From cc99a4cda5f155cfab864e97c26b312ab109798f Mon Sep 17 00:00:00 2001
From: Jaehyun Ahn <91878695+uwoobeat@users.noreply.github.com>
Date: Sun, 11 Feb 2024 23:53:48 +0900
Subject: [PATCH] =?UTF-8?q?feat:=20=20=ED=97=AC=EC=8A=A4=EC=B2=B4=ED=81=AC?=
 =?UTF-8?q?=20API=EB=A5=BC=20=EC=9C=84=ED=95=9C=20actuator=20=EC=84=A4?=
 =?UTF-8?q?=EC=A0=95=20(#54)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* fix: 존재하지 않는 설정파일 제거

* feat: url에 따른 인증 설정 추가

* feat: 액추에이터 설정 추가
---
 build.gradle                                        |  3 +++
 .../gdsc/global/config/WebSecurityConfig.java       | 12 ++++++++++++
 src/main/resources/application-actuator.yml         | 13 +++++++++++++
 src/main/resources/application.yml                  |  2 +-
 4 files changed, 29 insertions(+), 1 deletion(-)
 create mode 100644 src/main/resources/application-actuator.yml

diff --git a/build.gradle b/build.gradle
index 924f790ab..a99ad76e8 100644
--- a/build.gradle
+++ b/build.gradle
@@ -58,6 +58,9 @@ dependencies {
 
     // Swagger
     implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.3.0'
+
+    // Actuator
+    implementation 'org.springframework.boot:spring-boot-starter-actuator'
 }
 
 tasks.named('test') {
diff --git a/src/main/java/com/gdschongik/gdsc/global/config/WebSecurityConfig.java b/src/main/java/com/gdschongik/gdsc/global/config/WebSecurityConfig.java
index 18f9fb40b..e8442305d 100644
--- a/src/main/java/com/gdschongik/gdsc/global/config/WebSecurityConfig.java
+++ b/src/main/java/com/gdschongik/gdsc/global/config/WebSecurityConfig.java
@@ -82,6 +82,18 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http.addFilterAfter(jwtExceptionFilter(objectMapper), LogoutFilter.class);
         http.addFilterAfter(jwtFilter(jwtService, cookieUtil), LogoutFilter.class);
 
+        http.authorizeHttpRequests(authorize -> authorize
+                .requestMatchers("/oauth2/**")
+                .permitAll()
+                .requestMatchers("/gdsc-actuator/**")
+                .permitAll()
+                .requestMatchers("/onboarding/**")
+                .authenticated()
+                .requestMatchers("/admin/**")
+                .hasRole("ADMIN")
+                .anyRequest()
+                .authenticated());
+
         return http.build();
     }
 
diff --git a/src/main/resources/application-actuator.yml b/src/main/resources/application-actuator.yml
new file mode 100644
index 000000000..9290215f9
--- /dev/null
+++ b/src/main/resources/application-actuator.yml
@@ -0,0 +1,13 @@
+management:
+  endpoints:
+    web:
+      exposure:
+        include: health
+      base-path: /gdsc-actuator
+    jmx:
+      exposure:
+        exclude: "*"
+    enabled-by-default: false
+  endpoint:
+    health:
+      enabled: true
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index 41ff71fc6..37cd16cd1 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -6,9 +6,9 @@ spring:
       dev: "dev, datasource"
     include:
       - redis
-      - storage
       - security
       - swagger
+      - actuator
 
 logging:
   level: