From 61c0802504c4330205529586bd6dde46beffbbfb Mon Sep 17 00:00:00 2001 From: shawn9272 Date: Tue, 17 Mar 2026 15:13:09 +0900 Subject: [PATCH 01/12] =?UTF-8?q?chore=20-=20=EB=B0=B0=ED=8F=AC=20?= =?UTF-8?q?=ED=99=98=EA=B2=BD=20redis=20=EC=84=A4=EC=A0=95=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docker-compose-prod.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/docker-compose-prod.yml b/docker-compose-prod.yml index b50de02..ff47075 100644 --- a/docker-compose-prod.yml +++ b/docker-compose-prod.yml @@ -15,9 +15,13 @@ services: - AWS_ACCESS_KEY=${AWS_ACCESS_KEY} - AWS_SECRET_KEY=${AWS_SECRET_KEY} - SPRING_PROFILES_ACTIVE=prod + - SPRING_DATA_REDIS_HOST=redis + - SPRING_DATA_REDIS_PORT=6379 depends_on: mysql-db: condition: service_healthy + redis: + condition: service_started logging: driver: loki options: @@ -26,6 +30,15 @@ services: networks: - cuk-compasser-net + redis: + image: redis:latest + container_name: redis + restart: always + ports: + - "6379:6379" + networks: + - cuk-compasser-net + mysql-db: image: mysql:latest container_name: mysql-db From 3123124fed20768e0f3389e1fd94f10f92deca8e Mon Sep 17 00:00:00 2001 From: shawn9272 Date: Tue, 17 Mar 2026 16:03:24 +0900 Subject: [PATCH 02/12] =?UTF-8?q?loki=20=EC=98=A4=EB=A5=98=20=EA=B4=80?= =?UTF-8?q?=EB=A0=A8=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docker-compose-prod.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docker-compose-prod.yml b/docker-compose-prod.yml index ff47075..6720dad 100644 --- a/docker-compose-prod.yml +++ b/docker-compose-prod.yml @@ -22,11 +22,15 @@ services: condition: service_healthy redis: condition: service_started + loki: + condition: service_started logging: driver: loki options: loki-url: "http://loki:3100/loki/api/v1/push" loki-external-labels: "job=spring-boot" + mode: non-blocking + max-buffer-size: 4m networks: - cuk-compasser-net From 795a95806995ef3c98efccb8b54921c2b1357e36 Mon Sep 17 00:00:00 2001 From: shawn9272 Date: Tue, 17 Mar 2026 16:18:59 +0900 Subject: [PATCH 03/12] =?UTF-8?q?loki=20log=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docker-compose-prod.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose-prod.yml b/docker-compose-prod.yml index 6720dad..0e15b8f 100644 --- a/docker-compose-prod.yml +++ b/docker-compose-prod.yml @@ -29,6 +29,7 @@ services: options: loki-url: "http://loki:3100/loki/api/v1/push" loki-external-labels: "job=spring-boot" + mode: non-blocking max-buffer-size: 4m networks: @@ -119,7 +120,6 @@ services: networks: - cuk-compasser-net -# AWS 서버 디스크에 생성될 실제 저장 공간 정의 volumes: mysql_data: prometheus_data: From 1f27fe90346459ffa042bfb10d91aec7738da352 Mon Sep 17 00:00:00 2001 From: shawn9272 Date: Tue, 17 Mar 2026 16:31:14 +0900 Subject: [PATCH 04/12] =?UTF-8?q?fix=20-=20=EB=A1=9C=EA=B9=85=20=EB=93=9C?= =?UTF-8?q?=EB=9D=BC=EC=9D=B4=EB=B2=84=20=EB=B3=80=EA=B2=BD=EC=9D=84=20?= =?UTF-8?q?=ED=86=B5=ED=95=9C=20=EC=BB=A8=ED=85=8C=EC=9D=B4=EB=84=88=20?= =?UTF-8?q?=ED=94=84=EB=A6=AC=EC=A7=95=20=ED=95=B4=EA=B2=B0=20=EB=B0=8F=20?= =?UTF-8?q?=20redis=20=EC=84=9C=EB=B9=84=EC=8A=A4=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docker-compose-prod.yml | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/docker-compose-prod.yml b/docker-compose-prod.yml index 0e15b8f..d6c6a28 100644 --- a/docker-compose-prod.yml +++ b/docker-compose-prod.yml @@ -15,23 +15,24 @@ services: - AWS_ACCESS_KEY=${AWS_ACCESS_KEY} - AWS_SECRET_KEY=${AWS_SECRET_KEY} - SPRING_PROFILES_ACTIVE=prod + # application.yml의 변수명(${SPRING_DATA_REDIS_HOST})과 일치시킴 - SPRING_DATA_REDIS_HOST=redis - SPRING_DATA_REDIS_PORT=6379 + # JWT 및 카카오 설정 (환경변수로 주입) + - JWT_SECRET_KEY=${JWT_SECRET_KEY} + - KAKAO_CLIENT_ID=${KAKAO_CLIENT_ID} + - KAKAO_LOGIN_REDIRECT_URI=${KAKAO_LOGIN_REDIRECT_URI} depends_on: mysql-db: condition: service_healthy redis: condition: service_started - loki: - condition: service_started + logging: - driver: loki + driver: "json-file" options: - loki-url: "http://loki:3100/loki/api/v1/push" - loki-external-labels: "job=spring-boot" - - mode: non-blocking - max-buffer-size: 4m + max-size: "10m" + max-file: "3" networks: - cuk-compasser-net @@ -115,6 +116,7 @@ services: restart: always volumes: - ./promtail/promtail-config.yml:/etc/promtail/config.yml + - /var/lib/docker/containers:/var/lib/docker/containers:ro - /var/log:/var/log command: -config.file=/etc/promtail/config.yml networks: From cfeec676741e15beb591b676097cd264dde58b66 Mon Sep 17 00:00:00 2001 From: shawn9272 Date: Wed, 18 Mar 2026 16:19:10 +0900 Subject: [PATCH 05/12] =?UTF-8?q?fix=20-=20=EC=B9=B4=EC=B9=B4=EC=98=A4=20?= =?UTF-8?q?=EA=B4=80=EB=A0=A8=20=ED=99=98=EA=B2=BD=20=EB=B3=80=EC=88=98=20?= =?UTF-8?q?=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/deploy.yml | 1 + docker-compose-prod.yml | 2 ++ src/main/resources/application-prod.yml | 5 +++++ 3 files changed, 8 insertions(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index e5a4eb9..979ac88 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -91,6 +91,7 @@ jobs: echo "JWT_SECRET_KEY=${{ secrets.JWT_SECRET_KEY }}" >> .env echo "KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }}" >> .env echo "KAKAO_LOGIN_REDIRECT_URI=${{ secrets.KAKAO_LOGIN_REDIRECT_URI }}" >> .env + echo "KAKAO_REST_API_KEY=${{ secrets.KAKAO_REST_API_KEY }}" >> .env sudo docker-compose -f docker-compose-prod.yml down --remove-orphans diff --git a/docker-compose-prod.yml b/docker-compose-prod.yml index d6c6a28..54f3124 100644 --- a/docker-compose-prod.yml +++ b/docker-compose-prod.yml @@ -22,6 +22,8 @@ services: - JWT_SECRET_KEY=${JWT_SECRET_KEY} - KAKAO_CLIENT_ID=${KAKAO_CLIENT_ID} - KAKAO_LOGIN_REDIRECT_URI=${KAKAO_LOGIN_REDIRECT_URI} + - KAKAO_LOCAL_BASE_URL=https://dapi.kakao.com + - KAKAO_REST_API_KEY=${KAKAO_REST_API_KEY} depends_on: mysql-db: condition: service_healthy diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml index dd23c24..cb916d3 100644 --- a/src/main/resources/application-prod.yml +++ b/src/main/resources/application-prod.yml @@ -69,6 +69,11 @@ jwt: secret: key: ${JWT_SECRET_KEY} +kakao: + local: + base-url: https://dapi.kakao.com + rest-api-key: ${KAKAO_REST_API_KEY} + management: endpoints: web: From 9ec7dfa9473a69f05de1dc796772cae5e1a5f862 Mon Sep 17 00:00:00 2001 From: shawn9272 Date: Wed, 18 Mar 2026 16:31:20 +0900 Subject: [PATCH 06/12] =?UTF-8?q?fix=20-=20grafana=EC=97=90=EC=84=9C=20?= =?UTF-8?q?=EB=A1=9C=EA=B7=B8=EB=A5=BC=20=ED=99=95=EC=9D=B8=ED=95=A0=20?= =?UTF-8?q?=EC=88=98=20=EC=97=86=EB=8A=94=20=EC=98=A4=EB=A5=98=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docker-compose-prod.yml | 1 + promtail/promtail-config.yml | 35 +++++++++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/docker-compose-prod.yml b/docker-compose-prod.yml index 54f3124..adc4e85 100644 --- a/docker-compose-prod.yml +++ b/docker-compose-prod.yml @@ -118,6 +118,7 @@ services: restart: always volumes: - ./promtail/promtail-config.yml:/etc/promtail/config.yml + - /var/run/docker.sock:/var/run/docker.sock - /var/lib/docker/containers:/var/lib/docker/containers:ro - /var/log:/var/log command: -config.file=/etc/promtail/config.yml diff --git a/promtail/promtail-config.yml b/promtail/promtail-config.yml index b839092..bc84352 100644 --- a/promtail/promtail-config.yml +++ b/promtail/promtail-config.yml @@ -9,8 +9,43 @@ clients: - url: http://loki:3100/loki/api/v1/push scrape_configs: + - job_name: system + static_configs:server: + http_listen_port: 9080 + grpc_listen_port: 0 + +positions: + filename: /tmp/positions.yaml + +clients: + - url: http://loki:3100/loki/api/v1/push + +scrape_configs: + # 1. 기존 시스템 로그 설정 (유지) - job_name: system static_configs: + - targets: + - localhost + labels: + job: varlogs + application: compasser-api + __path__: /var/log/*.log + + # 2. 추가: 도커 컨테이너 로그 설정 (신규) + - job_name: docker_logs + docker_sd_configs: + - host: unix:///var/run/docker.sock # 도커 소켓을 통해 컨테이너 정보를 읽음 + refresh_interval: 5s + relabel_configs: + # 컨테이너 이름을 container_name 라벨로 추출 + - source_labels: ['__meta_docker_container_name'] + regex: '/(.*)' + target_label: 'container_name' + # cuk-compasser-service 컨테이너의 로그에만 'spring-boot'라는 job 라벨을 부여 + - source_labels: ['__meta_docker_container_name'] + regex: '/cuk-compasser-service' + target_label: 'job' + replacement: 'spring-boot' - targets: - localhost labels: From 1cb473c2985037cfbe8443dc0b04ab9ebf88bdc2 Mon Sep 17 00:00:00 2001 From: shawn9272 Date: Wed, 18 Mar 2026 16:53:31 +0900 Subject: [PATCH 07/12] =?UTF-8?q?fix:=20scp=20=EB=8C=80=EC=8B=A0=20git=20r?= =?UTF-8?q?eset=20=EB=B0=A9=EC=8B=9D=EC=9D=84=20=EC=82=AC=EC=9A=A9?= =?UTF-8?q?=ED=95=98=EC=97=AC=20=EB=AA=A8=EB=93=A0=20=EC=84=A4=EC=A0=95=20?= =?UTF-8?q?=ED=8C=8C=EC=9D=BC=20=EB=8F=99=EA=B8=B0=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/deploy.yml | 37 +++++++++++++----------------------- 1 file changed, 13 insertions(+), 24 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 979ac88..6b2532f 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -2,7 +2,7 @@ name: Java CI/CD with Docker on: push: - branches: [ "deploy" ] + branches: [ "deploy" ] jobs: build-and-push: @@ -37,7 +37,6 @@ jobs: ${{ secrets.DOCKER_USERNAME }}/cuk-compasser:latest ${{ secrets.DOCKER_USERNAME }}/cuk-compasser:${{ github.sha }} - # 2. 서버에 배포 deploy: needs: build-and-push runs-on: ubuntu-latest @@ -45,16 +44,7 @@ jobs: - name: Checkout code uses: actions/checkout@v4 - - name: Copy docker-compose-prod.yml to EC2 - uses: appleboy/scp-action@master - with: - host: ${{ secrets.EC2_HOST }} - username: ${{ secrets.EC2_USERNAME }} - key: ${{ secrets.EC2_SSH_KEY }} - source: "docker-compose-prod.yml" # 로컬 파일 - target: "~/BE" # 서버 목적지 - - - name: Deploy to EC2 + - name: Deploy to EC2 via SSH uses: appleboy/ssh-action@master env: IMAGE_TAG: ${{ github.sha }} @@ -63,16 +53,15 @@ jobs: username: ${{ secrets.EC2_USERNAME }} key: ${{ secrets.EC2_SSH_KEY }} envs: IMAGE_TAG - debug: true script: | - mkdir -p ~/BE cd ~/BE - # 네트워크 생성 (네트워크가 존재하지 않을 시) - sudo docker network inspect cuk-compasser-net >/dev/null 2>&1 || \ - sudo docker network create cuk-compasser-net - - # .env 파일 생성 + # 1. [핵심] 깃허브의 모든 최신 파일(promtail-config 등) 강제 동기화 + git fetch --all + git reset --hard origin/deploy + + # 2. .env 파일 생성 (보안상 필요한 변수들만 주입) + # 기존에 작성하신 echo 방식을 유지하되, 덮어쓰기(>)와 추가(>>)를 구분합니다. echo "MYSQL_ROOT_PASSWORD=${{ secrets.MYSQL_ROOT_PASSWORD }}" > .env echo "MYSQL_DATABASE=${{ secrets.MYSQL_DATABASE }}" >> .env echo "MYSQL_USER=${{ secrets.MYSQL_USER }}" >> .env @@ -82,21 +71,21 @@ jobs: echo "DB_USERNAME=${{ secrets.DB_USERNAME }}" >> .env echo "DB_PASSWORD=${{ secrets.DB_PASSWORD }}" >> .env echo "SPRING_PROFILES_ACTIVE=${{ secrets.SPRING_PROFILES_ACTIVE }}" >> .env - echo "AWS_ACCESS_KEY=${{ secrets.AWS_ACCESS_KEY }}" >> .env echo "AWS_SECRET_KEY=${{ secrets.AWS_SECRET_KEY }}" >> .env echo "S3_BUCKET_NAME=${{ secrets.S3_BUCKET_NAME }}" >> .env echo "GF_SECURITY_ADMIN_PASSWORD=${{secrets.GF_SECURITY_ADMIN_PASSWORD}}" >> .env - echo "JWT_SECRET_KEY=${{ secrets.JWT_SECRET_KEY }}" >> .env echo "KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }}" >> .env echo "KAKAO_LOGIN_REDIRECT_URI=${{ secrets.KAKAO_LOGIN_REDIRECT_URI }}" >> .env echo "KAKAO_REST_API_KEY=${{ secrets.KAKAO_REST_API_KEY }}" >> .env - sudo docker-compose -f docker-compose-prod.yml down --remove-orphans + # 3. 네트워크 생성 확인 + sudo docker network inspect cuk-compasser-net >/dev/null 2>&1 || sudo docker network create cuk-compasser-net + # 4. 이미지 풀 및 서비스 재시작 sudo docker pull ${{ secrets.DOCKER_USERNAME }}/cuk-compasser:$IMAGE_TAG - sudo IMAGE_TAG=$IMAGE_TAG docker-compose -f docker-compose-prod.yml up -d --force-recreate - sudo docker image prune -f + # 5. 미사용 이미지 정리 + sudo docker image prune -f \ No newline at end of file From 2189197544003cac1a13655fd2dfc35ad7177548 Mon Sep 17 00:00:00 2001 From: shawn9272 Date: Wed, 18 Mar 2026 17:00:41 +0900 Subject: [PATCH 08/12] =?UTF-8?q?fix=20-=20promtail-config.yml=20=EC=98=A4?= =?UTF-8?q?=ED=83=80=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- promtail/promtail-config.yml | 31 +++++++------------------------ 1 file changed, 7 insertions(+), 24 deletions(-) diff --git a/promtail/promtail-config.yml b/promtail/promtail-config.yml index bc84352..28ca9d8 100644 --- a/promtail/promtail-config.yml +++ b/promtail/promtail-config.yml @@ -9,19 +9,7 @@ clients: - url: http://loki:3100/loki/api/v1/push scrape_configs: - - job_name: system - static_configs:server: - http_listen_port: 9080 - grpc_listen_port: 0 - -positions: - filename: /tmp/positions.yaml - -clients: - - url: http://loki:3100/loki/api/v1/push - -scrape_configs: - # 1. 기존 시스템 로그 설정 (유지) + # 1. 기존 시스템 로그 (EC2 자체 로그) - job_name: system static_configs: - targets: @@ -31,24 +19,19 @@ scrape_configs: application: compasser-api __path__: /var/log/*.log - # 2. 추가: 도커 컨테이너 로그 설정 (신규) + # 2. 도커 컨테이너 로그 (스프링 부트 로그 포함) - job_name: docker_logs docker_sd_configs: - - host: unix:///var/run/docker.sock # 도커 소켓을 통해 컨테이너 정보를 읽음 + - host: unix:///var/run/docker.sock refresh_interval: 5s relabel_configs: - # 컨테이너 이름을 container_name 라벨로 추출 + - source_labels: [__meta_docker_container_id] + target_label: __path__ + replacement: /var/lib/docker/containers/$1/*-json.log - source_labels: ['__meta_docker_container_name'] regex: '/(.*)' target_label: 'container_name' - # cuk-compasser-service 컨테이너의 로그에만 'spring-boot'라는 job 라벨을 부여 - source_labels: ['__meta_docker_container_name'] regex: '/cuk-compasser-service' target_label: 'job' - replacement: 'spring-boot' - - targets: - - localhost - labels: - job: varlogs - application: compasser-api - __path__: /var/log/*.log \ No newline at end of file + replacement: 'spring-boot' \ No newline at end of file From 1760b2bde75494bc44e5e951439c8e6ffe0f7622 Mon Sep 17 00:00:00 2001 From: shawn9272 Date: Thu, 19 Mar 2026 15:22:31 +0900 Subject: [PATCH 09/12] =?UTF-8?q?chore=20-=20spring=20boot=203.x=20Statist?= =?UTF-8?q?ics=20=EC=97=94=EB=93=9C=ED=8F=AC=EC=9D=B8=ED=8A=B8=20=EC=98=88?= =?UTF-8?q?=EC=99=B8=20=EC=B2=98=EB=A6=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../CUK_Compasser/global/security/config/SecurityConfig.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/config/SecurityConfig.java b/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/config/SecurityConfig.java index 7448ab8..31e5d37 100644 --- a/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/config/SecurityConfig.java +++ b/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/config/SecurityConfig.java @@ -39,7 +39,8 @@ SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { "/auth/login/**", "/swagger-ui/**", "/swagger-ui.html", - "/v3/api-docs/**" + "/v3/api-docs/**", + "/actuator/**" ).permitAll() .requestMatchers("/stores/**").authenticated() .requestMatchers("/owners/**").authenticated() From 52bde44c52fa9781e4b954b53042d2b1244cc07e Mon Sep 17 00:00:00 2001 From: shawn9272 Date: Thu, 19 Mar 2026 15:45:52 +0900 Subject: [PATCH 10/12] =?UTF-8?q?chore=20-=20HikariCP=20=EB=8D=B0=EC=9D=B4?= =?UTF-8?q?=ED=84=B0=20=EC=B6=94=EC=B6=9C=20=EC=B6=94=EA=B0=80=20=EC=84=A4?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/resources/application-prod.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml index cb916d3..5510ff1 100644 --- a/src/main/resources/application-prod.yml +++ b/src/main/resources/application-prod.yml @@ -34,6 +34,7 @@ spring: connection-timeout: 30000 idle-timeout: 600000 max-lifetime: 1800000 + pool-name: HikariPool-1 jpa: database-platform: org.hibernate.dialect.MySQLDialect From f85aa2e26e34531c8f0fe15c79e55a2eb63d95c5 Mon Sep 17 00:00:00 2001 From: shawn9272 Date: Fri, 20 Mar 2026 18:18:34 +0900 Subject: [PATCH 11/12] =?UTF-8?q?=EB=AA=A8=EB=8B=88=ED=84=B0=EB=A7=81=20?= =?UTF-8?q?=EA=B2=BD=EB=A1=9C=20=EA=B2=80=EC=82=AC=20=EC=A0=9C=EC=99=B8=20?= =?UTF-8?q?=EC=84=A4=EC=A0=95=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../global/security/config/SecurityConfig.java | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/config/SecurityConfig.java b/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/config/SecurityConfig.java index 31e5d37..43142aa 100644 --- a/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/config/SecurityConfig.java +++ b/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/config/SecurityConfig.java @@ -14,6 +14,7 @@ import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; @Configuration @RequiredArgsConstructor @@ -61,4 +62,16 @@ public AuthenticationManager authenticationManager(AuthenticationConfiguration c public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } + + // prometheus 모니터링 경로는 검사에서 제외 + @Bean + public WebSecurityCustomizer webSecurityCustomizer() { + return (web) -> web.ignoring() + .requestMatchers( + "/actuator/**", + "/swagger-ui/**", + "/v3/api-docs/**", + "/favicon.ico" + ); + } } \ No newline at end of file From 468f4efd313a7b59a1dc5fd96c3fcdfe5dbe6c6d Mon Sep 17 00:00:00 2001 From: shawn9272 Date: Fri, 20 Mar 2026 18:24:56 +0900 Subject: [PATCH 12/12] =?UTF-8?q?chore=20-=20prometheus=20=EA=B2=80?= =?UTF-8?q?=EC=82=AC=20=EA=B2=BD=EB=A1=9C=20=EC=84=A4=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../global/security/config/SecurityConfig.java | 13 ++----------- .../security/filter/JWTAuthenticationFilter.java | 10 ++++++++++ 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/config/SecurityConfig.java b/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/config/SecurityConfig.java index 43142aa..284649a 100644 --- a/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/config/SecurityConfig.java +++ b/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/config/SecurityConfig.java @@ -1,6 +1,8 @@ package Comprehensive_Design_Project.CUK_Compasser.global.security.config; import Comprehensive_Design_Project.CUK_Compasser.global.security.filter.JWTAuthenticationFilter; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; import lombok.RequiredArgsConstructor; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -63,15 +65,4 @@ public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } - // prometheus 모니터링 경로는 검사에서 제외 - @Bean - public WebSecurityCustomizer webSecurityCustomizer() { - return (web) -> web.ignoring() - .requestMatchers( - "/actuator/**", - "/swagger-ui/**", - "/v3/api-docs/**", - "/favicon.ico" - ); - } } \ No newline at end of file diff --git a/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/filter/JWTAuthenticationFilter.java b/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/filter/JWTAuthenticationFilter.java index 6e1b16f..f8ca4f2 100644 --- a/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/filter/JWTAuthenticationFilter.java +++ b/src/main/java/Comprehensive_Design_Project/CUK_Compasser/global/security/filter/JWTAuthenticationFilter.java @@ -136,4 +136,14 @@ private void handleExpiredAccessToken (HttpServletRequest request, HttpServletRe throw new GeneralException(GeneralErrorCode.RT_NOT_FOUND); } } + + @Override + protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException { + String path = request.getRequestURI(); + // 이 경로들은 필터 로직을 아예 실행하지 않음 + return path.startsWith("/actuator") + || path.startsWith("/swagger-ui") + || path.startsWith("/v3/api-docs") + || path.startsWith("/favicon.ico"); + } }