From c2c1692abea6e0c0e60d1e6bd69da25d042ed0fd Mon Sep 17 00:00:00 2001 From: Angel Stoynov <164257258+StoynovAngel@users.noreply.github.com> Date: Sat, 21 Mar 2026 22:29:19 +0200 Subject: [PATCH 1/7] Upgrade JDK from 17 to 21 in workflow --- .github/workflows/maven.yml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 .github/workflows/maven.yml diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml new file mode 100644 index 0000000..8507375 --- /dev/null +++ b/.github/workflows/maven.yml @@ -0,0 +1,35 @@ +# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time +# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven + +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +name: Java CI with Maven + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + - name: Set up JDK 21 + uses: actions/setup-java@v4 + with: + java-version: '21' + distribution: 'temurin' + cache: maven + - name: Build with Maven + run: mvn -B package --file pom.xml + + # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive + - name: Update dependency graph + uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6 From 518b8d4eda7b07c05894a0b37372c277b718b4ef Mon Sep 17 00:00:00 2001 From: Angel Stoynov <164257258+StoynovAngel@users.noreply.github.com> Date: Sat, 21 Mar 2026 22:34:58 +0200 Subject: [PATCH 2/7] Potential fix for code scanning alert no. 3: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/maven.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index 8507375..4511fbd 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -17,6 +17,10 @@ on: jobs: build: + permissions: + contents: read + security-events: write + runs-on: ubuntu-latest steps: From 61dbdb06924056ffa72d438ce79dc17a396a3074 Mon Sep 17 00:00:00 2001 From: Stoynov Date: Sat, 21 Mar 2026 22:42:57 +0200 Subject: [PATCH 3/7] Add testing are remove odd files --- .github/workflows/maven.yml | 35 ------ .github/workflows/test.yml | 100 ++++++++++++++++++ backend/pom.xml | 5 + .../angel/autonow/ExampleControllerTest.java | 14 +++ .../autonow/security/TestSecurityConfig.java | 19 ---- 5 files changed, 119 insertions(+), 54 deletions(-) delete mode 100644 .github/workflows/maven.yml create mode 100644 .github/workflows/test.yml create mode 100644 backend/src/test/java/com/angel/autonow/ExampleControllerTest.java delete mode 100644 backend/src/test/java/com/angel/autonow/security/TestSecurityConfig.java diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml deleted file mode 100644 index 8507375..0000000 --- a/.github/workflows/maven.yml +++ /dev/null @@ -1,35 +0,0 @@ -# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time -# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven - -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -name: Java CI with Maven - -on: - push: - branches: [ "main" ] - pull_request: - branches: [ "main" ] - -jobs: - build: - - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v4 - - name: Set up JDK 21 - uses: actions/setup-java@v4 - with: - java-version: '21' - distribution: 'temurin' - cache: maven - - name: Build with Maven - run: mvn -B package --file pom.xml - - # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive - - name: Update dependency graph - uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..8f970ba --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,100 @@ +name: Tests + +on: + push: + branches: [ "main" ] + paths: + - 'backend/**' + - '.github/workflows/test.yml' + pull_request: + branches: [ "main" ] + paths: + - 'backend/**' + - '.github/workflows/test.yml' + +jobs: + unit-tests: + name: Unit Tests + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + + - name: Set up JDK 21 + uses: actions/setup-java@v4 + with: + java-version: '21' + distribution: 'temurin' + cache: maven + + - name: Run unit tests + working-directory: backend + run: mvn -B test -Dtest='!*IT,!*IntegrationTest' --fail-at-end + + - name: Upload unit test results + if: always() + uses: actions/upload-artifact@v4 + with: + name: unit-test-results + path: backend/target/surefire-reports/ + retention-days: 7 + + integration-tests: + name: Integration Tests + runs-on: ubuntu-latest + + services: + postgres: + image: postgres:16 + env: + POSTGRES_DB: autonow_test + POSTGRES_USER: test + POSTGRES_PASSWORD: test + ports: + - 5432:5432 + options: >- + --health-cmd pg_isready + --health-interval 10s + --health-timeout 5s + --health-retries 5 + + steps: + - uses: actions/checkout@v4 + + - name: Set up JDK 21 + uses: actions/setup-java@v4 + with: + java-version: '21' + distribution: 'temurin' + cache: maven + + - name: Run integration tests + working-directory: backend + env: + SPRING_DATASOURCE_URL: jdbc:postgresql://localhost:5432/autonow_test + SPRING_DATASOURCE_USERNAME: test + SPRING_DATASOURCE_PASSWORD: test + run: mvn -B test -Dtest='*IT,*IntegrationTest' --fail-at-end + + - name: Upload integration test results + if: always() + uses: actions/upload-artifact@v4 + with: + name: integration-test-results + path: backend/target/surefire-reports/ + retention-days: 7 + + test-summary: + name: Test Summary + runs-on: ubuntu-latest + needs: [unit-tests, integration-tests] + if: always() + + steps: + - name: Check test results + run: | + if [[ "${{ needs.unit-tests.result }}" == "failure" || "${{ needs.integration-tests.result }}" == "failure" ]]; then + echo "Tests failed!" + exit 1 + fi + echo "All tests passed!" diff --git a/backend/pom.xml b/backend/pom.xml index f19d1ff..d142d7f 100644 --- a/backend/pom.xml +++ b/backend/pom.xml @@ -75,6 +75,11 @@ spring-boot-starter-test test + + org.springframework.security + spring-security-test + test + org.springframework.boot spring-boot-starter-security diff --git a/backend/src/test/java/com/angel/autonow/ExampleControllerTest.java b/backend/src/test/java/com/angel/autonow/ExampleControllerTest.java new file mode 100644 index 0000000..433f0cc --- /dev/null +++ b/backend/src/test/java/com/angel/autonow/ExampleControllerTest.java @@ -0,0 +1,14 @@ +package com.angel.autonow; + +import org.junit.jupiter.api.Test; + +import static org.junit.jupiter.api.Assertions.*; + +class ExampleControllerTest { + + @Test + void exampleEndpoint() { + String result = new ExampleController().exampleEndpoint(); + assertEquals("hello", result); + } +} \ No newline at end of file diff --git a/backend/src/test/java/com/angel/autonow/security/TestSecurityConfig.java b/backend/src/test/java/com/angel/autonow/security/TestSecurityConfig.java deleted file mode 100644 index 16f6a12..0000000 --- a/backend/src/test/java/com/angel/autonow/security/TestSecurityConfig.java +++ /dev/null @@ -1,19 +0,0 @@ -package com.angel.autonow.security; - -import org.springframework.boot.test.context.TestConfiguration; -import org.springframework.context.annotation.Bean; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; -import org.springframework.security.web.SecurityFilterChain; - -@TestConfiguration -public class TestSecurityConfig { - - @Bean - SecurityFilterChain testFilterChain(HttpSecurity http) throws Exception { - return http - .csrf(AbstractHttpConfigurer::disable) - .authorizeHttpRequests(auth -> auth.anyRequest().permitAll()) - .build(); - } -} \ No newline at end of file From b20a167c12b2860deda7b2bc4c493c2ac5e7f92a Mon Sep 17 00:00:00 2001 From: Angel Stoynov <164257258+StoynovAngel@users.noreply.github.com> Date: Sat, 21 Mar 2026 22:45:57 +0200 Subject: [PATCH 4/7] Potential fix for code scanning alert no. 5: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/test.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8f970ba..bd2fc4a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,5 +1,8 @@ name: Tests +permissions: + contents: read + on: push: branches: [ "main" ] From c5ce48cef30d51924e82fe22e0ccdb4bba41eacf Mon Sep 17 00:00:00 2001 From: Stoynov Date: Sat, 21 Mar 2026 22:47:05 +0200 Subject: [PATCH 5/7] Add simple its --- .../angel/autonow/ExampleControllerIT.java | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 backend/src/test/java/com/angel/autonow/ExampleControllerIT.java diff --git a/backend/src/test/java/com/angel/autonow/ExampleControllerIT.java b/backend/src/test/java/com/angel/autonow/ExampleControllerIT.java new file mode 100644 index 0000000..8910b18 --- /dev/null +++ b/backend/src/test/java/com/angel/autonow/ExampleControllerIT.java @@ -0,0 +1,30 @@ +package com.angel.autonow; + +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.test.context.ActiveProfiles; +import org.springframework.test.web.servlet.MockMvc; + +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; + +@SpringBootTest +@AutoConfigureMockMvc +@ActiveProfiles("test") +class ExampleControllerIT { + + @Autowired + private MockMvc mockMvc; + + @Test + @DisplayName("GET /api/test should return hello") + void shouldReturnHello() throws Exception { + mockMvc.perform(get("/api/test")) + .andExpect(status().isOk()) + .andExpect(content().string("hello")); + } +} From d80e7fd1b03b3c5b380beb6d92ec456bbe58a240 Mon Sep 17 00:00:00 2001 From: Stoynov Date: Sat, 21 Mar 2026 22:52:01 +0200 Subject: [PATCH 6/7] Remove env profile --- .github/workflows/test.yml | 21 +-------------------- 1 file changed, 1 insertion(+), 20 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index bd2fc4a..9e0e3a5 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -46,21 +46,6 @@ jobs: name: Integration Tests runs-on: ubuntu-latest - services: - postgres: - image: postgres:16 - env: - POSTGRES_DB: autonow_test - POSTGRES_USER: test - POSTGRES_PASSWORD: test - ports: - - 5432:5432 - options: >- - --health-cmd pg_isready - --health-interval 10s - --health-timeout 5s - --health-retries 5 - steps: - uses: actions/checkout@v4 @@ -73,11 +58,7 @@ jobs: - name: Run integration tests working-directory: backend - env: - SPRING_DATASOURCE_URL: jdbc:postgresql://localhost:5432/autonow_test - SPRING_DATASOURCE_USERNAME: test - SPRING_DATASOURCE_PASSWORD: test - run: mvn -B test -Dtest='*IT,*IntegrationTest' --fail-at-end + run: mvn -B test -Dtest='*IT,*IntegrationTest' -Dspring.profiles.active=test --fail-at-end - name: Upload integration test results if: always() From 48e5640443dd99377d3a267360975a5703acc22f Mon Sep 17 00:00:00 2001 From: Stoynov Date: Sat, 21 Mar 2026 22:54:02 +0200 Subject: [PATCH 7/7] Remove test summary --- .github/workflows/test.yml | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 9e0e3a5..cae8353 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -67,18 +67,3 @@ jobs: name: integration-test-results path: backend/target/surefire-reports/ retention-days: 7 - - test-summary: - name: Test Summary - runs-on: ubuntu-latest - needs: [unit-tests, integration-tests] - if: always() - - steps: - - name: Check test results - run: | - if [[ "${{ needs.unit-tests.result }}" == "failure" || "${{ needs.integration-tests.result }}" == "failure" ]]; then - echo "Tests failed!" - exit 1 - fi - echo "All tests passed!"