feat(properties): simplify properties configuration

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,8 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Discussions
+    url: https://github.com/alibaba/open-agent-auth/discussions
+    about: Ask questions and discuss ideas
+  - name: Documentation
+    url: https://github.com/alibaba/open-agent-auth/tree/main/docs
+    about: Read the documentation

.github/workflows/ci.yml

@@ -0,0 +1,145 @@
+name: CI
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+permissions:
+  contents: write
+  checks: write
+  pull-requests: write
+
+jobs:
+  build:
+    name: Build & Test (JDK ${{ matrix.java }})
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        java: [ '17' ]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up JDK ${{ matrix.java }}
+        uses: actions/setup-java@v4
+        with:
+          java-version: ${{ matrix.java }}
+          distribution: 'temurin'
+          cache: maven
+
+      - name: Build & Test with JaCoCo
+        id: build
+        run: mvn clean verify -Paggregate-report -B -ntp
+
+      - name: Publish Test Results
+        uses: dorny/test-reporter@v1
+        if: >-
+          always()
+          && (steps.build.outcome == 'success' || steps.build.outcome == 'failure')
+          && github.event_name != 'pull_request'
+             || github.event.pull_request.head.repo.full_name == github.repository
+        with:
+          name: Test Results (JDK ${{ matrix.java }})
+          path: '**/target/surefire-reports/TEST-*.xml'
+          reporter: java-junit
+
+      - name: Generate JaCoCo Coverage Report
+        uses: madrapps/jacoco-report@v1.7.1
+        if: >-
+          always()
+          && (steps.build.outcome == 'success' || steps.build.outcome == 'failure')
+          && github.event_name == 'pull_request'
+        with:
+          paths: '**/target/site/jacoco-aggregate/jacoco.xml'
+          token: ${{ secrets.GITHUB_TOKEN }}
+          title: Code Coverage Report
+          update-comment: true
+          min-coverage-overall: 50
+          min-coverage-changed-files: 60
+
+      - name: Extract coverage percentage
+        if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+        id: coverage
+        run: |
+          REPORT=$(find . -path "*/jacoco-aggregate/jacoco.xml" -type f | head -1)
+          if [ -z "$REPORT" ]; then
+            REPORT=$(find . -path "*/site/jacoco/jacoco.xml" -type f | head -1)
+          fi
+
+          if [ -n "$REPORT" ]; then
+            # Extract the last (root-level) LINE counter from the report
+            # Use awk to reliably parse missed/covered from the last LINE counter element
+            MISSED=$(awk -F'"' '/<counter type="LINE"/{missed=$4} END{print missed}' "$REPORT")
+            COVERED=$(awk -F'"' '/<counter type="LINE"/{covered=$6} END{print covered}' "$REPORT")
+
+            if [ -n "$MISSED" ] && [ -n "$COVERED" ] && [ "$MISSED" -ge 0 ] 2>/dev/null && [ "$COVERED" -ge 0 ] 2>/dev/null; then
+              TOTAL=$((MISSED + COVERED))
+              if [ "$TOTAL" -gt 0 ]; then
+                PERCENTAGE=$((COVERED * 100 / TOTAL))
+              else
+                PERCENTAGE=0
+              fi
+              echo "coverage=$PERCENTAGE" >> $GITHUB_OUTPUT
+              echo "Coverage: $PERCENTAGE% ($COVERED/$TOTAL lines)"
+            else
+              echo "coverage=0" >> $GITHUB_OUTPUT
+              echo "Could not parse coverage from $REPORT"
+            fi
+          else
+            echo "coverage=0" >> $GITHUB_OUTPUT
+            echo "No JaCoCo report found"
+          fi
+
+      - name: Update coverage badge in README
+        if: github.ref == 'refs/heads/main' && github.event_name == 'push' && steps.coverage.outputs.coverage != '0'
+        run: |
+          COVERAGE=${{ steps.coverage.outputs.coverage }}
+
+          # Determine badge color based on coverage
+          if [ "$COVERAGE" -ge 80 ]; then
+            COLOR="brightgreen"
+          elif [ "$COVERAGE" -ge 60 ]; then
+            COLOR="green"
+          elif [ "$COVERAGE" -ge 40 ]; then
+            COLOR="yellow"
+          else
+            COLOR="red"
+          fi
+
+          # Update both README.md and README.zh-CN.md
+          for README_FILE in README.md README.zh-CN.md; do
+            if [ -f "$README_FILE" ]; then
+              sed -i "s|!\[Code Coverage\](https://img.shields.io/badge/coverage-[^)]*)|![Code Coverage](https://img.shields.io/badge/coverage-${COVERAGE}%25-${COLOR})|g" "$README_FILE"
+            fi
+          done
+
+          # Check if there are changes to commit
+          if git diff --quiet; then
+            echo "No coverage badge changes to commit"
+          else
+            git config user.name "github-actions[bot]"
+            git config user.email "github-actions[bot]@users.noreply.github.com"
+            git add README.md README.zh-CN.md
+            git commit -m "chore: update coverage badge to ${COVERAGE}% [skip ci]"
+            git push
+          fi
+
+      - name: Upload Test Reports
+        if: failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: test-reports-jdk${{ matrix.java }}
+          path: '**/target/surefire-reports/'
+          retention-days: 7
+
+      - name: Upload JaCoCo Reports
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: jacoco-reports-jdk${{ matrix.java }}
+          path: '**/target/site/jacoco*/'
+          retention-days: 7

.github/workflows/dependency-review.yml

@@ -0,0 +1,23 @@
+name: Dependency Review
+
+on:
+  pull_request:
+    branches: [ main ]
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    name: Dependency Review
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Dependency Review
+        uses: actions/dependency-review-action@v4
+        with:
+          fail-on-severity: high
+          deny-licenses: GPL-2.0, GPL-3.0, AGPL-3.0

.github/workflows/e2e.yml

@@ -0,0 +1,70 @@
+name: E2E Integration Tests
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  e2e-tests:
+    name: E2E Tests (JDK ${{ matrix.java }})
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    strategy:
+      fail-fast: false
+      matrix:
+        java: [ '17' ]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up JDK ${{ matrix.java }}
+        uses: actions/setup-java@v4
+        with:
+          java-version: ${{ matrix.java }}
+          distribution: 'temurin'
+          cache: maven
+
+      - name: Verify Chrome installation
+        run: |
+          # GitHub Actions ubuntu-latest runners come with Google Chrome pre-installed.
+          # No need to install via apt/snap (which can hang due to snap daemon issues).
+          google-chrome --version || chromium-browser --version
+
+      - name: Build project
+        run: mvn clean install -DskipTests -B -ntp
+
+      - name: Run E2E tests
+        run: |
+          chmod +x open-agent-auth-integration-tests/scripts/run-e2e-tests.sh
+          chmod +x open-agent-auth-samples/scripts/*.sh
+          cd open-agent-auth-integration-tests
+          ./scripts/run-e2e-tests.sh --skip-build
+
+      - name: Upload test reports
+        if: failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: e2e-test-reports-jdk${{ matrix.java }}
+          path: open-agent-auth-integration-tests/target/surefire-reports/
+          retention-days: 7
+
+      - name: Upload service logs
+        if: failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: e2e-service-logs-jdk${{ matrix.java }}
+          path: open-agent-auth-samples/logs/
+          retention-days: 7
+
+      - name: Stop services
+        if: always()
+        run: |
+          cd open-agent-auth-samples
+          ./scripts/sample-stop.sh --force || true

README.md

@@ -10,7 +10,7 @@
   ![Java](https://img.shields.io/badge/Java-17+-orange.svg)
   ![Spring Boot](https://img.shields.io/badge/Spring%20Boot-3.3+-green.svg)
   ![Code Coverage](https://img.shields.io/badge/coverage-82%25-brightgreen)
-  ![Build Status](https://img.shields.io/badge/build-passing-brightgreen)
+  ![Build Status](https://github.com/idem/idem-agent-auth/actions/workflows/ci.yml/badge.svg)
   ![Version](https://img.shields.io/badge/version-v0.1.0--beta.1-blue)
 
   [Quick Start](#quick-start) · [Architecture](#architecture) · [Security](#security) · [Documentation](#documentation) · [Roadmap](#roadmap)

README.zh-CN.md

@@ -10,7 +10,7 @@
   ![Java](https://img.shields.io/badge/Java-17+-orange.svg)
   ![Spring Boot](https://img.shields.io/badge/Spring%20Boot-3.3+-green.svg)
   ![Code Coverage](https://img.shields.io/badge/coverage-82%25-brightgreen)
-  ![Build Status](https://img.shields.io/badge/build-passing-brightgreen)
+  ![Build Status](https://github.com/idem/idem-agent-auth/actions/workflows/ci.yml/badge.svg)
   ![Version](https://img.shields.io/badge/version-v0.1.0--beta.1-blue)
 
   [快速开始](#快速开始) · [架构](#架构) · [安全机制](#安全机制) · [文档资源](#文档资源) · [路线图](#路线图)