Docs/tv3 report sonarqube#1510
Open
tunah72 wants to merge 165 commits intonashtech-garage:mainfrom
Open
Conversation
…clude supporting documentation reports
… project documentation reports
…tringUtils unit test
…y services and update documentation
feat: expand monorepo service list and integrate JaCoCo coverage repo…
Ci/security scanning
ci(jenkins): integrate snyk dependency scan stage
There was a problem hiding this comment.
Pull request overview
This PR expands the CI/security documentation and adjusts the build/test setup to improve reporting (JaCoCo/SonarQube/Gitleaks/Snyk) while adding a large set of unit tests across multiple services to raise coverage.
Changes:
- Add extensive unit tests for multiple modules (webhook, tax, search, product, payment, order, inventory, media, etc.).
- Update build/test tooling configuration (JaCoCo plugin config in root
pom.xml, addspring-boot-starter-testto several modules, Jenkins pipeline stages for scanning/coverage). - Add/expand documentation for CI workflow and security scanning reports.
Reviewed changes
Copilot reviewed 85 out of 116 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| webhook/src/test/java/com/yas/webhook/service/WebhookServiceTest.java | Adds service-level unit tests for webhook operations |
| webhook/src/test/java/com/yas/webhook/model/mapper/WebhookMapperTest.java | Adds mapper unit tests |
| webhook/src/test/java/com/yas/webhook/controller/WebhookControllerTest.java | Adds controller unit tests |
| webhook/src/it/java/com/yas/webhook/controller/WebhookControllerIT.java | Minor formatting change in IT setup |
| tax/src/test/java/com/yas/tax/service/TaxServiceTest.java | Removes old test class |
| tax/src/test/java/com/yas/tax/service/TaxRateServiceTest.java | Adds/rewrites TaxRateService unit tests with Mockito |
| tax/src/test/java/com/yas/tax/service/TaxClassServiceTest.java | Adds TaxClassService unit tests with Mockito |
| tax/src/test/java/com/yas/tax/controller/TaxRateControllerTest.java | Adds MockMvc-based controller tests |
| tax/src/test/java/com/yas/tax/controller/TaxClassControllerTest.java | Adds MockMvc-based controller tests |
| tax/pom.xml | Adds Spring Boot test dependency |
| search/src/test/java/resources/application.properties | Adds Kafka listener ack-mode test config |
| search/src/test/java/com/yas/search/controller/ProductControllerTest.java | Refactors controller tests to MockitoExtension + standalone MockMvc |
| search/src/main/resources/application.properties | Sets Kafka listener ack-mode in main config |
| sampledata/src/test/java/com/yas/sampledata/viewmodel/SampleDataVmTest.java | Adds viewmodel unit test |
| sampledata/src/test/java/com/yas/sampledata/viewmodel/ErrorVmTest.java | Adds error viewmodel unit tests |
| sampledata/src/test/java/com/yas/sampledata/utils/MessagesUtilsTest.java | Adds MessagesUtils fallback behavior test |
| sampledata/src/test/java/com/yas/sampledata/service/SampleDataServiceTest.java | Adds service unit test using mocked DataSources |
| sampledata/src/test/java/com/yas/sampledata/controller/SampleDataControllerTest.java | Adds controller unit test with mocked service |
| sampledata/pom.xml | Adds Spring Boot test dependency |
| recommendation/src/test/java/com/yas/recommendation/vector/common/formatter/DefaultDocumentFormatterTest.java | Adds formatter unit test (HTML stripping/template substitution) |
| recommendation/pom.xml | Adds Spring Boot test dependency + declares JaCoCo plugin |
| recommendation/.mvn/wrapper/maven-wrapper.properties | Adds Maven wrapper properties for recommendation module |
| rating/src/test/java/com/yas/rating/utils/MessagesUtilsTest.java | Adds MessagesUtils unit tests |
| rating/src/test/java/com/yas/rating/utils/ConstantsTest.java | Adds Constants/inner-class instantiation coverage test |
| rating/src/test/java/com/yas/rating/utils/AuthenticationUtilsTest.java | Adds AuthenticationUtils security context tests |
| rating/src/test/java/com/yas/rating/model/RatingTest.java | Adds model equals/hashCode + getters/setters tests |
| rating/pom.xml | Adds Spring Boot test dependency |
| promotion/src/test/java/com/yas/promotion/viewmodel/error/ErrorVmTest.java | Adds ErrorVm tests |
| promotion/src/test/java/com/yas/promotion/viewmodel/PromotionVmTest.java | Adds PromotionVm mapping test |
| promotion/src/test/java/com/yas/promotion/viewmodel/PromotionUsageVmTest.java | Adds PromotionUsageVm unit test |
| promotion/src/test/java/com/yas/promotion/viewmodel/PromotionPutVmTest.java | Adds tests for PromotionPutVm apply creation |
| promotion/src/test/java/com/yas/promotion/utils/MessagesUtilsTest.java | Adds MessagesUtils tests |
| promotion/src/test/java/com/yas/promotion/utils/ConstantsTest.java | Adds Constants instantiation coverage test |
| promotion/src/test/java/com/yas/promotion/utils/AuthenticationUtilsTest.java | Adds AuthenticationUtils tests |
| promotion/src/test/java/com/yas/promotion/controller/PromotionControllerTest.java | Adjusts date params / re-enables test |
| promotion/pom.xml | Adds Spring Boot test dependency |
| product/src/test/java/com/yas/product/utils/ProductConverterTest.java | Adds slug conversion tests |
| product/src/test/java/com/yas/product/service/ProductTemplateServiceTest.java | Improves cleanup strategy + adds tests |
| product/src/test/java/com/yas/product/service/ProductServiceUpdateTest.java | Adds update-focused ProductService unit tests |
| product/src/test/java/com/yas/product/service/ProductServiceRelationAndVariantTest.java | Adds relation/variant ProductService tests |
| product/src/test/java/com/yas/product/service/ProductServiceLatestAndSlugTest.java | Adds latest/slug ProductService tests |
| product/src/test/java/com/yas/product/service/ProductServiceGetByIdsTest.java | Adds get-by-ids/category/brand tests |
| product/src/test/java/com/yas/product/service/ProductServiceGetByIdTest.java | Adds get-by-id detail mapping tests |
| product/src/test/java/com/yas/product/service/ProductServiceFilterAndEsTest.java | Adds filter + ES detail tests |
| product/src/test/java/com/yas/product/service/ProductServiceExportTest.java | Adds export tests |
| product/src/test/java/com/yas/product/service/ProductServiceDeleteAndBrandTest.java | Adds delete + brand query tests |
| product/src/test/java/com/yas/product/service/ProductServiceCreateTest.java | Adds create tests for ProductService |
| product/src/test/java/com/yas/product/service/ProductServiceAdvancedQueryTest.java | Adds advanced query tests |
| product/src/test/java/com/yas/product/service/ProductDetailServiceTest.java | Adds ProductDetailService tests |
| product/src/test/java/com/yas/product/service/MediaServiceTest.java | Adds RestClient-based MediaService tests |
| product/src/test/java/com/yas/product/service/CategoryServiceTest.java | Adds CategoryService tests |
| product/src/main/java/com/yas/product/service/ProductTemplateService.java | Marks service as transactional |
| product/mvnw | Adds Maven wrapper script to product module |
| pom.xml | Adjusts JaCoCo report phase + adds additional exclusions + declares JaCoCo plugin |
| payment/src/test/java/com/yas/payment/service/provider/handler/PaypalHandlerTest.java | Adds PaypalHandler unit tests |
| payment/src/test/java/com/yas/payment/controller/PaymentProviderControllerTest.java | Adds PaymentProviderController WebMvc tests |
| payment/src/test/java/com/yas/payment/controller/PaymentControllerTest.java | Adds PaymentController WebMvc tests |
| payment/pom.xml | Adds Spring Boot test dependency |
| order/src/test/java/com/yas/order/service/OrderServiceStatusTest.java | Adds OrderService status transition tests |
| order/src/test/java/com/yas/order/service/OrderServiceOtherTest.java | Adds tests for order completion + CSV export paths |
| order/src/test/java/com/yas/order/service/OrderServiceGetTest.java | Adds read/query-focused OrderService tests |
| order/src/test/java/com/yas/order/service/OrderServiceCreateTest.java | Adds OrderService create tests (dependency interactions) |
| order/src/test/java/com/yas/order/service/CheckoutServiceTest.java | Adjusts Collectors.toMap merge behavior |
| media/src/test/java/com/yas/media/utils/StringUtilsTest.java | Adds StringUtils.hasText tests |
| media/src/test/java/com/yas/media/utils/FileTypeValidatorTest.java | Adds ValidFileType validator tests |
| media/src/test/java/com/yas/media/controller/MediaControllerTest.java | Adds MediaController WebMvc tests |
| media/src/main/java/com/yas/media/controller/MediaController.java | Formatting changes + leftover test comment |
| inventory/src/test/java/com/yas/inventory/service/WarehouseServiceTest.java | Adds WarehouseService unit tests |
| inventory/src/test/java/com/yas/inventory/service/StockServiceTest.java | Adds StockService unit tests |
| inventory/src/test/java/com/yas/inventory/service/StockHistoryServiceTest.java | Adds StockHistoryService unit tests |
| gitleaks.toml | Adds commit allowlist for false positives |
| docs/work-assignment.md | Adds work assignment plan doc |
| docs/report/tv3-security-scanning.md | Adds TV3 security scanning report doc |
| docs/report/tv1-jenkins.md | Adds TV1 Jenkins setup report doc |
| docs/report/main.md | Adds combined report scaffold |
| docs/project1.md | Adds project requirements doc |
| docs/git-workflow.md | Adds Git workflow guide |
| delivery/src/test/java/com/yas/delivery/service/DeliveryServiceTest.java | Adds DeliveryService instantiation test |
| delivery/src/test/java/com/yas/delivery/controller/DeliveryControllerTest.java | Adds DeliveryController instantiation test |
| delivery/src/test/java/com/yas/delivery/DeliveryApplicationTests.java | Adds Spring context load test |
| delivery/pom.xml | Adds web + test deps and plugins |
| customer/src/test/java/com/yas/customer/service/UserAddressServiceTest.java | Adds UserAddressService unit tests |
| Jenkinsfile | Adds scanning + monorepo execution + JaCoCo reporting stages |
| .gitignore | Adds macOS ignores |
Comments suppressed due to low confidence (1)
media/src/main/java/com/yas/media/controller/MediaController.java:95
- Trailing "// TEST CHANGE" comment was left in the production controller source. This looks like a temporary/testing artifact and should be removed before merging to avoid polluting the codebase.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+100
to
+106
| when(productRepository.save(any(Product.class))).thenReturn(product); | ||
|
|
||
| ProductGetDetailVm result = productService.createProduct(productPostVm); | ||
|
|
||
| assertThat(result).isNotNull(); | ||
| assertThat(result.name()).isEqualTo("Test Product"); // mapped from mock 'product' | ||
| } |
There was a problem hiding this comment.
This test is asserting the name from the stubbed repository return ("Test Product") rather than the expected behavior for the input VM ("New Product"). As written, it can pass even if the service fails to map fields from the request; consider asserting on the Product argument passed to productRepository.save (via ArgumentCaptor) and/or asserting that the returned VM reflects the input values.
Comment on lines
+1
to
+5
| # Phần 3: Security Scanning | ||
|
|
||
| **Người thực hiện:** [Họ và tên] — MSSV: `XXXXXXXX` | ||
| **Phạm vi:** Tích hợp Gitleaks, SonarQube, Snyk vào Jenkins pipeline. | ||
|
|
There was a problem hiding this comment.
PR title/description indicate this is only a SonarQube report doc update, but this PR also includes broad changes across many modules (tests, pom.xml dependency updates, Jenkinsfile, etc.). Please update the PR description to reflect the full scope or split unrelated changes into separate PRs to keep review/rollback manageable.
ci(jenkins): integrate sonarqube code quality stage
docs(tv3): add gitleaks report and mark task 1 complete
Docs/tv3 report snyk
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
[x] Hoàn thành report (kèm screenshot) cho SonarQube