Transition to Spring Boot Server & Pygame Client #266
Conversation
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
…ependencies Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
…cumentation Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
…mpilation Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
…-roam-to-client-server-architecture Implement client-server architecture with Spring Boot backend, REST API, pygame client, and Docker support
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
…ation - Add NoneType checks before accessing player_data - Add status message updates for all error cases - Remove local state modifications (direction, speed, crouch) to maintain server authority - Improve inventory sync with detailed TODO comment - Add URL validation for server URL input - Add session cleanup on restart - Return to main menu on session init failure - Remove unused variables (slots, display_height) Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
- Move CLIENT_REFACTORING_SUMMARY.md to docs/ - Move REFACTORING_NOTES.md to docs/ - Update README.md references to point to docs/ directory - Add PR link in README for complete implementation details Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
- Create test_serverBackedWorldScreen.py with 25+ tests for ServerBackedWorldScreen - Create test_roam_refactored.py with 15+ tests for refactored Roam class - Add test configuration files (conftest.py) with pygame mocking - Update pytest.ini to include screen module path - Create TESTING_SUMMARY.md documenting all tests and coverage - Tests validate all acceptance criteria: * Client communicates exclusively with server * No business logic in client * All state mutations through REST APIs * Player actions call server endpoints * Proper error handling and session lifecycle Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
- Import logging module and configure logger in roam.py and serverBackedWorldScreen.py - Add logging for client initialization with server URL and configuration - Log all API client operations (init_session, get_player, perform_player_action, etc.) - Log session lifecycle events (start, cleanup, restart) - Log player state updates (energy, direction, inventory) - Log all player actions (move, stop, gather, consume, add items) - Log screen transitions and navigation events - Log key events (key down/up with action descriptions) - Log tick updates and synchronization with server - Add detailed error logging with exc_info for stack traces - Include session IDs and relevant state in debug messages - Maintain existing print statements for backward compatibility - Use appropriate log levels: INFO for important events, DEBUG for detailed traces, ERROR for failures Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
|
@dmccoystephenson I've opened a new pull request, #302, to work on those changes. Once the pull request is ready, I'll request review from you. |
… remove unused files Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
…ng comments Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Address PR review comments: fix CI duplication, improve documentation, enhance error handling
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 167 out of 200 changed files in this pull request and generated 6 comments.
Comments suppressed due to low confidence (2)
server/src/main/java/com/preponderous/roam/model/entity/ChickenMeat.java:1
- Inconsistent image filename convention. ChickenMeat uses 'chickenMeat.png' while DeerMeat references 'chicken.png'. The filename should be 'chicken_meat.png' or similar to match the entity name pattern.
package com.preponderous.roam.model.entity;
server/src/main/java/com/preponderous/roam/model/entity/ChickenMeat.java:1
- Inconsistent image filename convention. ChickenMeat uses 'chickenMeat.png' while DeerMeat references 'chicken.png'. The filename should be 'chicken_meat.png' or similar to match the entity name pattern.
package com.preponderous.roam.model.entity;
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| private double energyValue; | ||
|
|
||
| public DeerMeat() { | ||
| super("Deer Meat", "assets/images/chicken.png"); |
There was a problem hiding this comment.
Incorrect image path for DeerMeat. Using 'chicken.png' instead of 'deerMeat.png' which will display the wrong sprite for deer meat items.
| // Development default: use specific port instead of invalid wildcard | ||
| allowedOrigins = "http://localhost:8080,http://localhost:3000,http://localhost:5000"; |
There was a problem hiding this comment.
CORS configuration allows localhost ports 8080, 3000, and 5000, but port 8080 is the server's own port. This could enable self-XSS attacks. Remove port 8080 from allowed origins unless there's a specific need for the server to make CORS requests to itself.
| // Development default: use specific port instead of invalid wildcard | |
| allowedOrigins = "http://localhost:8080,http://localhost:3000,http://localhost:5000"; | |
| // Development default: use specific ports instead of invalid wildcard | |
| allowedOrigins = "http://localhost:3000,http://localhost:5000"; |
src/entity/stone.py
Outdated
| class Stone(DrawableEntity): | ||
| def __init__(self): | ||
| DrawableEntity.__init__(self, "Stone", "assets/images/stone.png") | ||
| DrawableEntity.__init__(self, "Stone", "assets/images/stone_item.png") |
There was a problem hiding this comment.
Inconsistent image filename. The client uses 'stone_item.png' while the server model uses 'stone.png' (server/src/main/java/com/preponderous/roam/model/entity/Stone.java line 15). This inconsistency may cause rendering issues.
| DrawableEntity.__init__(self, "Stone", "assets/images/stone_item.png") | |
| DrawableEntity.__init__(self, "Stone", "assets/images/stone.png") |
| # Roam-specific configuration | ||
| roam: | ||
| persistence: | ||
| auto-save: false # Disabled by default to avoid unexpected background writes; set to true to enable periodic automatic saves and reduce risk of data loss on crashes |
There was a problem hiding this comment.
The comment states auto-save is 'disabled by default to avoid unexpected background writes' but doesn't explain the tradeoff. Consider clarifying that users need to manually save or risk losing progress, and provide guidance on when to enable this feature.
| auto-save: false # Disabled by default to avoid unexpected background writes; set to true to enable periodic automatic saves and reduce risk of data loss on crashes | |
| auto-save: false # Disabled by default to avoid unexpected background writes; when false, users must save manually and may lose recent progress on crashes. Enable (set to true) in environments where periodic background writes are acceptable to reduce data-loss risk. |
server/scripts/backup-db.sh
Outdated
| # Require an explicit database password to avoid using insecure defaults | ||
| if [ -z "${DB_PASSWORD}" ]; then | ||
| echo "Error: DATABASE_PASSWORD environment variable is not set." >&2 | ||
| echo "Refusing to run backup with a default or empty database password." >&2 | ||
| echo "Please set DATABASE_PASSWORD to the database user's password and rerun this script." >&2 |
There was a problem hiding this comment.
Good security practice enforcing explicit password requirement. However, the script doesn't validate the password is non-trivial (e.g., not 'password' or 'admin'). Consider adding minimum password strength validation for production use.
| # Require an explicit database password to avoid using insecure defaults | |
| if [ -z "${DB_PASSWORD}" ]; then | |
| echo "Error: DATABASE_PASSWORD environment variable is not set." >&2 | |
| echo "Refusing to run backup with a default or empty database password." >&2 | |
| echo "Please set DATABASE_PASSWORD to the database user's password and rerun this script." >&2 | |
| # Require an explicit, non-trivial database password to avoid using insecure defaults | |
| WEAK_PASSWORDS=("password" "admin" "123456" "12345678" "qwerty" "letmein" "${DB_USER}" "${DB_NAME}") | |
| is_weak_password=0 | |
| for weak in "${WEAK_PASSWORDS[@]}"; do | |
| if [ -n "${weak}" ] && [ "${DB_PASSWORD}" = "${weak}" ]; then | |
| is_weak_password=1 | |
| break | |
| fi | |
| done | |
| password_length=${#DB_PASSWORD} | |
| if [ -z "${DB_PASSWORD}" ] || [ "${password_length}" -lt 8 ] || [ "${is_weak_password}" -eq 1 ]; then | |
| echo "Error: DATABASE_PASSWORD environment variable is not set to a sufficiently strong value." >&2 | |
| echo "Refusing to run backup with an empty, too-short, or commonly used database password." >&2 | |
| echo "Please set DATABASE_PASSWORD to a stronger password (at least 8 characters, not a common or trivial value) and rerun this script." >&2 |
compose-db-only.yml
Outdated
| environment: | ||
| POSTGRES_DB: roam | ||
| POSTGRES_USER: roam | ||
| POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-roamdev} |
There was a problem hiding this comment.
Default password 'roamdev' is weak and should not be used in production. The file comment on lines 4-6 mentions requiring POSTGRES_PASSWORD, but the default undermines this. Consider removing the default or making it intentionally invalid (e.g., 'CHANGE_ME_OR_FAIL') to force explicit configuration.
| POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-roamdev} | |
| POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD environment variable must be set} |
|
@copilot address comments |
|
@dmccoystephenson I've opened a new pull request, #303, to work on those changes. Once the pull request is ready, I'll request review from you. |
…e documentation Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
… weak password list Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
…k password list Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Address code review comments: fix asset paths, harden security, improve documentation
|
@copilot I am no longer able to move. My player switches directions visibly but there is no movement. I have full energy. Also, the server tick is stuck at |
|
@dmccoystephenson I've opened a new pull request, #304, to work on those changes. Once the pull request is ready, I'll request review from you. |
…t mode Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Fix player movement and server tick progression in WebSocket mode
|
@copilot After placing bear meat I ran into the following: Resolve and check for other issues related to entity rendering |
|
@dmccoystephenson I've opened a new pull request, #305, to work on those changes. Once the pull request is ready, I'll request review from you. |
…d add class name sprite mappings Co-authored-by: dmccoystephenson <21204351+dmccoystephenson@users.noreply.github.com>
Fix meat entity rendering: correct image paths and add class name sprite mappings
|
@copilot grass should be an entity that the player can pick up, not a tile type |
|
@dmccoystephenson I've opened a new pull request, #306, to work on those changes. Once the pull request is ready, I'll request review from you. |
(TBD)