Skip to content

Release: contract coverage for REST, WebSocket and JSON payloads#80

Merged
TexablePlum merged 9 commits into
mainfrom
dev
Jul 6, 2026
Merged

Release: contract coverage for REST, WebSocket and JSON payloads#80
TexablePlum merged 9 commits into
mainfrom
dev

Conversation

@TexablePlum

Copy link
Copy Markdown
Owner

What

Releases the "Contract coverage" milestone plus repository housekeeping: ws/v1 JSON Schemas for
every server-to-client STOMP payload with contract tests in both WebSocket services, committed
OpenAPI snapshots for the three REST services with drift and breaking-change detection in CI,
JSON contract instances validated against their schemas (including the auth test vectors), a
rewritten English root README, grouped dependency updates, and Dependabot pins for toolchains
that must move in lockstep (Spring Cloud/Boot, grpcio/protobuf, JDK-pinned builder images).

Why

Every platform boundary - gRPC, REST, WebSocket, auth, Redis documents - is now a versioned
contract with automated breaking-change protection. Will be tagged v0.4.0 on merge.

Closes #7, closes #8, closes #9.

Verification

Each change landed on dev through its own pull request with the full pipeline green; the two
infra flakes observed along the way (Maven Central blip, Testcontainers Redis) passed on immediate
re-runs and are documented in #63. This PR runs the full pipeline on the release head.

TexablePlum and others added 9 commits July 6, 2026 14:34
- Add draft 2020-12 contracts for authoritative game-state and player-specific match-found STOMP messages.

- Document destinations, direction, recovery semantics, and additive v1 evolution rules.

- Validate real publisher DTO serialization with each service's Spring-configured ObjectMapper and networknt.

- Tests: game-service verify passed 214 tests; matchmaking-service verify passed 105 tests; a deliberate match-found field rename failed the contract test.
* feat(contracts): define WebSocket payload schemas

- Add draft 2020-12 contracts for authoritative game-state and player-specific match-found STOMP messages.

- Document destinations, direction, recovery semantics, and additive v1 evolution rules.

- Validate real publisher DTO serialization with each service's Spring-configured ObjectMapper and networknt.

- Tests: game-service verify passed 214 tests; matchmaking-service verify passed 105 tests; a deliberate match-found field rename failed the contract test.

* ci(contracts): validate JSON contract instances

- Define the draft 2020-12 schema for the authentication protocol manifest.

- Add explicit access and refresh claim instances and verify the access instance matches the compact JWT payload.

- Validate auth instances plus auth, HTTP, and WebSocket schema metaschemas with check-jsonschema in CI.

- Tests: the full local check-jsonschema sequence passed; JwtContractTest passed in api-gateway, user-service, game-service, and matchmaking-service.
Bumps the minor-and-patch group in /services/game-service with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `3.5.11` | `3.5.16` |
| [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) | `2.8.6` | `2.8.17` |
| [io.jsonwebtoken:jjwt-api](https://github.com/jwtk/jjwt) | `0.12.6` | `0.13.0` |
| [io.jsonwebtoken:jjwt-impl](https://github.com/jwtk/jjwt) | `0.12.6` | `0.13.0` |
| io.jsonwebtoken:jjwt-jackson | `0.12.6` | `0.13.0` |
| [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf) | `4.29.3` | `4.35.1` |


Updates `org.springframework.boot:spring-boot-starter-parent` from 3.5.11 to 3.5.16
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.11...v3.5.16)

Updates `org.springdoc:springdoc-openapi-starter-webmvc-ui` from 2.8.6 to 2.8.17
- [Release notes](https://github.com/springdoc/springdoc-openapi/releases)
- [Changelog](https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md)
- [Commits](springdoc/springdoc-openapi@v2.8.6...v2.8.17)

Updates `io.jsonwebtoken:jjwt-api` from 0.12.6 to 0.13.0
- [Release notes](https://github.com/jwtk/jjwt/releases)
- [Changelog](https://github.com/jwtk/jjwt/blob/main/CHANGELOG.md)
- [Commits](jwtk/jjwt@0.12.6...0.13.0)

Updates `io.jsonwebtoken:jjwt-impl` from 0.12.6 to 0.13.0
- [Release notes](https://github.com/jwtk/jjwt/releases)
- [Changelog](https://github.com/jwtk/jjwt/blob/main/CHANGELOG.md)
- [Commits](jwtk/jjwt@0.12.6...0.13.0)

Updates `io.jsonwebtoken:jjwt-jackson` from 0.12.6 to 0.13.0

Updates `com.google.protobuf:protobuf-java` from 4.29.3 to 4.35.1
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-starter-parent
  dependency-version: 3.5.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: org.springdoc:springdoc-openapi-starter-webmvc-ui
  dependency-version: 2.8.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: io.jsonwebtoken:jjwt-api
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: io.jsonwebtoken:jjwt-impl
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: io.jsonwebtoken:jjwt-jackson
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: com.google.protobuf:protobuf-java
  dependency-version: 4.35.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the minor-and-patch group in /services/user-service with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `3.5.11` | `3.5.16` |
| [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) | `2.8.6` | `2.8.17` |
| [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf) | `4.29.3` | `4.35.1` |
| [io.jsonwebtoken:jjwt-api](https://github.com/jwtk/jjwt) | `0.12.6` | `0.13.0` |
| [io.jsonwebtoken:jjwt-impl](https://github.com/jwtk/jjwt) | `0.12.6` | `0.13.0` |
| io.jsonwebtoken:jjwt-jackson | `0.12.6` | `0.13.0` |


Updates `org.springframework.boot:spring-boot-starter-parent` from 3.5.11 to 3.5.16
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.11...v3.5.16)

Updates `org.springdoc:springdoc-openapi-starter-webmvc-ui` from 2.8.6 to 2.8.17
- [Release notes](https://github.com/springdoc/springdoc-openapi/releases)
- [Changelog](https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md)
- [Commits](springdoc/springdoc-openapi@v2.8.6...v2.8.17)

Updates `com.google.protobuf:protobuf-java` from 4.29.3 to 4.35.1
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

Updates `io.jsonwebtoken:jjwt-api` from 0.12.6 to 0.13.0
- [Release notes](https://github.com/jwtk/jjwt/releases)
- [Changelog](https://github.com/jwtk/jjwt/blob/main/CHANGELOG.md)
- [Commits](jwtk/jjwt@0.12.6...0.13.0)

Updates `io.jsonwebtoken:jjwt-impl` from 0.12.6 to 0.13.0
- [Release notes](https://github.com/jwtk/jjwt/releases)
- [Changelog](https://github.com/jwtk/jjwt/blob/main/CHANGELOG.md)
- [Commits](jwtk/jjwt@0.12.6...0.13.0)

Updates `io.jsonwebtoken:jjwt-jackson` from 0.12.6 to 0.13.0

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-starter-parent
  dependency-version: 3.5.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: org.springdoc:springdoc-openapi-starter-webmvc-ui
  dependency-version: 2.8.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: com.google.protobuf:protobuf-java
  dependency-version: 4.35.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: io.jsonwebtoken:jjwt-api
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: io.jsonwebtoken:jjwt-impl
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: io.jsonwebtoken:jjwt-jackson
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the minor-and-patch group in /services/matchmaking-service with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `3.5.11` | `3.5.16` |
| [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) | `2.8.6` | `2.8.17` |
| [io.jsonwebtoken:jjwt-api](https://github.com/jwtk/jjwt) | `0.12.6` | `0.13.0` |
| [io.jsonwebtoken:jjwt-impl](https://github.com/jwtk/jjwt) | `0.12.6` | `0.13.0` |
| io.jsonwebtoken:jjwt-jackson | `0.12.6` | `0.13.0` |
| [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco) | `0.8.13` | `0.8.15` |


Updates `org.springframework.boot:spring-boot-starter-parent` from 3.5.11 to 3.5.16
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.11...v3.5.16)

Updates `org.springdoc:springdoc-openapi-starter-webmvc-ui` from 2.8.6 to 2.8.17
- [Release notes](https://github.com/springdoc/springdoc-openapi/releases)
- [Changelog](https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md)
- [Commits](springdoc/springdoc-openapi@v2.8.6...v2.8.17)

Updates `io.jsonwebtoken:jjwt-api` from 0.12.6 to 0.13.0
- [Release notes](https://github.com/jwtk/jjwt/releases)
- [Changelog](https://github.com/jwtk/jjwt/blob/main/CHANGELOG.md)
- [Commits](jwtk/jjwt@0.12.6...0.13.0)

Updates `io.jsonwebtoken:jjwt-impl` from 0.12.6 to 0.13.0
- [Release notes](https://github.com/jwtk/jjwt/releases)
- [Changelog](https://github.com/jwtk/jjwt/blob/main/CHANGELOG.md)
- [Commits](jwtk/jjwt@0.12.6...0.13.0)

Updates `io.jsonwebtoken:jjwt-jackson` from 0.12.6 to 0.13.0

Updates `org.jacoco:jacoco-maven-plugin` from 0.8.13 to 0.8.15
- [Release notes](https://github.com/jacoco/jacoco/releases)
- [Commits](jacoco/jacoco@v0.8.13...v0.8.15)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-starter-parent
  dependency-version: 3.5.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: org.springdoc:springdoc-openapi-starter-webmvc-ui
  dependency-version: 2.8.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: io.jsonwebtoken:jjwt-api
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: io.jsonwebtoken:jjwt-impl
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: io.jsonwebtoken:jjwt-jackson
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: org.jacoco:jacoco-maven-plugin
  dependency-version: 0.8.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Lead with what the platform is and how the pieces talk to each other

- Point every deep dive at the per-service and contracts READMEs instead of duplicating them

- Replace the production checklist with a short fail-fast note and links, since service guides own their configuration

- Describe the branch, release, CI and Dependabot conventions the repository actually follows

- Tests: not applicable, documentation-only change verified by markdown preview
- Commit canonical OpenAPI snapshots generated from the real /v3/api-docs endpoints of user, game, and matchmaking services.

- Regenerate snapshots in CI, reject drift, and compare them with the base commit using pinned openapi-diff 2.1.0.

- Document the test-based generator choice and local regeneration commands in contract and service READMEs.

- Tests: user-service verify passed 223 tests, game-service verify passed 214 tests, matchmaking-service verify passed 105 tests; changing waitSeconds from Long to String made openapi-diff fail as incompatible.
…hanges (#78)

- Ignore Spring Cloud majors and minors in the gateway, since minor trains switch Spring Boot majors

- Ignore the webflux springdoc variant's majors, matching the existing webmvc rule

- Ignore grpcio minors in the engine, because their gencode tracks the protobuf major the runtime deliberately stays behind

- Ignore the Maven builder image entirely, as its tag pins the JDK in a suffix invisible to semver

- Trigger the workflow on Dockerfile and .dockerignore changes so image builds gate such pull requests

- Tests: YAML parse of both files and CI failure logs from PRs 69 and 73 evidencing each new ignore
…[openapi-rebaseline] (#81)

- Regenerate the committed REST snapshots with the springdoc version merged in the grouped dependency updates, which now emits required arrays and email formats from Bean Validation

- Downgrade the OpenAPI breaking-change gate to report-only for PRs labeled openapi-breaking-approved or pushes marked [openapi-rebaseline], keeping the diff printed for review

- Tests: full pipeline green on the pull request, including the report-only breaking diff of the accepted spec correction
@TexablePlum TexablePlum merged commit a327242 into main Jul 6, 2026
26 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

1 participant