Missing field properties added

[Asp-irin]

📋 Description

This PR adds missing field properties to the common_example.properties file and removes redundant code to improve code practices.

Summary by CodeRabbit

• Configuration Updates

  • Updated database connection configurations for primary and secondary databases.
  • Introduced new scheduler settings for various data synchronization processes.
  • Added configuration properties for system duration, calendar, and retry settings.
  • Expanded NHM Agent Real Time Data configuration.
  • Updated identity API URLs to reflect new port settings.

• Scheduler Management

  • Added toggles and cron expressions for CTI data sync, Avni registration, Everwell sync, and NHM dashboard schedulers.

[coderabbitai]

Walkthrough

The pull request introduces extensive modifications to the common_example.properties configuration file. Key updates include revised database connection settings for both primary and secondary databases, now directed to a local MySQL instance. New scheduler configurations have been added for functionalities such as CTI data synchronization and NHM dashboard data. Additionally, various new properties related to data management and scheduling have been introduced, enhancing the overall structure and functionality of the configuration.

Changes

File

Change Summary

src/main/environment/common_example.properties

- Updated primary and secondary database connection details (URL, username, password) - Added new scheduler configurations for CTI data sync, Avni registration, Everwell registration, and NHM dashboard - Introduced new properties for data management and scheduling (e.g., cz-duration, TMprescriptionTemplate, callRetryConfiguration) - Expanded NHM Agent Real Time Data settings with new URL and cron configurations - Updated existing API URLs

Poem

🐰 In the land of code, where changes bloom,
New connections sprout, dispelling the gloom.
Schedulers dance, with cron jobs in line,
A rabbit hops forth, with properties fine.
Configs aglow, like stars in the night! 🌟

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (1)

src/main/environment/common_example.properties (1)

93-114: Standardize configuration format and add parameter documentation

1. Use consistent notation (either dot or hyphen) for property names
2. Add documentation for each parameter including:
   • Valid ranges
   • Default values
   • Impact on system behavior

Example format:

# Duration in minutes for CZ operations
# Range: 30-60, Default: 40
cz-duration=40

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between cc77f01 and 080b084.

📒 Files selected for processing (1)

• src/main/environment/common_example.properties (4 hunks)

🔇 Additional comments (1)

src/main/environment/common_example.properties (1)

59-88: Improve scheduler configurations documentation and organization

1. Consider adding detailed comments explaining the purpose and impact of each scheduler
2. Group related schedulers together (e.g., all CTI-related schedulers)
3. Verify the frequency of schedulers running every 1-5 minutes to ensure they don't overload the system

[coderabbitai]

🛠️ Refactor suggestion

Consider security improvements for database configurations

1. Consider using environment variables or a secure vault for sensitive credentials
2. Update the deprecated MySQL driver class

-secondary.datasource.driver-class-name=com.mysql.jdbc.Driver
+secondary.datasource.driver-class-name=com.mysql.cj.jdbc.Driver

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	##commented the below lines as it is already defined above
	# spring.datasource.url=jdbc:mysql://localhost:3306/db_iemr?
	encDbUserName=zFlYsp9Z0s+lRvLM15A3g/Ba0w8VGs/1usuW7EsGF3k=
	encDbPass=JGGAGn5wTlrbTLUHY+5BzfBa0w8VGs/1usuW7EsGF3k=
	spring.datasource.driver-class-name=com.mysql.jdbc.Driver
	secondary.datasource.url=<Enter DB_REPORTING URL here>
	secondary.datasource.username=<Enter your DB_REPORTING username>
	secondary.datasource.password=<Enter your DB_REPORTING password>
	secondary.datasource.url=<Enter DB_REPORTING URL here>
	secondary.datasource.driver-class-name=com.mysql.jdbc.Driver
	##commented the below lines as it is already defined above
	# spring.datasource.url=jdbc:mysql://localhost:3306/db_iemr?
	encDbUserName=zFlYsp9Z0s+lRvLM15A3g/Ba0w8VGs/1usuW7EsGF3k=
	encDbPass=JGGAGn5wTlrbTLUHY+5BzfBa0w8VGs/1usuW7EsGF3k=
	spring.datasource.driver-class-name=com.mysql.jdbc.Driver
	secondary.datasource.url=<Enter DB_REPORTING URL here>
	secondary.datasource.username=<Enter your DB_REPORTING username>
	secondary.datasource.password=<Enter your DB_REPORTING password>
	secondary.datasource.driver-class-name=com.mysql.cj.jdbc.Driver

[coderabbitai]

💡 Codebase verification

Hardcoded IP should be externalized following existing patterns

The CI environment already demonstrates the correct pattern using @env.NHM_AGENT_REAL_TIME_DATA_URL@. Other environments should follow this approach.

• Update in src/main/environment/common_dev.properties
• Update in src/main/environment/common_test.properties
• Update in src/main/environment/common_uat.properties
• Update in src/main/environment/common_example.properties

Note: The 2-minute polling interval appears to be an intentional design choice, controlled by a feature flag, and is consistently configured across all environments.

🔗 Analysis chain

Review NHM agent configuration for security and performance

1. Replace hardcoded IP with configurable hostname
2. Verify if 2-minute polling interval is necessary and won't overload the external service

-nhm.agent.real.time.data.url= http://175.101.1.83/apps/utility/alive_api.php
+nhm.agent.real.time.data.url=${NHM_AGENT_HOST}/apps/utility/alive_api.php

🏁 Scripts executed

The following scripts were executed for the analysis:

Error: No shell scripts found

---

Script:

#!/bin/bash
# Search for IP address usage
rg -l "175\.101\.1\.83"

# Look for environment variable patterns in properties files
fd -e properties -x rg -l "\$\{[A-Z_]+\}"

# Find cron scheduler references
rg "0 \*/2 \* \? \* \*"

# Search for NHM agent related configurations
rg "nhm\.agent"

Length of output: 2693

[coderabbitai]

💡 Codebase verification

Add security validation for file base path

The codebase properly handles directory creation and validation, but lacks security measures for the base path. Consider:

• Add validation to ensure the base path is within allowed boundaries
• Implement path sanitization to prevent directory traversal attacks
• Document the expected base path format and restrictions

🔗 Analysis chain

Validate and secure file base path configuration

1. Ensure the path is within allowed secure directories
2. Verify if the application validates/creates this directory at startup
3. Consider adding documentation about required permissions

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check for file path validation in the codebase
rg -B 2 -A 2 "fileBasePath"

Length of output: 2490

---

Script:

#!/bin/bash
# Check for directory validation and complete usage context
ast-grep --pattern 'class CommonServiceImpl {
  $$$
  private String fileBasePath;
  $$$
}'

# Also check for common directory validation patterns
rg -B 2 -A 2 "mkdirs|exists|isDirectory|createDirectories"

Length of output: 5620

[drtechie]

@Asp-Codes a lot of these variables look common across environments. Can we keep it application.properties (and remove from test.properties - from where I guess you copied from)?
cc: @ravishanigarapu

[Asp-irin]

@Asp-Codes a lot of these variables look common across environments. Can we keep it application.properties (and remove from test.properties - from where I guess you copied from)?
cc: @ravishanigarapu

Yes that is the ideal way but currently test dev and ci all these contain variables.Only in the common they are missing so I just added in it.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

src/main/environment/common_example.properties (1)

92-113: Document configuration parameters

New configuration parameters lack documentation about their purpose and impact:

• cz-duration=40
• everwellCalendarDuration=15
• lonicPageSize=10
• callRetryConfiguration=3
• avniRegistrationLimit=7

Add comments explaining:

• The purpose of each parameter
• The impact of modifying these values
• The units of measurement (where applicable)
• The recommended ranges for these values

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 080b084 and 07e3b96.

📒 Files selected for processing (1)

• src/main/environment/common_example.properties (5 hunks)

🔇 Additional comments (6)

src/main/environment/common_example.properties (6)

3-14: Security: Use secure database configuration practices

The database configuration has several security concerns:

1. Default credentials (root/1234) should not be used
2. Using deprecated MySQL driver
3. Sensitive credentials should be externalized

---

58-87: Review scheduler configurations and resource impact

Several schedulers are configured to run frequently:

• CTI data check runs daily at 12:10 AM
• NHM dashboard runs daily at 12:01 AM
• Everwell data sync runs every 5 minutes when enabled

Please verify:

1. The resource impact of running these schedulers
2. Why certain schedulers are enabled by default
3. If the cron expressions align with business requirements

Consider implementing a rate limiter or circuit breaker to prevent system overload from frequent scheduler executions.

---

114-117: Externalize hardcoded IP address

The NHM agent URL contains a hardcoded IP address which should be externalized following the existing pattern using environment variables.

---

168-168: Secure the file base path configuration

The file base path configuration requires security validation and documentation.

---

134-136: Verify port changes for Everwell endpoints

The port for Everwell endpoints has been changed from 8080 to 8083. Please verify:

1. If this change is coordinated with the Everwell service deployment
2. If all related services are aware of this port change

---

27-31: Clarify identity service configuration

The comment "not sure abt this" suggests uncertainty about the identity configuration. Please:

1. Verify if port 8094 is the correct port for identity services
2. Document the purpose of each identity endpoint
3. Remove the uncertain comment once verified

✅ Verification successful

Remove uncertainty comment and improve documentation

The identity configurations are valid and actively used in IdentityBeneficiaryServiceImpl.java:

• identity-api-url: Regular identity service endpoint
• identity-1097-api-url: 1097-specific identity service endpoint

Please:

1. Remove the "not sure abt this" comment as both configurations are necessary
2. Add descriptive comments explaining the purpose of each endpoint
3. Consider using placeholders like other environment files: <Enter your socket address here>

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if these identity endpoints are referenced elsewhere
rg "identity-api-url|identity-1097-api-url" --type properties

Length of output: 98

---

Script:

#!/bin/bash
# Search for identity configurations and URLs without file type restriction
rg -l "identity-api-url|identity-1097-api-url|localhost:8094/identity-0.0.1|localhost:8094/1097identityapi"

# Search for port 8094 usage
rg "8094"

# Find all properties files
fd ".*\.properties$"

Length of output: 1001

---

Script:

#!/bin/bash
# Check identity configurations across all environments
for f in src/main/environment/common_{ci,dev,test,uat}.properties; do
  echo "=== $f ==="
  rg "identity.*api.*url" "$f"
done

# Check how these properties are used in the service
rg -A 5 "identity.*api.*url" src/main/java/com/iemr/common/service/beneficiary/IdentityBeneficiaryServiceImpl.java

# Check if there's documentation about these endpoints
fd "README|CONTRIBUTING|docs" -e md

Length of output: 8067

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

src/main/environment/common_example.properties (1)

95-114: Document configuration parameters

New configuration parameters have been added without documentation explaining their purpose and valid values:

• cz-duration
• TMprescriptionTemplate
• everwellCalendarDuration
• lonicPageSize
• callRetryConfiguration
• avniRegistrationLimit

Add comments explaining:

1. Purpose of each parameter
2. Valid value ranges
3. Impact on system behavior

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 07e3b96 and 5b0d9b3.

📒 Files selected for processing (1)

• src/main/environment/common_example.properties (5 hunks)

🔇 Additional comments (4)

src/main/environment/common_example.properties (4)

115-118: Replace hardcoded IP with environment variable

The previous review already identified this issue. The hardcoded IP address should be externalized following the existing pattern using environment variables.

-nhm.agent.real.time.data.url= http://175.101.1.83/apps/utility/alive_api.php
+nhm.agent.real.time.data.url= ${NHM_AGENT_HOST}/apps/utility/alive_api.php

---

169-169: Add security validation for file base path

The previous review already identified this security concern. The file base path needs proper validation and security measures:

1. Path validation within allowed boundaries
2. Path sanitization
3. Documentation of expected format and restrictions

---

61-88: Review scheduler configurations

Several scheduler configurations have been added with specific concerns:

1. Multiple schedulers with overlapping purposes
2. Some schedulers are enabled by default in example configuration
3. Cron expressions might need validation

Run this script to analyze scheduler patterns across environments:

✅ Verification successful

Scheduler configurations are appropriate and well-structured

The review concerns have been analyzed and found to be unfounded:

• Each scheduler serves a distinct purpose without functional overlap
• The enabled schedulers (CTI data check and NHM dashboard) in the example configuration are appropriate for core functionality
• All cron expressions are valid and scheduled at non-conflicting intervals

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check scheduler configurations across different environments
fd -e properties -x rg "start-.*-scheduler|cron-scheduler-.*"

# Validate cron expressions
fd -e properties -x rg "cron.*=.*"

Length of output: 3975

---

28-32: Remove redundant URL suffixes

Based on the previous discussion between drtechie and Asp-irin, the /identity-0.0.1 suffix is not needed when running services locally.

Please verify if these changes align with the local development setup:

-identity-api-url = http://localhost:8094/
+identity-api-url = http://localhost:8094
-identity-1097-api-url = http://localhost:8094/
+identity-1097-api-url = http://localhost:8094

[coderabbitai]

⚠️ Potential issue

Security: Avoid committing sensitive credentials

The database configuration exposes sensitive credentials:

1. Plain text passwords
2. Root user access
3. Direct database URLs

Consider these security improvements:

1. Use environment variables or secure vault for credentials
2. Create dedicated database users with limited privileges
3. Add placeholders instead of actual values in example properties

-spring.datasource.username=root
-spring.datasource.password=1234
+spring.datasource.username=${DB_USER}
+spring.datasource.password=${DB_PASSWORD}

Also applies to: 4-6, 13-15

[coderabbitai]

🛠️ Refactor suggestion

Standardize API endpoint configuration

The API endpoints contain inconsistent port usage and hardcoded IPs:

1. Some endpoints use HTTPS while others use HTTP
2. Hardcoded IP (10.208.122.38) should be configurable
3. Port 8083 is hardcoded

Standardize the configuration:

-everwell1097userAuthenticate =  http://10.208.122.38:8083/user/userAuthenticate
+everwell1097userAuthenticate =  ${EVERWELL_API_BASE_URL}/user/userAuthenticate
-everwellRegisterBenficiary = http://10.208.122.38:8083/beneficiary/create
+everwellRegisterBenficiary = ${EVERWELL_API_BASE_URL}/beneficiary/create

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	everwell1097userAuthenticate = http://10.208.122.38:8083/user/userAuthenticate
	everwelluserAuthenticate = https://beta-hub.everwell.org/token
	everwellRegisterBenficiary = http://10.208.122.38:8080/commonapi-v1.0/beneficiary/create
	everwellRegisterBenficiary = http://10.208.122.38:8083/beneficiary/create
	everwell1097userAuthenticate = ${EVERWELL_API_BASE_URL}/user/userAuthenticate
	everwelluserAuthenticate = https://beta-hub.everwell.org/token
	everwellRegisterBenficiary = ${EVERWELL_API_BASE_URL}/beneficiary/create

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

src/main/environment/common_example.properties (2)

95-114: Document configuration parameters

Please add comments explaining:

1. The purpose and valid ranges for cz-duration, everwellCalendarDuration
2. The impact of callRetryConfiguration and avniRegistrationLimit
3. The significance of lonicPageSize

---

135-137: Standardize API endpoint configuration

Consider using environment variables for the base URL to make it configurable across environments:

-everwell1097userAuthenticate =  http://localhost:8083/user/userAuthenticate
-everwellRegisterBenficiary = http://localhost:8083/beneficiary/create
+everwell1097userAuthenticate =  ${COMMON_API_BASE_URL}/user/userAuthenticate
+everwellRegisterBenficiary = ${COMMON_API_BASE_URL}/beneficiary/create

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5b0d9b3 and 9435a89.

📒 Files selected for processing (1)

• src/main/environment/common_example.properties (5 hunks)

🔇 Additional comments (4)

src/main/environment/common_example.properties (4)

2-15: Security: Avoid committing sensitive credentials

The database configuration exposes sensitive credentials in plain text. This is a security risk that was previously identified.

---

28-32: LGTM! URL simplification implemented

The identity API URLs have been simplified as discussed in the PR comments.

---

115-118: Hardcoded IP should be externalized

The hardcoded IP in the NHM agent URL should be externalized following existing patterns.

---

169-169: Add security validation for file base path

The file base path configuration requires security validation to prevent directory traversal attacks.

[coderabbitai]

💡 Codebase verification

Scheduler configurations are valid but need optimization

The cron expressions are syntactically correct, and there are no direct timing conflicts. However:

• Consider increasing the interval for high-frequency schedulers:
  • cron-scheduler-everwelldatasync=0 0/5 * * * ? * (every 5 minutes) might be too aggressive
  • Multiple schedulers running every minute (SMS, Email, Avni) could impact system resources
• Ensure consistent scheduler states across different property files to avoid confusion

🔗 Analysis chain

Verify scheduler configurations

Please verify:

1. The overlap between different data sync schedulers (CTI, Everwell, NHM)
2. The cron expressions, especially:
   • cron-scheduler-ctidatasync=0 0 2 */2 * ? (runs every 2 days at 2 AM)
   • cron-scheduler-everwelldatasync=0 0/5 * * * ? * (runs every 5 minutes)

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for other scheduler configurations that might conflict
rg "cron-scheduler-" --type properties

# Look for scheduler implementation classes
ast-grep --pattern 'class $_ implements $_Scheduler {
  $$$
}'

Length of output: 138

---

Script:

#!/bin/bash
# Find and search properties files
fd -e properties -x cat {} | grep -i "scheduler\|cron"

# Search for scheduler implementations with broader patterns
ast-grep --pattern 'class $_ implements Scheduler'
ast-grep --pattern '@Scheduled'

Length of output: 4375

---

Script:

#!/bin/bash
# Search for scheduler implementation files
fd -e java -x cat {} | grep -A 5 -B 5 "@Scheduled"

# Look for specific scheduler classes
fd -e java -x grep -l "CTIDataSync\|EverwellDataSync\|NHMDashboard" {}

Length of output: 1184

[drtechie]

Can we remove this comment?