feat(sdk,server): add SpringBoot stub server implementation #8
Conversation
…I endpoints - fixed server implementation issues - updated several endpoint paths to ensure no overlap with existing OpenAPI definitions - fixed some yaml warnings
|
Warning Rate limit exceeded@tacklequestions has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 14 minutes and 47 seconds before requesting another review. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. 📒 Files selected for processing (1)
WalkthroughThis PR removes the generated Java client module and its CI/build/docs artifacts, tightens CI triggers to run on all branches, and simplifies generation scripts to produce only the Spring Boot 2 server while adding file-normalization and cleanup steps. Changes
Sequence Diagram(s)sequenceDiagram
autonumber
actor Dev as Developer
participant Gen as ./generate.sh
participant Clean as ./clean.sh
participant OAG as OpenAPI Generator
participant FS as Repo FS
participant SB2 as Spring-Boot-2 Output
Dev->>Gen: run ./generate.sh
Gen->>FS: normalize files (trim trailing spaces, CRLF→LF, ensure final newline)
Gen->>Clean: invoke clean.sh (remove `JAVA_DIR`, `SPRING_BOOT2_DIR`, others)
Clean->>FS: delete directories/files
Gen->>OAG: request generation (Spring Boot 2 server only)
OAG-->>SB2: emit server code into `spring-boot2/`
Gen-->>Dev: print start instructions
Estimated code review effort🎯 5 (Critical) | ⏱️ ~120 minutes Possibly related PRs
Poem
Pre-merge checks and finishing touches✅ Passed checks (3 passed)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (6)
clean.sh (1)
3-15: Harden cleanup: add safeties and avoid repeated rm calls.Add nounset/pipefail, anchor to repo root, and guard rm. Replace repeated rm with a loop.
#!/bin/bash -set -e +set -euo pipefail +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd -P)" +cd "$SCRIPT_DIR/.." SPRING_BOOT2_DIR="spring-boot2" JAVA_DIR="java" PYTHON_DIR="python" RUST_DIR="rust" TS_DIR="typescript" -echo "🧹 Cleaning old generated SDKs..." -rm -rf "$JAVA_DIR" -rm -rf "$PYTHON_DIR" -rm -rf "$RUST_DIR" -rm -rf "$TS_DIR" -rm -rf "$SPRING_BOOT2_DIR" +echo "🧹 Cleaning old generated SDKs/servers..." +for d in "$JAVA_DIR" "$PYTHON_DIR" "$RUST_DIR" "$TS_DIR" "$SPRING_BOOT2_DIR"; do + [[ -n "$d" && "$d" != "/" ]] && rm -rf -- "$d" +done.github/workflows/ci_general.yml (1)
3-8: Broader triggers can increase CI load; add concurrency and (optionally) path filters.Keep wide triggers if desired, but cancel superseded runs and consider limiting to relevant paths.
name: General CI Checks on: push: - branches: - - "**" + branches: ["**"] + # paths: ["**.md", "**.yml", "scripts/**", "generate.sh", "clean.sh"] # optional pull_request: - branches: - - "**" + branches: ["**"] +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: truegenerate.sh (4)
6-16: Preflight checks and shell options.Add nounset/pipefail and verify the spec exists before deleting/regen.
#!/bin/bash -set -e +set -euo pipefail SPEC_FILE="apollo-openapi.yaml" SPRING_BOOT2_DIR="spring-boot2" JAVA_DIR="java" PYTHON_DIR="python" RUST_DIR="rust" TS_DIR="typescript" +[[ -f "$SPEC_FILE" ]] || { echo "❌ Spec not found: $SPEC_FILE" >&2; exit 1; } + echo "🧹 Cleaning old generated SDKs..." rm -rf "$JAVA_DIR" rm -rf "$SPRING_BOOT2_DIR" rm -rf "$PYTHON_DIR" rm -rf "$RUST_DIR" rm -rf "$TS_DIR"
51-57: Generator options: lock compatibility for Spring Boot 2.Consider pinning openapi-generator version and explicitly setting Jakarta=false to avoid future defaults changing.
openapi-generator generate \ -i "$SPEC_FILE" \ -g spring \ -o "$SPRING_BOOT2_DIR" \ - --additional-properties=groupId=com.apollo,artifactId=apollo-openapi-server,artifactVersion=0.0.1,packageName=com.apollo.openapi.server,basePackage=com.apollo.openapi.server,configPackage=com.apollo.openapi.server.config,modelPackage=com.apollo.openapi.server.model,apiPackage=com.apollo.openapi.server.api,library=spring-boot,java8=true,interfaceOnly=false,delegatePattern=true,useTags=true + --additional-properties=groupId=com.apollo,artifactId=apollo-openapi-server,artifactVersion=0.0.1,packageName=com.apollo.openapi.server,basePackage=com.apollo.openapi.server,configPackage=com.apollo.openapi.server.config,modelPackage=com.apollo.openapi.server.model,apiPackage=com.apollo.openapi.server.api,library=spring-boot,java8=true,useJakartaEe=false,interfaceOnly=false,delegatePattern=true,useTags=true +# Optionally run via a pinned Docker image: +# docker run --rm -v "$PWD:/local" openapitools/openapi-generator-cli:v7.9.0 generate \ +# -i /local/"$SPEC_FILE" -g spring -o /local/"$SPRING_BOOT2_DIR" --additional-properties=...
72-78: Starting the server in background can orphan processes.Trap exit to cleanly stop, or guide users to start manually.
if [ "$1" = "--start-spring-boot" ]; then echo "🚀 Starting Spring Boot server..." cd "$SPRING_BOOT2_DIR" - ./mvnw spring-boot:run & - echo "✅ Spring Boot server started in background. Access it at http://localhost:8080" + ./mvnw spring-boot:run & + pid=$! + trap 'kill "$pid" 2>/dev/null || true' EXIT + echo "✅ Spring Boot server started in background (PID $pid). Access it at http://localhost:8080" cd .. fi
11-17: Minor: message still says “SDKs” though only server is generated.Tweak to avoid confusion.
-echo "🧹 Cleaning old generated SDKs..." +echo "🧹 Cleaning old generated artifacts (SDKs/servers)..."
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
⛔ Files ignored due to path filters (1)
java-client/gradle/wrapper/gradle-wrapper.jaris excluded by!**/*.jar
📒 Files selected for processing (101)
.github/workflows/ci_general.yml(1 hunks)clean.sh(1 hunks)generate.sh(2 hunks)java-client/.github/workflows/maven.yml(0 hunks)java-client/.gitignore(0 hunks)java-client/.openapi-generator-ignore(0 hunks)java-client/.openapi-generator/FILES(0 hunks)java-client/.openapi-generator/VERSION(0 hunks)java-client/.travis.yml(0 hunks)java-client/README.md(0 hunks)java-client/build.gradle(0 hunks)java-client/build.sbt(0 hunks)java-client/docs/AppManagementApi.md(0 hunks)java-client/docs/Change.md(0 hunks)java-client/docs/ClusterDTO.md(0 hunks)java-client/docs/ClusterManagementApi.md(0 hunks)java-client/docs/EntityPairKVEntity.md(0 hunks)java-client/docs/EnvClusterInfo.md(0 hunks)java-client/docs/InstanceManagementApi.md(0 hunks)java-client/docs/ItemChangeSets.md(0 hunks)java-client/docs/ItemDTO.md(0 hunks)java-client/docs/ItemManagementApi.md(0 hunks)java-client/docs/KVEntity.md(0 hunks)java-client/docs/ListItemDiffs.md(0 hunks)java-client/docs/ListReleaseBO.md(0 hunks)java-client/docs/MapString.md(0 hunks)java-client/docs/NamespaceBranchManagementApi.md(0 hunks)java-client/docs/NamespaceGrayDelReleaseDTO.md(0 hunks)java-client/docs/NamespaceIdentifier.md(0 hunks)java-client/docs/NamespaceManagementApi.md(0 hunks)java-client/docs/NamespaceReleaseDTO.md(0 hunks)java-client/docs/NamespaceSyncModel.md(0 hunks)java-client/docs/NamespaceTextModel.md(0 hunks)java-client/docs/OpenAppDTO.md(0 hunks)java-client/docs/OpenAppNamespaceDTO.md(0 hunks)java-client/docs/OpenClusterDTO.md(0 hunks)java-client/docs/OpenCreateAppDTO.md(0 hunks)java-client/docs/OpenEnvClusterDTO.md(0 hunks)java-client/docs/OpenGrayReleaseRuleDTO.md(0 hunks)java-client/docs/OpenGrayReleaseRuleItemDTO.md(0 hunks)java-client/docs/OpenInstanceConfigDTO.md(0 hunks)java-client/docs/OpenInstanceDTO.md(0 hunks)java-client/docs/OpenItemDTO.md(0 hunks)java-client/docs/OpenNamespaceDTO.md(0 hunks)java-client/docs/OpenNamespaceLockDTO.md(0 hunks)java-client/docs/OpenOrganizationDto.md(0 hunks)java-client/docs/OpenPageDTOOpenInstanceDTO.md(0 hunks)java-client/docs/OpenPageDTOOpenItemDTO.md(0 hunks)java-client/docs/OpenReleaseDTO.md(0 hunks)java-client/docs/OpenapiV1AppsGet401Response.md(0 hunks)java-client/docs/OpenapiV1AppsPost400Response.md(0 hunks)java-client/docs/OpenapiV1AppsPostRequest.md(0 hunks)java-client/docs/OpenapiV1EnvsEnvAppsAppIdClustersClusterNameNamespacesNamespaceNameItemsValidatePost200Response.md(0 hunks)java-client/docs/OpenapiV1EnvsEnvAppsAppIdClustersClusterNameNamespacesNamespaceNameItemsValidatePost400Response.md(0 hunks)java-client/docs/OpenapiV1EnvsEnvReleasesCompareGet200Response.md(0 hunks)java-client/docs/OrganizationManagementApi.md(0 hunks)java-client/docs/ReleaseDTO.md(0 hunks)java-client/docs/ReleaseManagementApi.md(0 hunks)java-client/git_push.sh(0 hunks)java-client/gradle.properties(0 hunks)java-client/gradle/wrapper/gradle-wrapper.properties(0 hunks)java-client/gradlew(0 hunks)java-client/gradlew.bat(0 hunks)java-client/pom.xml(0 hunks)java-client/settings.gradle(0 hunks)java-client/src/main/AndroidManifest.xml(0 hunks)java-client/src/main/java/org/openapitools/client/ApiCallback.java(0 hunks)java-client/src/main/java/org/openapitools/client/ApiClient.java(0 hunks)java-client/src/main/java/org/openapitools/client/ApiException.java(0 hunks)java-client/src/main/java/org/openapitools/client/ApiResponse.java(0 hunks)java-client/src/main/java/org/openapitools/client/Configuration.java(0 hunks)java-client/src/main/java/org/openapitools/client/GzipRequestInterceptor.java(0 hunks)java-client/src/main/java/org/openapitools/client/JSON.java(0 hunks)java-client/src/main/java/org/openapitools/client/Pair.java(0 hunks)java-client/src/main/java/org/openapitools/client/ProgressRequestBody.java(0 hunks)java-client/src/main/java/org/openapitools/client/ProgressResponseBody.java(0 hunks)java-client/src/main/java/org/openapitools/client/ServerConfiguration.java(0 hunks)java-client/src/main/java/org/openapitools/client/ServerVariable.java(0 hunks)java-client/src/main/java/org/openapitools/client/StringUtil.java(0 hunks)java-client/src/main/java/org/openapitools/client/api/AppManagementApi.java(0 hunks)java-client/src/main/java/org/openapitools/client/api/ClusterManagementApi.java(0 hunks)java-client/src/main/java/org/openapitools/client/api/InstanceManagementApi.java(0 hunks)java-client/src/main/java/org/openapitools/client/api/NamespaceManagementApi.java(0 hunks)java-client/src/main/java/org/openapitools/client/api/OrganizationManagementApi.java(0 hunks)java-client/src/main/java/org/openapitools/client/api/ReleaseManagementApi.java(0 hunks)java-client/src/main/java/org/openapitools/client/auth/ApiKeyAuth.java(0 hunks)java-client/src/main/java/org/openapitools/client/auth/Authentication.java(0 hunks)java-client/src/main/java/org/openapitools/client/auth/HttpBasicAuth.java(0 hunks)java-client/src/main/java/org/openapitools/client/auth/HttpBearerAuth.java(0 hunks)java-client/src/main/java/org/openapitools/client/model/AbstractOpenApiSchema.java(0 hunks)java-client/src/main/java/org/openapitools/client/model/Change.java(0 hunks)java-client/src/main/java/org/openapitools/client/model/ClusterDTO.java(0 hunks)java-client/src/main/java/org/openapitools/client/model/EntityPairKVEntity.java(0 hunks)java-client/src/main/java/org/openapitools/client/model/EnvClusterInfo.java(0 hunks)java-client/src/main/java/org/openapitools/client/model/ItemChangeSets.java(0 hunks)java-client/src/main/java/org/openapitools/client/model/ItemDTO.java(0 hunks)java-client/src/main/java/org/openapitools/client/model/KVEntity.java(0 hunks)java-client/src/main/java/org/openapitools/client/model/ListItemDiffs.java(0 hunks)java-client/src/main/java/org/openapitools/client/model/ListReleaseBO.java(0 hunks)java-client/src/main/java/org/openapitools/client/model/MapString.java(0 hunks)java-client/src/main/java/org/openapitools/client/model/NamespaceGrayDelReleaseDTO.java(0 hunks)
💤 Files with no reviewable changes (98)
- java-client/docs/OpenInstanceConfigDTO.md
- java-client/src/main/java/org/openapitools/client/auth/HttpBearerAuth.java
- java-client/docs/ReleaseManagementApi.md
- java-client/docs/OpenGrayReleaseRuleDTO.md
- java-client/docs/OpenapiV1EnvsEnvAppsAppIdClustersClusterNameNamespacesNamespaceNameItemsValidatePost200Response.md
- java-client/docs/NamespaceSyncModel.md
- java-client/docs/KVEntity.md
- java-client/docs/EnvClusterInfo.md
- java-client/docs/ListItemDiffs.md
- java-client/docs/AppManagementApi.md
- java-client/docs/Change.md
- java-client/src/main/java/org/openapitools/client/ServerConfiguration.java
- java-client/gradle.properties
- java-client/src/main/java/org/openapitools/client/ServerVariable.java
- java-client/src/main/java/org/openapitools/client/auth/HttpBasicAuth.java
- java-client/docs/OpenItemDTO.md
- java-client/src/main/java/org/openapitools/client/auth/ApiKeyAuth.java
- java-client/README.md
- java-client/src/main/java/org/openapitools/client/StringUtil.java
- java-client/docs/NamespaceBranchManagementApi.md
- java-client/docs/NamespaceTextModel.md
- java-client/docs/ItemChangeSets.md
- java-client/docs/NamespaceIdentifier.md
- java-client/src/main/java/org/openapitools/client/model/ListItemDiffs.java
- java-client/docs/OpenGrayReleaseRuleItemDTO.md
- java-client/src/main/java/org/openapitools/client/model/EnvClusterInfo.java
- java-client/src/main/java/org/openapitools/client/ProgressResponseBody.java
- java-client/src/main/java/org/openapitools/client/api/AppManagementApi.java
- java-client/gradle/wrapper/gradle-wrapper.properties
- java-client/.github/workflows/maven.yml
- java-client/docs/OpenReleaseDTO.md
- java-client/docs/ItemDTO.md
- java-client/docs/ClusterDTO.md
- java-client/src/main/java/org/openapitools/client/ProgressRequestBody.java
- java-client/src/main/java/org/openapitools/client/api/ReleaseManagementApi.java
- java-client/src/main/java/org/openapitools/client/model/Change.java
- java-client/src/main/java/org/openapitools/client/model/KVEntity.java
- java-client/src/main/java/org/openapitools/client/model/ItemDTO.java
- java-client/docs/NamespaceReleaseDTO.md
- java-client/docs/OpenapiV1AppsPost400Response.md
- java-client/src/main/java/org/openapitools/client/api/ClusterManagementApi.java
- java-client/docs/OpenapiV1EnvsEnvAppsAppIdClustersClusterNameNamespacesNamespaceNameItemsValidatePost400Response.md
- java-client/docs/NamespaceGrayDelReleaseDTO.md
- java-client/src/main/java/org/openapitools/client/JSON.java
- java-client/docs/NamespaceManagementApi.md
- java-client/docs/OpenPageDTOOpenInstanceDTO.md
- java-client/docs/OpenClusterDTO.md
- java-client/docs/OpenInstanceDTO.md
- java-client/docs/ReleaseDTO.md
- java-client/docs/OpenapiV1AppsGet401Response.md
- java-client/docs/OpenAppNamespaceDTO.md
- java-client/src/main/java/org/openapitools/client/ApiResponse.java
- java-client/src/main/java/org/openapitools/client/Configuration.java
- java-client/docs/OpenAppDTO.md
- java-client/.travis.yml
- java-client/docs/OpenPageDTOOpenItemDTO.md
- java-client/src/main/java/org/openapitools/client/api/NamespaceManagementApi.java
- java-client/docs/OpenCreateAppDTO.md
- java-client/src/main/java/org/openapitools/client/GzipRequestInterceptor.java
- java-client/src/main/java/org/openapitools/client/model/ClusterDTO.java
- java-client/build.sbt
- java-client/docs/OpenapiV1EnvsEnvReleasesCompareGet200Response.md
- java-client/src/main/java/org/openapitools/client/model/EntityPairKVEntity.java
- java-client/docs/OpenapiV1AppsPostRequest.md
- java-client/docs/OpenEnvClusterDTO.md
- java-client/src/main/java/org/openapitools/client/api/OrganizationManagementApi.java
- java-client/.openapi-generator-ignore
- java-client/src/main/java/org/openapitools/client/ApiCallback.java
- java-client/gradlew
- java-client/src/main/java/org/openapitools/client/ApiClient.java
- java-client/docs/OpenOrganizationDto.md
- java-client/docs/ItemManagementApi.md
- java-client/docs/InstanceManagementApi.md
- java-client/src/main/java/org/openapitools/client/model/NamespaceGrayDelReleaseDTO.java
- java-client/.gitignore
- java-client/docs/OrganizationManagementApi.md
- java-client/src/main/AndroidManifest.xml
- java-client/src/main/java/org/openapitools/client/api/InstanceManagementApi.java
- java-client/docs/MapString.md
- java-client/docs/ListReleaseBO.md
- java-client/src/main/java/org/openapitools/client/model/ListReleaseBO.java
- java-client/docs/ClusterManagementApi.md
- java-client/docs/EntityPairKVEntity.md
- java-client/src/main/java/org/openapitools/client/model/ItemChangeSets.java
- java-client/gradlew.bat
- java-client/src/main/java/org/openapitools/client/Pair.java
- java-client/.openapi-generator/VERSION
- java-client/docs/OpenNamespaceDTO.md
- java-client/build.gradle
- java-client/src/main/java/org/openapitools/client/ApiException.java
- java-client/src/main/java/org/openapitools/client/auth/Authentication.java
- java-client/git_push.sh
- java-client/docs/OpenNamespaceLockDTO.md
- java-client/src/main/java/org/openapitools/client/model/AbstractOpenApiSchema.java
- java-client/settings.gradle
- java-client/pom.xml
- java-client/src/main/java/org/openapitools/client/model/MapString.java
- java-client/.openapi-generator/FILES
🔇 Additional comments (3)
clean.sh (1)
3-3: LGTM: cleans up Spring Boot 2 artifacts.The new SPRING_BOOT2_DIR cleanup aligns with generate.sh outputs.
Ensure SPRING_BOOT2_DIR matches generate.sh Line 5 exactly to avoid drift.
generate.sh (1)
6-6: Unused var outside cleanup.JAVA_DIR is only used for cleanup now; that’s fine. Just confirming that Java client generation was intentionally removed.
If Java client generation is expected later, consider feature‑flagging rather than commenting out blocks.
.github/workflows/ci_general.yml (1)
19-33: Pin actions to immutable SHAsReplace floating refs in .github/workflows/ci_general.yml (lines 19–33) with these SHAs:
- actions/checkout@v4 → actions/checkout@08eba0b. (github.com)
- wagoid/commitlint-github-action@v6 → wagoid/commitlint-github-action@b948419. (github.com)
- hezhangjian/linelint@main → hezhangjian/linelint@e6d2a8c. (github.com)
- crate-ci/typos@master → crate-ci/typos@5e1db27. (github.com)
I can prepare a commit/PR that replaces those refs with the SHAs above — confirm.
| echo "📦 Adding Maven Wrapper to Spring Boot 2 project..." | ||
| cd "$SPRING_BOOT2_DIR" | ||
| mvn -N io.takari:maven:wrapper -Dmaven=3.8.6 | ||
| cd .. | ||
|
|
There was a problem hiding this comment.
🛠️ Refactor suggestion
Use the official Maven Wrapper plugin instead of takari.
Takari is deprecated. Switch to Apache Maven Wrapper plugin and a current Maven version.
echo "📦 Adding Maven Wrapper to Spring Boot 2 project..."
cd "$SPRING_BOOT2_DIR"
-mvn -N io.takari:maven:wrapper -Dmaven=3.8.6
+mvn -N -q org.apache.maven.plugins:maven-wrapper-plugin:3.3.2:wrapper -Dmaven=3.9.9📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| echo "📦 Adding Maven Wrapper to Spring Boot 2 project..." | |
| cd "$SPRING_BOOT2_DIR" | |
| mvn -N io.takari:maven:wrapper -Dmaven=3.8.6 | |
| cd .. | |
| echo "📦 Adding Maven Wrapper to Spring Boot 2 project..." | |
| cd "$SPRING_BOOT2_DIR" | |
| mvn -N -q org.apache.maven.plugins:maven-wrapper-plugin:3.3.2:wrapper -Dmaven=3.9.9 |
🤖 Prompt for AI Agents
In generate.sh around lines 58 to 61, replace the deprecated Takari wrapper
invocation with the official Apache Maven Wrapper plugin: run mvn -N
org.apache.maven.plugins:maven-wrapper-plugin:3.1.1:wrapper and pass a current
Maven version via -Dmaven=3.9.5 (or your chosen current version); keep the cd
"$SPRING_BOOT2_DIR" step, remove the takari command, and update the echo/comment
to reflect using the Apache Maven Wrapper.
| echo "Cleaning files (trailing spaces, CRLF, EOF newlines)..." | ||
| find . -type d \( -name .git -o -name .idea -o -name .mvn -o -name target -o -name build -o -name node_modules \) -prune -o \ | ||
| -type f \( -name "*.java" -o -name "*.xml" -o -name "*.properties" -o -name "*.md" -o -name "*.yml" -o -name "*.yaml" -o -name "*.sh" -o -name ".editorconfig" -o -name ".gitignore" -o -name "mvnw" -o -name "mvnw.cmd" \) -print0 \ | ||
| | xargs -0 perl -i -0777 -pe 's/[ \t]+(?=\r?$)//mg; s/\r//g; s/\s*\z/\n/s' | ||
| echo "Done." |
There was a problem hiding this comment.
Windows breakage: normalization removes CRLF from mvnw.cmd.
The perl step strips carriage returns; .cmd files often require CRLF. Exclude mvnw.cmd from normalization.
find . -type d \( -name .git -o -name .idea -o -name .mvn -o -name target -o -name build -o -name node_modules \) -prune -o \
- -type f \( -name "*.java" -o -name "*.xml" -o -name "*.properties" -o -name "*.md" -o -name "*.yml" -o -name "*.yaml" -o -name "*.sh" -o -name ".editorconfig" -o -name ".gitignore" -o -name "mvnw" -o -name "mvnw.cmd" \) -print0 \
+ -type f \( -name "*.java" -o -name "*.xml" -o -name "*.properties" -o -name "*.md" -o -name "*.yml" -o -name "*.yaml" -o -name "*.sh" -o -name ".editorconfig" -o -name ".gitignore" -o -name "mvnw" \) -print0 \
| xargs -0 perl -i -0777 -pe 's/[ \t]+(?=\r?$)//mg; s/\r//g; s/\s*\z/\n/s'Optionally, keep mvnw (Unix) in the list but remove only trailing spaces (no CR removal) if you want to preserve exact line endings.
📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| echo "Cleaning files (trailing spaces, CRLF, EOF newlines)..." | |
| find . -type d \( -name .git -o -name .idea -o -name .mvn -o -name target -o -name build -o -name node_modules \) -prune -o \ | |
| -type f \( -name "*.java" -o -name "*.xml" -o -name "*.properties" -o -name "*.md" -o -name "*.yml" -o -name "*.yaml" -o -name "*.sh" -o -name ".editorconfig" -o -name ".gitignore" -o -name "mvnw" -o -name "mvnw.cmd" \) -print0 \ | |
| | xargs -0 perl -i -0777 -pe 's/[ \t]+(?=\r?$)//mg; s/\r//g; s/\s*\z/\n/s' | |
| echo "Done." | |
| echo "Cleaning files (trailing spaces, CRLF, EOF newlines)..." | |
| find . -type d \( -name .git -o -name .idea -o -name .mvn -o -name target -o -name build -o -name node_modules \) -prune -o \ | |
| -type f \( -name "*.java" -o -name "*.xml" -o -name "*.properties" -o -name "*.md" -o -name "*.yml" -o -name "*.yaml" -o -name "*.sh" -o -name ".editorconfig" -o -name ".gitignore" -o -name "mvnw" \) -print0 \ | |
| | xargs -0 perl -i -0777 -pe 's/[ \t]+(?=\r?$)//mg; s/\r//g; s/\s*\z/\n/s' | |
| echo "Done." |
🤖 Prompt for AI Agents
In generate.sh around lines 62 to 66 the perl normalization step removes CR
characters which breaks Windows batch files like mvnw.cmd; update the find
predicate to exclude mvnw.cmd (and any other .cmd files) from the files passed
to perl so CRLF is preserved for those files, or alternatively run a separate
perl pass: one that excludes mvnw.cmd/.cmd files (and leaves their CRLF intact)
and another that processes the remaining files; ensure mvnw (Unix) can still be
cleaned for trailing spaces without stripping CR if you choose the two-pass
approach.
There was a problem hiding this comment.
Actionable comments posted: 0
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (2)
apollo-openapi.yaml (2)
1721-1746: Environment parameter added to cluster management endpoints.The cluster endpoints now include environment as a path parameter, which is a breaking change. The parameter order has also been adjusted (env comes before appId in some cases).
This represents a significant breaking change to the API. Consider:
- Versioning strategy to maintain backward compatibility
- Migration guide for existing clients
- Deprecation notices for old endpoints
# Example of the path structure change: # Old: /openapi/v1/apps/{appId}/clusters/{clusterName} # New: /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}
583-589: Action required — {env} added to item endpoints (breaking): update clients and fix docsVerified: the OpenAPI spec and generated server code now use /openapi/v1/envs/{env}/... for item endpoints (apollo-openapi.yaml and spring-boot2 generated Java).
Problems found (inconsistent/stale references that must be fixed):
- apollo-openapi.yaml: lines 656, 761 (description lines still show /apps/.../items/{key}).
- spring-boot2/src/main/resources/openapi.yaml: lines 573, 715, 929, 1161, 1643 (description strings referencing /apps/... without {env}).
- Generated server docs/comments in spring-boot2/src/main/java/com/apollo/openapi/server/api/ItemManagementApi.java (multiple description lines still show paths without {env}); search for "DELETE /apps/" / "PUT /apps/" / "POST /apps/".
Required actions:
- Treat this as a breaking API change: coordinate with and update all client SDKs/integrations (or provide compatibility shims / a version bump and release notes).
- Fix all stale description/comment strings and regenerate any clients/docs so examples and descriptions include {env}.
- Run/instrument integration tests and update any routing/dispatch code or reverse-proxy rules that expect the old paths.
🧹 Nitpick comments (7)
apollo-openapi.yaml (7)
28-29: Minor formatting adjustment needed.The horizontal rule appears disconnected from the surrounding content. Consider removing the extra blank line for better consistency.
- --- - + ---
84-84: Improve Chinese description consistency.The description uses Chinese text which is good for localization, but consider ensuring consistency in terminology throughout the document.
133-133: Inconsistent endpoint description with actual path.The description states
GET /openapi/v1/apps/authorizedbut the actual path is/openapi/v1/apps. This could confuse API consumers.- description: GET /openapi/v1/apps/authorized + description: GET /openapi/v1/apps
303-303: Missing comma in description.Minor punctuation improvement for better readability.
- description: 更新应用请求体 + description: 更新应用请求体
307-307: Consider adding success response details.The description could be more descriptive about what constitutes successful update.
- description: 应用更新成功 + description: 应用更新成功,返回更新后的应用信息
4244-4244: Improve environment description consistency.The environment descriptions use Chinese text but could be more consistent. Consider standardizing the environment identifier descriptions across all parameters.
- description: 环境标识,例如 DEV、FAT、UAT、PROD + description: 环境标识,如 DEV、UAT、PROD 等
4553-4553: Schema definition formatting issue.There's a tilde character (
~) at the end of line 4553 that appears to be a formatting artifact and should be removed.- description: 最后修改时间(ISO 8601) ~ + description: 最后修改时间(ISO 8601)
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
apollo-openapi.yaml(68 hunks)
🔇 Additional comments (2)
apollo-openapi.yaml (2)
186-190: Verify clients/docs after path rename: env-clusters → envclustersapollo-openapi.yaml (lines 186–190) now exposes /openapi/v1/apps/{appId}/envclusters instead of /openapi/v1/apps/{appId}/env-clusters. Automated search returned no matches; verify and update all client code, generated SDKs, docs, tests, CI/CD configs, API gateway/ingress rules, and published examples. Run: rg -n --hidden -S 'env-clusters' -g '!node_modules' -C3
1844-1875: Confirm env-scoped cluster creation endpoint & verify client/docs
- Verified POST /openapi/v1/envs/{env}/apps/{appId}/clusters is present in apollo-openapi.yaml (around lines 1844–1875) and spring-boot2/src/main/resources/openapi.yaml (around lines 1914–1946).
- RequestBody references components/schemas/OpenClusterDTO; required fields include name, appId, dataChangeCreatedBy.
- Repo-wide scan for client usages/docs could not be completed (ripgrep skipped many files) — cannot confirm removal/updating of old /openapi/v1/apps/* callers.
Action: ensure all API consumers (clients, SDKs, docs) are updated to the env-scoped path and that server-side validation enforces OpenClusterDTO required fields.
Replaced incorrect MapString object schema with proper additionalProperties to correctly represent string maps in OpenAPI specification.
There was a problem hiding this comment.
Actionable comments posted: 0
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (3)
apollo-openapi.yaml (3)
133-144: Fix incorrect path hint and boolean param typing forauthorized.
- Path hint should reflect query usage.
authorizedshould be boolean; example should not be quoted.- description: GET /openapi/v1/apps/authorized + description: GET /openapi/v1/apps?authorized=true @@ - - name: authorized + - name: authorized in: query description: '是否只返回授权的应用' required: false - example: 'true' + example: true schema: - type: string + type: boolean
1-45: Sweep: normalize quoted boolean examples to boolean literalsReplace example: 'true' / 'false' with unquoted example: true / false so examples are boolean values, not strings.
Locations (apollo-openapi.yaml): 141, 694, 1100, 2111, 2921, 2992, 3081, 3695
55-186: Sweep: legacy/non‑env path hints remain in operation descriptionsSeveral operation "description" fields still embed legacy paths (either "/apps/{appId}/..." or "/openapi/v1/apps/{appId}/..."); update them to the canonical "/openapi/v1/envs/{env}/apps/{appId}/..." or remove the inline path hints.
- Descriptions showing "/apps/{appId}/...": lines 656, 761, 909, 1062, 1167, 1575
- Descriptions showing "/openapi/v1/apps/{appId}/...": lines 190, 237, 280, 349, 447, 549, 2790, 2858, 3109, 3147, 3176, 3271, 3333, 3373
🧹 Nitpick comments (15)
apollo-openapi.yaml (15)
49-50: Fix duplicated tag name.Unify the tag to avoid a new, unintended tag category.
- - name: Namespace Namespace Branch Management + - name: Namespace Branch Management
491-495: Align env examples (PRO vs PROD).Elsewhere examples use PRO. Keep consistent.
- description: 环境标识,例如 DEV、FAT、UAT、PROD + description: 环境标识,例如 DEV、FAT、UAT、PRO
655-657: Update path hint to the env-scoped variant.Docs still reference the old non-env path.
- /apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items/{key} + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items/{key}
690-697: Use boolean example without quotes.Examples should match the declared type.
- example: 'false' + example: false
991-996: Correct summary: it's a path parameter, not query.Also clarify URL-encoding.
- summary: 通过查询参数获取配置项(支持编码的key) + summary: 通过路径参数获取配置项(支持URL编码的key)
1220-1223: Update path hint to env-scoped endpoint.- /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items:batchUpdate + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items:batchUpdateNote: If this line was intentionally unchanged, you can ignore; ensure all operation descriptions reflect the actual path.
1061-1063: Update encodedItems PUT path hint to env-scoped path.- /apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/encodedItems/{key} + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/encodedItems/{key}
1574-1576: Update validate path hint to env-scoped path.- /apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items:validate + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items:validate
1657-1659: Update revert path hint to env-scoped path.- /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items:revert + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items:revert
3840-3845: Unify operator header name.Elsewhere you use
X-Apollo-Operator(Lines 3699-3704). Use the same here for consistency.- - name: operator + - name: X-Apollo-Operator in: header description: 操作人用户名 required: true schema: type: string
3077-3083: Use boolean example without quotes.- example: 'false' + example: false
3070-3104: Boolean example quoted; adjust to boolean.
publicOnlyis boolean; example should be unquoted.- example: 'false' + example: false
4582-4590: Consider renamingOpenOrganizationDto→OpenOrganizationDTO(consistency).Schema renames are breaking; if you agree, add aliasing or transitional support.
4592-4593: Add default server for easier client/server generation.Helps UX when trying the stub server.
-servers: [] +servers: + - url: http://localhost:8070 + description: Local Apollo OpenAPI server
3266-3336: Normalize OpenAPI path ordering to /openapi/v1/envs/{env}/apps/{appId}/...Mixed ordering found — change occurrences using /openapi/v1/apps/{appId}/envs/{env}/... to the env-first ordering:
- apollo-openapi.yaml: lines 3265, 3271, 3327, 3333, 3367, 3373
- spring-boot2/src/main/resources/openapi.yaml: lines 3549, 3620, 3667
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
apollo-openapi.yaml(69 hunks)
🔇 Additional comments (3)
apollo-openapi.yaml (3)
186-193: Breaking rename: env-clusters → envclusters. Add alias or deprecation note.Clients may still call the old
/env-clusters. Consider documenting deprecation or providing a backward-compatible alias in the stub server.
2548-2566: Ensure compare query params are integers; looks good.No issues spotted for types and naming here.
3866-4043: Good:MapStringswitched to additionalProperties.This is the correct OpenAPI way to model maps.
… simplified structure
key changes:
schema naming standardization (unified 'Open' prefix):
- EnvClusterInfo → OpenEnvClusterInfo
- NamespaceTextModel → OpenNamespaceTextModel
- NamespaceIdentifier → OpenNamespaceIdentifier
- ItemChangeSets → OpenItemChangeSets
- ListItemDiffs → OpenItemDiffs
- NamespaceSyncModel → OpenNamespaceSyncModel
- ListReleaseBO → OpenReleaseBO
remove redundant schema definitions (major cleanup):
- remove ClusterDTO (42 lines)
- remove ItemDTO (44 lines)
- remove ReleaseDTO (27 lines)
- remove EntityPairKVEntity (8 lines)
- remove Change (12 lines)
remove deprecated api endpoints:
- remove /openapi/v1/envs/{env}/releases/compare release comparison endpoint (49 lines)
documentation format improvements:
- convert api description from markdown to html
- streamline authentication docs with html tags
- remove redundant separators and formatting markers
other improvements:
- add description for OpenItemDiffs.extInfo field
- update all references to new schema names
- maintain api functionality while simplifying document structure
change statistics: 253 deletions, 36 insertions, net reduction of 217 lines
There was a problem hiding this comment.
Actionable comments posted: 0
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (6)
apollo-openapi.yaml (6)
35-36: Fix tag name typo.“Namespace Namespace Branch Management” → “Namespace Branch Management”.
- - name: Namespace Namespace Branch Management + - name: Namespace Branch Management
119-129: Correct GET description to match actual path.Current description mentions /apps/authorized; the path is /apps with an authorized query.
- description: GET /openapi/v1/apps/authorized + description: GET /openapi/v1/apps?authorized=true
641-643: Update path descriptions that still use old (non-env) routes.Several operation descriptions still point to legacy paths without /envs/{env}.
- /apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items/{key} + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items/{key}- /apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items/{key} + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items/{key}- /apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/encodedItems/{key} + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/encodedItems/{key}- /apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/encodedItems/{key} + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/encodedItems/{key}- /apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items:validate + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items:validateAlso applies to: 745-748, 1048-1049, 1152-1154, 1561-1562
3203-3213: Unify path hierarchy: place env consistently before appId.Most paths use /envs/{env}/apps/{appId}/..., but these use /apps/{appId}/envs/{env}/....
- /openapi/v1/apps/{appId}/envs/{env}/clusters/{clusterName}/namespaces/{namespaceName}/public-association: + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/public-association:- /openapi/v1/apps/{appId}/envs/{env}/clusters/{clusterName}/namespaces/integrity-check: + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/integrity-check:- /openapi/v1/apps/{appId}/envs/{env}/clusters/{clusterName}/namespaces/{namespaceName}/links: + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/links:If backward compatibility is required, keep old paths and mark them deprecated.
Also applies to: 3265-3273, 3305-3313
3178-3201: Fix response schema for “public AppNamespace instances” endpoint.The endpoint returns instances but the schema is OpenNamespaceDTO.
- schema: - type: array - items: - $ref: '#/components/schemas/OpenNamespaceDTO' + schema: + $ref: '#/components/schemas/OpenPageDTOOpenInstanceDTO' - example: - - dataChangeCreatedBy: '' - dataChangeLastModifiedBy: '' - dataChangeCreatedTime: '' - dataChangeLastModifiedTime: '' - appId: '' - clusterName: '' - namespaceName: '' - comment: '' - format: '' - isPublic: false - items: - - dataChangeCreatedBy: '' - dataChangeLastModifiedBy: '' - dataChangeCreatedTime: '' - dataChangeLastModifiedTime: '' - key: '' - type: 0 - value: '' - comment: '' + example: + page: 0 + size: 10 + total: 1 + content: + - id: 123 + appId: "sample-app" + clusterName: "default" + dataCenter: "dc1" + ip: "10.0.0.1" + configs: [] + dataChangeCreatedTime: "2024-01-15T10:30:00.000Z"
127-129: Use boolean examples instead of stringified booleans.These examples should be true/false (without quotes) to match schema type.
- example: 'true' + example: true- example: 'false' + example: false- example: 'true' + example: true- example: 'true' + example: true- example: 'true' + example: true- example: 'false' + example: false- example: 'true' + example: trueAlso applies to: 680-682, 2095-2100, 2858-2861, 2929-2932, 3018-3021, 3632-3635
🧹 Nitpick comments (10)
apollo-openapi.yaml (10)
18-19: Avoid hardcoded auth tokens in examples.Use an env var placeholder to prevent scanners from flagging secrets in docs.
Apply:
- <pre><code class="language-bash">curl -X GET "http://localhost:8070/openapi/v1/apps" \ - -H "Authorization: your_token_here"</code></pre> + <pre><code class="language-bash">curl -X GET "http://localhost:8070/openapi/v1/apps" \ + -H "Authorization: ${APOLLO_TOKEN}"</code></pre>
2899-2900: Tag category mismatch.Namespace endpoint is tagged under Cluster Management.
- tags: - - Cluster Management + tags: + - Namespace Management
3391-3392: Tag category mismatch.Branch listing should use Namespace Branch Management for consistency.
- tags: - - Cluster Management + tags: + - Namespace Branch Management
3086-3087: Wrong tag group.Deleting AppNamespace belongs to Namespace Management.
- tags: - - App Management + tags: + - Namespace Management
4189-4196: Consider enumerating env values.Add enum like [DEV, FAT, UAT, PROD] to improve validation and codegen.
Example:
env: type: string - description: 环境标识 + description: 环境标识 + enum: [DEV, FAT, UAT, PROD]
3362-3363: Normalize DTO name casing: OpenOrganizationDTO.Casing is inconsistent with other DTOs.
- $ref: '#/components/schemas/OpenOrganizationDto' + $ref: '#/components/schemas/OpenOrganizationDTO'- OpenOrganizationDto: + OpenOrganizationDTO:Also applies to: 4365-4373
2970-2994: Standardize operator field location.Operator appears as query param in some endpoints and as header in others (X-Apollo-Operator). Pick one (header is preferable) and align.
I can draft a patch moving operator to X-Apollo-Operator across endpoints if you confirm the preferred convention.
Also applies to: 3572-3576, 3635-3641, 782-787, 1188-1193
3803-3822: Security scheme doc: consider adding a concrete server URL.servers: [] may hinder some generators. Add a default server for the stub (e.g., http://localhost:8070).
-servers: [] +servers: + - url: http://localhost:8070 + description: Local Spring Boot stub server
1708-1733: Parameter ordering: move env adjacent to its path segment.Minor clarity nit: list env before appId/clusterName to match the path.
- - name: appId + - name: env in: path - description: '' + description: '' required: true schema: type: string - - name: clusterName + - name: appId in: path description: '' required: true schema: type: string - - name: env + - name: clusterName in: path description: '' required: true schema: type: string
172-219: Breaking change: envclusters path rename (env-clusters → envclusters).Flag to consumers; consider adding a deprecated alias or a redirect.
I can add the old path as deprecated if compatibility is required.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
apollo-openapi.yaml(70 hunks)
🧰 Additional context used
🪛 Gitleaks (8.28.0)
apollo-openapi.yaml
[high] 18-19: Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.
(curl-auth-header)
🔇 Additional comments (3)
apollo-openapi.yaml (3)
196-207: Align environment naming in examples.Use a consistent label (e.g., PROD) across descriptions and examples.
Do you want to standardize on DEV/FAT/UAT/PROD? I can mass‑update examples and descriptions accordingly.
Also applies to: 475-481
3941-3944: Good: configurations switched to a map type.additionalProperties ensures flexible key/value payloads in releases.
Please confirm generators you use handle additionalProperties correctly for your target languages.
3794-3801: OK: 200 empty-object response for rule update.Consistent with other delete/update actions returning ack only.
tacklequestions
force-pushed
the
main
branch
from
971f3e4 to
f42e69c
Compare
There was a problem hiding this comment.
Actionable comments posted: 2
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (2)
apollo-openapi.yaml (2)
468-468: Normalize path ordering to env-first (consistent with the rest of the spec).Most paths are /openapi/v1/envs/{env}/apps/...; this one is reversed. Standardize to reduce client confusion and generator quirks.
- /openapi/v1/apps/envs/{env}: + /openapi/v1/envs/{env}/apps: @@ - description: POST /openapi/v1/apps/envs/{env} + description: POST /openapi/v1/envs/{env}/appsAlso applies to: 471-471
3203-3203: Unify path prefix order: move env before apps for these endpoints.These three endpoints diverge from the env-first convention used elsewhere.
- /openapi/v1/apps/{appId}/envs/{env}/clusters/{clusterName}/namespaces/{namespaceName}/public-association: + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/public-association: @@ - description: >- - GET - /openapi/v1/apps/{appId}/envs/{env}/clusters/{clusterName}/namespaces/{namespaceName}/public-association + description: >- + GET + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/public-association @@ - /openapi/v1/apps/{appId}/envs/{env}/clusters/{clusterName}/namespaces/integrity-check: + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/integrity-check: @@ - description: >- - GET - /openapi/v1/apps/{appId}/envs/{env}/clusters/{clusterName}/namespaces/integrity-check + description: >- + GET + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/integrity-check @@ - /openapi/v1/apps/{appId}/envs/{env}/clusters/{clusterName}/namespaces/{namespaceName}/links: + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/links: @@ - description: >- - DELETE - /openapi/v1/apps/{appId}/envs/{env}/clusters/{clusterName}/namespaces/{namespaceName}/links + description: >- + DELETE + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/linksAlso applies to: 3207-3209, 3265-3265, 3269-3271, 3305-3305, 3309-3311
🧹 Nitpick comments (8)
apollo-openapi.yaml (8)
35-36: Fix tag name typo.Duplicate “Namespace” in the tag name.
- - name: Namespace Namespace Branch Management + - name: Namespace Branch Management
119-119: Align description with actual query usage.This operation is on /openapi/v1/apps with a query; description currently points to a non-existent path.
- description: GET /openapi/v1/apps/authorized + description: GET /openapi/v1/apps?authorized=true
1715-1733: Reorder parameters to match the path segment order.Helps code generators and humans; also add missing descriptions.
- - name: appId - in: path - description: '' - required: true - schema: - type: string - - name: clusterName - in: path - description: '' - required: true - schema: - type: string - - name: env - in: path - description: '' - required: true - schema: - type: string + - name: env + in: path + description: 环境标识 + required: true + schema: + type: string + - name: appId + in: path + description: 应用ID + required: true + schema: + type: string + - name: clusterName + in: path + description: 集群名称 + required: true + schema: + type: string
643-643: Update operation descriptions that still reference old non-env paths.Descriptions should reflect the env-scoped paths defined by the spec.
- /apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items/{key} + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items/{key} @@ - /apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items/{key} + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items/{key} @@ - /apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/encodedItems/{key} + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/encodedItems/{key} @@ - /apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/encodedItems/{key} + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/encodedItems/{key} @@ - /apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items:validate + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items:validateAlso applies to: 748-748, 1049-1049, 1153-1154, 1562-1562
3086-3086: Fix tag assignments for better grouping in generated docs/clients.
- AppNamespace delete should be under Namespace Management.
- Namespace fetch by env/cluster/namespace should be under Namespace Management (not Cluster).
- Branch endpoints should be under Namespace Branch Management.
- - App Management + - Namespace Management @@ - - Cluster Management + - Namespace Management @@ - - Cluster Management + - Namespace Branch ManagementAlso applies to: 2900-2900, 3391-3391
4375-4376: Provide server URLs instead of an empty array.Improves usability of generated SDKs and Swagger UI testing.
-servers: [] +servers: + - url: http://localhost:8070 + description: Local Apollo Portal + - url: https://{host} + description: Hosted Apollo Portal + variables: + host: + default: apollo.example.com + description: API host
3803-3822: Security scheme looks good. Consider adding an explicitBearerhint if applicable.If the Authorization header uses a raw token (not Bearer), keeping apiKey is fine. If it uses Bearer, consider switching to http/bearer for better generator support.
3899-3917: Consider extracting common pagination schemas and parameter components.Page/size/total/content patterns repeat. Define components.parameters for page/size and a generic Page to DRY.
Also applies to: 4156-4173
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
apollo-openapi.yaml(70 hunks)
🧰 Additional context used
🪛 Gitleaks (8.28.0)
apollo-openapi.yaml
[high] 18-19: Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.
(curl-auth-header)
🔇 Additional comments (2)
apollo-openapi.yaml (2)
1831-1899: Good: env-scoped Cluster create is consistent and well-documented.Please ensure server implementation enforces required fields (name, appId, dataChangeCreatedBy) with clear 400 messages as documented.
4188-4196: Schema renames to Open are consistent and descriptive.*These model docs are clear and helpful. Nice.
Also applies to: 4198-4241, 4242-4280, 4281-4290, 4291-4303
| <h3>使用示例</h3> | ||
| <pre><code class="language-bash">curl -X GET "http://localhost:8070/openapi/v1/apps" \ | ||
| -H "Authorization: your_token_here"</code></pre> |
There was a problem hiding this comment.
Mask the Authorization header example to avoid secret scanners (Gitleaks) false positives.
The curl snippet is triggering Gitleaks. Use an env var placeholder instead of an inline token.
Apply this diff:
- <pre><code class="language-bash">curl -X GET "http://localhost:8070/openapi/v1/apps" \
- -H "Authorization: your_token_here"</code></pre>
+ <pre><code class="language-bash">APOLLO_TOKEN='<your-token>' && curl -X GET "http://localhost:8070/openapi/v1/apps" \
+ -H "Authorization: ${APOLLO_TOKEN}"</code></pre>📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| <h3>使用示例</h3> | |
| <pre><code class="language-bash">curl -X GET "http://localhost:8070/openapi/v1/apps" \ | |
| -H "Authorization: your_token_here"</code></pre> | |
| <h3>使用示例</h3> | |
| <pre><code class="language-bash">APOLLO_TOKEN='<your-token>' && curl -X GET "http://localhost:8070/openapi/v1/apps" \ | |
| -H "Authorization: ${APOLLO_TOKEN}"</code></pre> |
🧰 Tools
🪛 Gitleaks (8.28.0)
[high] 18-19: Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.
(curl-auth-header)
🤖 Prompt for AI Agents
In apollo-openapi.yaml around lines 17 to 19, the curl example includes an
inline Authorization token which triggers secret scanners; replace the inline
token with an environment variable placeholder (e.g. $AUTH_TOKEN or
${AUTH_TOKEN}) in the -H "Authorization: ..." header so the example reads as
using a shell env var, and update any surrounding text if needed to indicate the
token should be set via an environment variable rather than pasted inline.
| <pre><code class="language-bash">curl -X GET "http://localhost:8070/openapi/v1/apps" \ | ||
| -H "Authorization: your_token_here"</code></pre> |
There was a problem hiding this comment.
🧩 Analysis chain
Validate the OpenAPI and grep for any remaining inconsistent paths.
Automate checks to prevent regressions.
Also applies to: 642-643, 746-748, 1048-1049, 1152-1154, 1561-1562, 3203-3209, 3265-3271, 3305-3311
🏁 Script executed:
#!/bin/bash
set -euo pipefail
# 1) Validate OpenAPI 3.0
pip -q install openapi-spec-validator==0.7.1 >/dev/null
python - <<'PY'
from openapi_spec_validator import validate_spec
import yaml, sys
with open("apollo-openapi.yaml", "r", encoding="utf-8") as f:
spec = yaml.safe_load(f)
try:
validate_spec(spec)
print("OpenAPI validation: OK")
except Exception as e:
print("OpenAPI validation: FAILED")
print(e)
sys.exit(1)
PY
# 2) Find any lingering non-env-scoped path descriptions
echo
echo "Descriptions still referencing '/apps/{appId}/clusters' without '/envs/{env}':"
rg -n -C0 -P 'description:.*?/apps/\{appId\}/clusters/\{clusterName\}' apollo-openapi.yaml || true
# 3) Find any paths that use '/apps/{appId}/envs/{env}' ordering
echo
echo "Paths using apps-first env ordering:"
rg -n -P '^\s*/openapi/v1/apps/\{appId\}/envs/\{env\}' apollo-openapi.yaml || trueLength of output: 1304
Fix remaining apps-first OpenAPI paths and descriptions
OpenAPI validation passed, but apollo-openapi.yaml still contains apps-first path keys and description references — convert them to env-first and add a CI check to prevent regressions.
- Descriptions referencing apps path: apollo-openapi.yaml lines 1711, 1762, 2571
- Path keys using apps-first ordering (must be changed to /openapi/v1/envs/{env}/apps/{appId}/...): apollo-openapi.yaml lines 3202–3208, 3264–3270, 3304–3310
Add CI: run openapi-spec-validator and fail on regex ^\s*/openapi/v1/apps/{appId} to catch regressions.
🧰 Tools
🪛 Gitleaks (8.28.0)
[high] 18-19: Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.
(curl-auth-header)
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (6)
apollo-openapi.yaml (6)
1048-1049: Inconsistent path description formatThe path description references the old apps-first format instead of the current env-first format used in the actual path key.
Apply this diff to correct the description:
description: >- PUT - /apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/encodedItems/{key} + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/encodedItems/{key}
1152-1154: Inconsistent path description formatThe path description references the old apps-first format instead of the current env-first format used in the actual path key.
Apply this diff to correct the description:
description: >- DELETE - /apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/encodedItems/{key} + /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/encodedItems/{key}
1208-1208: Inconsistent path description formatThe description shows an env-first path format but with incorrect parameter order compared to the actual endpoint path.
Apply this diff to match the actual path structure:
description: >- PUT - /openapi/v1/envs/{env}/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items:batchUpdate + /openapi/v1/apps/{appId}/envs/{env}/clusters/{clusterName}/namespaces/{namespaceName}/items:batchUpdate
1544-1544: Inconsistent path description formatThe path description uses different ordering and structure compared to the actual path key.
Apply this diff to match the actual endpoint structure:
description: >- POST - /openapi/apps/{appId}/env/{env}/clusters/{clusterName}/namespaces/{namespaceName}/items:validate + /openapi/v1/apps/{appId}/envs/{env}/clusters/{clusterName}/namespaces/{namespaceName}/items:validate
119-119: Inconsistent endpoint descriptionThe description mentions "GET /openapi/v1/apps/authorized" but the actual endpoint is "GET /openapi/v1/apps" with an optional
authorizedquery parameter.Apply this diff to correct the description:
- description: GET /openapi/v1/apps/authorized + description: GET /openapi/v1/apps?authorized=true
4143-4148: Minor documentation improvements neededThe schema descriptions could be more consistent and detailed to match the quality of other schema definitions.
Apply this diff to improve the schema documentation:
env: type: string - description: 环境标识,例如 DEV、FAT、UAT、PROD + description: 环境标识,例如 DEV、FAT、UAT、PROD 等 clusters: type: array items: type: string - description: 该环境下的集群名称列表 + description: 该环境下的集群名称列表,包含所有可用集群
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
apollo-openapi.yaml(72 hunks)
🧰 Additional context used
🪛 Gitleaks (8.28.0)
apollo-openapi.yaml
[high] 18-19: Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.
(curl-auth-header)
🔇 Additional comments (4)
apollo-openapi.yaml (4)
3906-3908: Verify MapString schema definitionThe MapString schema definition appears correct for representing string key-value mappings used in configurations.
172-219: Well-structured environment cluster endpointThe endpoint correctly uses the apps-first structure for application-specific operations and provides comprehensive examples and error handling.
1677-1799: Proper environment-scoped cluster managementThe env-first path structure correctly implements environment-scoped cluster operations with appropriate parameter ordering and comprehensive response handling.
18-19: Security Risk: Hardcoded authorization token in curl exampleThe curl example contains an inline token which triggers security scanners. Replace with an environment variable placeholder to demonstrate secure token handling.
Apply this diff to mask the authorization token:
- <pre><code class="language-bash">curl -X GET "http://localhost:8070/openapi/v1/apps" \ - -H "Authorization: your_token_here"</code></pre> + <pre><code class="language-bash">APOLLO_TOKEN='your_token_here' && curl -X GET "http://localhost:8070/openapi/v1/apps" \ + -H "Authorization: ${APOLLO_TOKEN}"</code></pre>
tacklequestions
force-pushed
the
main
branch
2 times, most recently
from
60d9de6 to
59df6a3
Compare
unify api paths for item management and simplify items:compare and items:sync endpoints make operator optional in endpoints and schemas, move to query param where needed refine items:validate response schema and add operationId for better client generation
tacklequestions
force-pushed
the
main
branch
from
59df6a3 to
731cb70
Compare
Summary by CodeRabbit
Chores
Refactor
Documentation