Fix scrap

.github/workflows/aws-eks-actions.yaml

@@ -0,0 +1,84 @@
+name: CI Test for AWS EKS
+on:
+  push:
+    branches:
+      - main
+    paths-ignore:
+      - 'manifest/**' # 특정 디렉토리 무시
+  pull_request:
+    branches:
+      - main
+    types:
+      - closed  # PR이 병합될 때 실행
+
+jobs:
+  ci:
+    environment: aws-eks-test
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+
+      - name: add application.properties
+        run: |
+          echo "${{ secrets.PROPERTIES }}" >> src/main/resources/application.properties
+
+      - name: Setup Gradle
+        uses: gradle/actions/setup-gradle@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0
+
+      - name: Build with Gradle Wrapper
+        run: ./gradlew build -x test
+
+      - name: Naming jar file
+        run: mv ./build/libs/project2-team2-0.0.1-SNAPSHOT.jar ./build/libs/app.jar
+        # @TODO regex
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ap-northeast-2
+
+      - name: Login to Amazon ECR private
+        uses: aws-actions/amazon-ecr-login@v2
+        with:
+          registry-type: private
+
+      - name: Build, tag, and push docker image to Amazon ECR private
+        env:
+          REGISTRY_URI: ${{ secrets.REGISTRY_URI }}
+          IMAGE_TAG: ${{ github.sha }}
+        run: |
+            aws ecr get-login-password --region ap-northeast-2 | docker login --username AWS --password-stdin $REGISTRY_URI
+            docker build -t $REGISTRY_URI:$IMAGE_TAG .
+            docker push $REGISTRY_URI:$IMAGE_TAG
+
+  argocd:
+    environment: aws-eks-test
+    needs: ci
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          repository: ${{ github.repository }}
+          ref: cd-manifest
+          token: ${{ secrets.T2_YEERYONG_GITHUB_TOKEN }}
+
+      - name: Update Image with New SHA
+        run: |
+          sed -i "s%image: ${{ secrets.REGISTRY_URI }}:[a-zA-Z0-9._-]*%image: ${{ secrets.REGISTRY_URI }}:${{ github.sha }}%" ./manifest/eks-app.yaml
+
+      - name: Commit and push changes
+        run: |
+          git config user.email "${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com"
+          git config --local user.name "${{ github.actor }}"
+          git add .
+          git commit -m "[CI/CD Automated] Update spring boot image to latest"
+          git push

Dockerfile

@@ -0,0 +1,4 @@
+FROM openjdk:17
+ARG JAR_FILE=build/libs/app.jar
+COPY ${JAR_FILE} app.jar
+ENTRYPOINT ["java", "-jar", "/app.jar"]

build.gradle

@@ -1,37 +1,41 @@
 plugins {
-	id 'java'
-	id 'org.springframework.boot' version '3.4.2'
-	id 'io.spring.dependency-management' version '1.1.7'
+    id 'java'
+    id 'org.springframework.boot' version '3.1.2'
+    id 'io.spring.dependency-management' version '1.1.7'
 }
 
 group = 'com.recipe'
 version = '0.0.1-SNAPSHOT'
 
 java {
-	toolchain {
-		languageVersion = JavaLanguageVersion.of(17)
-	}
+    toolchain {
+        languageVersion = JavaLanguageVersion.of(17)
+    }
 }
 
 configurations {
-	compileOnly {
-		extendsFrom annotationProcessor
-	}
+    compileOnly {
+        extendsFrom annotationProcessor
+    }
 }
 
 repositories {
-	mavenCentral()
+    mavenCentral()
 }
 
 dependencies {
-	implementation 'org.springframework.boot:spring-boot-starter-actuator'
-	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
-	implementation 'org.springframework.boot:spring-boot-starter-security'
-	implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
-	implementation 'org.springframework.boot:spring-boot-starter-web'
+    implementation 'org.springframework.boot:spring-boot-starter-actuator'
+    implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
+    implementation 'org.springframework.boot:spring-boot-starter-security'
+    implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
+    implementation 'org.springframework.boot:spring-boot-starter-web'
 	implementation 'org.springframework.boot:spring-boot-starter-websocket'
+	implementation 'com.auth0:java-jwt:3.18.2'
+
 	implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity6'
+	implementation 'software.amazon.awssdk:s3:2.20.147'
 	compileOnly 'org.projectlombok:lombok'
+
 	developmentOnly 'org.springframework.boot:spring-boot-devtools'
 	runtimeOnly 'com.mysql:mysql-connector-j'
 	annotationProcessor 'org.projectlombok:lombok'
@@ -41,5 +45,10 @@ dependencies {
 }
 
 tasks.named('test') {
-	useJUnitPlatform()
+    useJUnitPlatform()
+}
+
+
+tasks.withType(JavaCompile).configureEach {
+    options.compilerArgs.add("-parameters")
 }

src/main/java/com/recipe/cookofking/Cld2CookofKingRecipeApplication.java

@@ -2,8 +2,10 @@
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
 
 @SpringBootApplication
+@EnableJpaAuditing
 public class Cld2CookofKingRecipeApplication {
 
 	public static void main(String[] args) {

src/main/java/com/recipe/cookofking/config/AwsS3Config.java

@@ -0,0 +1,33 @@
+package com.recipe.cookofking.config;
+
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
+import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider;
+import software.amazon.awssdk.regions.Region;
+import software.amazon.awssdk.services.s3.S3Client;
+
+@Configuration
+public class AwsS3Config {
+
+    @Value("${cloud.aws.credentials.access-key}")
+    private String accessKey;
+
+    @Value("${cloud.aws.credentials.secret-key}")
+    private String secretKey;
+
+    @Value("${cloud.aws.region.static}")
+    private String region;
+
+
+    @Bean
+    public S3Client s3Client() {
+        return S3Client.builder()
+                .region(Region.of(region))  // 주입된 리전 값 사용
+                .credentialsProvider(StaticCredentialsProvider.create(
+                        AwsBasicCredentials.create(accessKey, secretKey)))
+                .build();
+    }
+}

src/main/java/com/recipe/cookofking/config/CorsConfig.java

@@ -0,0 +1,24 @@
+package com.recipe.cookofking.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.web.filter.CorsFilter;
+
+@Configuration
+public class CorsConfig {
+
+	@Bean
+	   public CorsFilter corsFilter() {
+	      UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+	      CorsConfiguration config = new CorsConfiguration();
+	      config.setAllowCredentials(true); // 응답 json 결과를 js 처리 가능 설정
+	      config.addAllowedOrigin("*"); 	// cors 허가 도메인
+	      config.addAllowedHeader("*");		// 허가 헤더 정보값
+	      config.addAllowedMethod("*");		// 허가 메서드
+	      config.addExposedHeader("Authorization"); // Authorization 헤더 노출
+	      source.registerCorsConfiguration("/**", config);
+	      return new CorsFilter(source);
+	   }
+}

src/main/java/com/recipe/cookofking/config/SchedulerConfig.java

@@ -0,0 +1,9 @@
+package com.recipe.cookofking.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.scheduling.annotation.EnableScheduling;
+
+@Configuration
+@EnableScheduling  // 스케줄링 활성화
+public class SchedulerConfig {
+}

src/main/java/com/recipe/cookofking/config/SecurityConfig.java

@@ -0,0 +1,136 @@
+package com.recipe.cookofking.config;
+
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
+
+import com.recipe.cookofking.config.auth.PrincipalDetails;
+import com.recipe.cookofking.repository.UserRepository;
+
+import lombok.RequiredArgsConstructor;
+
+import java.util.Map;
+
+@RequiredArgsConstructor
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig {
+
+	private final UserRepository userRepository;
+
+	@Bean
+    public AuthenticationManager authenticationManager(HttpSecurity http) throws Exception {
+        return http.getSharedObject(AuthenticationManagerBuilder.class).build();
+  }
+
+
+
+//    @Bean
+//    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+//        http
+//                .authorizeHttpRequests(auth -> auth
+//                        .anyRequest().permitAll()  // 모든 요청 허용
+//                )
+//                .csrf(csrf -> csrf.disable())  // CSRF 비활성화 (개발 환경)
+//                .formLogin(form -> form.disable());  // 폼 로그인 비활성화
+//
+//        return http.build();
+//    }
+
+	@Bean
+	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+	    http
+	        .csrf(csrf -> csrf.disable()) // CSRF 비활성화 (필요시 활성화)
+	        .authorizeHttpRequests(auth -> auth
+	            .requestMatchers(
+	                "/user/login",
+	                "/user/register",
+	                "/js/**",
+	                "/css/**",
+	                "/images/**",
+	                "/static/**",
+	                "/post/list",
+	                "/post/view/**"
+	            ).permitAll()  // 인증 없이 접근 가능
+	            .requestMatchers("/post/write","/post/edit/**","/user/mypage","/user/myrecipe", "/api/**").authenticated()  // 인증 필요
+	            .anyRequest().permitAll()
+	        )
+			.exceptionHandling(exception ->
+					exception.authenticationEntryPoint((request, response, authException) -> {
+						String uri = request.getRequestURI();
+
+						if (uri.startsWith("/api/")) {
+							// API 요청인 경우: JSON 응답
+							response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);  // 401 상태 코드 설정
+							response.setContentType("application/json; charset=UTF-8");
+							response.getWriter().write(new ObjectMapper().writeValueAsString(
+									Map.of("error", "로그인이 필요한 서비스입니다.")
+							));
+						} else {
+							// 페이지 요청인 경우: 로그인 페이지로 리디렉션
+							response.sendRedirect("/user/login");
+						}
+					})
+			)
+
+
+	        .sessionManagement(session -> session
+	            .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED) // 필요시 세션 생성
+	        )
+	        .securityContext(securityContext -> securityContext
+	                .securityContextRepository(new HttpSessionSecurityContextRepository()) // 세션에 인증 정보를 저장
+	        )
+	        .formLogin(form -> form
+	            .loginPage("/user/login")  // 로그인 페이지 지정
+	            .loginProcessingUrl("/user/login") // 로그인 요청 처리 URL
+	            .defaultSuccessUrl("/post/list", true) // 로그인 성공 시 이동할 페이지
+	            .permitAll()
+	        )
+	        .logout(logout -> logout
+	            .logoutUrl("/user/logout") // 로그아웃 요청 URL
+	            .logoutSuccessUrl("/user/login") // 로그아웃 성공 시 이동할 페이지
+	            .invalidateHttpSession(true) // 세션 무효화
+	            .deleteCookies("JSESSIONID") // JSESSIONID 쿠키 삭제
+	            .permitAll()
+	        );
+
+	    return http.build();
+	}
+
+	// 로그인 성공 후 처리하는 서비스나 필터에서
+	public void loginSuccessHandler(PrincipalDetails principalDetails) {
+	    Authentication authentication = new UsernamePasswordAuthenticationToken(
+	            principalDetails,  // PrincipalDetails 객체 (로그인한 사용자의 정보)
+	            null,  // 비밀번호는 null로 설정 (이미 검증되었으므로)
+	            principalDetails.getAuthorities()  // 권한 정보
+	    );
+
+	    // SecurityContext에 Authentication 객체를 설정
+	    SecurityContextHolder.getContext().setAuthentication(authentication);
+	}
+
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        // BCryptPasswordEncoder를 사용해 비밀번호 암호화
+        return new BCryptPasswordEncoder();
+    }
+
+}