Re: [PR] [incubator-kie-issues#2163] Implement property retrieval from YAML files [incubator-kie-kogito-runtimes]

via GitHub Thu, 16 Apr 2026 01:38:07 -0700


Copilot commented on code in PR #4254:
URL: 
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4254#discussion_r3091828278



##########
kogito-codegen-modules/kogito-codegen-api/src/main/java/org/kie/kogito/codegen/api/context/impl/AbstractKogitoBuildContext.java:
##########
@@ -100,11 +103,64 @@ protected static Properties load(File... resourcePaths) {
             } catch (IOException ioe) {
                 LOGGER.debug("Unable to load '" + 
APPLICATION_PROPERTIES_FILE_NAME + "'.");
             }
+            File ymlFile = new File(resourcePath, 
APPLICATION_PROPERTIES_YML_FILE_NAME);
+            loadYmlProperties(ymlFile, applicationProperties);
+            ymlFile = new File(resourcePath, 
APPLICATION_PROPERTIES_YAML_FILE_NAME);
+            loadYmlProperties(ymlFile, applicationProperties);
         }
 
         return applicationProperties;
     }
 
+    protected static void loadYmlProperties(File ymlFile, Properties 
applicationProperties) {
+        Map<String, String> ymlMap = loadYmlStringMap(ymlFile);
+        if (ymlMap != null) {
+            applicationProperties.putAll(ymlMap);
+        }
+    }
+
+    protected static Map<String, String> loadYmlStringMap(File ymlFile) {
+        TreeMap<String, Object> ymlMap = loadYmlMap(ymlFile);
+        if (ymlMap != null) {
+            return convertYamlObjectToMap(ymlMap);
+        } else {
+            return null;
+        }
+    }
+
+    protected static TreeMap<String, Object> loadYmlMap(File ymlFile) {
+        if (ymlFile.exists() && ymlFile.isFile() && ymlFile.canRead()) {
+            Yaml yaml = new Yaml();
+            try (FileReader yamlFileReader = new FileReader(ymlFile, 
StandardCharsets.UTF_8)) {
+                return yaml.loadAs(yamlFileReader, TreeMap.class);

Review Comment:
   Parsing YAML with `new Yaml()` uses SnakeYAML's default constructor, which 
is not the safe mode and can allow type tags / object construction (a known 
risk when loading YAML from user-controlled projects during build). Consider 
using a `SafeConstructor` with `LoaderOptions` (e.g., restrict tags / aliases / 
nesting) so loading `application.yml` cannot trigger unsafe deserialization 
paths.



##########
kogito-codegen-modules/kogito-codegen-api/src/main/java/org/kie/kogito/codegen/api/context/impl/AbstractKogitoBuildContext.java:
##########
@@ -100,11 +103,64 @@ protected static Properties load(File... resourcePaths) {
             } catch (IOException ioe) {
                 LOGGER.debug("Unable to load '" + 
APPLICATION_PROPERTIES_FILE_NAME + "'.");
             }
+            File ymlFile = new File(resourcePath, 
APPLICATION_PROPERTIES_YML_FILE_NAME);
+            loadYmlProperties(ymlFile, applicationProperties);
+            ymlFile = new File(resourcePath, 
APPLICATION_PROPERTIES_YAML_FILE_NAME);
+            loadYmlProperties(ymlFile, applicationProperties);
         }
 
         return applicationProperties;
     }
 
+    protected static void loadYmlProperties(File ymlFile, Properties 
applicationProperties) {
+        Map<String, String> ymlMap = loadYmlStringMap(ymlFile);
+        if (ymlMap != null) {
+            applicationProperties.putAll(ymlMap);
+        }
+    }
+
+    protected static Map<String, String> loadYmlStringMap(File ymlFile) {
+        TreeMap<String, Object> ymlMap = loadYmlMap(ymlFile);
+        if (ymlMap != null) {
+            return convertYamlObjectToMap(ymlMap);
+        } else {
+            return null;
+        }
+    }
+
+    protected static TreeMap<String, Object> loadYmlMap(File ymlFile) {
+        if (ymlFile.exists() && ymlFile.isFile() && ymlFile.canRead()) {
+            Yaml yaml = new Yaml();
+            try (FileReader yamlFileReader = new FileReader(ymlFile, 
StandardCharsets.UTF_8)) {
+                return yaml.loadAs(yamlFileReader, TreeMap.class);
+            } catch (IOException e) {
+                LOGGER.debug("Unable to load '{}'.", ymlFile.getName(), e);
+            }
+        } else {
+            LOGGER.debug("Unable to load '{}'.", ymlFile.getName());
+        }
+        return null;
+    }
+
+    protected static Map<String, String> 
convertYamlObjectToMap(TreeMap<String, Object> toConvert) {
+        Map<String, String> toReturn = new HashMap<>();
+        convertYamlObjectToMap(toConvert, new StringBuilder(), toReturn);
+        return toReturn;
+    }
+
+    protected static void convertYamlObjectToMap(Map<String, Object> toRead, 
StringBuilder builder, Map<String, String> toPopulate) {
+        toRead.forEach((key, value) -> {
+            if (value instanceof Map) {
+                StringBuilder newBuilder = new StringBuilder(builder);
+                convertYamlObjectToMap((Map<String, Object>) value, 
newBuilder.append(key).append("."), toPopulate);
+            } else {

Review Comment:
   `loadYmlMap`/`convertYamlObjectToMap` assume YAML maps always have `String` 
keys (`TreeMap<String, Object>` and `Map<String, Object>`). If a YAML file 
contains a non-string key (valid YAML), the `forEach((String key, ...))` will 
throw a `ClassCastException` at runtime. To make this robust (and remove 
unchecked warnings), consider using `Map<?, ?>`/`Map<Object, Object>` from 
SnakeYAML, and stringify keys via `String.valueOf(key)` during the flattening 
step.



##########
kogito-codegen-modules/kogito-codegen-api/src/main/java/org/kie/kogito/codegen/api/context/impl/AbstractKogitoBuildContext.java:
##########
@@ -100,11 +103,64 @@ protected static Properties load(File... resourcePaths) {
             } catch (IOException ioe) {
                 LOGGER.debug("Unable to load '" + 
APPLICATION_PROPERTIES_FILE_NAME + "'.");
             }
+            File ymlFile = new File(resourcePath, 
APPLICATION_PROPERTIES_YML_FILE_NAME);
+            loadYmlProperties(ymlFile, applicationProperties);
+            ymlFile = new File(resourcePath, 
APPLICATION_PROPERTIES_YAML_FILE_NAME);
+            loadYmlProperties(ymlFile, applicationProperties);
         }
 
         return applicationProperties;
     }
 
+    protected static void loadYmlProperties(File ymlFile, Properties 
applicationProperties) {
+        Map<String, String> ymlMap = loadYmlStringMap(ymlFile);
+        if (ymlMap != null) {
+            applicationProperties.putAll(ymlMap);
+        }
+    }
+
+    protected static Map<String, String> loadYmlStringMap(File ymlFile) {
+        TreeMap<String, Object> ymlMap = loadYmlMap(ymlFile);
+        if (ymlMap != null) {
+            return convertYamlObjectToMap(ymlMap);
+        } else {
+            return null;
+        }

Review Comment:
   `loadYmlStringMap` returns `null` when the YAML file is missing/unreadable. 
Returning an empty map instead would simplify callers (no null checks) and 
align better with `Properties` loading semantics where "no file" results in "no 
entries" rather than `null`.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Re: [PR] [incubator-kie-issues#2163] Implement property retrieval from YAML files [incubator-kie-kogito-runtimes]

Reply via email to