Swagger json Automation

[DurgaPrasad-54]

Summary by CodeRabbit

• New Features

  • Automated workflow to sync API Swagger/OpenAPI JSON into the docs repository.

• Documentation

  • Added DeepWiki badge to the README.
  • Added runtime configuration for generating local Swagger documentation and sensible defaults.

• Chores

  • Added H2 as a runtime database dependency.
  • Added a profile toggle to enable/disable Swagger-related runtime configuration.

[coderabbitai]

Warning

Rate limit exceeded

@DurgaPrasad-54 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 13 minutes and 39 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📝 Walkthrough

Walkthrough

Adds a GitHub Actions workflow to sync Swagger JSON to AMRIT-Docs, adds an H2 runtime dependency and swagger profile properties, disables FilterConfig under the swagger profile, and adds a README badge.

Changes

Cohort / File(s)	Summary
GitHub Actions Automation ​.github/workflows/swagger-json.yml	New workflow "Sync Swagger to AMRIT-Docs": builds the API (Java 17, Maven), runs it with the swagger profile, polls /v3/api-docs, validates/formats JSON with jq, copies identity-api.json into amrit-docs/docs/swagger/, and opens a PR.
Build Dependency pom.xml	Added com.h2database:h2 dependency with runtime scope to enable an in-memory H2 datasource at runtime (used by the swagger profile).
Swagger runtime config src/main/resources/application-swagger.properties	New properties file configuring H2 in-memory datasource, JPA create-drop, optional Redis settings, CORS origins, JWT secret default, and logging level for the swagger profile.
Profile gating src/main/java/com/iemr/common/identity/utils/FilterConfig.java	Annotated FilterConfig with @Profile("!swagger") so the filter is disabled when the swagger profile is active.
Docs / Branding README.md	Added a DeepWiki badge next to the existing license badge in the README header.

Sequence Diagram

sequenceDiagram
    participant GHA as GitHub Actions
    participant Runner as Build Runner
    participant API as Identity API (dev server)
    participant Docs as AMRIT-Docs repo
    participant GH as GitHub API

    GHA->>Runner: checkout repo, setup Java 17 & Maven cache
    Runner->>Runner: mvn package -DskipTests
    Runner->>API: start with profile=swagger (H2 in-memory)
    loop poll until ready
        GHA->>API: GET /v3/api-docs
        API-->>GHA: Swagger JSON
    end
    GHA->>GHA: validate/format JSON with jq -> identity-api.json
    GHA->>API: stop server
    GHA->>Docs: checkout amrit-docs (token), copy identity-api.json -> docs/swagger/
    GHA->>GH: create PR (branch auto/swagger-update-...)
    GH-->>GHA: PR created

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐇 I hopped through builds and ports of spring,

fetched the docs the API would bring,
H2 held the data light and small,
I pushed a PR to share it all,
Badges gleamed — a tiny springtime thing.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'Swagger json Automation' is vague and lacks specificity about the actual implementation. It doesn't clearly convey that this is about automating Swagger JSON syncing to another repository via a GitHub Actions workflow.	Consider a more descriptive title such as 'Add GitHub Actions workflow to sync Swagger JSON to AMRIT-Docs' to better communicate the primary change.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In @.github/workflows/swagger-json.yml:
- Around line 32-38: The current step saves the PID of the Maven wrapper (the
`mvn` process) to api_pid.txt, but `spring-boot:run` forks a child Java process
so killing that PID won't stop the app; change the run invocation to disable
forking by adding -Dspring-boot.run.fork=false to the `mvn spring-boot:run`
command (or alternatively capture the actual Java PID via `lsof -ti:9090` after
startup) so the saved PID in api_pid.txt corresponds to the Java process and the
later `kill`/`Stop API` step will reliably terminate the application; update the
`nohup mvn spring-boot:run \` invocation and the PID capture logic (api_pid.txt)
accordingly and remove or keep the `fuser` fallback as desired.
- Around line 69-82: Remove the unnecessary initial "sleep 5" and stop
attempting to signal a process group with kill -- -"$PID"; instead, when
api_pid.txt exists read PID and send a graceful termination to that PID (kill
-TERM "$PID"), wait a short interval, then force-kill the PID (kill -9 "$PID")
if still alive; keep the fuser -k 9090/tcp fallback. Update the "Stop API" step
to use PID (not negative PID) for TERM/9 retries and remove the pre-signal sleep
so shutdown begins immediately.

🧹 Nitpick comments (5)

.github/workflows/swagger-json.yml (5)

14-17: Full history checkout is unnecessary for this workflow.

fetch-depth: 0 clones the entire Git history, which slows the checkout step. Since the workflow only builds the project and doesn't need history, the default shallow clone (fetch-depth: 1) is sufficient.

♻️ Suggested fix

      - name: Checkout API repo (full history)
        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0

---

29-30: jq is pre-installed on ubuntu-latest runners.

This step can be removed to save a few seconds. GitHub-hosted ubuntu-latest images already include jq.

---

84-90: fetch-depth: 0 is unnecessary for the docs repo checkout as well.

The create-pull-request action only needs the current state to commit changes. A shallow clone suffices.

---

3-6: Consider adding path filters to avoid unnecessary runs.

Currently, every push to main (including README edits, CI config changes, etc.) triggers a full build + Swagger sync. Adding path filters would reduce unnecessary workflow runs.

♻️ Suggested improvement

 on:
   push:
     branches: [ main ]
+    paths:
+      - 'src/**'
+      - 'pom.xml'
   workflow_dispatch:

---

97-109: peter-evans/create-pull-request@v8 is a valid, published version (v8.0.0, released Dec 9, 2025), but consider pinning to exact version or commit SHA for enhanced supply-chain security.

Using the major version tag @v8 is acceptable and widely used for GitHub Actions, but it remains mutable within the v8.x range. For stronger supply-chain security, consider pinning to @v8.0.0 (exact version) or a specific commit SHA instead. This prevents unexpected behavior changes if a future v8.x release introduces breaking changes or vulnerabilities.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud