chore(gateway, ping-service, security): streamline configurations, remove redundancies, and improve resilience
- Removed `MdcCorrelationFilter` and simplified correlation ID management using Micrometer Tracing. - Updated `SecurityConfig` in `gateway` with enhanced role-based access and standardized JWT validation. - Added new `@Profile` annotations in `ping-service` to exclude certain components during testing. - Refactored and removed legacy `application-keycloak.yaml` and consolidated settings into the primary `application.yaml`. - Adjusted Gradle scripts to clean up dependency declarations and improve modularity. - Simplified CORS and Gateway route configurations for better maintainability.
This commit is contained in:
@@ -1,72 +1,50 @@
|
||||
import org.gradle.api.tasks.testing.logging.TestExceptionFormat
|
||||
|
||||
// Dieses Modul ist das API-Gateway und der einzige öffentliche Einstiegspunkt
|
||||
// für alle externen Anfragen an das Meldestelle-System.
|
||||
plugins {
|
||||
alias(libs.plugins.kotlinJvm)
|
||||
alias(libs.plugins.kotlinSpring)
|
||||
alias(libs.plugins.kotlinJpa)
|
||||
alias(libs.plugins.spring.boot)
|
||||
}
|
||||
|
||||
// Konfiguriert die Hauptklasse für das ausführbare JAR
|
||||
springBoot {
|
||||
mainClass.set("at.mocode.infrastructure.gateway.GatewayApplicationKt")
|
||||
}
|
||||
|
||||
dependencies {
|
||||
// Wiederherstellung des Standardzustands: Das Gateway verwendet das reparierte lokale BOM.
|
||||
implementation(platform(projects.platform.platformBom))
|
||||
|
||||
// === Core Dependencies ===
|
||||
implementation(projects.core.coreUtils)
|
||||
implementation(projects.platform.platformDependencies)
|
||||
implementation(projects.backend.infrastructure.monitoring.monitoringClient)
|
||||
implementation(projects.backend.infrastructure.security) // NEU: Security Module
|
||||
|
||||
// Wir nutzen das Security-Modul NICHT direkt, um Servlet-Abhängigkeiten zu vermeiden.
|
||||
// Stattdessen definieren wir die benötigten Reactive-Dependencies hier explizit.
|
||||
// implementation(projects.backend.infrastructure.security)
|
||||
|
||||
// === GATEWAY-SPEZIFISCHE ABHÄNGIGKEITEN ===
|
||||
// Die WebFlux-Abhängigkeit wird jetzt korrekt durch das BOM bereitgestellt.
|
||||
implementation(libs.spring.boot.starter.webflux)
|
||||
|
||||
// Kern-Gateway inkl. Security, Actuator, CircuitBreaker, Discovery
|
||||
// implementation(libs.bundles.gateway.core)
|
||||
implementation(libs.spring.cloud.starter.gateway.server.webflux)
|
||||
implementation(libs.spring.cloud.starter.consul.discovery)
|
||||
implementation(libs.spring.boot.starter.actuator)
|
||||
// Security dependencies are now transitively provided by infrastructure.security,
|
||||
// but Gateway is WebFlux, so we might need specific WebFlux security if the shared module is WebMVC only.
|
||||
// However, starter-security works for both. Resource server might need check.
|
||||
// For now, we keep explicit dependencies if they differ from the shared module or just rely on shared.
|
||||
// Shared module has: starter-security, starter-oauth2-resource-server, jose, web.
|
||||
// Gateway needs: starter-security, starter-oauth2-resource-server, jose.
|
||||
// "web" (MVC) vs "webflux" (Reactive) conflict might occur if shared module pulls in MVC.
|
||||
// CHECK: Shared module uses `implementation(libs.spring.web)`. This pulls in spring-webmvc usually?
|
||||
// No, `spring-web` is common. `spring-boot-starter-web` pulls in MVC.
|
||||
// The shared module build.gradle.kts uses `libs.spring.web`.
|
||||
|
||||
// Security (Reactive)
|
||||
implementation(libs.spring.boot.starter.security)
|
||||
implementation(libs.spring.boot.starter.oauth2.resource.server)
|
||||
implementation(libs.spring.security.oauth2.jose)
|
||||
|
||||
implementation(libs.spring.cloud.starter.circuitbreaker.resilience4j)
|
||||
|
||||
// Ergänzende Observability (Logging, Jackson)
|
||||
// implementation(libs.bundles.gateway.observability)
|
||||
implementation(libs.kotlin.logging.jvm)
|
||||
implementation(libs.logback.classic)
|
||||
implementation(libs.logback.core)
|
||||
implementation(libs.jackson.module.kotlin)
|
||||
implementation(libs.jackson.datatype.jsr310)
|
||||
|
||||
// Redis-Unterstützung für verteiltes Rate Limiting (RequestRateLimiter)
|
||||
// implementation(libs.bundles.gateway.redis)
|
||||
implementation(libs.spring.boot.starter.data.redis)
|
||||
|
||||
// === Tracing Dependencies (Micrometer Tracing) ===
|
||||
// Ermöglicht verteiltes Tracing über Thread-Grenzen hinweg (ersetzt manuellen MDC-Filter)
|
||||
implementation(libs.micrometer.tracing.bridge.brave)
|
||||
// Optional: Zipkin Reporter, falls du Traces an Zipkin senden willst (bereits im monitoringClient enthalten, aber hier explizit schadet nicht)
|
||||
// implementation(libs.zipkin.reporter.brave)
|
||||
|
||||
// === Test Dependencies ===
|
||||
testImplementation(projects.platform.platformTesting)
|
||||
// testImplementation(libs.bundles.testing.jvm)
|
||||
testImplementation(libs.junit.jupiter.api)
|
||||
testImplementation(libs.junit.jupiter.engine)
|
||||
testImplementation(libs.junit.jupiter.params)
|
||||
@@ -80,7 +58,6 @@ tasks.test {
|
||||
useJUnitPlatform()
|
||||
}
|
||||
|
||||
// Konfiguration für Integration Tests
|
||||
sourceSets {
|
||||
val integrationTest by creating {
|
||||
compileClasspath += sourceSets.main.get().output
|
||||
|
||||
Reference in New Issue
Block a user