$ loading_
为 Spring Boot 项目执行构建、测试、扫描与变更复核的发布前验证流程
复制安装指令,让 AI 自动完成配置 · 推荐新手
请帮我安装 askskill 上的 "springboot-verification" 技能: 1. 下载 https://raw.githubusercontent.com/affaan-m/ECC/main/skills/springboot-verification/SKILL.md 2. 保存为 ~/.claude/skills/springboot-verification/SKILL.md 3. 装好后重载技能,告诉我可以用了
请对这个 Spring Boot 项目执行发布前验证:先构建项目,再运行静态分析、单元测试与覆盖率统计,然后做依赖和代码安全扫描,最后总结结果并标出是否可以发布。
一份包含构建结果、测试覆盖率、安全风险与发布建议的校验报告。
请检查这个 Spring Boot 分支在提交 PR 前是否达标:运行构建、测试和静态检查,对比当前分支与主分支的差异,指出潜在问题和需要修复的项。
一份 PR 前检查摘要,列出失败项、关键变更风险和修复建议。
请为这个 Spring Boot 项目执行质量门禁验证:检查代码规范、测试通过率、覆盖率阈值以及已知漏洞,若不满足门禁条件,请给出阻塞原因。
一份门禁结果说明,明确通过或阻塞,并附带具体问题清单。
Run before PRs, after major changes, and pre-deploy.
mvn -T 4 clean verify -DskipTests
# or
./gradlew clean assemble -x test
If build fails, stop and fix.
Maven (common plugins):
mvn -T 4 spotbugs:check pmd:check checkstyle:check
Gradle (if configured):
./gradlew checkstyleMain pmdMain spotbugsMain
mvn -T 4 test
mvn jacoco:report # verify 80%+ coverage
# or
./gradlew test jacocoTestReport
Report:
Test service logic in isolation with mocked dependencies:
@ExtendWith(MockitoExtension.class)
class UserServiceTest {
@Mock private UserRepository userRepository;
@InjectMocks private UserService userService;
@Test
void createUser_validInput_returnsUser() {
var dto = new CreateUserDto("Alice", "[email protected]");
var expected = new User(1L, "Alice", "[email protected]");
when(userRepository.save(any(User.class))).thenReturn(expected);
var result = userService.create(dto);
assertThat(result.name()).isEqualTo("Alice");
verify(userRepository).save(any(User.class));
}
@Test
void createUser_duplicateEmail_throwsException() {
var dto = new CreateUserDto("Alice", "[email protected]");
when(userRepository.existsByEmail(dto.email())).thenReturn(true);
assertThatThrownBy(() -> userService.create(dto))
.isInstanceOf(DuplicateEmailException.class);
}
}
Test against a real database instead of H2:
@SpringBootTest
@Testcontainers
class UserRepositoryIntegrationTest {
@Container
static PostgreSQLContainer<?> postgres = new PostgreSQLContainer<>("postgres:16-alpine")
.withDatabaseName("testdb");
@DynamicPropertySource
static void configureProperties(DynamicPropertyRegistry registry) {
registry.add("spring.datasource.url", postgres::getJdbcUrl);
registry.add("spring.datasource.username", postgres::getUsername);
registry.add("spring.datasource.password", postgres::getPassword);
}
@Autowired private UserRepository userRepository;
@Test
void findByEmail_existingUser_returnsUser() {
userRepository.save(new User("Alice", "[email protected]"));
var found = userRepository.findByEmail("[email protected]");
assertThat(found).isPresent();
assertThat(found.get().getName()).isEqualTo("Alice");
}
}
Test controller layer with full Spring context:
@WebMvcTest(UserController.class)
class UserControllerTest {
@Autowired private MockMvc mockMvc;
@MockBean private UserService userService;
@Test
void createUser_validInput_returns201() throws Exception {
var user = new UserDto(1L, "Alice", "[email protected]");
when(userService.create(any())).thenReturn(user);
mockMvc.perform(post("/api/users")
.contentType(MediaType.APPLICATION_JSON)
.content("""
{"name": "Alice", "email": "[email protected]"}
"""))
.andExpect(status().isCreated())
.andExpect(jsonPath("$.name").value("Alice"));
}
@Test
void createUser_invalidEmail_returns400() throws Exception {
mockMvc.perform(post("/api/users")
.contentType(MediaType.APPLICATION_JSON)
.content("""
{"name": "Alice", "email": "not-an-email"}
"""))
.andExpect(status().isBadRequest());
}
}
# Dependency CVEs
mvn org.owasp:dependency-check-maven:check
# or
…
通过双评审智能体对结果进行对抗式校验,提升输出发布前的可靠性
为 Quarkus 项目执行构建、测试、安全扫描与发布前验证闭环