**Docker build and deployment improvements:** by zlovtnik · Pull Request #22 · zlovtnik/spring-graphql

zlovtnik · 2025-11-23T21:16:08Z

This pull request introduces significant improvements to the Docker build and deployment workflow for the project. The main changes include a new multi-stage Docker build that separates backend and frontend builds, adds support for build-time configuration via arguments, and enhances security and flexibility for SSL certificate handling. The documentation has also been updated to reflect these new capabilities and provide clear usage instructions.

Docker build and deployment improvements:

Refactored Dockerfile to use multi-stage builds for backend (eclipse-temurin:21-jdk-alpine) and frontend (node:20-alpine), improving build efficiency and separation of concerns. [1] [2]
Added build-time arguments FRONTEND_DIST_PATH and CERT_CN to allow customization of frontend output location and SSL certificate Common Name, with validation steps to prevent misconfiguration.
Integrated nginx into the final runtime image, with automatic generation of self-signed SSL certificates for local development and validation of nginx configuration at build time.
Enhanced file permissions and ownership setup for static assets and application files, improving security and compatibility with container best practices.

Documentation updates:

Updated README.md to document new Docker build arguments, usage examples, production warnings for SSL certificates, and Docker Compose integration, making deployment steps clearer and safer for developers.

Build context optimization:

Added a comprehensive .dockerignore file to exclude unnecessary files and directories from the Docker build context, reducing image size and build times.

Summary by CodeRabbit

New Features
- Full Analytics area (Dashboard, Performance, Usage, Reports) with charts, CSV/JSON exports and lazy loading.
- Backend observability: slow-query detection, recommendation persistence, index-effectiveness analysis, and latency analysis.
Infrastructure
- Multi-stage Docker build, HTTPS/nginx startup script, non-root runtime, expanded ports, Logstash & Kibana additions and ELK/ILM templates.
Database
- New migrations and tables for persisted queries, audits, user settings; data-consistency fixes and schema updates.
Bug Fixes
- CORS/JWT preflight handling, startup robustness, account deactivation constraint fixes.
Documentation
- README expanded for build-time options; several internal docs consolidated or removed.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

…nd cache operations

…tage Dockerfile Refactor Dockerfile to use multi-stage builds for backend and frontend, add Nginx for serving frontend with SSL support, expose ports 80/443/8443, and update start script. Expand observability roadmap section. Enhance BatchMetricsRecorder with cache update for batch operation consistency.

…and docs Enhance Dockerfile with ARG FRONTEND_DIST_PATH for customizable frontend build output, add build-time validation to fail fast on missing assets, introduce CERT_CN for self-signed certs, validate nginx config, and update comments for better context. Refine SQL query normalization for consistent whitespace handling to improve matching accuracy. Update README with Docker build arguments guide for deployment flexibility across environments.

vercel · 2025-11-23T21:16:13Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
spring-graphql	Ready	Preview	Comment	Nov 25, 2025 0:08am

coderabbitai · 2025-11-23T21:16:16Z

Walkthrough

Adds a full observability and analytics stack: multi-stage Docker build (frontend + backend), nginx/start scripts with certs, frontend Analytics module and pages/services, backend index/slow-query analyzers and persistence, many DB migrations/PL/SQL updates, tracing/latency tooling, logging/logstash, and large docs and build updates.

Changes

Cohort / File(s)	Summary
Docker & runtime `\.dockerignore`, `Dockerfile`, `docker-compose.yml`, `docker-start.sh`, `nginx.conf`	Multi-stage build split (backend/frontend), `FRONTEND_DIST_PATH` & `CERT_CN` args, self-signed certs, nginx SPA routing and caching, expose 80/443/8443, improved healthchecks, graceful start/stop script, logstash/Kibana services added.
Frontend analytics & UI `frontend/src/app/app.routes.ts`, `frontend/src/app/app.component.html`, `frontend/src/app/features/analytics/*`, `frontend/src/styles.css`	New AnalyticsModule, lazy routes and safe loaders, `AnalyticsService` + data types, `AnalyticsComponent` and four page components (dashboard, performance, usage, reports), menu reorganized, large style/theme additions.
Backend analyzers & services `src/main/java/com/rcs/ssf/metrics/*`, `src/test/java/com/rcs/ssf/metrics/IndexEffectivenessAnalyzerTest.java`	Added `IndexEffectivenessAnalyzer` (scheduled), `SlowQueryAnalyzer` (+ ExecutionPlan), `RecommendationPersistenceService`, `QueryNormalizationUtils`, unit tests, metrics export and persistence into audit tables.
Tracing & latency `src/main/java/com/rcs/ssf/tracing/`, `src/main/java/com/rcs/ssf/SsfApplication.java`, `src/main/resources/application.yml`	Added `LatencyAnalyzer`, new OtelConfig beans, enabled `@EnableScheduling`, CORS/MinIO/observability config updates and slow-query settings.
Dynamic CRUD & service changes `src/main/java/com/rcs/ssf/dynamic/DynamicCrudGateway.java`, `src/main/java/com/rcs/ssf/service/DynamicCrudService.java`	Use `toPlsqlLiteral()` for operations, expand `ALLOWED_TABLES`, refactor `getColumnMetadata` to batch-fetch `data_default` to avoid LONG issues.
Build & tooling `build.gradle`, `README.md`, `\.dockerignore`	Modernized Gradle (Java 21 toolchain, plugins, BOMs), Flyway env validation, added dependencies, README docs for build-time args and examples.
Database migrations & PL/SQL `db/migration/`, `sql/packages/`	New migrations (V601/V601-related audit tables), V700 PL/SQL recompile with RETURNING INTO support, V017 NOT NULL/FK change, spec constants updated, dynamic CRUD package spec/body changes.
Schema, seeds & orchestration `sql/tables/`, `sql/indexes/users_indexes.sql`, `sql/seed/`, `sql/grants/data_dictionary_privileges.sql`, `sql/master.sql`, `setup-oracle-schema.sh`, `sql/README.md`	New tables (persisted_queries, audits, user_preferences, api_keys, account_deactivation_audit), extended `users` (avatar_key, account_status, account_deactivated_at) with data-correction block, seeds, grants, expanded master orchestration and setup script.
PL/SQL package body changes `sql/packages/dynamic_crud_pkg_spec.sql`, `sql/packages/dynamic_crud_pkg_body.sql`	Normalize operation constants (`CREATE`→`INSERT`, `READ`→`SELECT`), add PK detection, support `RETURNING INTO` via DBMS_SQL for ID retrieval, refactor insert/update/delete flows.
Logging, ELK & Logstash `logstash/`, `src/main/resources/logback-spring.xml`, `monitoring/elasticsearch/`, `kibana/*`	Add Logstash pipelines, certs, Dockerfile, Logstash appender and MDC fields in logback, ILM policy, templates, Kibana dashboards and setup scripts.
Docs cleanup & removals `README.md`, `ROADMAP_OBSERVABILITY.md`, removed docs: `JAVA_21_UPGRADE.md`, `CODERABBIT_*`, `PROJECT_PLAN.md`, `EXPLAIN_PLAN_ANALYSIS.sql`, `OPTIMIZED_QUERY.sql`, etc.	README expanded for Docker args and examples; observability roadmap rewritten; many legacy/internal docs removed.
Minor backend edits & tests `src/main/java/.../BatchMetricsRecorder.java`, `JwtAuthenticationFilter.java`, `TraceIdFilter.java`, `AuthMutation.java`	BatchMetrics API changed (snapshot-based, `recordSuccess` signature updated), JWT filter skip for OPTIONS, MDC/tracing additions, minor formatting/log edits.

Sequence Diagram(s)

sequenceDiagram
    participant Scheduler
    participant Analyzer as IndexEffectivenessAnalyzer
    participant DB as OracleDB
    participant Audit as audit_index_analysis
    participant Metrics as Prometheus

    Scheduler->>Analyzer: analyzeIndexEffectiveness()
    Analyzer->>DB: query index usage (V$SEGMENT_STATISTICS / V$OBJECT_USAGE)
    DB-->>Analyzer: usage rows
    Analyzer->>Analyzer: calculateUtilityScore() / determineAction()
    Analyzer->>Audit: INSERT analysis row
    Audit-->>Analyzer: persisted
    Analyzer->>Metrics: export gauges/counters

sequenceDiagram
    participant App as SpringApp
    participant QAnalyzer as QueryPlanAnalyzer
    participant Slow as SlowQueryAnalyzer
    participant DB as OracleDB
    participant Persist as RecommendationPersistenceService
    participant Audit as audit_query_recommendations
    participant Metrics as Prometheus

    App->>QAnalyzer: processQuery(sql)
    QAnalyzer->>Slow: analyzeQuery(sql, execTime)
    alt execTime > threshold
        Slow->>DB: extract execution plan (V$SQL_PLAN / v$sql)
        DB-->>Slow: plan data
        Slow->>Slow: analyzePlanForBottlenecks()
        alt recommendations enabled
            Slow->>Persist: persistRecommendation(...)
            Persist->>Audit: INSERT recommendation
            Audit-->>Persist: persisted
            Slow->>Metrics: increment recommendation counters
        end
    end

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60–90 minutes

Areas needing extra attention:

IndexEffectivenessAnalyzer, SlowQueryAnalyzer, RecommendationPersistenceService (SQL correctness, resource/metric safety).
PL/SQL package/spec changes and new DB migrations/triggers (RETURNING INTO, cross-field constraints).
BatchMetricsRecorder API change — verify all callers updated.
Dockerfile/start script/nginx permissions and certificate generation.
Frontend Analytics module wiring (lazy-loading vs module/component providers) and large style additions.

Possibly related PRs

feat: implement user avatar and preferences management #19 — overlaps user settings/schema work (user_preferences, api_keys, deactivation audit migrations).
Dev #14 — overlaps frontend analytics/dashboard additions (charts, components, routing).
feat: integrate OpenTelemetry distributed tracing with Jaeger #21 — overlaps observability/tracing changes (OtelConfig, tracing instrumentation, logging).

Poem

🐇 I hopped through logs by lantern-light,
I chased slow plans into the night,
I seeded tables, made certs bright,
I routed SPA paths and charts in sight,
A little rabbit cheers each traced insight!

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 61.29% which is insufficient. The required threshold is 80.00%.	You can run `@coderabbitai generate docstrings` to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title 'Docker build and deployment improvements' clearly summarizes the main objective of the changeset, which focuses on Docker build process enhancements and deployment workflow refactoring.

✨ Finishing touches

📝 Generate docstrings

🧪 Generate unit tests (beta)

Create PR with unit tests
Post copyable unit tests in a comment
Commit unit tests in branch dev

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

coderabbitai

Actionable comments posted: 12

Note

Due to the large number of review comments, Critical, Major severity comments were prioritized as inline comments.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

sql/tables/users.sql (1)
5-17: Add CHECK constraints to V500 migration to prevent data integrity divergence

Verification confirms that a Flyway migration does exist (V500__user_settings_profile.sql) that adds the new columns (avatar_key, account_status, account_deactivated_at) to existing databases. However, the migration is incomplete: it omits the two CHECK constraints that enforce account status validity and deactivation logic.

Result: New databases (via sql/tables/users.sql) will have constraints; existing databases updated via V500 will not. This creates a critical data integrity gap.

Add the following to db/migration/V500__user_settings_profile.sql after the column additions:
BEGIN
    EXECUTE IMMEDIATE 'ALTER TABLE users ADD CONSTRAINT chk_account_status_values CHECK (account_status IN (''ACTIVE'', ''INACTIVE'', ''DEACTIVATED''))';
EXCEPTION
    WHEN OTHERS THEN
        IF SQLCODE = -2261 THEN
            NULL; -- Constraint already exists
        ELSE
            RAISE;
        END IF;
END;
/

BEGIN
    EXECUTE IMMEDIATE 'ALTER TABLE users ADD CONSTRAINT chk_deactivated_timestamp CHECK ((account_status = ''DEACTIVATED'' AND account_deactivated_at IS NOT NULL) OR (account_status IN (''ACTIVE'', ''INACTIVE'') AND account_deactivated_at IS NULL))';
EXCEPTION
    WHEN OTHERS THEN
        IF SQLCODE = -2261 THEN
            NULL; -- Constraint already exists
        ELSE
            RAISE;
        END IF;
END;
/

🟡 Minor comments (12)

build.gradle-62-68 (1)
62-68: I need to verify the compatibility between these versions and clarify the actual reactor-test version managed by Spring Boot 3.5.7 BOM.

Add BOM consistency comment for reactor-test.

Spring Boot 3.5.7 manages reactor-test through the Project Reactor BOM 2025.0.0, which also manages reactor-netty. Since Reactor Netty is part of the Project Reactor BOM, grouping artifacts meant to work well together with relevant versions, there are no version conflicts.

For consistency with the existing reactor-netty comment, add a similar note to line 127 documenting that reactor-test is BOM-managed:
implementation 'io.projectreactor:reactor-test' // BOM-managed via reactor-bom 2025.0.0
src/main/java/com/rcs/ssf/tracing/LatencyAnalyzer.java-213-228 (1)

213-228: Update Javadoc or implement missing layer handlers for "database" and "cache"

The mismatch between documented examples and actual implementation is confirmed. The Javadoc mentions "database" and "cache" as valid layer names, but the switch statement only handles http, graphql, service, dao, and jdbc. Passing "database" or "cache" would silently discard measurements.

Either align the Javadoc to document only the supported layers, or add proper mappings (e.g., "database" → dao/jdbc, "cache" → dedicated field) and corresponding fields to LayerLatencyStats.
src/main/java/com/rcs/ssf/metrics/BatchMetricsRecorder.java-67-68 (1)
67-68: Fix SLF4J placeholder usage so debug logs actually show throughput and memory usage

The debug messages currently use {:.2f} / {:.1f} inside {} which SLF4J does not interpret as placeholders, so the numeric arguments are effectively ignored or mis-bound:

Line 67: "throughput={:.2f}/sec" ignores the throughput argument; the literal {:.2f} is logged.

Line 94: same issue as above.

Line 144: "Recorded memory pressure for operation '{}': {:.1f}%" logs the literal {:.1f} and drops usagePercent.

Consider simplifying to plain {} placeholders so the values are actually logged:
-            log.debug("Recorded batch metrics for operation '{}': processed={}, failed={}, throughput={:.2f}/sec",
-                operationName, processedItems, failedItems, throughput);
+            log.debug("Recorded batch metrics for operation '{}': processed={}, failed={}, throughput={}/sec",
+                operationName, processedItems, failedItems, throughput);

-            log.debug("Recorded individual operation metrics for '{}': processed={}, failed={}, throughput={:.2f}/sec",
-                operationName, processedItems, failedItems, throughput);
+            log.debug("Recorded individual operation metrics for '{}': processed={}, failed={}, throughput={}/sec",
+                operationName, processedItems, failedItems, throughput);

-            log.debug("Recorded memory pressure for operation '{}': {:.1f}%", operationName, usagePercent);
+            log.debug("Recorded memory pressure for operation '{}': {}%", operationName, usagePercent);
If you still want fixed decimal precision, you can wrap the numeric arguments with String.format, but the main fix is to revert to valid {} placeholders.

Also applies to: 94-95, 144-145
frontend/src/app/features/analytics/services/analytics.service.ts-74-81 (1)

74-81: Use environment-based config for API base URL, consistent with rest of codebase

baseUrl is hard-coded to https://localhost:8443, which breaks in other environments. The codebase already defines apiUrl in frontend/src/environments/environment.prod.ts (supporting runtime override via API_URL env var), and other services like DynamicFormService already follow this pattern via environment.apiUrl. Align AnalyticsService with the existing approach by injecting or importing environment and using environment.apiUrl instead of a hard-coded string.

frontend/src/app/features/analytics/services/analytics.service.ts-85-89 (1)

85-89: Update the cache TTL implementation and remove redundant error handling

The review is accurate. shareReplay(1) at lines 85-89 (and also at 102-105) caches indefinitely without a windowTime parameter, contradicting the "30 seconds" comment. Additionally, the catchError at lines 88 duplicates the error handling already present in fetchDashboard() at line 193, making it redundant.

Fix by either:

Updating the comment to reflect indefinite caching, or

Implementing the intended 30-second TTL: shareReplay({ bufferSize: 1, windowTime: 30000, refCount: true }) and removing the outer catchError since fetchDashboard() already handles errors.
frontend/src/app/features/analytics/pages/performance.component.ts-149-156 (1)
149-156: Narrow status parameter type for stronger type-safety

PerformanceMetric.status is 'healthy' | 'warning' | 'critical', but getStatusColor(status: string) accepts any string. Tighten this to the union type to catch typos at compile time:
-  getStatusColor(status: string): string {
+  getStatusColor(status: PerformanceMetric['status']): string {
This keeps the implementation the same but makes template usage safer.
docker-start.sh-11-56 (1)
11-56: Fix exit code capture in cleanup function.

The static analysis warning is valid. Line 12 captures $? after the function has already started executing, which means it captures the exit code of the previous command in the function (likely the echo on line 14), not the exit code of the process that triggered cleanup.

The exit code should be captured at the point where cleanup is called, not inside the cleanup function itself. However, since this is used in a trap, the current approach won't work correctly.

Recommended fix:
Remove the exit code capture from cleanup and rely on the exit code passed to cleanup when called explicitly:
 cleanup() {
-    local exit_code=$?
-    
     echo "Received termination signal, cleaning up..."
     
     # ... shutdown logic ...
     
     echo "Cleanup complete, exiting with code $exit_code"
-    exit $exit_code
+    exit ${1:-0}
 }
Then call cleanup with explicit exit codes:
-    cleanup
+    cleanup $JAVA_EXIT_CODE
For trap-based invocations, the exit code will default to 0, which is appropriate for graceful shutdown signals.

As per static analysis hints.

Committable suggestion skipped: line range outside the PR's diff.
src/main/resources/application.yml-126-126 (1)

126-126: Update README.md and HELP.md to align with MinIO URL default change.

The application now defaults to http://minio-server:9000, but README.md and HELP.md still document http://localhost:9000 in their environment setup examples. This creates contradictory guidance for developers.

Update both files:

README.md: Change export MINIO_URL=http://localhost:9000 to export MINIO_URL=http://minio-server:9000 (in Quick Start section)

HELP.md: Change export MINIO_URL=http://localhost:9000 to export MINIO_URL=http://minio-server:9000 (in Environment Checklist and environment template sections)

Alternatively, if localhost development is still expected, revert the application.yml default to http://localhost:9000 and update docker-compose to override via environment variable. Either way, documentation must match the code's actual default behavior.
ROADMAP_OBSERVABILITY.md-178-239 (1)
178-239: Add language specifiers to fenced code blocks.

Several fenced code blocks are missing language specifiers, which reduces readability in some Markdown renderers and affects accessibility.

As per coding guidelines from markdownlint, apply these changes:

For ASCII diagrams (line 178):
-    ```
+    ```text
     ┌──────────────────────────────────────────────────────────────┐
For pseudocode blocks (lines 245, 291, 413):
-        ```
+        ```text
         1. Query Oracle DBA_INDEX_USAGE for each user index:
Or if the pseudocode represents SQL or a specific language, use that language identifier instead.

Also applies to: 245-347, 291-357, 413-437
sql/master.sql-92-109 (1)
92-109: Handle potential LISTAGG overflow in validation block.

The validation block uses LISTAGG to concatenate invalid object names (line 96), but the target variable is limited to 4000 bytes. If many objects are invalid, this will raise ORA-01489.

Apply this diff to handle overflow gracefully:
 DECLARE
     v_invalid_count NUMBER := 0;
-    v_invalid_list VARCHAR2(4000) := '';
+    v_invalid_list CLOB;
 BEGIN
-    SELECT COUNT(*), LISTAGG(object_type || ' ' || object_name, ', ') 
+    SELECT COUNT(*), LISTAGG(object_type || ' ' || object_name, ', ') WITHIN GROUP (ORDER BY object_type, object_name)
     INTO v_invalid_count, v_invalid_list
     FROM user_objects
     WHERE status = 'INVALID';
     
     IF v_invalid_count > 0 THEN
         DBMS_OUTPUT.PUT_LINE('WARNING: Found ' || v_invalid_count || ' invalid objects:');
-        DBMS_OUTPUT.PUT_LINE(v_invalid_list);
+        DBMS_OUTPUT.PUT_LINE(SUBSTR(v_invalid_list, 1, 32000));
         RAISE_APPLICATION_ERROR(-20999, 'Schema setup failed due to invalid objects');
     ELSE
         DBMS_OUTPUT.PUT_LINE('SUCCESS: All objects compiled successfully!');
     END IF;
 END;
Alternatively, use a cursor to print each invalid object separately.
src/main/java/com/rcs/ssf/metrics/SlowQueryAnalyzer.java-155-203 (1)
155-203: Inconsistent null vs. empty return values.

Line 158 returns null when sqlId is null, but line 202 returns an empty ExecutionPlan on exceptions. This inconsistency requires callers to handle both null checks and empty object checks.

Consider standardizing on one approach:
 private ExecutionPlan extractExecutionPlan(String sql) {
     String sqlId = getSqlId(sql);
     if (sqlId == null) {
-        return null;
+        return new ExecutionPlan("", null, null);
     }
src/main/java/com/rcs/ssf/metrics/SlowQueryAnalyzer.java-425-437 (1)
425-437: Generic hint uses placeholder table names.

Line 431 returns a hint with generic placeholders "table1, table2" that won't work directly. Users must manually identify and substitute the correct table names.

Consider either:

Extracting actual table names from the query/plan

Adding a note in the rationale that table names need to be identified:
 result.put("rationale",
     "Nested loop join detected with potentially large inner table. " +
-            "Consider HASH JOIN hint or ensure join columns are indexed.");
+            "Consider HASH JOIN hint (substitute actual table names) or ensure join columns are indexed.");

🧹 Nitpick comments (35)

src/main/java/com/rcs/ssf/tracing/LatencyAnalyzer.java (3)

12-54: Docs mention behaviors/metrics that aren't implemented or are only stubbed

The class-level Javadoc promises:

span collection from OpenTelemetry,

tracing.latency_attribution metrics,

real attribution-based analysis,

while the implementation currently:

only pre-registers tracing.latency_by_layer timers for a fixed resolver list,

never updates those timers or emits a tracing.latency_attribution metric,

relies solely on latencyStats populated externally.

This is fine as a scaffold, but the docs should either be tightened to describe the current behavior, or the missing pieces (span collection + attribution metric emission) implemented, to avoid confusion for future maintainers and operators.

Also applies to: 95-113

217-240: Eviction strategy is arbitrary; consider making intent explicit

Two minor points in recordLayerLatency:

Per-resolver aggregation:

Each call overwrites the layer latency (stats.httpLatencyMs = latencyMs) rather than accumulating.

Combined with stats.totalLatencyMs = ..., what you store is effectively the latest observation per resolver, not a windowed aggregate.

If that’s intentional (e.g., “last seen latency per resolver”), a short comment would help clarify and avoid future “why not sum?” confusion.

Eviction policy:

if (latencyStats.size() > MAX_TRACKED_SPANS) then latencyStats.remove(latencyStats.keySet().iterator().next()) removes an arbitrary resolver (CHM is not ordered).

This is OK as a simple cap, but it’s not truly “oldest”. If you care about which entries are dropped (e.g., least recently updated), consider tracking timestamps or using an LRU-like strategy.

Neither is a blocker, but documenting the intended semantics here will make the behavior much clearer to future readers.

71-93: Scheduled analysis logic is reasonable, but consider one-time metric registration

The scheduled analyzeLatencyByLayer + detectAndAlertBottlenecks flow is coherent, and the bottleneck alert counter looks good.

One small improvement: initializeMetricsForLayers() is invoked on every schedule tick, but in Micrometer registering the same Timer (same name+tags) is idempotent; you only need to do this once (e.g., constructor or @PostConstruct). Rebuilding them every 5 minutes just adds overhead.

If you keep this as a stub until you hook in actual span collection, a short comment noting that could prevent someone from trying to optimize the wrong part later.

Also applies to: 170-201

src/main/java/com/rcs/ssf/metrics/BatchMetricsRecorder.java (1)

90-93: Good that individual operations now feed the same aggregated metrics; consider symmetry for throughput gauges

Routing individual-operation stats through the same BatchMetrics instance as batch completions ensures totals, error rate, and averages reflect all traffic, not just batched runs. If you want observability parity with recordBatchCompletion, you might also expose a dedicated throughput gauge for this path (e.g., a separate metric name or tag for “individual” vs “batch”) to keep the external metrics story symmetrical.

frontend/src/app/features/analytics/analytics.component.ts (1)

35-40: Remove redundant manual navigation; route config already handles the redirect

The route configuration correctly handles /analytics → /analytics/dashboard via the child empty route with pathMatch: 'full' and redirectTo: 'dashboard'. The ngOnInit manual navigation at lines 35-40 is redundant and can be safely removed. This simplifies the component and eliminates the risk of duplicate navigation events.

frontend/src/app/features/analytics/pages/dashboard.component.ts (1)

286-299: Error handling pattern misalignment between service and component

The error handler in fetchDashboardData's tap({ error }) won't execute because AnalyticsService.getDashboard() and refreshDashboard() both use catchError(() => of(getDefaultDashboard())) at the service level, converting errors into successful responses.

If you want the UI to surface real HTTP failures, consider either removing the catchError from the service (and handling defaults in the component), or exposing an explicit error signal from the service instead of silently returning defaults. This aligns error handling with Angular best practices: centralize transport-level concerns in services, keep UI-specific error reactions in components.

Regarding the echarts [options] with null: ngx-echarts is designed to accept null for its [options] input and handles it safely without rendering when null, so no guard is needed.
frontend/src/app/features/analytics/pages/reports.component.ts (4)
202-217: Consider using finalize to centralize isLoading reset

loadReports correctly guards the subscription with takeUntil, but isLoading is manually reset in both success and error handlers. Using RxJS finalize would reduce duplication and make it harder to forget a branch if this grows:
this.analyticsService.getReports()
  .pipe(
    takeUntil(this.destroy$),
    finalize(() => { this.isLoading = false; })
  )
  .subscribe({
    next: (reports) => { this.reports = reports; },
    error: (err) => {
      console.error('Failed to load reports:', err);
      this.message.error(`Failed to load reports${err?.message ? ': ' + err.message : '. Please try again.'}`);
    }
  });
219-247: mimeType is computed but unused; either wire it in or drop it

In downloadReport, mimeType is computed via getMimeType but never used. Either:

Remove the variable and helper if the server-provided content-type is sufficient, or

Use it when constructing a Blob (if you ever wrap the response yourself) or for setting headers/analytics so the mapping actually has an effect.

Also, getFileExtension just lowercases the format; if only a fixed set of formats is expected (csv, json, pdf), you could validate/normalize against that enum to avoid surprising filenames from unexpected values.

Also applies to: 249-261

275-291: Revisit export methods’ sync/async behavior and isExporting semantics

generateDashboardReport, generatePerformanceReport, and exportAllAsCSV wrap service calls in try/catch/finally and toggle isExporting, but this only handles synchronous failures. If analyticsService.exportDashboardAsCSV() / exportPerformanceMetricsAsCSV() are (or later become) HttpClient-based observables or promises, errors won’t be caught here and isExporting will flip back to false immediately, not when the work finishes.

Consider:

Having these service methods return an Observable<void>/Observable<Blob> and handling them like your other async flows (pipe(finalize(...)).subscribe({...})), or

Making them clearly synchronous “local-only” helpers and possibly dropping isExporting around them if it doesn’t reflect a real in-flight operation.

This will keep the UI state and error handling aligned with the actual behavior.

Also applies to: 293-309, 357-373

311-340: Tighten types for usage CSV builder and consider basic CSV escaping

generateUsageReport + buildUsageMetricsCSV work, but a couple of small improvements would help:

buildUsageMetricsCSV(metrics: any[]) can use the existing UsageMetric type for stronger guarantees:
private buildUsageMetricsCSV(metrics: UsageMetric[]): string {
  // ...
}
You already quote featureName, but any embedded quotes (") or newlines would still break the CSV. If these names can come from user-defined strings, consider minimal escaping (e.g., double quotes inside values).

Everything else in this flow (use of takeUntil, Blob creation, and download helper reuse) looks good.

Also applies to: 342-355
frontend/src/app/features/analytics/pages/usage.component.ts (3)
38-67: Verify percentage scale for nz-progress and consider showing the numeric value

[nzPercent]="metric.percentage" assumes percentage is already 0–100 as expected by nz-progress. If the service ever returns a 0–1 fraction, the bar will appear almost empty. It might be worth asserting/normalizing in the service or here.

Optionally, you could also render the numeric value (e.g. {{ metric.percentage | number:'1.0-2' }}%) alongside the bar for more precise visibility.

71-77: Guard ECharts rendering when usageChartOptions is null/empty

updateChartOptions explicitly sets usageChartOptions to null when there are no metrics, but the template always renders the <div echarts [options]="usageChartOptions">. Depending on ngx-echarts/ECharts behavior, passing null here may be tolerated or could throw at runtime.

To be safe and avoid mounting a chart with no data, consider:
<div class="chart-container" *ngIf="usageChartOptions">
  <div echarts [options]="usageChartOptions" class="chart"></div>
</div>
That keeps the chart out of the DOM when there’s nothing meaningful to show and avoids any surprises from null options.

Also applies to: 130-134, 172-204

140-164: Refresh pipeline with switchMap/takeUntil looks good; consider user feedback on errors

The refresh$ + switchMap + takeUntil(destroy$) setup is clean and avoids race conditions between rapid refreshes. One minor gap is that load failures only log to the console; unlike the reports component, the user gets no on-screen indication.

If you want parity with the reports page, you could inject NzMessageService here as well and surface a simple “Failed to load usage metrics” toast in the error handler.

Also applies to: 166-170
.dockerignore (1)

1-31: .dockerignore patterns look good; be aware of excluded docs and compose files

The ignore list is sane for keeping the build context lean (build artifacts, node_modules, logs, env files, IDE configs). Just note that docs/, *.md, and docker-compose.yml will never be available in the build context, so if you ever want to COPY documentation or compose samples into the image, you’ll need to relax these patterns.
src/main/java/com/rcs/ssf/service/DynamicCrudService.java (2)
47-72: Review expanded ALLOWED_TABLES whitelist for security and coverage

Expanding ALLOWED_TABLES to include users, roles, MFA, API key, and multiple audit tables significantly broadens what the dynamic CRUD UI can introspect/mutate. That’s fine as long as it’s intentional, but it’s worth double‑checking:

Confirm that all of these tables are expected to be operator‑visible via dynamic CRUD, especially users, api_keys, and MFA tables, even though sensitive columns are name‑filtered.

The SQL docs mention an audit_http_compression table; if you intend dynamic CRUD coverage for all audit tables, consider adding it here as well.

For example:
-            "audit_graphql_execution_plans",
-            "audit_circuit_breaker_events",
+            "audit_graphql_execution_plans",
+            "audit_circuit_breaker_events",
+            "audit_http_compression",
387-495: data_default batching logic looks correct; only minor refactor opportunities

The split between the main metadata query (no data_default) and a separate user_tab_columns batch to populate defaults via safeReadColumnDefault is sound and should avoid the LONG/ORA‑00932 issues while eliminating the N+1 pattern. The defensive catch on DataAccessException with a fallback to null defaults is also reasonable.

If you want to tighten this further (optional):

Make defaultsByColumn unmodifiable (Map.copyOf(defaultsMap)) before using it in the stream, to prevent accidental mutation later.

Consider normalizing the map key (e.g., col.getName().toUpperCase(Locale.ROOT)) on both insertion and lookup if you ever introduce quoted/mixed‑case column names, to avoid silent misses.

Functionally, though, this implementation is fine as‑is.
sql/README.md (1)
44-123: Minor Markdown and wording nits (table spacing, code fence language, hyphenation)

To satisfy markdownlint and improve readability, you can make a few small tweaks:

Add a blank line before the migrations table:
-### ✅ ALL Flyway Migrations Unified
-| Migration | File | Status |
+### ✅ ALL Flyway Migrations Unified
+
+| Migration | File | Status |
Specify a language for the execution‑order fenced block (it’s mostly plain text):
-```
+```text
 Step 1: Sequences          (audit_seq, user_id_seq)
 ...
 Step 9: Summary            (print object counts and confirmation)
3. Hyphenate “performance‑critical”:

```diff
-**Indexes (30+):**
-- All performance critical indexes included
+**Indexes (30+):**
+- All performance-critical indexes included
These are cosmetic only and won’t affect behavior.
docker-compose.yml (1)

183-185: Port exposure matches nginx+SSL flow; consider whether 8443 needs to stay public

Exposing 80/443 alongside 8443 makes sense with nginx terminating HTTP/HTTPS in the container, and the existing healthcheck still targeting 8443. If 8443 is now only an internal app port behind nginx, you might optionally drop the host binding for 8443 to reduce the exposed surface, keeping just 80/443 for normal access.
sql/seed/default_roles.sql (1)
15-35: Use a NULL‑safe comparison in the MERGE UPDATE to backfill missing descriptions

In the MERGE, the UPDATE branch currently runs only when r.description != src.description. If an existing role has description IS NULL, that predicate is UNKNOWN and the row won’t be updated, so the seeded description won’t be backfilled.

If you want to ensure descriptions are populated or refreshed whenever they differ (including NULL → non‑NULL), consider a NULL‑safe condition, e.g.:
 WHEN MATCHED THEN
     UPDATE SET
         description = src.description,
         updated_at = SYSTIMESTAMP
-    WHERE r.description != src.description;
+    WHERE (r.description IS NULL AND src.description IS NOT NULL)
+       OR (r.description IS NOT NULL AND r.description != src.description);
The rest of the script (idempotent role creation and guarded ROLE_ADMIN grant) looks solid.
nginx.conf (1)
135-158: Consider extracting security headers to reduce duplication.

Security headers are repeated in three location blocks (server level, static assets, and SPA routing). While this is necessary because add_header in a child block doesn't inherit from parent blocks, it creates maintenance overhead.

Consider using an include file or nginx map to centralize security headers:

Create /etc/nginx/snippets/security-headers.conf:
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
Then include it in each location block:
 location ~ ^/(assets|styles)/ {
     root /var/www/html/browser;
     expires 30d;
     add_header Cache-Control "public, immutable";
-    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
-    add_header X-Content-Type-Options "nosniff" always;
-    add_header X-Frame-Options "SAMEORIGIN" always;
-    add_header X-XSS-Protection "1; mode=block" always;
-    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+    include /etc/nginx/snippets/security-headers.conf;
 }
Note: This requires updating the Dockerfile to copy the snippet file.
Dockerfile (1)
40-55: Consider documenting certificate rotation strategy.

The self-signed certificate has a 365-day validity. For long-running containers, this could cause expiration issues. The warning comments correctly note this is for local/dev only, but documentation on certificate rotation would be helpful.

Add a comment block or reference to documentation:
 # Generate self-signed SSL certificates for nginx with configurable CN
+# NOTE: Certificate expires in 365 days. For production:
+#   1. Mount CA-issued certificates via volume: -v /path/to/certs:/etc/nginx/certs
+#   2. Or use cert-manager/Let's Encrypt for automatic rotation
+# For long-running dev containers, recreate container annually or mount certs.
 RUN mkdir -p /etc/nginx/certs && \
     openssl req -x509 -newkey rsa:2048 -keyout /etc/nginx/certs/private-key.pem -out /etc/nginx/certs/certificate.pem -days 365 -nodes \
     -subj "/CN=${CERT_CN}/O=Organization/C=US"
sql/tables/05_persisted_queries.sql (1)
19-35: Consider adding CHECK constraint for status field.

The status column (line 30) has a default value of 'ACTIVE' but no CHECK constraint to enforce valid values. This could allow invalid status values to be inserted.

Apply this diff to add a CHECK constraint:
     usage_count NUMBER(19) DEFAULT 0 NOT NULL,
     client_name VARCHAR2(255),
-    status VARCHAR2(20) DEFAULT 'ACTIVE' NOT NULL,
+    status VARCHAR2(20) DEFAULT 'ACTIVE' NOT NULL CHECK (status IN ('ACTIVE', 'DEPRECATED', 'DISABLED')),
     created_by VARCHAR2(255),
     updated_by VARCHAR2(255)
Adjust the valid status values based on your application's requirements.
sql/packages/dynamic_crud_pkg_body.sql (2)

239-265: Primary-key helper only supports single-column PKs

get_primary_key_column intentionally returns only the first PK column; composite primary keys will not be handled correctly by the ID‑returning logic that depends on this helper. If you ever allow dynamic CRUD over tables with composite PKs, you’ll need either to:

Extend this helper to return all PK columns, and

Adjust the INSERT/RETURNING path to bind multiple columns.

Otherwise, it would be good to document clearly (in spec/comments) that dynamic_crud_pkg only supports single-column PKs on the allowed tables.

323-327: INSERT/ID generation path looks correct but treats IDENTITY differently than SEQUENCE

The new INSERT branch correctly:

Builds a quoted column/value list with bind variables.

Uses user_tab_identity_cols to detect identity columns.

Uses RETURNING "<pk_column>" INTO :ret_id with DBMS_SQL when there is no identity column and a PK exists, and falls back to a plain INSERT otherwise.

Two things to consider tightening up:

Comment vs logic – The comment “Check if table has a SEQUENCE-based PK (not IDENTITY)” is misleading: the code checks for an IDENTITY column and treats the “no identity” case as “possibly sequence-based”. You may want to reword the comment to avoid confusion.

Capturing IDs for IDENTITY PKs – For IDENTITY columns you currently just run a normal INSERT and never populate p_generated_id. Oracle also supports RETURNING identity_column INTO ..., so if the caller expects IDs for both SEQUENCE‑based and IDENTITY‑based PKs, you could simplify by using the same RETURNING path for both and dropping the identity check altogether.

If the current behavior (no generated ID for identity PKs) is intentional and all callers know this, keeping it is fine, but it is worth making explicit.

Also applies to: 373-430

db/migration/V601__index_effectiveness_audit_tables.sql (1)

24-51: Optional: constrain improvement percentage and rationale length if needed

The audit_query_recommendations table looks solid, with good completeness checks on approved/implemented. If you want to prevent out‑of‑range values later, consider:

Adding CHECK (estimated_improvement_percent BETWEEN 0 AND 100) if the value is meant to be a percentage.

Verifying that 2000 chars is enough for rationale given your expected usage; if not, switching to CLOB keeps future changes easier.

Not urgent, but worth deciding up front to avoid later migrations.

sql/tables/06_user_settings.sql (2)

19-55: Consider tightening boolean flags and time representation

The three new tables look coherent overall, but a few minor schema hardening points:

The notification_* columns and API key lifecycle flags (revoked_at, etc.) are modeled as NUMBER(1) / NUMBER(19) without checks. If these are truly boolean flags (0/1), consider CHECK (notification_emails IN (0,1))‑style constraints to prevent accidental non‑boolean values.

You’re storing created_at / updated_at as Unix epoch millis (NUMBER(19)) here, while users.created_at/updated_at are TIMESTAMP. That’s fine if intentional, but it’s worth confirming that your Java/JPA layer expects and correctly converts these numeric timestamps, and that mixed conventions won’t cause confusion.

These are non‑blocking, but tightening them now will make downstream logic and reporting simpler.

62-77: Using timestamp as a column name

account_deactivation_audit.timestamp is a valid column name, but it does shadow a common SQL type/keyword and may make queries slightly harder to read (e.g., WHERE timestamp > ...).

If you’re still flexible on naming, something like occurred_at or event_at tends to be clearer. If this table is already referenced in code, keeping it is fine; just be consistent in always qualifying with the table name to avoid ambiguity.

src/test/java/com/rcs/ssf/metrics/IndexEffectivenessAnalyzerTest.java (1)

34-81: Tests are not exercising IndexEffectivenessAnalyzer behavior

The current tests (testUtilityScoreCalculation, testActionDetermination, etc.) only perform inline arithmetic and string comparisons; they never invoke any methods on IndexEffectivenessAnalyzer. This gives no real coverage of the production code.

If you want meaningful tests here, consider:

Extracting calculateUtilityScore, determineAction, and generateRationale to package‑private methods (or a small helper class) so they can be invoked directly, or

Adding an integration‑style test that stubs JdbcTemplate.queryForList(...) and then calls analyzeIndexEffectiveness() to verify that:

At least one row is processed.

persistAnalysis is called (via verifying an insert or inspecting audit_index_analysis in a test DB).

Gauges/counters in MeterRegistry are updated as expected.

As it stands, these tests can be removed or refactored; they don’t protect the analyzer’s logic.
db/migration/V700__recompile_plsql_packages_fix_id_generation.sql (1)
389-417: Unused local variable v_has_identity

Inside the CREATE/INSERT branch’s nested DECLARE, v_has_identity is declared but never used. It’s harmless but can be removed to reduce noise:
DECLARE
-    v_has_identity NUMBER := 0;
     v_generated_id_value NUMBER;
     v_cursor INTEGER;
BEGIN
    ...
END;
sql/tables/users.sql (1)

30-203: Data consistency correction block is robust but quite heavy for a DDL script

The correction block does a thorough job:

Counts inconsistent rows,

Logs sample IDs via DBMS_OUTPUT,

Fixes both “DEACTIVATED with NULL timestamp” and “ACTIVE/INACTIVE with non‑NULL timestamp” cases,

Handles constraint and permission errors explicitly.

Two minor considerations:

The pre‑flight privilege check just verifies that the queries against user_sys_privs / user_tab_privs succeed; it doesn’t actually assert that you have UPDATE privileges (zero rows still logs “Update privileges verified”). That’s mostly cosmetic, since the UPDATEs themselves will fail with ORA‑1031 if privileges are missing.

Running this block in regular app migrations may be overkill; if it’s intended strictly for DBA‑run initialization scripts, a comment in the header clarifying that (and ensuring it’s not wired into Flyway) would help avoid surprises.

Functionally it looks sound; these are just maintainability clarifications.

src/main/java/com/rcs/ssf/metrics/IndexEffectivenessAnalyzer.java (1)

60-82: Index stats collection logic is robust; verify V$ view access assumptions

getIndexUsageStats() is well structured: it tries V$SEGMENT_STATISTICS, then V$OBJECT_USAGE, then falls back to USER_INDEXES with zero usage counts, all wrapped in defensive exception handling.

Two small points to be aware of:

Access to V$SEGMENT_STATISTICS and V$OBJECT_USAGE typically requires additional dictionary privileges. In many app schemas these queries will fail with ORA‑1031, and you’ll always hit the fallback. That’s fine given your logging, but you may want to document the privilege requirements (and test the fallback behavior) so operators know what to expect.

You hard‑code an 8KB block size (COALESCE(i.leaf_blocks, 1) * 8192) to estimate index size. If your environments use non‑8KB blocks, consider deriving block size from a parameter/table (v$parameter or tablespace metadata) or at least documenting the assumption.

Functionally, the current approach is safe; these are mostly operational gotchas.

Also applies to: 98-181
src/main/java/com/rcs/ssf/metrics/SlowQueryAnalyzer.java (4)
234-246: Consider extracting LIKE wildcard escaping to a utility method.

Lines 236-238 manually escape LIKE wildcards in a specific order. This logic is fragile and duplicated whenever needed.

Extract to a reusable utility method:
private String escapeLikePattern(String input) {
    return input
        .replace("\\", "\\\\")  // Escape backslash first
        .replace("%", "\\%")    // Escape percent
        .replace("_", "\\_");   // Escape underscore
}
Then use:
-String escapedSql = searchSql
-    .replace("\\", "\\\\")
-    .replace("%", "\\%")
-    .replace("_", "\\_");
+String escapedSql = escapeLikePattern(searchSql);
298-343: Consider refactoring verbose validation logic.

The 45 lines of manual field extraction and type checking (lines 298-343) could be simplified for better maintainability.

Consider introducing a helper method or validation utility:
private static class RecommendationExtractor {
    static RecommendationFields extract(Map<String, Object> recommendation) {
        String type = getStringOrNull(recommendation, "type");
        String confidence = getStringOrNull(recommendation, "confidence");
        String rationale = getStringOrNull(recommendation, "rationale");
        
        if (type == null || confidence == null || rationale == null) {
            return null; // Invalid
        }
        
        Double improvement = getDoubleOrNull(recommendation, "improvement_percent");
        String indexDef = getStringOrNull(recommendation, "index_definition");
        String hint = getStringOrNull(recommendation, "hint_suggestion");
        
        return new RecommendationFields(type, confidence, rationale, 
                                       improvement, indexDef, hint);
    }
    
    private static String getStringOrNull(Map<String, Object> map, String key) {
        Object val = map.get(key);
        return val instanceof String ? (String) val : null;
    }
    
    private static Double getDoubleOrNull(Map<String, Object> map, String key) {
        Object val = map.get(key);
        return val instanceof Number ? ((Number) val).doubleValue() : null;
    }
}
389-420: Extract hardcoded improvement percentage to a constant.

Line 403 uses a magic number 80.0 for the estimated improvement percentage. This should be a named constant for clarity and maintainability.
+private static final double MISSING_INDEX_IMPROVEMENT_PERCENT = 80.0;
+private static final double INEFFICIENT_JOIN_IMPROVEMENT_PERCENT = 50.0;
+private static final double CORRELATED_SUBQUERY_IMPROVEMENT_PERCENT = 60.0;
+
 private Map<String, Object> analyzeFullTableScan(String sql, ExecutionPlan plan) {
     Map<String, Object> result = new HashMap<>();
     // ...
-    result.put("improvement_percent", 80.0);
+    result.put("improvement_percent", MISSING_INDEX_IMPROVEMENT_PERCENT);
Apply similar changes to lines 430 and 447 for consistency.

458-470: Fragile table name extraction from execution plan.

Line 464 assumes parts[3] contains the table name after splitting on whitespace. This is brittle and may fail if Oracle changes the plan format or if operations have different structures.

Consider more robust parsing with validation:
 private String extractTableFromPlan(String planText) {
     String[] lines = planText.split("\n");
     for (String line : lines) {
         if (line.contains("TABLE ACCESS FULL")) {
             String[] parts = line.trim().split("\\s+");
-            if (parts.length >= 4) {
-                return parts[3];
+            // Look for table name: expect pattern like "TABLE ACCESS FULL table_name"
+            for (int i = 0; i < parts.length - 1; i++) {
+                if ("FULL".equalsIgnoreCase(parts[i]) && i + 1 < parts.length) {
+                    String tableName = parts[i + 1];
+                    // Validate: table names typically don't contain parentheses or operators
+                    if (!tableName.contains("(") && !tableName.matches("\\d+\\.?")) {
+                        return tableName;
+                    }
+                }
             }
         }
     }
     return null;
 }

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7cefe86 and d4dadba.

📒 Files selected for processing (51)

.dockerignore (1 hunks)
Dockerfile (2 hunks)
JAVA_21_UPGRADE.md (0 hunks)
README.md (1 hunks)
ROADMAP_OBSERVABILITY.md (1 hunks)
build.gradle (1 hunks)
db/migration/V017__account_deactivation_audit_reason_code_not_null.sql (1 hunks)
db/migration/V500__user_settings_profile.sql (1 hunks)
db/migration/V601__index_effectiveness_audit_tables.sql (1 hunks)
db/migration/V700__recompile_plsql_packages_fix_id_generation.sql (1 hunks)
docker-compose.yml (1 hunks)
docker-start.sh (1 hunks)
frontend/src/app/app.routes.ts (1 hunks)
frontend/src/app/features/analytics/analytics.component.ts (1 hunks)
frontend/src/app/features/analytics/pages/dashboard.component.ts (1 hunks)
frontend/src/app/features/analytics/pages/performance.component.ts (1 hunks)
frontend/src/app/features/analytics/pages/reports.component.ts (1 hunks)
frontend/src/app/features/analytics/pages/usage.component.ts (1 hunks)
frontend/src/app/features/analytics/services/analytics.service.ts (1 hunks)
nginx.conf (4 hunks)
setup-oracle-schema.sh (1 hunks)
sql/README.md (1 hunks)
sql/grants/data_dictionary_privileges.sql (1 hunks)
sql/indexes/users_indexes.sql (1 hunks)
sql/master.sql (2 hunks)
sql/packages/dynamic_crud_pkg_body.sql (5 hunks)
sql/packages/dynamic_crud_pkg_spec.sql (1 hunks)
sql/seed/assign_rcs_admin_role.sql (1 hunks)
sql/seed/default_roles.sql (1 hunks)
sql/tables/05_persisted_queries.sql (1 hunks)
sql/tables/06_user_settings.sql (1 hunks)
sql/tables/07_audit_index_analysis.sql (1 hunks)
sql/tables/08_audit_query_recommendations.sql (1 hunks)
sql/tables/user_roles.sql (1 hunks)
sql/tables/users.sql (2 hunks)
src/main/java/com/rcs/ssf/SsfApplication.java (1 hunks)
src/main/java/com/rcs/ssf/dynamic/DynamicCrudGateway.java (3 hunks)
src/main/java/com/rcs/ssf/graphql/AuthMutation.java (1 hunks)
src/main/java/com/rcs/ssf/metrics/BatchMetricsRecorder.java (3 hunks)
src/main/java/com/rcs/ssf/metrics/IndexEffectivenessAnalyzer.java (1 hunks)
src/main/java/com/rcs/ssf/metrics/QueryNormalizationUtils.java (1 hunks)
src/main/java/com/rcs/ssf/metrics/QueryPlanAnalyzer.java (4 hunks)
src/main/java/com/rcs/ssf/metrics/RecommendationPersistenceService.java (1 hunks)
src/main/java/com/rcs/ssf/metrics/SlowQueryAnalyzer.java (1 hunks)
src/main/java/com/rcs/ssf/security/JwtAuthenticationFilter.java (1 hunks)
src/main/java/com/rcs/ssf/service/DynamicCrudService.java (6 hunks)
src/main/java/com/rcs/ssf/tracing/LatencyAnalyzer.java (1 hunks)
src/main/java/com/rcs/ssf/tracing/OtelConfig.java (1 hunks)
src/main/resources/application-dev.yml (1 hunks)
src/main/resources/application.yml (2 hunks)
src/test/java/com/rcs/ssf/metrics/IndexEffectivenessAnalyzerTest.java (1 hunks)

💤 Files with no reviewable changes (1)

JAVA_21_UPGRADE.md

🧰 Additional context used

🧬 Code graph analysis (5)

frontend/src/app/features/analytics/pages/dashboard.component.ts (1)

frontend/src/app/features/analytics/services/analytics.service.ts (2)

AnalyticsDashboard (29-39)

LoginAttemptTrendPoint (41-45)

src/main/java/com/rcs/ssf/metrics/QueryNormalizationUtils.java (1)

src/main/java/com/rcs/ssf/service/DynamicCrudService.java (1)

Slf4j (37-616)

frontend/src/app/features/analytics/pages/performance.component.ts (1)

frontend/src/app/features/analytics/services/analytics.service.ts (1)

PerformanceMetric (6-12)

frontend/src/app/features/analytics/pages/usage.component.ts (1)

frontend/src/app/features/analytics/services/analytics.service.ts (1)

UsageMetric (14-19)

frontend/src/app/app.routes.ts (1)

frontend/src/app/core/guards/auth.guard.ts (1)

authGuard (21-40)

🪛 GitHub Actions: CI

src/test/java/com/rcs/ssf/metrics/IndexEffectivenessAnalyzerTest.java

[error] 31-31: IndexEffectivenessAnalyzer constructor mismatch. Passed (MeterRegistry, DataSource, JdbcTemplate) but constructor expects (MeterRegistry, JdbcTemplate). Remove DataSource argument or adjust constructor.

build.gradle

[error] 1-1: Gradle build failed: see console output for details. Command: /home/runner/work/spring-graphql/spring-graphql/gradlew clean test jacocoTestReport

🪛 LanguageTool

sql/README.md

[grammar] ~123-~123: Use a hyphen to join words.
Context: ...t` Indexes (30+): - All performance critical indexes included **Packages (2...

(QB_NEW_EN_HYPHEN)

🪛 markdownlint-cli2 (0.18.1)

sql/README.md

45-45: Tables should be surrounded by blank lines

(MD058, blanks-around-tables)

83-83: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

ROADMAP_OBSERVABILITY.md

178-178: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

245-245: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

291-291: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

413-413: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

🪛 Shellcheck (0.11.0)

docker-start.sh

[warning] 12-12: This $? refers to echo/printf, not a previous command. Assign to variable to avoid it being overwritten.

(SC2320)

- Add su-exec to Dockerfile for privilege dropping, enabling non-root execution of the Java application - Update docker-start.sh to run Java as appuser with pre-flight validations for su-exec and appgroup - Fix healthcheck regex in docker-compose.yml for more robust Elasticsearch cluster status parsing - Add reactor-test dependency in build.gradle for testing Spring reactive components - Correct v_operation normalization in PL/SQL package for proper audit logging in both success and error cases - Add validation for non-empty execution plans before generating recommendations to prevent errors

coderabbitai

Actionable comments posted: 11

🧹 Nitpick comments (13)

frontend/src/styles.css (1)

254-277: Consider documenting component-to-style mappings.

The usage comments are helpful for discovering available styles. To improve developer ergonomics, consider adding a comment block that maps these styles to specific analytics components (e.g., "Use .card-glass for metric summary cards in AnalyticsDashboard"). This would reduce guesswork when implementing UI features.

docker-start.sh (1)

1-153: Consider failure recovery and process monitoring.

The script orchestrates nginx and Java processes, but if nginx crashes unexpectedly (lines 84–103 only detect startup failure, not runtime crashes), the Java process continues running without a reverse proxy. Similarly, if the Java process crashes, nginx continues serving requests that cannot be routed.

For production deployments, consider:

Continuous monitoring of both processes with automatic restart or container exit on critical process failure

A supervisor tool (e.g., supervisord) or init system (e.g., s6, runit) to manage multiple services with automatic restarts

Health check endpoints on both services with periodic verification in the main loop

This is acceptable for development/testing containers, but a production image may benefit from more robust orchestration.
src/test/java/com/rcs/ssf/metrics/IndexEffectivenessAnalyzerTest.java (1)
82-113: Consider more precise mock matching and value assertions.

This test correctly invokes the analyzer, but could be more robust:

Line 98: The mock uses (Object[]) any() which is permissive and might miss signature mismatches.

Lines 110-112: Assertions check for non-empty metrics but don't verify tag values match the test data (e.g., INDEX_NAME = "IDX_USERS_EMAIL").

No verification of the actual persisted values or error handling.

Consider these refinements:
-        when(jdbcTemplate.update(any(String.class), (Object[]) any())).thenReturn(1);
+        // Capture the actual arguments to verify persisted values
+        ArgumentCaptor<Object[]> argsCaptor = ArgumentCaptor.forClass(Object[].class);
+        when(jdbcTemplate.update(any(String.class), argsCaptor.capture())).thenReturn(1);
-        assertFalse(meterRegistry.get("oracle.index.utility_score").gauges().isEmpty());
+        // Verify metrics are tagged with the correct index name
+        assertNotNull(meterRegistry.get("oracle.index.utility_score")
+            .tag("index_name", "IDX_USERS_EMAIL")
+            .gauge());
Additionally, consider adding a test case for error handling (e.g., when jdbcTemplate.queryForList() throws an exception).
src/main/java/com/rcs/ssf/metrics/SlowQueryAnalyzer.java (2)
397-431: Hardcoded improvement percentages should be documented as estimates.

The improvement_percent value of 80% (line 414) is a fixed estimate rather than a measured value. While this heuristic is reasonable for full table scans, users should understand these are approximations.

Consider adding a comment or documentation clarifying that improvement percentages are heuristic estimates, not guarantees.

469-481: Fragile string parsing for table name extraction.

The extractTableFromPlan method relies on a specific Oracle plan format ("TABLE ACCESS FULL table_name") with whitespace splitting. This could break if Oracle changes the plan text format in future versions.

Consider using a more robust pattern-based approach:
 private String extractTableFromPlan(String planText) {
-    // Simple extraction - look for TABLE ACCESS FULL followed by table name
     String[] lines = planText.split("\n");
+    Pattern tablePattern = Pattern.compile("TABLE ACCESS FULL\\s+(\\w+)", Pattern.CASE_INSENSITIVE);
     for (String line : lines) {
-        if (line.contains("TABLE ACCESS FULL")) {
-            String[] parts = line.trim().split("\\s+");
-            if (parts.length >= 4) {
-                return parts[3]; // TABLE ACCESS FULL table_name
-            }
+        Matcher matcher = tablePattern.matcher(line);
+        if (matcher.find()) {
+            return matcher.group(1);
         }
     }
     return null;
 }
build.gradle (4)
42-44: Consolidate split configuration blocks for clarity.

The configurations block is split into two locations (lines 42-44 for Flyway, and lines 197-201 for Tomcat exclusion). Consolidate these into a single block early in the build script to improve readability and maintainability.
- configurations {
-     create('flyway')
- }
+ configurations {
+     create('flyway')
+     all {
+         exclude group: 'org.springframework.boot', module: 'spring-boot-starter-tomcat'
+     }
+ }

- configurations {
-     all {
-         exclude group: 'org.springframework.boot', module: 'spring-boot-starter-tomcat'
-     }
- }
Also applies to: 197-201

160-196: Simplify and harden the Flyway task graph validation logic.

Line 167 uses graph.allTasks.any { it.name.toLowerCase().startsWith('flyway') } to detect Flyway tasks, which relies on Gradle's internal task naming convention. This approach is fragile and could break if Flyway changes its task naming. Consider using Gradle's task type matching instead for robustness.

Additionally, the validation occurs within the flyway configuration block, meaning credentials are only checked when Flyway block is evaluated (not necessarily when other tasks run). Consider moving this to a separate task or using a different hook if early validation is critical.
- gradle.taskGraph.whenReady { graph ->
-     if (graph.allTasks.any { it.name.toLowerCase().startsWith('flyway') }) {
+ gradle.taskGraph.whenReady { graph ->
+     if (graph.allTasks.any { it instanceof org.flywaydb.gradle.task.FlywayTask }) {
71-76: Centralize resilience4j dependency versions in dependency-management block.

Lines 71-76 manually pin all resilience4j modules to 2.1.0. For consistency with the BOM-driven approach used for OpenTelemetry and Spring Boot managed dependencies, consider centralizing resilience4j versions in the dependencyManagement block rather than repeating the version across all modules.

Add to the dependencyManagement block (after line 31):
  dependencyManagement {
      imports {
          mavenBom "io.opentelemetry:opentelemetry-bom:1.40.0"
          mavenBom "io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom:2.6.0"
      }
      dependencies {
          dependency 'io.opentelemetry.semconv:opentelemetry-semconv:1.37.0'
+         // Resilience4j version centralization
+         dependency 'io.github.resilience4j:resilience4j-spring-boot3:2.1.0'
+         dependency 'io.github.resilience4j:resilience4j-circuitbreaker:2.1.0'
+         dependency 'io.github.resilience4j:resilience4j-retry:2.1.0'
+         dependency 'io.github.resilience4j:resilience4j-bulkhead:2.1.0'
+         dependency 'io.github.resilience4j:resilience4j-timelimiter:2.1.0'
+         dependency 'io.github.resilience4j:resilience4j-micrometer:2.1.0'
      }
  }
Then update lines 71-76 to remove versions:
  // Resilience & Observability
- implementation 'io.github.resilience4j:resilience4j-spring-boot3:2.1.0'
- implementation 'io.github.resilience4j:resilience4j-circuitbreaker:2.1.0'
- implementation 'io.github.resilience4j:resilience4j-retry:2.1.0'
- implementation 'io.github.resilience4j:resilience4j-bulkhead:2.1.0'
- implementation 'io.github.resilience4j:resilience4j-timelimiter:2.1.0'
- implementation 'io.github.resilience4j:resilience4j-micrometer:2.1.0'
+ implementation 'io.github.resilience4j:resilience4j-spring-boot3'
+ implementation 'io.github.resilience4j:resilience4j-circuitbreaker'
+ implementation 'io.github.resilience4j:resilience4j-retry'
+ implementation 'io.github.resilience4j:resilience4j-bulkhead'
+ implementation 'io.github.resilience4j:resilience4j-timelimiter'
+ implementation 'io.github.resilience4j:resilience4j-micrometer'
199-199: Add explanatory comment for Tomcat exclusion.

Line 199 excludes spring-boot-starter-tomcat without context. Given that line 54 explicitly adds spring-boot-starter-jetty, the exclusion is intentional but unclear to future readers. Add a brief comment explaining the rationale.
  configurations {
      all {
-         exclude group: 'org.springframework.boot', module: 'spring-boot-starter-tomcat'
+         // Use Jetty (line 54) as the embedded servlet container instead of the default Tomcat
+         exclude group: 'org.springframework.boot', module: 'spring-boot-starter-tomcat'
      }
  }
frontend/src/app/features/analytics/analytics.module.ts (1)

1-15: AnalyticsModule wiring is fine; some imports may be redundant

Given that AnalyticsComponent and the child pages are standalone and routing is handled via AnalyticsRoutingModule, CommonModule and importing AnalyticsComponent here are likely unnecessary unless you plan to use them in non-standalone declarations later. You could simplify to only import AnalyticsRoutingModule and keep AnalyticsService in providers, but the current setup is functionally correct.

frontend/src/app/features/analytics/pages/dashboard.component.ts (1)

272-368: Data-loading flow is robust; consider a simple loading state for UX

The init/refresh pipeline (loadData → fetchDashboardData with takeUntil, state updates, and guarded catchError that preserves the last good dashboard while clearing the chart) is solid. As an optional improvement, you might add an isLoading flag to disable the Refresh button and/or show a spinner while a request is in flight to avoid overlapping refresh calls and give clearer feedback on slow responses.

src/main/java/com/rcs/ssf/tracing/LatencyAnalyzer.java (1)

30-38: Thread-safety design with immutable snapshots and ConcurrentHashMap.compute looks solid

The combination of:

Immutable LayerLatencyStats with final fields and a constructor-computed totalLatencyMs, and

Atomic updates via latencyStats.compute(resolver, (key, old) -> old.withLayerLatency(...))

addresses the earlier data-race concerns: readers in logLatencyAttributions/detectAndAlertBottlenecks now observe consistent per-resolver snapshots without torn long reads.

One minor doc nit: the Javadoc on recordLayerLatency still mentions a “compareAndSet pattern”, but the implementation now relies on ConcurrentHashMap.compute(...) for atomic read‑modify‑write. It might be worth rephrasing that comment to match the current approach.

Also applies to: 216-224, 269-323

src/main/java/com/rcs/ssf/metrics/BatchMetricsRecorder.java (1)

189-251: Excellent thread-safe refactoring with atomic snapshots.

The refactoring from mutable fields to AtomicReference<MetricsSnapshot> significantly improves thread safety and consistency:

Eliminates TOCTOU races: All getters (getErrorRate, getAverageThroughput, etc.) now read from a consistent snapshot, preventing time-of-check to time-of-use issues where multiple fields could be read at different points in time.

Lock-free atomic updates: The CAS loop in recordSuccess (lines 197-210) correctly implements lock-free updates, avoiding synchronization overhead.

On-demand derived metrics: getAverageThroughput() and getErrorRate() now compute from the atomic snapshot, ensuring they're always consistent with the underlying data.

Proper zero-division protection: Lines 226, 238-240, and 246-248 correctly handle edge cases.

Minor consideration: Under very high contention, the CAS loop could spin and create multiple short-lived MetricsSnapshot objects. For metrics recording, this is an acceptable tradeoff for the benefits of lock-free operation.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d4dadba and bad2328.

📒 Files selected for processing (22)

Dockerfile (2 hunks)
build.gradle (1 hunks)
db/migration/V700__recompile_plsql_packages_fix_id_generation.sql (1 hunks)
docker-compose.yml (2 hunks)
docker-start.sh (1 hunks)
frontend/src/app/app.component.html (1 hunks)
frontend/src/app/app.routes.ts (1 hunks)
frontend/src/app/features/analytics/analytics-routing.module.ts (1 hunks)
frontend/src/app/features/analytics/analytics.component.ts (1 hunks)
frontend/src/app/features/analytics/analytics.module.ts (1 hunks)
frontend/src/app/features/analytics/pages/dashboard.component.ts (1 hunks)
frontend/src/app/features/analytics/pages/reports.component.ts (1 hunks)
frontend/src/app/features/analytics/pages/usage.component.ts (1 hunks)
frontend/src/app/features/analytics/services/analytics.service.ts (1 hunks)
frontend/src/styles.css (1 hunks)
setup-oracle-schema.sh (1 hunks)
src/main/java/com/rcs/ssf/metrics/BatchMetricsRecorder.java (4 hunks)
src/main/java/com/rcs/ssf/metrics/SlowQueryAnalyzer.java (1 hunks)
src/main/java/com/rcs/ssf/security/JwtAuthenticationFilter.java (1 hunks)
src/main/java/com/rcs/ssf/service/DynamicCrudService.java (6 hunks)
src/main/java/com/rcs/ssf/tracing/LatencyAnalyzer.java (1 hunks)
src/test/java/com/rcs/ssf/metrics/IndexEffectivenessAnalyzerTest.java (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (8)

frontend/src/app/app.routes.ts
src/main/java/com/rcs/ssf/security/JwtAuthenticationFilter.java
Dockerfile
frontend/src/app/features/analytics/services/analytics.service.ts
frontend/src/app/features/analytics/pages/reports.component.ts
docker-compose.yml
frontend/src/app/features/analytics/pages/usage.component.ts
src/main/java/com/rcs/ssf/service/DynamicCrudService.java

🧰 Additional context used

🧬 Code graph analysis (4)

frontend/src/app/features/analytics/analytics.component.ts (1)

frontend/src/app/features/analytics/analytics-routing.module.ts (1)

Component (7-16)

frontend/src/app/features/analytics/analytics-routing.module.ts (4)

frontend/src/app/features/analytics/analytics.component.ts (1)

Component (12-32)

frontend/src/app/features/analytics/pages/dashboard.component.ts (1)

Component (19-434)

frontend/src/app/app.routes.ts (1)

routes (12-123)

frontend/src/app/features/analytics/analytics.module.ts (1)

NgModule (7-15)

frontend/src/app/features/analytics/analytics.module.ts (1)

frontend/src/app/features/analytics/analytics-routing.module.ts (1)

NgModule (77-81)

frontend/src/app/features/analytics/pages/dashboard.component.ts (1)

frontend/src/app/features/analytics/services/analytics.service.ts (2)

AnalyticsDashboard (30-40)

LoginAttemptTrendPoint (42-46)

🪛 Biome (2.1.2)

frontend/src/styles.css

[error] 190-190: Unexpected unknown pseudo-elements: ng-deep

See MDN web docs for more details.
Use a known pseudo-elements instead, such as: