prgrms-web-devcourse-final-project · dlsrks1021 · Jul 25, 2025 · Jul 24, 2025 · Jul 24, 2025
diff --git a/backend/build.gradle b/backend/build.gradle
@@ -24,17 +24,22 @@ repositories {
 }
 
 dependencies {
+	/* SPRING BOOT STARTER */
 	implementation 'org.springframework.boot:spring-boot-starter-validation'
 	implementation 'org.springframework.boot:spring-boot-starter-web'
 	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
 	implementation 'org.springframework.boot:spring-boot-starter-data-redis'
 	implementation 'org.springframework.boot:spring-boot-starter-websocket'
 	implementation 'org.springframework.boot:spring-boot-starter-security'
 	implementation 'org.springframework.boot:spring-boot-starter-oauth2-client'
+	implementation 'org.springframework.boot:spring-boot-starter-actuator'
 
 	/* DATABASE */
 	runtimeOnly 'com.mysql:mysql-connector-j'
 
+	/* MONITORING */
+	implementation 'io.micrometer:micrometer-registry-prometheus'
+
 	/* TEST */
 	testImplementation 'org.springframework.boot:spring-boot-starter-test'
 	testRuntimeOnly 'org.junit.platform:junit-platform-launcher'

diff --git a/backend/src/main/java/io/f1/backend/global/config/SecurityConfig.java b/backend/src/main/java/io/f1/backend/global/config/SecurityConfig.java
@@ -10,6 +10,7 @@
 
 import lombok.RequiredArgsConstructor;
 
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
@@ -32,6 +33,9 @@ public class SecurityConfig {
     private final AdminLoginSuccessHandler adminLoginSuccessHandler;
     private final AdminLoginFailureHandler adminLoginFailureHandler;
 
+    @Value("${management.endpoints.web.base-path:/actuator}")
+    private String actuatorBasePath;
+
     @Bean
     public SecurityFilterChain userFilterChain(HttpSecurity http) throws Exception {
         http.csrf(AbstractHttpConfigurer::disable)
@@ -66,6 +70,8 @@ public SecurityFilterChain userFilterChain(HttpSecurity http) throws Exception {
                                         .hasAnyRole("USER", "ADMIN")
                                         .requestMatchers("/questions/**")
                                         .hasAnyRole("USER", "ADMIN")
+                                        .requestMatchers(actuatorBasePath + "/**")
+                                        .hasRole("PROMETHEUS")
                                         .anyRequest()
                                         .authenticated())
                 .formLogin(

diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml
@@ -64,4 +64,26 @@ server:
         secure: true
         http-only: true
       timeout: ${SESSION_TIMEOUT}
+---
+spring:
+  config:
+    activate:
+      on-profile: prod
+
+  security:
+    user:
+      name: ${PROM_NAME}
+      password: ${PROM_PASSWORD}
+      roles: PROMETHEUS
 
+management:
+  server:
+    port: ${ACTUATOR_PORT}
+  endpoints:
+    web:
+      exposure:
+        include: "prometheus"
+      base-path: ${ACTUATOR_BASE_PATH}
+  endpoint:
+    prometheus:
+      access: read_only