Merge branch 'master' into feature/security

build.gradle

@@ -25,6 +25,7 @@ dependencies {
     implementation 'org.springframework.boot:spring-boot-starter-freemarker'
     implementation 'org.springframework.boot:spring-boot-starter-web'
     implementation 'org.springframework.boot:spring-boot-starter-security'
+    implementation 'org.springframework.boot:spring-boot-starter-actuator'
     implementation 'io.jsonwebtoken:jjwt:0.9.1'
     implementation 'io.springfox:springfox-swagger2:2.6.1'
     implementation 'io.springfox:springfox-swagger-ui:2.6.1'

deploy.sh

@@ -0,0 +1,66 @@
+#!/bin/bash
+PROFILE=$1
+PROJECT=SpringRestApi
+PROJECT_HOME=/home/happydaddy/${PROJECT}
+JAR_PATH=${PROJECT_HOME}/build/libs/api-0.0.1-SNAPSHOT.jar
+SVR_LIST=server_${PROFILE}.list
+SERVERS=`cat $SVR_LIST`
+DEPLOY_PATH=/home/ec2-user/app
+AWS_ID=ec2-user
+DATE=`date +%Y-%m-%d-%H-%M-%S`
+JAVA_OPTS="-XX:MaxMetaspaceSize=128m -XX:+UseG1GC -Xss1024k -Xms128m -Xmx128m -Dfile.encoding=UTF-8"
+PEM=AwsFreetierKeyPair.pem
+PORT=8083
+
+echo Deploy Start
+for server in $SERVERS; do
+    echo Target server - $server
+    # Target Server에 배포 디렉터리 생성
+    ssh -i $PEM $AWS_ID@$server "mkdir -p $DEPLOY_PATH/dist"
+    # Target Server에 jar 이동
+    echo 'Executable Jar Copying...'
+    scp -i $PEM $JAR_PATH $AWS_ID@$server:~/app/dist/$PROJECT-$DATE.jar
+    # 이동한 jar파일의 바로가기(SymbolicLink)생성
+    ssh -i $PEM $AWS_ID@$server "ln -Tfs $DEPLOY_PATH/dist/$PROJECT-$DATE.jar $DEPLOY_PATH/$PROJECT"
+    # 현재 실행중인 서버 PID 조회
+    runPid=$(ssh -i $PEM $AWS_ID@$server pgrep -f $PROJECT)
+    if [ -z $runPid ]; then
+        echo "No servers are running"
+    fi
+    # 현재 실행중인 서버의 포트를 조회. 추가로 실행할 서버의 포트 선정
+    runPortCount=$(ssh -i $PEM $AWS_ID@$server ps -ef | grep $PROJECT | grep -v grep | grep $PORT | wc -l)
+    if [ $runPortCount -gt 0 ]; then
+        PORT=8084
+    fi
+    echo "Server $PORT Starting..."
+    # 새로운 서버 실행
+    ssh -i $PEM $AWS_ID@$server "nohup java -jar -Dserver.port=$PORT -Dspring.profiles.active=$PROFILE $JAVA_OPTS $DEPLOY_PATH/$PROJECT < /dev/null > std.out 2> std.err &"
+    # 새롭게 실행한 서버의 health check
+    echo "Health check $PORT"
+    for retry in {1..10}
+    do
+        health=$(ssh -i $PEM $AWS_ID@$server curl -s http://localhost:$PORT/actuator/health)
+        checkCount=$(echo $health | grep 'UP' | wc -l)
+        if [ $checkCount -ge 1 ]; then
+           echo "Server $PORT Started Normaly"
+           # 기존 서버 Stop / Nginx 포트 변경 후 리스타트
+           if [ $runPid -gt 0 ]; then
+                echo "Server $runPid Stop"
+                ssh -i $PEM $AWS_ID@$server "kill -TERM $runPid"
+                sleep 5
+                echo "Nginx Port Change"
+		ssh -i $PEM $AWS_ID@$server "echo 'set \$service_addr http://127.0.0.1:$PORT;' | sudo tee /etc/nginx/conf.d/service_addr.inc"
+                echo "Nginx reload"
+		ssh -i $PEM $AWS_ID@$server "sudo service nginx reload"
+           fi
+           break;
+	else
+	    echo "Check - false"
+        fi
+        sleep 5
+    done
+    if [ $retry -eq 10 ]; then
+	   echo "Deploy Fail"
+    fi
+done
+echo Deploy End

src/main/java/com/rest/api/SpringRestApiApplication.java

@@ -1,7 +1,10 @@
 package com.rest.api;
 
+import com.rest.api.config.GracefulShutdown;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
+import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
 import org.springframework.security.crypto.password.PasswordEncoder;
@@ -22,4 +25,16 @@ public class SpringRestApiApplication {
     public RestTemplate getRestTemplate() {
         return new RestTemplate();
     }
+
+    @Bean
+    public GracefulShutdown gracefulShutdown() {
+        return new GracefulShutdown();
+    }
+
+    @Bean
+    public ConfigurableServletWebServerFactory webServerFactory(final GracefulShutdown gracefulShutdown) {
+        TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory();
+        factory.addConnectorCustomizers(gracefulShutdown);
+        return factory;
+    }
 }

src/main/java/com/rest/api/config/GracefulShutdown.java

@@ -0,0 +1,50 @@
+package com.rest.api.config;
+
+import lombok.extern.slf4j.Slf4j;
+import org.apache.catalina.connector.Connector;
+import org.springframework.boot.web.embedded.tomcat.TomcatConnectorCustomizer;
+import org.springframework.context.ApplicationListener;
+import org.springframework.context.event.ContextClosedEvent;
+
+import java.util.concurrent.Executor;
+import java.util.concurrent.ThreadPoolExecutor;
+import java.util.concurrent.TimeUnit;
+
+@Slf4j
+public class GracefulShutdown implements TomcatConnectorCustomizer, ApplicationListener<ContextClosedEvent> {
+
+    private static final int TIMEOUT = 30;
+
+    private volatile Connector connector;
+
+    @Override
+    public void customize(Connector connector) {
+        this.connector = connector;
+    }
+
+    @Override
+    public void onApplicationEvent(ContextClosedEvent event) {
+        this.connector.pause();
+        Executor executor = this.connector.getProtocolHandler().getExecutor();
+        if (executor instanceof ThreadPoolExecutor) {
+            try {
+                ThreadPoolExecutor threadPoolExecutor = (ThreadPoolExecutor) executor;
+                threadPoolExecutor.shutdown();
+                if (!threadPoolExecutor.awaitTermination(TIMEOUT, TimeUnit.SECONDS)) {
+                    log.warn("Tomcat thread pool did not shut down gracefully within "
+                            + TIMEOUT + " seconds. Proceeding with forceful shutdown");
+
+                    threadPoolExecutor.shutdownNow();
+
+                    if (!threadPoolExecutor.awaitTermination(TIMEOUT, TimeUnit.SECONDS)) {
+                        log.error("Tomcat thread pool did not terminate");
+                    }
+                } else {
+                    log.info("Tomcat thread pool has been gracefully shutdown");
+                }
+            } catch (InterruptedException ex) {
+                Thread.currentThread().interrupt();
+            }
+        }
+    }
+}

src/main/java/com/rest/api/config/security/SecurityConfiguration.java

@@ -33,8 +33,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
                 .authorizeRequests() // 다음 리퀘스트에 대한 사용권한 체크
                     .antMatchers("/*/signin", "/*/signin/**", "/*/signup", "/*/signup/**", "/social/**").permitAll() // 가입 및 인증 주소는 누구나 접근가능
                     .antMatchers(HttpMethod.GET, "/exception/**","/helloworld/**").permitAll() // hellowworld로 시작하는 GET요청 리소스는 누구나 접근가능
-                .antMatchers("/*/users").hasRole("ADMIN")
+                    .antMatchers(HttpMethod.GET, "/helloworld/**","/actuator/health").permitAll() // hellowworld로 시작하는 GET요청 리소스는 누구나 접근가능
-                .anyRequest().hasRole("USER") // 그외 나머지 요청은 모두 인증된 회원만 접근 가능
+                    .anyRequest().hasRole("USER") // 그외 나머지 요청은 모두 인증된 회원만 접근 가능
             .and()
                 .exceptionHandling().accessDeniedHandler(new CustomAccessDeniedHandler())
             .and()

src/main/java/com/rest/api/controller/HelloController.java

@@ -5,13 +5,14 @@ import lombok.Setter;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.ResponseBody;
 
 @Slf4j
 @Controller
 public class HelloController {
 
-    private static final String HELLO = "helloworld";
+    private static final String HELLO = "helloworld-nice to meet you";
 
     @Setter
     @Getter
@@ -39,4 +40,11 @@ public class HelloController {
     public String helloworld() {
         return HELLO;
     }
+
+    @GetMapping("/helloworld/long-process")
+    @ResponseBody
+    public String pause() throws InterruptedException {
+        Thread.sleep(10000);
+        return "Process finished";
+    }
 }

src/main/resources/application-alpha.yml

@@ -2,17 +2,17 @@ logging:
   level:
     root: warn
     com.rest.api: info
-  path: /home/ec2-user/api/log
+  path: /home/ec2-user/app/log
   file:
     max-history: 7
 
 spring:
   profiles: alpha
   datasource:
-    url: jdbc:mysql://127.0.0.1:33060/daddyprogrammer?useUnicode=true&autoReconnect=true&characterEncoding=utf8&allowMultiQueries=true&useSSL=false
+    url: jdbc:mysql://127.0.0.1:33060/daddyprogrammer?useUnicode=true&autoReconnect=true&characterEncoding=utf8&allowMultiQueries=true&useSSL=false&serverTimezone=UTC
     driver-class-name: com.mysql.cj.jdbc.Driver
     username: happydaddy
-    password: daddy1004
+    password: daddy!@#1004
   jpa:
     database-platform: org.hibernate.dialect.MySQL5InnoDBDialect
     properties.hibernate: