chore(swagger): automate swagger sync to amrit-docs

[DurgaPrasad-54]

Summary by CodeRabbit

• Chores

  • Added an automated workflow to generate, validate and publish API documentation.
  • Introduced a runtime database dependency to support in-memory runtime scenarios.
  • Added extensive runtime configuration properties to support local API, integrations, feature toggles and logging.

• Documentation

  • Updated README badge for project status.

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds a GitHub Actions workflow that builds and runs the API with a swagger profile, validates and extracts Swagger JSON, and opens a PR to update AMRIT-Docs; also adds H2 runtime dependency, a Swagger-specific application properties file, and a README badge update.

Changes

Cohort / File(s)	Summary
CI Workflow .github/workflows/swagger-json.yml	New GitHub Actions workflow to build the Java project, run the API on a Swagger profile, poll and validate generated Swagger JSON, stop the server, clone AMRIT-Docs, copy tm-api.json, and open a PR.
Build / Dependencies pom.xml	Added runtime-scoped dependency com.h2database:h2 to enable an in-memory H2 datasource for the Swagger execution profile.
Swagger Profile Configuration src/main/resources/application-swagger.properties	New properties file with datasource (H2), JPA, Redis, CORS, JWT, logging, numerous service endpoint URLs, feature toggles, scheduling and other runtime values used by the Swagger profile.
Documentation README.md	Replaced existing Build Status badge with a DeepWiki badge and added a trailing blank line.

Sequence Diagram(s)

sequenceDiagram
  participant GH as GitHub Actions Runner
  participant Repo as Java API Repo
  participant Maven as Maven/Java Build
  participant API as Local API Server (swagger profile)
  participant GH_API as GitHub (AMRIT-Docs repo)

  GH->>Repo: checkout (full history)
  GH->>Maven: setup Java 17 & build (skip tests)
  Maven->>API: start with swagger profile on port 9090
  GH->>API: poll /v3/api-docs (validate JSON, check non-empty paths)
  API-->>GH: return swagger JSON
  GH->>API: stop server
  GH->>GH_API: clone AMRIT-Docs
  GH->>GH_API: copy swagger JSON -> amrit-docs/docs/swagger/tm-api.json
  GH->>GH_API: create pull request with changes

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐇 A tiny runner springs to start the show,
Builds and polls till Swagger starts to glow,
H2 hums softly in-memory and bright,
Docs hop over, landing just right—
A rabbit's PR, stitched neat and light.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: automating Swagger JSON synchronization to the AMRIT-Docs repository via a new GitHub Actions workflow.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In `@src/main/resources/application-swagger.properties`:
- Around line 32-33: Replace the Windows-specific hardcoded path and normalize
the inconsistent property/env names: change the property key misspelling
fotesenseFilePath to fetosenseFilePath everywhere, use fetosenseAPIKey
consistently for the API key property, and standardize the environment variable
name to FETOSENSE_API_KEY (replace FOETOSENSE_API_KEY). Also replace the
hardcoded "C:/FetosenseReport" with an OS-agnostic default (e.g., a
forward-slash path or an environment-backed value like
${FETOSENSE_FILE_PATH:...}) so CI/Linux won't fail; update
application.properties, application-swagger.properties, Docker/CI configs and
any code reading these symbols (fetosenseFilePath, fetosenseAPIKey,
FETOSENSE_API_KEY) to match.
- Around line 9-33: The jwt.secret and fetosenseAPIKey entries currently provide
insecure fallback defaults (jwt.secret=${JWT_SECRET_KEY:JWT_SECRET_KEY} and
fetosenseAPIKey=${FOETOSENSE_API_KEY:Key}); remove the hardcoded defaults so the
properties require explicit environment values (change to
jwt.secret=${JWT_SECRET_KEY} and fetosenseAPIKey=${FOETOSENSE_API_KEY}) and
ensure CI/launch configs supply those env vars so the app fails fast rather than
silently using placeholders.

🧹 Nitpick comments (1)

pom.xml (1)

297-301: Consider scoping H2 to the swagger-only build.

Line 297-301 adds H2 to all runtime artifacts. If H2 is only needed for swagger generation, prefer a Maven profile and activate it in the workflow (e.g., -Pswagger) to avoid shipping it in production builds.

♻️ Suggested profile scoping

@@
-    <dependency>
-      <groupId>com.h2database</groupId>
-      <artifactId>h2</artifactId>
-      <scope>runtime</scope>
-    </dependency>
@@
+  <profiles>
+    <profile>
+      <id>swagger</id>
+      <dependencies>
+        <dependency>
+          <groupId>com.h2database</groupId>
+          <artifactId>h2</artifactId>
+          <scope>runtime</scope>
+        </dependency>
+      </dependencies>
+    </profile>
+  </profiles>

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# First, locate and examine the application-swagger.properties file
find . -name "application-swagger.properties" -type f

Repository: PSMRI/TM-API

Length of output: 107

---

🏁 Script executed:

# Check the file contents and surrounding config files
fd "application.*\.properties$" src/main/resources/

Repository: PSMRI/TM-API

Length of output: 147

---

🏁 Script executed:

# Look for CI/CD configuration to understand how secrets are set
fd -e "yml" -e "yaml" . | grep -i -E "(github|gitlab|jenkins|ci|workflow)" | head -20

Repository: PSMRI/TM-API

Length of output: 38

---

🏁 Script executed:

# Search for how JWT_SECRET_KEY and FOETOSENSE_API_KEY are used in the codebase
rg "JWT_SECRET_KEY|FOETOSENSE_API_KEY" --type properties --type yaml --type yml

Repository: PSMRI/TM-API

Length of output: 90

---

🏁 Script executed:

# Check for other application property files and their patterns
cat src/main/resources/application.properties 2>/dev/null || echo "Not found"

Repository: PSMRI/TM-API

Length of output: 1900

---

🏁 Script executed:

# Now let's read the actual application-swagger.properties file to verify the content
cat -n src/main/resources/application-swagger.properties

Repository: PSMRI/TM-API

Length of output: 2157

---

🏁 Script executed:

# Check if there are any GitHub Actions workflows or other CI/CD configs
fd -e "yml" -e "yaml" . --path "*github*" --path "*gitlab*" --path "*workflow*" 2>/dev/null | head -10

Repository: PSMRI/TM-API

Length of output: 38

---

🏁 Script executed:

# Look for secrets management or environment variable documentation
fd "README\|CONTRIBUTING\|\.env\|secrets" -e "md" -e "txt" -e "example"

Repository: PSMRI/TM-API

Length of output: 38

---

🏁 Script executed:

# Check how the swagger profile is used - look for Spring profile references
rg "spring.profiles.active|application-swagger" --type yaml --type yml --type java -A 2 -B 2

Repository: PSMRI/TM-API

Length of output: 83

---

🏁 Script executed:

# Let's look for CI/CD workflows (try different path patterns)
find . -path "*/.github/workflows/*" -o -path "*/.gitlab-ci*" -o -path "*/Jenkinsfile" 2>/dev/null | head -10

Repository: PSMRI/TM-API

Length of output: 270

---

🏁 Script executed:

# Check for any documentation or comments about the swagger profile
rg -i "swagger" --max-count 20 -B 2 -A 2

Repository: PSMRI/TM-API

Length of output: 17994

---

🏁 Script executed:

# Look for pom.xml to understand maven profiles
cat pom.xml 2>/dev/null | head -100

Repository: PSMRI/TM-API

Length of output: 3667

---

🏁 Script executed:

# Check if there's a properties file with documentation or examples
ls -la src/main/resources/ | grep -i properties

Repository: PSMRI/TM-API

Length of output: 207

---

🏁 Script executed:

# Look for any spring.profiles references in java files
rg "swagger|spring\.profiles" --type java -i -A 2 -B 2 | head -40

Repository: PSMRI/TM-API

Length of output: 3391

---

🏁 Script executed:

# Check the GitHub Actions workflows to understand how secrets are managed
cat .github/workflows/package.yml | head -100

Repository: PSMRI/TM-API

Length of output: 845

---

🏁 Script executed:

# Look for any GitHub secrets references or environment variable setup
cat .github/workflows/swagger-json.yml

Repository: PSMRI/TM-API

Length of output: 2885

---

🏁 Script executed:

# Check if there's any documentation about running with swagger profile
grep -r "swagger" README.md -A 5 -B 5

Repository: PSMRI/TM-API

Length of output: 484

---

🏁 Script executed:

# Look for how the spring.profiles.active is set in deployments
rg "spring.profiles.active|application-swagger" --type yaml --type java --type properties -B 2 -A 2

Repository: PSMRI/TM-API

Length of output: 90

---

🏁 Script executed:

# Check if JWT_SECRET_KEY or FOETOSENSE_API_KEY are exported/set in the swagger-json workflow
cat .github/workflows/swagger-json.yml | grep -A 10 -B 10 "JWT_SECRET_KEY\|FOETOSENSE_API_KEY\|secrets\|env"

Repository: PSMRI/TM-API

Length of output: 1096

---

🏁 Script executed:

# Check how the profile is activated in local development according to README
grep -r "ENV_VAR\|spring.profiles.active" README.md -A 3 -B 3

Repository: PSMRI/TM-API

Length of output: 244

---

🏁 Script executed:

# Look at the main application.properties to see if it has these properties defined
cat src/main/resources/application.properties | grep -i "jwt\|foetosense\|api-key"

Repository: PSMRI/TM-API

Length of output: 38

---

🏁 Script executed:

# Verify that application.properties really has no jwt/foetosense properties
wc -l src/main/resources/application.properties
head -50 src/main/resources/application.properties | grep -i "jwt\|foetosense" || echo "No matches in first 50 lines"

Repository: PSMRI/TM-API

Length of output: 129

---

🏁 Script executed:

# Check if there's any Spring profile configuration in the Java application
rg "spring.profiles" --type java | head -10

Repository: PSMRI/TM-API

Length of output: 38

---

Remove default values from secrets configuration.

Lines 9 and 33 provide insecure defaults for sensitive properties. If the swagger profile runs outside CI without these environment variables set, the application will use placeholder credentials. Spring Boot's property syntax ${VAR:default} means the fallback activates silently when JWT_SECRET_KEY and FOETOSENSE_API_KEY are unset. Requiring explicit environment variables ensures secrets are never accidentally committed or used as defaults.

Suggested change

-jwt.secret=${JWT_SECRET_KEY:JWT_SECRET_KEY}
+jwt.secret=${JWT_SECRET_KEY}
@@
-fetosenseAPIKey=${FOETOSENSE_API_KEY:Key}
+fetosenseAPIKey=${FOETOSENSE_API_KEY}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	jwt.secret=${JWT_SECRET_KEY:JWT_SECRET_KEY}
	common-api-url-searchBeneficiary=http://localhost:8080/beneficiary/search
	common-api-url-searchuserbyid=http://localhost:8080/user/searchbyid
	openkmDocUrl=http://localhost:8080/openkm
	nurseWL=90
	nurseTCWL=90
	pharmaWL=90
	pharmaTCWL=90
	ashaWL=90
	ashaTCWL=90
	labWL=90
	labTCWL=90
	radioWL=90
	radioTCWL=90
	oncoWL=90
	oncoTCWL=90
	tcSpecialistSlotBook=true
	tcSpecialistSlotCancel=true
	TMReferredWL=90
	docWL=90
	docTCWL=90
	swymed_dnsname=swymed://psmri.swymed.com
	jitsi_dnsname=https://meet.jit.si
	fotesenseFilePath=C:/FetosenseReport
	fetosenseAPIKey=${FOETOSENSE_API_KEY:Key}
	jwt.secret=${JWT_SECRET_KEY}
	common-api-url-searchBeneficiary=http://localhost:8080/beneficiary/search
	common-api-url-searchuserbyid=http://localhost:8080/user/searchbyid
	openkmDocUrl=http://localhost:8080/openkm
	nurseWL=90
	nurseTCWL=90
	pharmaWL=90
	pharmaTCWL=90
	ashaWL=90
	ashaTCWL=90
	labWL=90
	labTCWL=90
	radioWL=90
	radioTCWL=90
	oncoWL=90
	oncoTCWL=90
	tcSpecialistSlotBook=true
	tcSpecialistSlotCancel=true
	TMReferredWL=90
	docWL=90
	docTCWL=90
	swymed_dnsname=swymed://psmri.swymed.com
	jitsi_dnsname=https://meet.jit.si
	fotosenseFilePath=C:/FetosenseReport
	fetosenseAPIKey=${FOETOSENSE_API_KEY}

🤖 Prompt for AI Agents

In `@src/main/resources/application-swagger.properties` around lines 9 - 33, The
jwt.secret and fetosenseAPIKey entries currently provide insecure fallback
defaults (jwt.secret=${JWT_SECRET_KEY:JWT_SECRET_KEY} and
fetosenseAPIKey=${FOETOSENSE_API_KEY:Key}); remove the hardcoded defaults so the
properties require explicit environment values (change to
jwt.secret=${JWT_SECRET_KEY} and fetosenseAPIKey=${FOETOSENSE_API_KEY}) and
ensure CI/launch configs supply those env vars so the app fails fast rather than
silently using placeholders.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify which property keys are referenced in code
rg -n "fotesenseFilePath|fetosenseFilePath|fetosenseAPIKey|FOETOSENSE_API_KEY" --type properties --type java --type xml --type yml

Repository: PSMRI/TM-API

Length of output: 90

---

🏁 Script executed:

#!/bin/bash
# Search for property key references across the codebase
rg -n "fotesenseFilePath|fetosenseFilePath|fetosenseAPIKey|FOETOSENSE_API_KEY" -i

Repository: PSMRI/TM-API

Length of output: 786

---

Fix OS-specific path and address spelling inconsistency across configuration files.

Line 32 uses C:/FetosenseReport, which is Windows-specific and will fail on Linux CI environments. Use an OS-agnostic path (e.g., forward slashes only or environment-based location).

Additionally, the codebase has spelling inconsistency for this feature: fotesenseFilePath appears in application.properties while fetosenseAPIKey is used in application-swagger.properties and Docker/CI configs. The corresponding environment variable also has mixed naming (FOETOSENSE_API_KEY vs FETOSENSE_API_KEY). Standardize the spelling across all property files and environment variables to prevent configuration mismatches.

🤖 Prompt for AI Agents

In `@src/main/resources/application-swagger.properties` around lines 32 - 33,
Replace the Windows-specific hardcoded path and normalize the inconsistent
property/env names: change the property key misspelling fotesenseFilePath to
fetosenseFilePath everywhere, use fetosenseAPIKey consistently for the API key
property, and standardize the environment variable name to FETOSENSE_API_KEY
(replace FOETOSENSE_API_KEY). Also replace the hardcoded "C:/FetosenseReport"
with an OS-agnostic default (e.g., a forward-slash path or an environment-backed
value like ${FETOSENSE_FILE_PATH:...}) so CI/Linux won't fail; update
application.properties, application-swagger.properties, Docker/CI configs and
any code reading these symbols (fetosenseFilePath, fetosenseAPIKey,
FETOSENSE_API_KEY) to match.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud