[Refactor/prod settings] - prod 환경 설정 (#101)

ekgns33 · web-flow · commit 5ffc95b8ddbc · 2025-06-19T01:40:38.000+09:00
* ✨ feat : add user_role constraint to prod

* 🔨 chore : add excluding endpoints of actuator

* ✨ feat : allow actuator-endpoint for `prod`
diff --git a/src/main/java/org/runimo/runimo/config/SecurityConfig.java b/src/main/java/org/runimo/runimo/config/SecurityConfig.java
@@ -29,7 +29,9 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
             )
             .authorizeHttpRequests(authorize -> authorize
                 .requestMatchers("/api/v1/auth/**").permitAll()
+                .requestMatchers("/api/v1/users/**").hasAnyRole("USER", "ADMIN")
                 .requestMatchers("/checker/**").permitAll()
+                .requestMatchers("/actuator/**").permitAll()
                 .requestMatchers(("/error")).permitAll()
                 .anyRequest().authenticated()
             )
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -97,6 +97,7 @@ management:
     web:
       exposure:
         include: health,info,prometheus
+        exclude: env,heapdump,threaddump
   prometheus:
     metrics:
       export:

Original file line number	Diff line number	Diff line change
`@@ -29,7 +29,9 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti`
`29`	`29`	`)`
`30`	`30`	`.authorizeHttpRequests(authorize -> authorize`
`31`	`31`	`.requestMatchers("/api/v1/auth/**").permitAll()`
	`32`	`+ .requestMatchers("/api/v1/users/**").hasAnyRole("USER", "ADMIN")`
`32`	`33`	`.requestMatchers("/checker/**").permitAll()`
	`34`	`+ .requestMatchers("/actuator/**").permitAll()`
`33`	`35`	`.requestMatchers(("/error")).permitAll()`
`34`	`36`	`.anyRequest().authenticated()`
`35`	`37`	`)`