文章目錄
cloud-config+bus+gitlab+security實現配置文件動態刷新
一、配置中心服務端
1.1、pom.xml
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-bus</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-stream-binder-rabbit</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-config-server</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
1.2、yml文件
server:
port: 8888
# spring 配置
spring:
application:
name: cloud-config-server
profiles:
active: dev
rabbitmq:
host:
port: 5672
username:
password:
#security基本配置
security:
user:
#自定義登錄用戶名
name: admin
#自定義登錄密碼
password: 123456
cloud:
config:
label: master
server:
git:
uri:
search-paths: respo
username:
password:
#eureka client
eureka:
instance:
status-page-url: http://${eureka.instance.hostname}:${server.port}/index
prefer-ip-address: true
instance-id: ${spring.cloud.client.ip-address}:${server.port}
hostname: ${spring.cloud.client.ip-address}
metadata-map:
user:
name: "admin"
password: "123456"
client:
healthcheck:
enabled: true
service-url:
defaultZone: http:// ip:port /eureka/
# boot admin
management:
endpoints:
enabled-by-default: true
web:
exposure:
include: "*"
endpoint:
health:
show-details: always
shutdown:
enabled: true
info:
version: 1.0
description: "服務提供者:分佈式配置中心服務"
1.3、主入口
@SpringBootApplication
@EnableConfigServer
@EnableEurekaClient
public class CloudConfigServerApplication {
public static void main(String[] args) {
SpringApplication.run(CloudConfigServerApplication.class, args);
}
}
1.4、SecurityConfig
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/**","/actuator/**")
.permitAll()
.and()
.csrf().disable();
}
}
1.5、過濾器
import org.springframework.stereotype.Component;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
/**
* @author 子誠
* Description:解決GitLab的web鉤子報錯400問題。
* 是因爲gitlab自己添加一堆東西導致JSON解析異常
* 時間:2020/6/23 17:10
*/
@Component
public class UrlFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest)request;
HttpServletResponse httpServletResponse = (HttpServletResponse)response;
String url = new String(httpServletRequest.getRequestURI());
//只過濾/actuator/bus-refresh請求
if (!url.endsWith("/bus-refresh")) {
chain.doFilter(request, response);
return;
}
//獲取原始的body
String body = readAsChars(httpServletRequest);
System.out.println("original body: "+ body);
//使用HttpServletRequest包裝原始請求達到修改post請求中body內容的目的
CustometRequestWrapper requestWrapper = new CustometRequestWrapper(httpServletRequest);
chain.doFilter(requestWrapper, response);
}
@Override
public void destroy() {
}
private class CustometRequestWrapper extends HttpServletRequestWrapper {
public CustometRequestWrapper(HttpServletRequest request) {
super(request);
}
@Override
public ServletInputStream getInputStream() throws IOException {
byte[] bytes = new byte[0];
ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bytes);
return new ServletInputStream() {
@Override
public boolean isFinished() {
return byteArrayInputStream.read() == -1 ? true:false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
@Override
public int read() throws IOException {
return byteArrayInputStream.read();
}
};
}
}
public static String readAsChars(HttpServletRequest request)
{
BufferedReader br = null;
StringBuilder sb = new StringBuilder("");
try
{
br = request.getReader();
String str;
while ((str = br.readLine()) != null)
{
sb.append(str);
}
br.close();
}
catch (IOException e)
{
e.printStackTrace();
}
finally
{
if (null != br)
{
try
{
br.close();
}
catch (IOException e)
{
e.printStackTrace();
}
}
}
return sb.toString();
}
}
二、配置中心客戶端
配置中心客戶端的配置文件放到gitlab、gitee、github上。
2.1、pom.xml
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-bus</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-stream-binder-rabbit</artifactId>
</dependency>
2.2、bootstrap.yml
# spring 配置
spring:
cloud:
config:
uri: http://localhost:8888
name: 服務名(和git上面的配置文件服務名一致)
label: master
profile: dev
# 對應配置中心服務端的security
username: admin
password: 123456
1.3、git裏面的配置文件要有
rabbitmq:
host:
port: 5672
username:
password:
# boot admin
management:
endpoints:
enabled-by-default: true
web:
exposure:
include: "*"
endpoint:
health:
show-details: always
shutdown:
enabled: true
三、gitLab的web鉤子
使用的花生殼,免費的域名,內網滲透。
要選擇SSL證書。
配置中心服務端的那個過濾器,必須有。不然容易報 400 異常
gitLab、gitee、github都一樣