[release] v1.1.1 (#122)

COW-dev · Sep 22, 2024 · 88a9ec9 · 88a9ec9
1 parent 83ae9e9
commit 88a9ec9
Show file tree

Hide file tree

Showing 5 changed files with 81 additions and 51 deletions.
diff --git a/build.gradle b/build.gradle
@@ -58,9 +58,11 @@ dependencies {
     implementation 'org.springframework.boot:spring-boot-starter-security'
     implementation 'com.auth0:java-jwt:4.2.1'
 
-    // Sentry
+    // Monitoring
     implementation 'io.sentry:sentry-spring-boot-starter-jakarta:7.14.0'
     implementation 'io.sentry:sentry-logback:7.14.0'
+    implementation 'org.springframework.boot:spring-boot-starter-actuator'
+    implementation 'io.micrometer:micrometer-registry-prometheus'
 
     //test
     testImplementation 'org.springframework.boot:spring-boot-starter-test'

diff --git a/src/main/java/ddingdong/ddingdongBE/common/config/SecurityConfig.java b/src/main/java/ddingdong/ddingdongBE/common/config/SecurityConfig.java
@@ -6,6 +6,7 @@
 import ddingdong.ddingdongBE.common.filter.JwtAuthenticationFilter;
 import ddingdong.ddingdongBE.common.handler.CustomAccessDeniedHandler;
 import ddingdong.ddingdongBE.common.handler.RestAuthenticationEntryPoint;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -25,58 +26,63 @@ public class SecurityConfig {
 
     private static final String API_PREFIX = "/server";
 
+    @Value("security.actuator.base-path")
+    private String actuatorPath;
+
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http, JwtAuthService authService, JwtConfig config)
             throws Exception {
         http
-                .authorizeHttpRequests(auth -> auth
-                        .requestMatchers(API_PREFIX + "/auth/**",
-                                API_PREFIX + "/events/**")
-                        .permitAll()
-                        .requestMatchers(API_PREFIX + "/admin/**").hasRole("ADMIN")
-                        .requestMatchers(API_PREFIX + "/club/**").hasRole("CLUB")
-                        .requestMatchers(GET,
-                                API_PREFIX + "/clubs/**",
-                                API_PREFIX + "/notices/**",
-                                API_PREFIX + "/banners/**",
-                                API_PREFIX + "/documents/**",
-                                API_PREFIX + "/questions/**",
-                                API_PREFIX + "/feeds/**")
-                        .permitAll()
-                        .requestMatchers("/v3/api-docs/**", "/swagger-ui/**", "/swagger-resources/**")
-                        .permitAll()
-                        .anyRequest()
-                        .authenticated()
-                )
-                .cors(cors -> cors
-                        .configurationSource(corsConfigurationSource())
-                )
-                /*
-                csrf, headers, http-basic, rememberMe, formLogin 비활성화
-                */
-                .csrf(AbstractHttpConfigurer::disable)
-                .headers(AbstractHttpConfigurer::disable)
-                .httpBasic(AbstractHttpConfigurer::disable)
-                .rememberMe(AbstractHttpConfigurer::disable)
-                .formLogin(AbstractHttpConfigurer::disable)
-                .logout(AbstractHttpConfigurer::disable)
-                /*
-                Session 설정
-                 */
-                .sessionManagement(session -> session
-                        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
-                )
-                /*
-                Jwt 필터
-                 */
-                .addFilterBefore(authenticationFilter(authService, config), UsernamePasswordAuthenticationFilter.class)
-                /*
-                exceptionHandling
-                 */
-                .exceptionHandling(exceptions -> exceptions
-                        .authenticationEntryPoint(restAuthenticationEntryPoint())
-                        .accessDeniedHandler(accessDeniedHandler())
-                );
+            .authorizeHttpRequests(auth -> auth
+                .requestMatchers(API_PREFIX + "/auth/**",
+                    API_PREFIX + "/events/**")
+                .permitAll()
+                .requestMatchers(API_PREFIX + "/admin/**").hasRole("ADMIN")
+                .requestMatchers(API_PREFIX + "/club/**").hasRole("CLUB")
+                .requestMatchers(actuatorPath).hasRole("ADMIN")
+                .requestMatchers(GET,
+                    API_PREFIX + "/clubs/**",
+                    API_PREFIX + "/notices/**",
+                    API_PREFIX + "/banners/**",
+                    API_PREFIX + "/documents/**",
+                    API_PREFIX + "/questions/**",
+                    API_PREFIX + "/feeds/**")
+                .permitAll()
+                .requestMatchers("/v3/api-docs/**", "/swagger-ui/**", "/swagger-resources/**")
+                .permitAll()
+                .anyRequest()
+                .authenticated()
+            )
+            .cors(cors -> cors
+                .configurationSource(corsConfigurationSource())
+            )
+            /*
+            csrf, headers, http-basic, rememberMe, formLogin 비활성화
+            */
+            .csrf(AbstractHttpConfigurer::disable)
+            .headers(AbstractHttpConfigurer::disable)
+            .httpBasic(AbstractHttpConfigurer::disable)
+            .rememberMe(AbstractHttpConfigurer::disable)
+            .formLogin(AbstractHttpConfigurer::disable)
+            .logout(AbstractHttpConfigurer::disable)
+            /*
+            Session 설정
+             */
+            .sessionManagement(session -> session
+                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+            )
+            /*
+            Jwt 필터
+             */
+            .addFilterBefore(authenticationFilter(authService, config),
+                UsernamePasswordAuthenticationFilter.class)
+            /*
+            exceptionHandling
+             */
+            .exceptionHandling(exceptions -> exceptions
+                .authenticationEntryPoint(restAuthenticationEntryPoint())
+                .accessDeniedHandler(accessDeniedHandler())
+            );
 
         return http.build();
     }

diff --git a/src/main/java/ddingdong/ddingdongBE/domain/club/entity/PhoneNumber.java b/src/main/java/ddingdong/ddingdongBE/domain/club/entity/PhoneNumber.java
@@ -2,11 +2,11 @@
 
 import static ddingdong.ddingdongBE.common.exception.ErrorMessage.ILLEGAL_CLUB_PHONE_NUMBER_PATTERN;
 
-import java.util.Objects;
 import jakarta.persistence.Access;
 import jakarta.persistence.AccessType;
 import jakarta.persistence.Column;
 import jakarta.persistence.Embeddable;
+import java.util.Objects;
 import lombok.AccessLevel;
 import lombok.Builder;
 import lombok.Getter;
@@ -19,7 +19,7 @@
 @Builder
 public class PhoneNumber {
 
-    private static final String PHONE_NUMBER_REGEX = "010-\\d{3,4}-\\d{4}";
+    private static final String PHONE_NUMBER_REGEX = "\\d{2,3}-\\d{3,4}-\\d{4}";
 
     @Column(name = "phone_number")
     private String number;

diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml
@@ -31,3 +31,20 @@ jwt:
 sentry:
   dsn: ${SENTRY_DSN}
   environment: prod
+
+server:
+  tomcat:
+    mbeanregistry:
+      enabled: true
+
+management:
+  endpoints:
+    web:
+      exposure:
+        include: info, health
+      base-path: ${ACTUATOR_BASE_PATH}
+    jmx:
+      exposure:
+        exclude: "*"
+  server:
+    port: 9090
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -39,3 +39,8 @@ cloud:
 swagger:
   server:
     url: ${SERVER_URL:http://localhost:8080}
+
+
+security:
+  actuator:
+    base-path: ${ACTUATOR_ALLOWANCE_SECURITY_PATH:/default}