Skip to content

Develop#2

Merged
Sympol merged 2 commits intomainfrom
develop
Feb 9, 2026
Merged

Develop#2
Sympol merged 2 commits intomainfrom
develop

Conversation

@Sympol
Copy link
Copy Markdown
Owner

@Sympol Sympol commented Feb 9, 2026

Description

This PR generalizes the PCM platform infrastructure to ensure full portability and cloud-native resilience. The main objective was to remove tight coupling to specific providers (PostgreSQL, Kafka, Vault) in order to enable provider-agnostic deployments.

Key changes:

  • Configuration Independence: Introduction of a decentralized mode with local and environment-variable fallbacks.
  • Multi-Database Support: Migration to Hibernate 6 JSON mapping and standardization of Flyway scripts to support both PostgreSQL and MySQL.
  • Standardized Observability: Full transition to OpenTelemetry (OTLP) for distributed tracing and metrics.
  • Swappable Messaging: Abstraction via Spring Cloud Stream, allowing seamless switching between Kafka and RabbitMQ without code changes.
  • Data Protection (PII): Encryption abstraction to support either HashiCorp Vault or a local AES mode.
  • Documentation: Updates to the README and QUICKSTART, plus the creation of a PORTABILITY guide and ADR-003.

Fixes # (Infrastructure Abstraction & Portability)

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes.

  • Unit Tests
  • Integration Tests

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes

Sympol added 2 commits February 1, 2026 06:46
@Sympol
chore(deps): remediate security vulnerabilities and upgrade stack
c347e27 
Major security overhaul to address reported vulnerabilities in core and transitive dependencies.

Changes:
- Upgrade Spring Boot to 3.3.2 (from 3.2.1) and Spring Cloud to 2023.0.3.
- Force upgrade of critical transitive dependencies via dependencyManagement:
  * Kafka Clients -> 3.7.1 (security fixes)
  * Netty -> 4.1.111.Final (HTTP/2 CVEs)
  * Commons Compress -> 1.26.1 / Commons IO -> 2.16.1
  * Logback -> 1.5.6 / AssertJ -> 3.25.3
- Standardize gRPC Starter to 3.1.0 and Logstash Encoder to 7.4 across all modules.
- Add `versions-maven-plugin` and `dependency-check-maven` for continuous monitoring.
- Add documentation [docs/DEPENDENCY_MONITORING.md) on how to track updates and vulnerabilities.
@Sympol
feat(infra): generalize infrastructure for multi-cloud and vendor-neu…
8fada7d 
…tral portability

- Implement Config Service fallback to local properties/env vars for standalone resilience
- Generalize database layer with Hibernate 6 JSON mapping (PostgreSQL & MySQL support)
- Transition observability stack to OpenTelemetry (OTLP) for industry-standard tracing
- Add Swappable Messaging support (Kafka/RabbitMQ) via Spring Cloud Stream binders
- Introduce OTel Collector and Jaeger into the project infrastructure
- Update documentation: README, QUICKSTART, and new PORTABILITY.md guide
- Add ADR-003 to formalize infrastructure abstraction decisions
@Sympol Sympol merged commit ed1b434 into main Feb 9, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Sympol