management.

The workflow has several issues:

  1. Incorrect workflow syntax
  2. Hardcoded port and insufficient health checks
  3. Missing error handling and cleanup

Apply this diff to fix the issues:

 name: Spring Boot Run and Stop
 
 on:
-  push:
-    branches:
-      - '**'  # Trigger for all branches
-  pull_request:
-    branches:
-      - master  # Trigger for pull requests targeting the master branch
-  workflow_dispatch:  # Manual trigger via GitHub UI
+  workflow_call:
+    inputs:
+      port:
+        description: 'Port number for the application'
+        required: false
+        default: '8080'
+        type: string
 
-runs-on: self-hosted
+jobs:
+  run-stop:
+    runs-on: self-hosted
+    permissions:
+      contents: read
 
-steps:
-  # Checkout the repository
-  - name: Checkout Code
-    uses: actions/checkout@v3
+    steps:
+      # Checkout the repository
+      - name: Checkout Code
+        uses: actions/checkout@v3
 
-  # Run Spring Boot App
-  - name: Run Spring Boot App
-    run: mvn spring-boot:run &
+      # Run Spring Boot App
+      - name: Run Spring Boot App
+        run: |
+          # Start the app and save the PID
+          mvn spring-boot:run \
+            -Dspring-boot.run.arguments=--server.port=${{ inputs.port }} &
+          echo $! > .pid
 
-  # Wait for the Spring Boot app to fully start
-  - name: Wait for Spring Boot App to Start
-    run: |
-      echo "Waiting for the app to start..."
-      sleep 15
-      echo "App should now be running."
+      # Wait for the Spring Boot app to fully start
+      - name: Wait for Spring Boot App to Start
+        run: |
+          echo "Waiting for the app to start..."
+          # Use actuator health endpoint
+          for i in {1..30}; do
+            if curl -s "http://localhost:${{ inputs.port }}/actuator/health" | grep -q "UP"; then
+              echo "Application is healthy!"
+              exit 0
+            fi
+            sleep 2
+          done
+          echo "Application failed to start within 60 seconds"
+          kill $(cat .pid)
+          exit 1
 
-  # Validate that the application is running
-  - name: Validate App is Running
-    run: |
-      echo "Checking if the app is running..."
-      IP_ADDRESS=$(curl -s ifconfig.me)
-      PORT=8080
-      RESPONSE=$(curl --write-out "%{http_code}" --silent --output /dev/null http://$IP_ADDRESS:$PORT)
-      if [ "$RESPONSE" -eq 200 ]; then
-        echo "The app is running successfully at http://$IP_ADDRESS:$PORT!"
-      else
-        echo "The app failed to start. HTTP response code: $RESPONSE"
-        exit 1
-      fi
+      # Display the application URL
+      - name: Display Application URL
+        run: echo "Application is running at http://localhost:${{ inputs.port }}"
 
-  # Display the IP address and port number
-  - name: Display IP Address and Port
-    run: |
-      echo "The app is accessible at: http://$IP_ADDRESS:$PORT"
+      # Run tests or other operations
+      - name: Run Tests
+        run: |
+          mvn test
+        continue-on-error: true
 
-  # Wait for 3 minutes
-  - name: Wait for 3 minutes
-    run: |
-      echo "App has been running for 3 minutes. Waiting..."
-      sleep 180
-
-  # Gracefully Stop Spring Boot App
-  - name: Gracefully Stop Spring Boot App
-    run: |
-      echo "Stopping the app gracefully..."
-      mvn spring-boot:stop
+      # Cleanup
+      - name: Cleanup
+        if: always()
+        run: |
+          if [ -f .pid ]; then
+            echo "Stopping application..."
+            kill $(cat .pid) || true
+            rm .pid
+          fi

Also, ensure that the Spring Boot Actuator dependency is added to your pom.xml:

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
🧰 Tools
🪛 actionlint (1.7.4)

1-1: "jobs" section is missing in workflow

(syntax-check)

12-12: unexpected key "runs-on" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

14-14: unexpected key "steps" for "workflow" section. expected one of "concurrency", "defaults", "env", "jobs", "name", "on", "permissions", "run-name"

(syntax-check)

coderabbitai[bot]
coderabbitai bot reviewed Jan 20, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🧹 Nitpick comments (1)
.github/workflows/setup-java-maven.yml (1)

28-35: Improve Maven cache configuration.

The current cache configuration is basic. Consider improving it to exclude unnecessary files and use more specific keys.

Apply this diff to improve cache configuration:

       - name: Cache Maven dependencies
         uses: actions/cache@v3
         with:
-          path: ~/.m2
+          path: |
+            ~/.m2/repository
+            !~/.m2/repository/org/example
           key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
           restore-keys: |
             ${{ runner.os }}-maven-
🧰 Tools
🪛 actionlint (1.7.4)

30-30: the runner of "actions/cache@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ad3bce4 and fa3fcf9.

📒 Files selected for processing (5)
  • .github/workflows/build-and-artifact.yml (1 hunks)
  • .github/workflows/main.yml (1 hunks)
  • .github/workflows/setup-java-maven.yml (1 hunks)
  • .github/workflows/sonarcloud-analysis.yml (1 hunks)
  • .github/workflows/springboot-run-stop.yml (1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/springboot-run-stop.yml

24-24: shellcheck reported issue in this script: SC2086:info:4:79: Double quote to prevent globbing and word splitting

(shellcheck)

.github/workflows/build-and-artifact.yml

17-17: the runner of "actions/upload-artifact@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

.github/workflows/setup-java-maven.yml

12-12: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

16-16: the runner of "actions/setup-java@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

30-30: the runner of "actions/cache@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

.github/workflows/sonarcloud-analysis.yml

20-20: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

24-24: the runner of "actions/setup-java@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🔇 Additional comments (6)
.github/workflows/setup-java-maven.yml (1)

22-26: 🛠️ Refactor suggestion

Use version-controlled Maven installation.

Installing Maven via apt doesn't provide version control and could lead to inconsistencies. Consider using a specific Maven version.

Apply this diff to fix the Maven installation:

       # Install Maven
       - name: Install Maven
         run: |
-          sudo apt update
-          sudo apt install maven -y
-          mvn -v
+          MAVEN_VERSION="3.9.6"
+          wget https://archive.apache.org/dist/maven/maven-3/${MAVEN_VERSION}/binaries/apache-maven-${MAVEN_VERSION}-bin.tar.gz
+          tar xf apache-maven-${MAVEN_VERSION}-bin.tar.gz
+          sudo mv apache-maven-${MAVEN_VERSION} /usr/share/maven
+          sudo ln -s /usr/share/maven/bin/mvn /usr/bin/mvn
+          mvn -v

Likely invalid or redundant comment.

.github/workflows/sonarcloud-analysis.yml (1)

29-39: 🛠️ Refactor suggestion

Add quality gate check and improve error handling.

The SonarCloud analysis lacks quality gate checks and proper error handling.

Apply this diff to improve the analysis:

       - name: SonarCloud Analysis
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
           SONAR_ORG: ${{ secrets.SONAR_ORG }}
           SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          mvn clean verify sonar:sonar \
-            -Dsonar.organization=${{ secrets.SONAR_ORG }} \
-            -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-            -Dsonar.login=${{ secrets.SONAR_TOKEN }}
+          # Run analysis and capture exit code
+          mvn clean verify sonar:sonar \
+            -Dsonar.organization=${{ secrets.SONAR_ORG }} \
+            -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
+            -Dsonar.login=${{ secrets.SONAR_TOKEN }} \
+            -Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }} \
+            -Dsonar.qualitygate.wait=true || SONAR_EXIT_CODE=$?
+          
+          # Check quality gate status
+          if [ "$SONAR_EXIT_CODE" = "1" ]; then
+            echo "Quality gate failed!"
+            exit 1
+          fi

Likely invalid or redundant comment.

.github/workflows/main.yml (2)

4-9: ⚠️ Potential issue

Restrict workflow triggers for security.

The workflow is triggered on all branches without restrictions, which could be a security risk.

Apply this diff to restrict the triggers:

   push:
     branches:
-      - '**'
+      - 'main'
+      - 'develop'
+      - 'feature/**'
   pull_request:
     branches:
       - master

Likely invalid or redundant comment.

1-35: 🛠️ Refactor suggestion

Add permissions and environment protection.

The workflow is missing permissions configuration and environment protection rules.

Add these configurations at the workflow level:

 name: Build, Deploy, and Analyze
 
+permissions:
+  contents: read
+
+env:
+  MAVEN_OPTS: "-Dmaven.repo.local=${{ github.workspace }}/.m2/repository"

Likely invalid or redundant comment.

.github/workflows/springboot-run-stop.yml (2)

15-20: 🛠️ Refactor suggestion

Replace sleep with proper health checks.

Using sleep for health checks is unreliable. Use Spring Boot Actuator's health endpoint instead.

Apply this diff to implement proper health checks:

       - name: Wait for Spring Boot App to Start
         run: |
           echo "Waiting for the app to start..."
-          sleep 15
-          echo "App should now be running."
+          for i in {1..30}; do
+            if curl -s "http://localhost:8080/actuator/health" | grep -q "UP"; then
+              echo "Application is healthy!"
+              exit 0
+            fi
+            sleep 2
+          done
+          echo "Application failed to start within 60 seconds"
+          exit 1

Likely invalid or redundant comment.

41-51: 🛠️ Refactor suggestion

Add cleanup and improve application management.

The workflow needs proper cleanup and better application management.

Apply this diff to improve the workflow:

-      # Wait for 3 minutes (180 seconds)
-      - name: Wait for 3 minutes
-        run: |
-          echo "App has been running for 3 minutes. Waiting..."
-          sleep 180
-
-      # Gracefully Stop Spring Boot App
-      - name: Gracefully Stop Spring Boot App
-        run: |
-          echo "Stopping the app gracefully..."
-          mvn spring-boot:stop
+      # Cleanup
+      - name: Cleanup
+        if: always()
+        run: |
+          PID=$(jps | grep "spring-boot:run" | cut -d " " -f 1)
+          if [ ! -z "$PID" ]; then
+            echo "Stopping application (PID: $PID)..."
+            kill $PID || true
+          fi

Likely invalid or redundant comment.

.github/workflows/build-and-artifact.yml
Comment on lines +1 to +20
name: Build and Artifact Generation

on:
workflow_call: # This workflow can be called from other workflows

jobs:
build-artifact:
runs-on: self-hosted

steps:
# Build the project with Maven
- name: Build with Maven
run: mvn clean install

# Upload the built artifact (e.g., .jar files) with versioning based on commit SHA
- name: Upload Artifacts with Versioning
uses: actions/upload-artifact@v3
with:
name: my-app-artifact-${{ github.sha }} # Artifact version based on commit SHA
path: target/*.jar # Path to the built artifact (e.g., JAR file or other build outputs)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Improve workflow security and artifact management.

The workflow needs several improvements:

  1. Missing checkout step before Maven build
  2. No retention period for artifacts
  3. No permissions defined

Apply this diff to fix the issues:

 name: Build and Artifact Generation

 on:
   workflow_call:

 jobs:
   build-artifact:
     runs-on: self-hosted
+    permissions:
+      contents: read
+      packages: read

     steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4

       # Build the project with Maven
       - name: Build with Maven
         run: mvn clean install

       # Upload the built artifact with versioning
       - name: Upload Artifacts with Versioning
         uses: actions/upload-artifact@v4
         with:
           name: my-app-artifact-${{ github.sha }}
           path: target/*.jar
+          retention-days: 5
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
name: Build and Artifact Generation
on:
workflow_call: # This workflow can be called from other workflows
jobs:
build-artifact:
runs-on: self-hosted
steps:
# Build the project with Maven
- name: Build with Maven
run: mvn clean install
# Upload the built artifact (e.g., .jar files) with versioning based on commit SHA
- name: Upload Artifacts with Versioning
uses: actions/upload-artifact@v3
with:
name: my-app-artifact-${{ github.sha }} # Artifact version based on commit SHA
path: target/*.jar # Path to the built artifact (e.g., JAR file or other build outputs)
name: Build and Artifact Generation
on:
workflow_call: # This workflow can be called from other workflows
jobs:
build-artifact:
runs-on: self-hosted
permissions:
contents: read
packages: read
steps:
- name: Checkout Code
uses: actions/checkout@v4
# Build the project with Maven
- name: Build with Maven
run: mvn clean install
# Upload the built artifact (e.g., .jar files) with versioning based on commit SHA
- name: Upload Artifacts with Versioning
uses: actions/upload-artifact@v4
with:
name: my-app-artifact-${{ github.sha }} # Artifact version based on commit SHA
path: target/*.jar # Path to the built artifact (e.g., JAR file or other build outputs)
retention-days: 5
🧰 Tools
🪛 actionlint (1.7.4)

17-17: the runner of "actions/upload-artifact@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

.github/workflows/build-and-artifact.yml

jobs:
build-artifact:
runs-on: self-hosted
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codebase verification

⚠️ Potential issue

Critical: Add security controls and fix missing checkout step

The workflow has multiple security and functionality issues:

  • Missing permissions configuration to restrict access scope
  • Missing essential actions/checkout step before Maven build
  • Maven build on self-hosted runner without proper isolation could expose sensitive data

Recommended changes:

jobs:
  build-artifact:
    runs-on: self-hosted
    permissions:
      contents: read
      actions: write  # For artifact upload
    
    steps:
      - uses: actions/checkout@v4
      
      - name: Build with Maven
        run: mvn clean install
🔗 Analysis chain

Add security controls for self-hosted runner.

Using a self-hosted runner without proper security controls can be risky. Consider using GitHub-hosted runners or implement proper security controls.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if there are any security-sensitive files in the repository
rg -l "password|secret|key|token|credential"

Length of output: 46

Script:

#!/bin/bash
# Get the complete workflow file content
cat .github/workflows/build-and-artifact.yml

# List all workflow files to check for related configurations
fd -e yml -e yaml . .github/workflows/

# Check for environment variables and secrets usage in workflows
rg -l "env:|secrets\." .github/workflows/

Length of output: 1043

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@vikas0105