Skip to content

perf: optimize test speed and harden security config#145

Merged
LivingLikeKrillin merged 5 commits intodevelopfrom
perf/test-speed
Mar 15, 2026
Merged

perf: optimize test speed and harden security config#145
LivingLikeKrillin merged 5 commits intodevelopfrom
perf/test-speed

Conversation

@LivingLikeKrillin
Copy link
Copy Markdown
Contributor

@LivingLikeKrillin LivingLikeKrillin commented Mar 15, 2026

Summary

  • Reduce test execution time by 73% (2min → 32s) via single-fork JVM and TieredStopAtLevel=1
  • Replace legacy deploy workflow and Dockerfiles with lightweight JRE-alpine runtime image
  • Harden security: denyAll for unknown paths, disable actuator in Swagger, suppress error details
  • Configure dev/prod profiles (JPA logs, cookie domain, Redis env vars)
  • Clean up legacy api/ path references from .gitignore

Test plan

  • Full test suite passes (152 test classes)
  • Verify dev profile on GCP VM with .env file
  • Verify denyAll blocks .php/.env bot scanning requests

🤖 Generated with Claude Code

LivingLikeKrillin and others added 5 commits March 15, 2026 00:08
@LivingLikeKrillin @claude
docs: add test speed analysis with bottleneck diagnosis and optimizat…
c15add9 
…ion plan

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@LivingLikeKrillin @claude
perf: reduce test execution time by 73% with single-fork JVM and Tier…
15469e4 
…edStopAtLevel=1

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@LivingLikeKrillin @claude
chore: replace legacy deploy workflow and Dockerfiles with lightweigh…
b8f3160 
…t runtime image

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@LivingLikeKrillin @claude
security: harden security config and configure dev/prod profiles
8e7b57c 
- Change .anyRequest().permitAll() to .anyRequest().denyAll()
- Disable actuator exposure in Swagger
- Configure dev profile: disable JPA query logs, INFO-level security logs
- Configure prod profile: suppress error details, WARN-level logs, Strict cookies
- Parameterize Redis host/port and cookie domain via environment variables

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@LivingLikeKrillin @claude
chore: remove legacy api/ path references from .gitignore
8ec2adc 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@LivingLikeKrillin LivingLikeKrillin merged commit b1734c5 into develop Mar 15, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@LivingLikeKrillin