Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

git-action 적용 #162

Merged
merged 13 commits into from
Nov 13, 2024
62 changes: 62 additions & 0 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
name: learnsmate-service

permissions:
contents: read
pull-requests: write

on:
pull_request:
types: [opened, reopened, synchronize]
push:
branches:
- "main"

jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'corretto'

- name: Grant execute permission for gradlew
run: chmod +x gradlew
working-directory: ./LearnsMate
shell: bash

- name: Build with Gradle
run: ./gradlew clean build -x test
working-directory: ./LearnsMate
shell: bash

- name: Get current time
uses: 1466587594/get-current-time@v2
id: current-time
with:
format: YYYY-MM-DDTHH-mm-ss
utcOffset: "+09:00"

- name: Show Current Time
run: echo "CurrentTime=${{steps.current-time.outputs.formattedTime}}"
shell: bash

- name: ChatGPT codeReviewer
uses: anc95/ChatGPT-CodeReview@main
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}

# Optional
LANGUAGE: Korean
OPENAI_API_ENDPOINT: https://api.openai.com/v1
MODEL: gpt-4o # https://platform.openai.com/docs/models
PROMPT: 코드 변경 내용을 검토하고 오류 또는 개선점을 찾아서 한글로 작성해주세요.
top_p: 1 # https://platform.openai.com/docs/api-reference/chat/create#chat/create-top_p
temperature: 1 # https://platform.openai.com/docs/api-reference/chat/create#chat/create-temperature
max_tokens: 10000
MAX_PATCH_LENGTH: 10000
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review:

Bug Risks:

  1. Gradlew Execution: Ensure that gradlew actually exists in the specified directory before setting execute permission and running it.
  2. Time Format: The time format in the Get current time step might not work as intended. Make sure the format string is correct for the tool you are using.

Improvements:

  1. Dependency Management:

    • Consider pinning to specific versions of actions/dependencies used in workflows to prevent unexpected behavior changes.
  2. Error Handling:

    • Incorporate error handling steps in the workflow to handle potential failures during the build process gracefully.
  3. Documentation:

    • Add comments on complex logic or where the purpose of certain steps isn't immediately clear.
  4. Security:

    • Regularly review and rotate any sensitive keys/secrets like OPENAI_API_KEY.
  5. Performance:

    • Consider caching dependencies or build artifacts to speed up subsequent builds.
  6. Consistency:

    • Keep the naming conventions consistent to enhance readability and maintainability.
  7. Testing:

    • Integrate automated testing steps in the workflow to ensure code quality and reliability.

Overall:

  • The workflow seems straightforward, covering essential steps from checkout to running the build with Gradle.
  • Proper attention to error handling, configurations, and security will make the workflow more robust.
  • As the project evolves, consider revisiting and updating the workflow to align with new requirements and best practices.

Addressing these points can enhance the reliability, performance, and maintainability of the workflow.

2 changes: 1 addition & 1 deletion LearnsMate/.gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ bin/
!**/src/test/**/bin/

### IntelliJ IDEA ###
*.yml
application-test.yml
.idea
*.json
*.iws
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

  1. Risk Assessment:

    • Risk: Changing the exclusion from *.yml to application-test.yml in the IntelliJ IDEA configuration could potentially introduce problems if other YAML files need to be excluded from the version control.
  2. Improvement Suggestions:

    • Consideration: If the intention is only to exclude a specific application-test.yml file while ignoring all other .yml files, it's better to maintain the original wildcard exclusion *.yml and add an explicit exclusion for application-test.yml.
    • Consistency: Ensure consistency in naming and patterns across exclusion rules to improve readability and maintenance.
  3. Suggestion:

    ### IntelliJ IDEA ###
    *.yml
    !application-test.yml
    .idea/
    *.json
    *.iws
    
  4. Overall:

    • The provided patch may introduce potential risks due to the specificity of the exclusion rule for application-test.yml. Consider a more general approach for excluding specific YAML files while maintaining flexibility for future changes.

Final Patch with Suggested Changes

@@ -27,7 +27,7 @@ bin/
 !**/src/test/**/bin/
 
 ### IntelliJ IDEA ###
-*.yml
+!application-test.yml
 .idea/
 *.json
 *.iws

Always ensure to thoroughly test your version control setup after making such changes to prevent unexpected issues in your development workflow.

Expand Down
3 changes: 3 additions & 0 deletions LearnsMate/src/main/resources/application.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
spring:
profiles:
active: test
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This code snippet appears to be a YAML configuration file that sets the active profiles for a Spring application. Here is a brief code review and some suggestions:

  1. No newline at end of file:
    This is a minor issue flagged by version control systems like Git, which prefer having a newline at the end of files. It's generally a good practice to have one, but it won't affect the functionality.

  2. Profile Activation:
    The code sets the active profile to "test". Ensure that this profile is correctly set up in your project's configuration and that it aligns with the intended use case.

  3. Safety and Best Practices:

    • Confirm that sensitive information such as passwords or API keys are not stored directly in this configuration file.
    • Consider encrypting or using secure methods to handle any confidential data if included in the profiles.
  4. Documentation:

    • Make sure to document the purpose of this profile and any specific configurations that need to be applied when 'test' profile is active.
  5. Testing:
    Verify that the application behaves as expected when using the 'test' profile. Test environment configurations should align with what your tests expect.

  6. Versioning:
    Regularly review and update your profiles based on evolving requirements. Ensure compatibility with newer versions of Spring Boot and any related libraries.

Overall, the code appears simple and straightforward. Watching for the mentioned points could help maintain the effectiveness and security of your application.

Loading