chore(swagger): add env-driven Dev/UAT/Demo servers, update and uncomment the SwaggerConfig.java

[DurgaPrasad-54]

Summary by CodeRabbit

• Chores
  • Upgraded API documentation to the modern OpenAPI 3 standard for improved tooling compatibility and standards compliance.
  • Configured API endpoints across development, staging, and demo environments for better multi-environment support.
  • Enhanced security token configuration with environment-based handling and fallback mechanisms.

[coderabbitai]

Warning

Rate limit exceeded

@DurgaPrasad-54 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 17 minutes and 39 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📝 Walkthrough

Walkthrough

Migration from Swagger 2 (Springfox Docket) to OpenAPI 3 configuration across the codebase, including updates to GitHub workflow CI/CD branch naming, SwaggerConfig class refactoring, and new API server URL properties with environment-driven configuration.

Changes

Cohort / File(s)	Summary
CI/CD Workflow Updates .github/workflows/swagger-json.yml	Changed PR branch name from dynamic run-specific identifier (auto/swagger-update-${{ github.run_id }}-${{ github.run_attempt }}) to fixed branch name (auto/swagger-update-beneficiaryid-generation-api).
OpenAPI 3 Configuration Migration src/main/java/com/iemr/common/bengen/config/SwaggerConfig.java	Replaced Swagger 2 Docket-based bean (public Docket productApi()) with OpenAPI 3 configuration (public OpenAPI customOpenAPI(Environment env)). Introduced environment-driven server URL resolution, HTTP Bearer security scheme, and SecurityRequirements configuration.
Application Properties Updates src/main/resources/application-swagger.properties	Added three environment-specific API server URLs (api.dev.url, api.uat.url, api.demo.url). Updated JWT secret configuration to support environment variables with UUID fallback (${JWT_SECRET_KEY:#{T(java.util.UUID).randomUUID().toString()}}).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐰 From Swagger's old config to OpenAPI so new,
The bunny's docket changed to OpenAPI's view,
Bearer tokens hop along, servers dance and play,
Dev, UAT, and demo shine in every way,
With environment-driven secrets tucked so tight,
This migration makes the documentation bright! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main changes: adding environment-driven Dev/UAT/Demo servers and updating SwaggerConfig.java from Swagger 2 to OpenAPI 3.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@src/main/resources/application-swagger.properties`:
- Line 26: The jwt.secret property in application-swagger.properties currently
uses a SpEL fallback that calls T(java.util.UUID).randomUUID().toString(),
causing a new JWT secret on every restart and invalidating tokens; replace this
dynamic fallback so the application does not auto-generate a secret at runtime —
instead require a real secret be provided (remove the randomUUID SpEL fallback
from jwt.secret) or set the property to a fixed placeholder used only for CI,
and ensure the swagger profile/file is excluded from real deployments (do not
activate application-swagger.properties in production).

🧹 Nitpick comments (3)

src/main/java/com/iemr/common/bengen/config/SwaggerConfig.java (3)

39-39: Rename the security scheme to something more descriptive.

"my security" will appear in the generated OpenAPI spec and Swagger UI. A conventional name like "bearerAuth" or "Authorization" would be more professional and self-documenting.

Proposed fix

-	private static final String SECURITY_SCHEME_NAME = "my security";
+	private static final String SECURITY_SCHEME_NAME = "bearerAuth";

---

52-53: Add bearerFormat("JWT") to the security scheme.

This is optional per the OpenAPI spec but helps Swagger UI indicate the expected token format to consumers.

Proposed fix

-			new SecurityScheme().name(SECURITY_SCHEME_NAME).type(SecurityScheme.Type.HTTP).scheme("bearer")))
+			new SecurityScheme().name(SECURITY_SCHEME_NAME).type(SecurityScheme.Type.HTTP).scheme("bearer").bearerFormat("JWT")))

---

54-58: Prefer List.of over java.util.Arrays.asList (Java 17+).

The project targets Java 17 (per the CI workflow). List.of is more concise, returns an unmodifiable list, and avoids the inline fully-qualified java.util.Arrays reference.

Proposed fix

-			.servers(java.util.Arrays.asList(
-				new Server().url(devUrl).description("Dev"),
-				new Server().url(uatUrl).description("UAT"),
-				new Server().url(demoUrl).description("Demo")
-			));
+			.servers(java.util.List.of(
+				new Server().url(devUrl).description("Dev"),
+				new Server().url(uatUrl).description("UAT"),
+				new Server().url(demoUrl).description("Demo")
+			));

Or better yet, add import java.util.List; to the imports and use List.of(...).

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud