PR for v1.5.9 #387

coderabbitai · 2025-12-07T06:59:20Z

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

cat -n .github/workflows/docker-publish.yml | head -70

Repository: kit-data-manager/base-repo

Length of output: 3360

🏁 Script executed:

#!/bin/bash # Verify Docker action commit hashes against official GitHub releases # We'll check the releases and tags for each Docker action repository echo "=== Verifying docker/login-action commit hash ===" # Hash: 28fdb31ff34708d19615a74d67103ddc2ea9725c echo "=== Verifying docker/metadata-action commit hash ===" # Hash: c299e40c65443455700f0fdfc63efafe5b349051 echo "=== Verifying docker/build-push-action commit hash ===" # Hash: 9e436ba9f2d7bcd1d038c8e55d039d37896ddc5d # Try to get release information from GitHub API for each action for action in "login-action" "metadata-action" "build-push-action"; do repo="docker/${action}" echo "" echo "=== Checking releases for $repo ===" curl -s "https://api.github.com/repos/${repo}/releases?per_page=10" | jq -r '.[] | "\(.tag_name): \(.published_at) - Draft: \(.draft), Prerelease: \(.prerelease)"' 2>/dev/null | head -5 done

Repository: kit-data-manager/base-repo

Length of output: 1339

🏁 Script executed:

#!/bin/bash # Get detailed release information with commit hashes for action in "login-action" "metadata-action" "build-push-action"; do repo="docker/${action}" echo "" echo "=== Release details for $repo ===" # Get releases with tag names and their commit info curl -s "https://api.github.com/repos/${repo}/releases?per_page=20" | jq -r '.[] | "\(.tag_name): commit SHA information available"' 2>/dev/null done # Now let's try to find specific commits in the tags echo "" echo "=== Checking specific commit hashes ===" # For login-action: 28fdb31ff34708d19615a74d67103ddc2ea9725c echo "docker/login-action commit 28fdb31..." curl -s "https://api.github.com/repos/docker/login-action/commits/28fdb31ff34708d19615a74d67103ddc2ea9725c" | jq -r '.commit.message, .author.date' 2>/dev/null | head -2 # For metadata-action: c299e40c65443455700f0fdfc63efafe5b349051 echo "" echo "docker/metadata-action commit c299e40c..." curl -s "https://api.github.com/repos/docker/metadata-action/commits/c299e40c65443455700f0fdfc63efafe5b349051" | jq -r '.commit.message, .author.date' 2>/dev/null | head -2 # For build-push-action: 9e436ba9f2d7bcd1d038c8e55d039d37896ddc5d echo "" echo "docker/build-push-action commit 9e436ba9..." curl -s "https://api.github.com/repos/docker/build-push-action/commits/9e436ba9f2d7bcd1d038c8e55d039d37896ddc5d" | jq -r '.commit.message, .author.date' 2>/dev/null | head -2

Repository: kit-data-manager/base-repo

Length of output: 3110

🏁 Script executed:

#!/bin/bash # Find which releases contain these commits echo "=== Finding release versions for pinned commits ===" # Get all tags for each repo and their commit SHAs echo "" echo "docker/login-action - finding version for 28fdb31ff34708d19615a74d67103ddc2ea9725c" curl -s "https://api.github.com/repos/docker/login-action/git/matching-refs/tags/v" | jq -r '.[] | "\(.ref): \(.object.sha)"' 2>/dev/null | grep -E "v3|v2" | head -20 echo "" echo "docker/metadata-action - finding version for c299e40c65443455700f0fdfc63efafe5b349051" curl -s "https://api.github.com/repos/docker/metadata-action/git/matching-refs/tags/v" | jq -r '.[] | "\(.ref): \(.object.sha)"' 2>/dev/null | grep -E "v5|v4" | head -20 echo "" echo "docker/build-push-action - finding version for 9e436ba9f2d7bcd1d038c8e55d039d37896ddc5d" curl -s "https://api.github.com/repos/docker/build-push-action/git/matching-refs/tags/v" | jq -r '.[] | "\(.ref): \(.object.sha)"' 2>/dev/null | grep -E "v6|v5" | head -20

Repository: kit-data-manager/base-repo

Length of output: 3435

🏁 Script executed:

#!/bin/bash # Get detailed commit information for the pinned commits echo "=== Commit details for pinned hashes ===" echo "" echo "docker/login-action@28fdb31ff34708d19615a74d67103ddc2ea9725c" curl -s "https://api.github.com/repos/docker/login-action/commits/28fdb31ff34708d19615a74d67103ddc2ea9725c" | jq -r '.commit | "\(.author.date): \(.message)"' 2>/dev/null echo "" echo "docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051" curl -s "https://api.github.com/repos/docker/metadata-action/commits/c299e40c65443455700f0fdfc63efafe5b349051" | jq -r '.commit | "\(.author.date): \(.message)"' 2>/dev/null echo "" echo "docker/build-push-action@9e436ba9f2d7bcd1d038c8e55d039d37896ddc5d" curl -s "https://api.github.com/repos/docker/build-push-action/commits/9e436ba9f2d7bcd1d038c8e55d039d37896ddc5d" | jq -r '.commit | "\(.author.date): \(.message)"' 2>/dev/null # Now check if there are any advisories or security issues echo "" echo "=== Checking for security advisories ===" for action in "login-action" "metadata-action" "build-push-action"; do repo="docker/${action}" echo "" echo "$repo:" curl -s "https://api.github.com/repos/${repo}/security/advisories" | jq -r '.[] | "\(.ghsa_id): \(.summary)"' 2>/dev/null | head -3 done

Repository: kit-data-manager/base-repo

Length of output: 898

Update Docker action pins to use released versions instead of unreleased commits.

Two of the three Docker action commits do not correspond to any official release:

Line 40 (docker/login-action@28fdb31ff...): Pinned to an unreleased commit from October 17, 2025, which is after the latest stable release v3.6.0 (September 29, 2025). This commit should be pinned to v3.6.0 or verified as a release candidate.

Line 59 (docker/build-push-action@9e436ba9f2d...): Pinned to an unreleased commit from September 29, 2025. The latest stable release is v6.18.0 (May 27, 2025). This commit is significantly newer than any released version and should be replaced with a stable release tag.

Line 52 (docker/metadata-action@c299e40c...): ✓ Correctly pinned to v5.10.0 (latest stable release as of November 27, 2025).

Using unreleased commits bypasses the official release review process and introduces unnecessary risk. Pin to stable release versions (e.g., v3.6.0, v6.18.0) instead.

🤖 Prompt for AI Agents

.github/workflows/docker-publish.yml around line 40: the docker actions are pinned to unreleased commit SHAs which bypass release review and add risk; replace docker/login-action@28fdb31ff34708d19615a74d67103ddc2ea9725c with the released tag docker/[email protected], and replace docker/build-push-action@9e436ba9f2d... (line 59) with docker/[email protected]; leave docker/[email protected] as-is and verify workflow still works after updating these tags.

coderabbitai · 2025-12-07T06:59:20Z

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

# First, locate the build.gradle file find . -name "build.gradle" -type f

Repository: kit-data-manager/base-repo

Length of output: 84

🏁 Script executed:

# Check file size and read the build.gradle file wc -l ./build.gradle && echo "---" && cat -n ./build.gradle

Repository: kit-data-manager/base-repo

Length of output: 6508

🏁 Script executed:

# Check if springBootVersion property is used elsewhere in gradle files grep -r "springBootVersion" . --include="*.gradle" 2>/dev/null # Also check the referenced gradle profile files echo "--- Checking profile-minimal.gradle ---" cat ./gradle/profile-minimal.gradle 2>/dev/null || echo "File not found" echo "--- Checking profile-complete.gradle ---" cat ./gradle/profile-complete.gradle 2>/dev/null || echo "File not found"

Repository: kit-data-manager/base-repo

Length of output: 815

🏁 Script executed:

# Search for any usage of springBootVersion variable in code or documentation rg "springBootVersion" --type gradle --type java 2>/dev/null | grep -v "set('springBootVersion" # Also check if there are any imports or references in other build files find . -name "*.gradle" -o -name "*.properties" | xargs grep -l "springBootVersion" 2>/dev/null

Repository: kit-data-manager/base-repo

Length of output: 84

Remove the unused springBootVersion property and verify dependency compatibility.

The dependency versions (Spring Data Elasticsearch 5.5.6, Spring Messaging 7.0.1, Spring Cloud modules 4.3.x, Spring Boot Admin 3.5.6, repo-core 1.2.6, service-base 1.3.6, nimbus-jose-jwt 10.6, PostgreSQL 42.7.8, H2 2.4.240, spring-restdocs-mockmvc 3.0.5, and Jacoco 0.8.14) align with Spring Boot 3.5.8. However, the ext block defines an unused springBootVersion property set to "3.2.1" (line 36) that should be removed to avoid confusion. The effective Spring Boot version is 3.5.8 from the plugin declaration.

coderabbitai · 2025-09-29T10:27:14Z

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

JUnit 4 runner in a Spring Boot 3.x stack — confirm Vintage engine presence or plan Jupiter migration

You’re using JUnit 4 (SpringRunner, @before, @rule). Ensure the build includes junit-vintage-engine, or migrate tests to JUnit Jupiter to align with modern Spring Test support. Based on learnings.

Run to confirm dependencies and usage:

🏁 Script executed:

#!/bin/bash # Find explicit JUnit dependencies and engines rg -nP -C2 '(junit-?vintage|junit-?jupiter|org\.junit\.jupiter|org\.junit\.vintage|junit[:"]\s*4\.)' \ -g '!**/build/**' -g '!**/out/**' # Spot JUnit4 annotations in tests rg -nP -C2 'org\.junit\.(Test|Before|Rule)|@RunWith$SpringRunner\.class$' src/test

Length of output: 10993

🏁 Script executed:

#!/bin/bash # Search for JUnit dependencies in Maven pom.xml rg -nP '<artifactId>junit' -C1 -g 'pom.xml' rg -nP 'org\.junit\.vintage|org\.junit\.jupiter' -g 'pom.xml' # If Gradle build script present, search for junit dependencies rg -nP 'junit' -g 'build.gradle' -g 'build.gradle.kts'

Length of output: 358

Add JUnit Vintage engine or migrate tests to JUnit Jupiter
Your integration tests (e.g. using SpringRunner, @rule, @before) rely on JUnit 4, but build.gradle only declares testImplementation "junit:junit:4.13.2" (no vintage engine). Spring Boot 3.x uses JUnit Platform, so either add the Vintage engine:

testRuntimeOnly "org.junit.vintage:junit-vintage-engine"

or migrate your tests to JUnit Jupiter.

🤖 Prompt for AI Agents

In src/test/java/edu/kit/datamanager/repo/test/integration/ActuatorPrometheusTest.java around lines 56 to 61, the test class uses JUnit 4 constructs (SpringRunner, @RunWith) but the build lacks the JUnit Vintage engine so tests will not run under JUnit Platform; either add the Vintage engine to build.gradle as a test runtime dependency (org.junit.vintage:junit-vintage-engine) so JUnit4 tests run on the JUnit Platform, or migrate the test to JUnit Jupiter by replacing @RunWith(SpringRunner.class) with @ExtendWith(SpringExtension.class) and updating any @Before/@After/@Rule usages to their JUnit 5 equivalents.

-Original file line number
+Diff line change
@@ Expand Up / @@ -38,11 +38,11 @@ jobs: @@
         steps:
         - name: Checkout repository
-          uses: actions/checkout@v4
+          uses: actions/checkout@v5
         # Initializes the CodeQL tools for scanning.
         - name: Initialize CodeQL
-          uses: github/codeql-action/init@v3
+          uses: github/codeql-action/init@v4
           with:
             languages: ${{ matrix.language }}
             # If you wish to specify custom queries, you can do so here or in a config file.
@@ Expand All / @@ -53,7 +53,7 @@ jobs: @@
         # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
         # If this step fails, then you should remove it and run the build manually (see below)
         - name: Autobuild
-          uses: github/codeql-action/autobuild@v3
+          uses: github/codeql-action/autobuild@v4
         # ℹ️ Command-line programs to run using the OS shell.
         # 📚 https://git.io/JvXDl
@@ Expand All / @@ -67,4 +67,4 @@ jobs: @@
         #   make release
         - name: Perform CodeQL Analysis
-          uses: github/codeql-action/analyze@v3
+          uses: github/codeql-action/analyze@v4

-Original file line number
+Diff line change
@@ Expand Up / @@ -32,12 +32,12 @@ jobs: @@
           #
         steps:
           - name: Checkout repository
-            uses: actions/checkout@v4
+            uses: actions/checkout@v5
           # Uses the `docker/login-action` action to log in to the Container
           # registry using the account and password that will publish the packages.
           # Once published, the packages are scoped to the account defined here.
           - name: Log in to the Container registry
-            uses: docker/login-action@327cd5a69de6c009b9ce71bce8395f28e651bf99
+            uses: docker/login-action@28fdb31ff34708d19615a74d67103ddc2ea9725c
             with:
               registry: ${{ env.REGISTRY }}
               username: ${{ github.actor }}
@@ Expand All / @@ -49,14 +49,14 @@ jobs: @@
           # and labels.
           - name: Extract metadata (tags, labels) for Docker
             id: meta
-            uses: docker/metadata-action@8e1d5461f02b7886d3c1a774bfbd873650445aa2
+            uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051
             with:
               images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           # This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages.
           # It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository.
           # It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step.
           - name: Build and push Docker image
-            uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991
+            uses: docker/build-push-action@9e436ba9f2d7bcd1d038c8e55d039d37896ddc5d
             with:
               context: .
               push: true
@@ Expand Down @@

-Original file line number
+Diff line change
@@ Expand Up / @@ -21,9 +21,9 @@ jobs: @@
             jdk: [ 17 ]
         steps:
         - name: Checkout repo
-          uses: actions/checkout@v4
+          uses: actions/checkout@v5
         - name: Set up OpenJDK version ...
-          uses: actions/setup-java@v4
+          uses: actions/setup-java@v5
           with:
             distribution: 'zulu'
             java-version: ${{ matrix.jdk }}
@@ Expand All / @@ -47,9 +47,9 @@ jobs: @@
         runs-on: ubuntu-latest
         steps:
         - name: Checkout repo
-          uses: actions/checkout@v4
+          uses: actions/checkout@v5
         - name: Set up OpenJDK version ...
-          uses: actions/setup-java@v4
+          uses: actions/setup-java@v5
           with:
             distribution: 'zulu'
             java-version: ${{ env.currentBuildVersion }}
@@ Expand Down @@

-Original file line number
+Diff line change
@@ Expand Up @@
     * [Getting Started & Documentation](https://kit-data-manager.github.io/webpage/base-repo/index.html)
     * [API documentation](https://kit-data-manager.github.io/webpage/base-repo/documentation/api-docs.html)
-    * [Docker container](https://github.com/kit-data-manager/base-repo/pkgs/container/base-repo%2Fbase-repo)
+    * [Docker container](https://github.com/kit-data-manager/base-repo/pkgs/container/base-repo)
     * [Information about the DataCite metadata schema](https://schema.datacite.org/)
     ## License
@@ Expand Down @@

-Original file line number
+Diff line change
@@ -1,12 +1,12 @@
     plugins {
-        id 'org.springframework.boot' version '3.4.2'
+        id 'org.springframework.boot' version '3.5.8'
         id 'io.spring.dependency-management' version '1.1.7'
-        id 'io.freefair.lombok' version '8.12'
-        id 'io.freefair.maven-publish-java' version '8.12'
-        id 'org.owasp.dependencycheck' version '12.0.1'
-        id 'org.asciidoctor.jvm.convert' version '4.0.4'
+        id 'io.freefair.lombok' version '9.1.0'
+        id 'io.freefair.maven-publish-java' version '9.1.0'
+        id 'org.owasp.dependencycheck' version '12.1.9'
+        id 'org.asciidoctor.jvm.convert' version '4.0.5'
         id 'net.researchgate.release' version '3.1.0'
-        id 'com.gorylenko.gradle-git-properties' version '2.4.2'
+        id 'com.gorylenko.gradle-git-properties' version '2.5.4'
         id 'java'
         id 'jacoco'
     }
@@ Expand All / @@ -22,15 +22,19 @@ repositories { @@
         mavenCentral()
     }
+    java {
+        sourceCompatibility = JavaVersion.VERSION_17
+        targetCompatibility = JavaVersion.VERSION_17
+    }
     //configurations {
      //   all*.exclude module : 'spring-boot-starter-logging'
     //}
     ext {
-        set('javersVersion', "7.7.0")
+        set('javersVersion', "7.9.0")
         set('springBootVersion', "3.2.1")
-        set('springDocVersion', "2.8.4")
+        set('springDocVersion', "2.8.14")
         set('keycloakVersion', "19.0.0")
         // directory for generated code snippets during tests
@@ Expand All / @@ -41,9 +45,6 @@ println "Running gradle version: $gradle.gradleVersion" @@
     println "Building ${name} version: ${version}"
     println "JDK version: ${JavaVersion.current()}"
-    sourceCompatibility = JavaVersion.VERSION_17
-    targetCompatibility = JavaVersion.VERSION_17
     if (System.getProperty('profile') == 'minimal') {
         println 'Using minimal profile for building ' + project.getName()
         apply from: 'gradle/profile-minimal.gradle'
@@ Expand All / @@ -60,29 +61,29 @@ dependencies { @@
         implementation "org.springframework.boot:spring-boot-starter-mail"
         implementation "org.springframework.boot:spring-boot-starter-security"
         implementation "org.springframework.boot:spring-boot-starter-actuator"
-        implementation 'org.springframework.data:spring-data-elasticsearch:5.4.2'
+        implementation 'org.springframework.data:spring-data-elasticsearch:5.5.6'
-        implementation "org.springframework:spring-messaging:6.2.2"
+        implementation "org.springframework:spring-messaging:7.0.1"
         // cloud support
-        implementation "org.springframework.cloud:spring-cloud-starter-config:4.2.0"
-        implementation "org.springframework.cloud:spring-cloud-starter-netflix-eureka-client:4.2.0"
-        implementation "org.springframework.cloud:spring-cloud-gateway-mvc:4.2.0"
-        implementation 'de.codecentric:spring-boot-admin-starter-client:3.4.1'
+        implementation "org.springframework.cloud:spring-cloud-starter-config:4.3.0"
+        implementation "org.springframework.cloud:spring-cloud-starter-netflix-eureka-client:4.3.0"
+        implementation "org.springframework.cloud:spring-cloud-gateway-mvc:4.3.2"
+        implementation 'de.codecentric:spring-boot-admin-starter-client:3.5.6'
         // springdoc
         implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:${springDocVersion}"
         implementation "org.springdoc:springdoc-openapi-starter-common:${springDocVersion}"
         implementation "org.springdoc:springdoc-openapi-starter-webmvc-api:${springDocVersion}"
-        implementation "edu.kit.datamanager:repo-core:1.2.5"
-        implementation "edu.kit.datamanager:service-base:1.3.3"
+        implementation "edu.kit.datamanager:repo-core:1.2.6"
+        implementation "edu.kit.datamanager:service-base:1.3.6"
         //implementation "com.github.victools:jsonschema-generator:4.23.0"
         //Keycloak
         // implementation "org.keycloak:keycloak-spring-boot-starter:${keycloakVersion}"
-        implementation "com.nimbusds:nimbus-jose-jwt:10.0.1"
+        implementation "com.nimbusds:nimbus-jose-jwt:10.6"
        // implementation "io.jsonwebtoken:jjwt-api:0.11.5"
         //implementation "io.jsonwebtoken:jjwt-impl:0.11.5"
         //implementation "io.jsonwebtoken:jjwt-jackson:0.11.5"
@@ Expand All / @@ -97,11 +98,11 @@ dependencies { @@
         runtimeOnly    "org.apache.httpcomponents:httpclient:4.5.14"
          // driver for postgres
-        implementation "org.postgresql:postgresql:42.7.5"
+        implementation "org.postgresql:postgresql:42.7.8"
         //driver for h2
-        implementation "com.h2database:h2:2.3.232"
+        implementation "com.h2database:h2:2.4.240"
-        testImplementation "org.springframework.restdocs:spring-restdocs-mockmvc:3.0.3"
+        testImplementation "org.springframework.restdocs:spring-restdocs-mockmvc:3.0.5"
         testImplementation "org.springframework.boot:spring-boot-starter-test"
         testImplementation "org.springframework:spring-test"
         testImplementation "org.springframework.security:spring-security-test"
@@ Expand Down Expand Up / @@ -149,7 +150,7 @@ bootJar { @@
     }
     jacoco {
-        toolVersion = "0.8.12"
+        toolVersion = "0.8.14"
     }
     // task for printing project name.
@@ Expand Down @@

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

PR for v1.5.9 #387

Uh oh!

Diff view

Diff view

There are no files selected for viewing

coderabbitai bot Dec 7, 2025

Uh oh!

coderabbitai bot Dec 7, 2025

Uh oh!

Uh oh!

Uh oh!

coderabbitai bot Sep 29, 2025

Uh oh!

Uh oh!

-Original file line number
+Diff line change
@@ -1,6 +1,6 @@
     distributionBase=GRADLE_USER_HOME
     distributionPath=wrapper/dists
-    distributionUrl=https\://services.gradle.org/distributions/gradle-8.12.1-bin.zip
+    distributionUrl=https\://services.gradle.org/distributions/gradle-9.2.1-bin.zip
     networkTimeout=10000
     validateDistributionUrl=true
     zipStoreBase=GRADLE_USER_HOME
@@ Expand Down @@

-Original file line number
+Diff line change
@@ -0,0 +1,118 @@
+    /*
+     * Copyright 2025 Karlsruhe Institute of Technology.
+     *
+     * Licensed under the Apache License, Version 2.0 (the "License");
+     * you may not use this file except in compliance with the License.
+     * You may obtain a copy of the License at
+     *
+     *      http://www.apache.org/licenses/LICENSE-2.0
+     *
+     * Unless required by applicable law or agreed to in writing, software
+     * distributed under the License is distributed on an "AS IS" BASIS,
+     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     * See the License for the specific language governing permissions and
+     * limitations under the License.
+     */
+    package edu.kit.datamanager.repo.test.integration;
+    import org.hamcrest.Matchers;
+    import org.junit.Before;
+    import org.junit.Rule;
+    import org.junit.Test;
+    import org.junit.runner.RunWith;
+    import org.springframework.beans.factory.annotation.Autowired;
+    import org.springframework.boot.autoconfigure.domain.EntityScan;
+    import org.springframework.boot.test.autoconfigure.actuate.observability.AutoConfigureObservability;
+    import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
+    import org.springframework.boot.test.context.SpringBootTest;
+    import org.springframework.context.annotation.ComponentScan;
+    import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
+    import org.springframework.restdocs.JUnitRestDocumentation;
+    import org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener;
+    import org.springframework.test.annotation.DirtiesContext;
+    import org.springframework.test.context.ActiveProfiles;
+    import org.springframework.test.context.TestExecutionListeners;
+    import org.springframework.test.context.TestPropertySource;
+    import org.springframework.test.context.junit4.SpringRunner;
+    import org.springframework.test.context.support.DependencyInjectionTestExecutionListener;
+    import org.springframework.test.context.support.DirtiesContextTestExecutionListener;
+    import org.springframework.test.context.transaction.TransactionalTestExecutionListener;
+    import org.springframework.test.context.web.ServletTestExecutionListener;
+    import org.springframework.test.web.servlet.MockMvc;
+    import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+    import org.springframework.web.context.WebApplicationContext;
+    import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
+    import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+    import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
+    import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
+    import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+    /**
+     * Test for the Prometheus actuator endpoint.
+     * This test checks that the Prometheus endpoint is correctly exposed and that it contains the expected metrics.
+     * Also checks that other actuator endpoints are not exposed.
+     */
+    @RunWith(SpringRunner.class)
+    @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
+    @EntityScan("edu.kit.datamanager")
+    @EnableJpaRepositories("edu.kit.datamanager")
+    @ComponentScan({"edu.kit.datamanager"})
+    @AutoConfigureMockMvc
+    @TestExecutionListeners(listeners = {ServletTestExecutionListener.class,
+            DependencyInjectionTestExecutionListener.class,
+            DirtiesContextTestExecutionListener.class,
+            TransactionalTestExecutionListener.class,
+            WithSecurityContextTestExecutionListener.class})
+    @ActiveProfiles("test")
+    @TestPropertySource(properties = {"spring.datasource.url=jdbc:h2:mem:db_prometheus;DB_CLOSE_DELAY=-1;MODE=LEGACY;NON_KEYWORDS=VALUE"})
+    @TestPropertySource(properties = {"spring.jpa.database-platform=org.hibernate.dialect.H2Dialect"})
+    @TestPropertySource(properties = {"spring.jpa.defer-datasource-initialization=true"})
+    @TestPropertySource(properties = {"repo.monitoring.enabled=true"})
+    @TestPropertySource(properties = {"repo.monitoring.serviceName=base_repo_test"})
+    @TestPropertySource(properties = {"management.endpoints.web.exposure.include=prometheus"})
+    @DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_CLASS)
+    @AutoConfigureObservability
+    public class ActuatorPrometheusTest {
+      @Rule
+      public JUnitRestDocumentation restDocumentation = new JUnitRestDocumentation();
+      private MockMvc mockMvc;
+      @Autowired
+      private WebApplicationContext context;
+      @Before
+      public void setUp() {
+        // setup mockMvc
+        this.mockMvc = MockMvcBuilders.webAppContextSetup(this.context)
+                .apply(springSecurity())
+                .build();
+      }
+      @Test
+      public void testForNotExposedActuators() throws Exception {
+        // Check that all other endpoints are not exposed
+        this.mockMvc.perform(get("/actuator/beans")).andDo(print()).andExpect(status().isNotFound());
+        this.mockMvc.perform(get("/actuator/caches")).andDo(print()).andExpect(status().isNotFound());
+        this.mockMvc.perform(get("/actuator/conditions")).andDo(print()).andExpect(status().isNotFound());
+        this.mockMvc.perform(get("/actuator/configprops")).andDo(print()).andExpect(status().isNotFound());
+        this.mockMvc.perform(get("/actuator/env")).andDo(print()).andExpect(status().isNotFound());
+        this.mockMvc.perform(get("/actuator/loggers")).andDo(print()).andExpect(status().isNotFound());
+        this.mockMvc.perform(get("/actuator/heapdump")).andDo(print()).andExpect(status().isNotFound());
+        this.mockMvc.perform(get("/actuator/threaddump")).andDo(print()).andExpect(status().isNotFound());
+        this.mockMvc.perform(get("/actuator/metrics")).andDo(print()).andExpect(status().isNotFound());
+        this.mockMvc.perform(get("/actuator/scheduledtasks")).andDo(print()).andExpect(status().isNotFound());
+        this.mockMvc.perform(get("/actuator/mappings")).andDo(print()).andExpect(status().isNotFound());
+      }
+      @Test
+      public void testActuator() throws Exception {
+        // /actuator/prometheus
+        this.mockMvc.perform(get("/actuator/prometheus")).andDo(print()).andExpect(status().isOk())
+                .andExpect(content().string(Matchers.containsString("# TYPE base_repo_test_requests_served_total")))
+                .andExpect(content().string(Matchers.containsString("# TYPE base_repo_test_unique_users")))
+                .andExpect(content().string(Matchers.containsString("# TYPE base_repo_test_registered_users")))
+                .andReturn();
+      }
+    }

PR for v1.5.9 #387

Are you sure you want to change the base?

Uh oh!

PR for v1.5.9 #387

Uh oh!

Uh oh!

Diff view

Diff view

There are no files selected for viewing

coderabbitai bot Dec 7, 2025

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot Dec 7, 2025

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

coderabbitai bot Sep 29, 2025

Choose a reason for hiding this comment

Uh oh!

Uh oh!