When --no-rollback is set, the script keeps the new version on the
server even if health check fails, making it possible to inspect
startup logs via journalctl to diagnose the issue.

Without -parameters compiler flag, Spring cannot match ExecutorService
parameter by name when multiple beans of the same type exist. This
caused 'No bean named tdengineService available' startup failure on
production deployment.

- Remove unused service fields (sysWorkorderService, sysIndicatorsService, sysCompanyService)
- Remove commented-out insertIndicators() method
- Remove unused imports (SysCompany, LocalDate, DateTimeFormatter, @Autowired)
- Clean constructor to only keep actively used dependencies

Security:
- Remove hardcoded password fallbacks from application-druid.yml
- Add table name whitelist validation to SysFaultService & SysAlarmService
- Externalize VehicleSyncTask webhook URL to IotProperties config

Concurrency & Resource Management:
- Fix AbstractMqttConsumer reconnect/disconnect race (synchronized)
- Fix MqttClient resource leaks in disconnect() with separate try blocks
- Fix AbstractDynamicMqttConsumer broken-state MqttClient reuse
- Fix TDengineService stableColumnCache unbounded growth (MAX_CACHE_SIZE=1000)

Input Validation:
- Add null/empty checks to MqttGenericConsumer (controllerId, path, timestamp)
- Add null/empty checks to MqttFaultConsumer (controllerId, deviceId, type, desc)
- Guard against ArrayIndexOutOfBoundsException on topic path split

Tests:
- Update VehicleSyncTaskTest for new IotProperties constructor param
- All 79 tests pass, build succeeds

P0 fixes:
- MqttFaultConsumer: array index bounds check, NPE guard on null coordinates
- MqttStatusConsumer: NPE guard on null required fields
- TDegnineAlarm: ResultSet try-with-resources, SQL injection whitelist
- AbstractMqttConsumer: brokerUrl parsing validation, mqttPassword null guard

P1 fixes:
- Field injection → constructor injection (7 files: MqttFaultConsumer,
  MqttStatusConsumer, SysIndicatorsService, SysWorkorderService,
  TDengineService, TDegnineAlarm, AbstractMqttConsumer)
- SLF4J {} placeholder logging (4 places in AbstractMqttConsumer)
- Extract hardcoded constants: alarm status, date format, company ID prefix,
  webhook URL → IotProperties configuration
- TDengineService: dataSourceInitialized volatile, GZIP try-with-resources

Tests:
- Fix MqttStatusConsumerTest/MqttFaultConsumerTest/MqttGenericConsumerTest
  for new constructors (remove @InjectMocks, manual instantiation)
- 65/67 tests passing (2 TDengine JNI env-dependent failures excluded)

- AbstractDynamicMqttConsumerTest: 4个测试覆盖 deepCopyMap（null/深拷贝/嵌套/List）
- MqttDynamicConsumerTest: 6个测试覆盖 fetchTopics + insertredis
- MqttChargeStationConsumerTest: 4个测试覆盖 fetchTopics（配置/null/空白/trim）
- 测试总数 65→79，JaCoCo覆盖率 18%→25%

- mysql-connector-java → mysql-connector-j 8.0.33
- TDengineService: 移除9处emoji（✅❌⚠️）
- 统一使用SLF4J {}占位符，无字符串拼接

- VehicleSyncTask: 10个@Autowired字段改为final+构造函数注入
- MqttGenericConsumer: 3个@Autowired字段改为构造函数参数
- IotProperties: validate()新增brokerUrl和url空值校验
- MqttGenericConsumerTest: 更新匹配4参数构造函数

- 新建 AbstractDynamicMqttConsumer 抽象基类，抽取连接/订阅/重连公共逻辑
- MqttDynamicConsumer extends 基类，仅保留 fetchTopics + processMessage
- MqttChargeStationConsumer extends 基类，仅保留 fetchTopics + processMessage
- 配置化 ChargeStation topic（IotProperties + application.yml）
- 修复 @DependsOn 位置（方法→类级别）
- 从 disconnect() 中移除 tdengineService.close()（Spring单例不应被消费者关闭）
- 基类日志统一使用 {} 占位符，移除 emoji

- MqttGenericConsumer: destroy/init → refreshMqttSubscription() 避免破坏Spring生命周期
- MqttGenericConsumer: 添加 topics/cmdtopics/faultprot 空值保护防止NPE
- MqttGenericConsumer: 合并3处重复 persist 调用到方法末尾
- VehicleSyncTask: 修复 coordinateMap.get 的NPE风险（先判空再equals）
- VehicleSyncTask: 修复逗号分隔逻辑错误（i > size-1 → i < size-1）
- MqttDynamicConsumer: 删除废弃的 shutdownExecutor 死代码

Remote branch overwrote the AbstractMqttConsumer inheritance structure.
Restored extends AbstractMqttConsumer + constructor injection while
preserving remote's business logic changes (updatecontrollerAccept,
SimpleDateFormat conversion, 6-arg insertsyscontroller).

- TDengineServiceTest: 14 tests for escapeValue, wrapName, isValidFieldName,
  buildDynamicJson, compressToBase64, insertBatch, close, clearCache
- MqttStatusConsumerTest: 10 tests for topic, clientId, triggermethod,
  handleMessage, null handling, count logic
- MqttFaultConsumerTest: 7 tests for KEY_MAPPING, topic splitting,
  triggermethod trigger/recover types, handleMessage
- VehicleSyncTaskTest: 8 tests for Redis lock, batch exception handling,
  Redis failure, webhook failure, empty data
- JaCoCo check execution with 5% threshold (intermediate target)
- Coverage: 8% → 18% (65 tests total, all passing)

 Conflicts:

	iot-platform/src/main/resources/mapper/SysrealtimeMapper.xml

- AbstractMqttConsumer: remove private executorService, use constructor injection
- MqttDynamicConsumer/MqttChargeStationConsumer: remove private core/write executors,
  inject via @Qualifier from ExecutorConfig
- ExecutorConfig: add mqttCoreExecutor, mqttWriteExecutor, abstractConsumerExecutor
  with destroyMethod="shutdown"
- VehicleSyncTask: refine scanKeys() exception handling, add per-record try-catch
  in doUpdateSysCar() loop
- Remove unused jjwt 0.9.1 (CVE-2019-17195) and springfox-boot-starter 3.0.0 deps

- Delete old RuoYi scripts: bin/*.bat, ry.bat, ry.sh
- Delete empty directories: controller/, service/impl/, static/, templates/
- Delete unused mybatis-config.xml (Spring Boot auto-configures MyBatis)
- Remove unused Maven dependencies: fastjson2, poi-ooxml
- Clean root pom.xml: remove bitwalker, kaptcha, oshi, velocity, poi, fastjson2 version management

Build verified: mvn clean package passes.

# Conflicts:
#	iot-platform/src/main/resources/mapper/SysrealtimeMapper.xml

- Delete 6 legacy RuoYi modules (ruoyi-admin/framework/system/common/quartz/generator)
- Create new iot-platform Spring Boot 2.5.15 module with all IoT business
- Migrate 5 MQTT consumers, VehicleSyncTask, 14 services, 15 domains/mappers
- P0 security fixes:
  - Replace string-concat SQL with field whitelist + escapeValue in TDengineService, DynamicSqlProvider, TDegnineAlarm
  - Externalize hardcoded MQTT/TDengine credentials to application.yml via IotProperties
  - Fix thread-unsafe static shared Connection/Statement in TDegnineAlarm (use per-method connections)
- Logging normalization: replace 148 System.out/err.println with SLF4J, add logback-spring.xml (100MB rolling, 30d retention)
- Dead code cleanup: NumericIdGenerator (238→65 lines), merge TDengineConnecting into TDengineService
- Verified: mvn clean package passes, app boots with all 5 MQTT consumers

Security (P0):
- Remove hardcoded MQTT/TDengine credentials from IotProperties defaults
- Clear password fallbacks in application.yml (was ${ENV:real_password})
- Add @PostConstruct validation to block startup on missing credentials
- Add Redis distributed locks to VehicleSyncTask 4 @Scheduled methods
- Move static thread pools to Spring-managed beans with destroyMethod

Robustness (P1):
- Split broad catch(Exception) into specific types (MqttException,
  InterruptedException, TimeoutException, ExecutionException)
- Restore InterruptedException flag in all catch blocks
- Add closeQuietly() for JDBC Statement/ResultSet cleanup
- Configure RestTemplate with 5s connect / 10s read timeouts

Quality (P2):
- Production log levels: debug/trace → info
- Tomcat: max 800→200, min-spare 100→20, accept-count 1000→100
- Redis pool: max-active 8→16, max-idle 8→16, min-idle 0→4, max-wait 5s

Monitoring (P3):
- Actuator: show-details always→never, exposure health,info→health only

Testing:
- Add JaCoCo plugin for coverage reporting
- Add IotProperties, ExecutorConfig, RestTemplateConfig unit tests
- 26 tests passing

Security (P0):
- Remove hardcoded MySQL password from SysrealtimeService
- Add table name whitelist validation (regex + length limit)
- Validate ${tableName} in SysrealtimeMapper.xml
- Externalize all credentials to .env file
- Fix unbounded thread pools in MQTT consumers
- Fix mysqlWritePool leak in MqttFaultConsumer

Quality (P1):
- Extract AbstractMqttConsumer base class (-500+ duplicate lines)
- Refactor VehicleSyncTask: SCAN instead of KEYS, batch ops,
  RestTemplate timeout, loop-invariant extraction
- Add unit tests (RedisKeys, SysrealtimeService, MqttConsumer)

Architecture (P2):
- Add Spring Boot Actuator (/actuator/health)
- Create RedisKeys constants class for key namespace
- Add .env.example and start.sh for local development

Deployment:
- Add systemd service (iot-platform.service)
- Add deploy.sh with build, upload, backup, health check, rollback
- Add setup-server.sh for server initialization
- Add health-check.sh (Actuator + TCP port fallback)

Docs:
- Update CLAUDE.md for standalone iot-platform architecture
- Update README.md with build/deploy instructions
- Add deploy/README.md

Resolve merge state from prior work session.

- Delete 6 legacy RuoYi modules (ruoyi-admin/framework/system/common/quartz/generator)
- Create new iot-platform Spring Boot 2.5.15 module with all IoT business
- Migrate 5 MQTT consumers, VehicleSyncTask, 14 services, 15 domains/mappers
- P0 security fixes:
  - Replace string-concat SQL with field whitelist + escapeValue in TDengineService, DynamicSqlProvider, TDegnineAlarm
  - Externalize hardcoded MQTT/TDengine credentials to application.yml via IotProperties
  - Fix thread-unsafe static shared Connection/Statement in TDegnineAlarm (use per-method connections)
- Logging normalization: replace 148 System.out/err.println with SLF4J, add logback-spring.xml (100MB rolling, 30d retention)
- Dead code cleanup: NumericIdGenerator (238→65 lines), merge TDengineConnecting into TDengineService
- Verified: mvn clean package passes, app boots with all 5 MQTT consumers

- Delete 6 legacy RuoYi modules (ruoyi-admin/framework/system/common/quartz/generator)
- Create new iot-platform Spring Boot 2.5.15 module with all IoT business
- Migrate 5 MQTT consumers, VehicleSyncTask, 14 services, 15 domains/mappers
- P0 security fixes:
  - Replace string-concat SQL with field whitelist + escapeValue in TDengineService, DynamicSqlProvider, TDegnineAlarm
  - Externalize hardcoded MQTT/TDengine credentials to application.yml via IotProperties
  - Fix thread-unsafe static shared Connection/Statement in TDegnineAlarm (use per-method connections)
- Logging normalization: replace 148 System.out/err.println with SLF4J, add logback-spring.xml (100MB rolling, 30d retention)
- Dead code cleanup: NumericIdGenerator (238→65 lines), merge TDengineConnecting into TDengineService
- Verified: mvn clean package passes, app boots with all 5 MQTT consumers