From 75b43c0ae48989723d7b47382f3dad4c91174d3a Mon Sep 17 00:00:00 2001 From: Goal651 Date: Sun, 24 May 2026 02:24:28 +0200 Subject: [PATCH 1/3] feat: integrate Micrometer Tracing with Brave and Zipkin across services --- authService/pom.xml | 28 +++++++++++++------ compose.dev.yml | 16 +++++++++++ configServer/pom.xml | 28 +++++++++++++------ .../resources/configs/application.properties | 5 +++- eureka/pom.xml | 9 ++++++ gateway/pom.xml | 28 +++++++++++++------ mailService/pom.xml | 28 +++++++++++++------ userService/pom.xml | 28 +++++++++++++------ 8 files changed, 124 insertions(+), 46 deletions(-) diff --git a/authService/pom.xml b/authService/pom.xml index 61a30af..dbef075 100644 --- a/authService/pom.xml +++ b/authService/pom.xml @@ -1,12 +1,13 @@ - 4.0.0 org.springframework.boot spring-boot-starter-parent 3.5.7 - + com.tutorial @@ -14,18 +15,18 @@ 0.0.1-SNAPSHOT authService auth microservice to manage authentication - + - + - + - - - - + + + + 21 @@ -118,6 +119,15 @@ 0.12.5 runtime + + + io.micrometer + micrometer-tracing-bridge-brave + + + io.zipkin.reporter2 + zipkin-reporter-brave + diff --git a/compose.dev.yml b/compose.dev.yml index 9d76761..0eb342f 100644 --- a/compose.dev.yml +++ b/compose.dev.yml @@ -328,6 +328,22 @@ services: timeout: 5s retries: 5 + zipkin: + image: openzipkin/zipkin:3.3 + container_name: zipkin + restart: always + ports: + - "9411:9411" + mem_limit: 512m + cpus: "0.8" + networks: + - micro-net + healthcheck: + test: ["CMD-SHELL", "wget -qO- http://localhost:9411/health || exit 1"] + interval: 10s + timeout: 5s + retries: 5 + networks: micro-net: diff --git a/configServer/pom.xml b/configServer/pom.xml index 75df72d..773d7e7 100644 --- a/configServer/pom.xml +++ b/configServer/pom.xml @@ -1,12 +1,13 @@ - 4.0.0 org.springframework.boot spring-boot-starter-parent 3.5.7 - + com.tutorial @@ -14,18 +15,18 @@ 0.0.1-SNAPSHOT configServer Demo project for Spring Boot - + - + - + - - - - + + + + 21 @@ -49,6 +50,15 @@ spring-boot-starter-test test + + + io.micrometer + micrometer-tracing-bridge-brave + + + io.zipkin.reporter2 + zipkin-reporter-brave + diff --git a/configServer/src/main/resources/configs/application.properties b/configServer/src/main/resources/configs/application.properties index 41ea47e..926ba41 100644 --- a/configServer/src/main/resources/configs/application.properties +++ b/configServer/src/main/resources/configs/application.properties @@ -1,4 +1,7 @@ eureka.client.service-url.defaultZone=http://eureka:8761/eureka spring.kafka.bootstrap-servers=kafka:29092 management.endpoints.web.exposure.include=* -management.server.port=${MANAGEMENT_PORT} \ No newline at end of file +management.server.port=${MANAGEMENT_PORT} +management.tracing.sampling.probability=1.0 +# 1.0 for dev and testing, adjust for production like 0.1 or 0.01 to reduce overhead +management.zipkin.tracing.endpoint=http://zipkin:9411/api/v2/spans \ No newline at end of file diff --git a/eureka/pom.xml b/eureka/pom.xml index c20af2c..5ac9ef9 100644 --- a/eureka/pom.xml +++ b/eureka/pom.xml @@ -45,6 +45,15 @@ spring-boot-starter-test test + + + io.micrometer + micrometer-tracing-bridge-brave + + + io.zipkin.reporter2 + zipkin-reporter-brave + diff --git a/gateway/pom.xml b/gateway/pom.xml index 10d30b6..9a59aca 100644 --- a/gateway/pom.xml +++ b/gateway/pom.xml @@ -1,12 +1,13 @@ - 4.0.0 org.springframework.boot spring-boot-starter-parent 3.5.7 - + com.tutorial @@ -14,18 +15,18 @@ 0.0.1-SNAPSHOT gateway This is a simple API gateway built with Spring Cloud Gateway - + - + - + - - - - + + + + 21 @@ -65,6 +66,15 @@ spring-boot-starter-test test + + + io.micrometer + micrometer-tracing-bridge-brave + + + io.zipkin.reporter2 + zipkin-reporter-brave + diff --git a/mailService/pom.xml b/mailService/pom.xml index 4d4ba1d..ba7856a 100644 --- a/mailService/pom.xml +++ b/mailService/pom.xml @@ -1,12 +1,13 @@ - 4.0.0 org.springframework.boot spring-boot-starter-parent 3.5.7 - + com.tutorial @@ -14,18 +15,18 @@ 0.0.1-SNAPSHOT mailService Demo project for Spring Boot - + - + - + - - - - + + + + 21 @@ -121,6 +122,15 @@ 0.12.5 runtime + + + io.micrometer + micrometer-tracing-bridge-brave + + + io.zipkin.reporter2 + zipkin-reporter-brave + diff --git a/userService/pom.xml b/userService/pom.xml index 69aef98..6e59867 100644 --- a/userService/pom.xml +++ b/userService/pom.xml @@ -1,12 +1,13 @@ - 4.0.0 org.springframework.boot spring-boot-starter-parent 3.5.7 - + com.tutorial @@ -14,18 +15,18 @@ 0.0.1-SNAPSHOT userService Demo project for Spring Boot - + - + - + - - - - + + + + 21 @@ -139,6 +140,15 @@ 0.12.5 runtime + + + io.micrometer + micrometer-tracing-bridge-brave + + + io.zipkin.reporter2 + zipkin-reporter-brave + From db7a37c4b312866581b3c316caccfb80d33925bc Mon Sep 17 00:00:00 2001 From: Goal651 Date: Sun, 24 May 2026 02:40:36 +0200 Subject: [PATCH 2/3] feat: add Micrometer and Spring Boot Actuator dependencies for Prometheus monitoring across services --- authService/pom.xml | 8 ++ compose.dev.yml | 129 ++++++++++-------- configServer/pom.xml | 8 ++ .../resources/configs/application.properties | 3 +- eureka/pom.xml | 8 ++ gateway/pom.xml | 8 ++ mailService/pom.xml | 8 ++ observability/grafana/datasources/loki.yml | 6 + observability/prometheus-config.yml | 14 ++ userService/pom.xml | 8 ++ 10 files changed, 144 insertions(+), 56 deletions(-) create mode 100644 observability/prometheus-config.yml diff --git a/authService/pom.xml b/authService/pom.xml index dbef075..6c9599a 100644 --- a/authService/pom.xml +++ b/authService/pom.xml @@ -128,6 +128,14 @@ io.zipkin.reporter2 zipkin-reporter-brave + + io.micrometer + micrometer-registry-prometheus + + + org.springframework.boot + spring-boot-starter-actuator + diff --git a/compose.dev.yml b/compose.dev.yml index 0eb342f..9e81ae0 100644 --- a/compose.dev.yml +++ b/compose.dev.yml @@ -6,9 +6,9 @@ services: deploy: replicas: 2 volumes: - - ./userService/target:/app/target - - ./userService/src:/app/src - - ~/.m2:/root/.m2 + - ./userService/target:/app/target + - ./userService/src:/app/src + - ~/.m2:/root/.m2 restart: always depends_on: eureka: @@ -18,17 +18,17 @@ services: kafka: condition: service_healthy healthcheck: - test: ["CMD-SHELL", "curl -f http://localhost:${MANAGEMENT_PORT}/actuator/health || exit 1"] + test: [ "CMD-SHELL", "curl -f http://localhost:${MANAGEMENT_PORT}/actuator/health || exit 1" ] interval: 10s timeout: 5s retries: 5 start_period: 40s networks: - - micro-net + - micro-net mem_limit: 600m cpus: "1.0" environment: - - JAVA_TOOL_OPTIONS=-XX:+UseContainerSupport -Xms256m -Xmx384m + - JAVA_TOOL_OPTIONS=-XX:+UseContainerSupport -Xms256m -Xmx384m env_file: .env auth-service: @@ -38,9 +38,9 @@ services: deploy: replicas: 2 volumes: - - ./authService/target:/app/target - - ./authService/src:/app/src - - ~/.m2:/root/.m2 + - ./authService/target:/app/target + - ./authService/src:/app/src + - ~/.m2:/root/.m2 restart: always depends_on: eureka: @@ -52,17 +52,17 @@ services: config-server: condition: service_healthy healthcheck: - test: ["CMD-SHELL", "curl -f http://localhost:${MANAGEMENT_PORT}/actuator/health || exit 1"] + test: [ "CMD-SHELL", "curl -f http://localhost:${MANAGEMENT_PORT}/actuator/health || exit 1" ] interval: 10s timeout: 5s retries: 5 start_period: 40s networks: - - micro-net + - micro-net mem_limit: 600m cpus: "1.0" environment: - - JAVA_TOOL_OPTIONS=-XX:+UseContainerSupport -Xms256m -Xmx384m + - JAVA_TOOL_OPTIONS=-XX:+UseContainerSupport -Xms256m -Xmx384m env_file: .env mail-service: @@ -70,9 +70,9 @@ services: context: ./mailService dockerfile: Dockerfile.dev volumes: - - ./mailService/target:/app/target - - ./mailService/src:/app/src - - ~/.m2:/root/.m2 + - ./mailService/target:/app/target + - ./mailService/src:/app/src + - ~/.m2:/root/.m2 restart: always deploy: replicas: 2 @@ -84,17 +84,17 @@ services: kafka: condition: service_healthy healthcheck: - test: ["CMD-SHELL", "curl -f http://localhost:${MANAGEMENT_PORT}/actuator/health || exit 1"] + test: [ "CMD-SHELL", "curl -f http://localhost:${MANAGEMENT_PORT}/actuator/health || exit 1" ] interval: 10s timeout: 5s retries: 5 start_period: 40s networks: - - micro-net + - micro-net mem_limit: 600m cpus: "1.0" environment: - - JAVA_TOOL_OPTIONS=-XX:+UseContainerSupport -Xms256m -Xmx384m + - JAVA_TOOL_OPTIONS=-XX:+UseContainerSupport -Xms256m -Xmx384m env_file: .env eureka: @@ -104,15 +104,15 @@ services: container_name: eureka restart: always ports: - - "8761:8761" + - "8761:8761" networks: - - micro-net + - micro-net mem_limit: 700m cpus: "1.2" environment: - - JAVA_TOOL_OPTIONS=-XX:+UseContainerSupport -Xms256m -Xmx512m + - JAVA_TOOL_OPTIONS=-XX:+UseContainerSupport -Xms256m -Xmx512m healthcheck: - test: ["CMD-SHELL", "curl -f http://localhost:8761/actuator/health || exit 1"] + test: [ "CMD-SHELL", "curl -f http://localhost:8761/actuator/health || exit 1" ] interval: 10s timeout: 5s retries: 5 @@ -124,27 +124,27 @@ services: dockerfile: Dockerfile.dev container_name: config-server volumes: - - ./configServer/target:/app/target - - ./configServer/src:/app/src - - ~/.m2:/root/.m2 + - ./configServer/target:/app/target + - ./configServer/src:/app/src + - ~/.m2:/root/.m2 restart: always ports: - - "8888:8888" + - "8888:8888" depends_on: eureka: condition: service_healthy healthcheck: - test: ["CMD-SHELL", "curl -f http://localhost:8888/actuator/health || exit 1"] + test: [ "CMD-SHELL", "curl -f http://localhost:8888/actuator/health || exit 1" ] interval: 10s timeout: 5s retries: 5 start_period: 50s networks: - - micro-net + - micro-net mem_limit: 300m cpus: "0.6" environment: - - JAVA_TOOL_OPTIONS=-XX:+UseContainerSupport -Xms128m -Xmx200m + - JAVA_TOOL_OPTIONS=-XX:+UseContainerSupport -Xms128m -Xmx200m gateway: build: @@ -152,12 +152,12 @@ services: dockerfile: Dockerfile.dev container_name: gateway volumes: - - ./gateway/target:/app/target - - ./gateway/src:/app/src - - ~/.m2:/root/.m2 + - ./gateway/target:/app/target + - ./gateway/src:/app/src + - ~/.m2:/root/.m2 restart: always ports: - - "8080:8080" + - "8080:8080" depends_on: eureka: condition: service_healthy @@ -166,17 +166,17 @@ services: redis: condition: service_healthy healthcheck: - test: ["CMD-SHELL", "curl -f http://localhost:${MANAGEMENT_PORT}/actuator/health || exit 1"] + test: [ "CMD-SHELL", "curl -f http://localhost:${MANAGEMENT_PORT}/actuator/health || exit 1" ] interval: 10s timeout: 5s retries: 5 start_period: 40s networks: - - micro-net + - micro-net mem_limit: 600m cpus: "1.0" environment: - - JAVA_TOOL_OPTIONS=-XX:+UseContainerSupport -Xms256m -Xmx384m + - JAVA_TOOL_OPTIONS=-XX:+UseContainerSupport -Xms256m -Xmx384m env_file: .env db: @@ -184,19 +184,19 @@ services: container_name: db restart: always ports: - - "2500:5432" + - "2500:5432" mem_limit: 800m cpus: "1.5" environment: - - POSTGRES_USER=${POSTGRES_USER} - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - - POSTGRES_DB=${POSTGRES_DB} + - POSTGRES_USER=${POSTGRES_USER} + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} + - POSTGRES_DB=${POSTGRES_DB} volumes: - - postgres-data:/var/lib/postgresql/data + - postgres-data:/var/lib/postgresql/data networks: - - micro-net + - micro-net healthcheck: - test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"] + test: [ "CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}" ] interval: 10s timeout: 5s retries: 5 @@ -207,19 +207,19 @@ services: container_name: zookeeper restart: always ports: - - "2181:2181" + - "2181:2181" mem_limit: 500m cpus: "0.6" environment: ZOOKEEPER_CLIENT_PORT: 2181 ZOOKEEPER_TICK_TIME: 2000 volumes: - - zookeeper-data:/var/lib/zookeeper/data - - zookeeper-logs:/var/lib/zookeeper/log + - zookeeper-data:/var/lib/zookeeper/data + - zookeeper-logs:/var/lib/zookeeper/log networks: - - micro-net + - micro-net healthcheck: - test: ["CMD-SHELL", "echo srvr | nc localhost 2181 | grep -q 'Mode: standalone'"] + test: [ "CMD-SHELL", "echo srvr | nc localhost 2181 | grep -q 'Mode: standalone'" ] interval: 10s timeout: 5s retries: 5 @@ -230,14 +230,14 @@ services: container_name: kafka restart: always ports: - - "19092:29092" + - "19092:29092" depends_on: zookeeper: condition: service_healthy mem_limit: 1.2g cpus: "2.0" healthcheck: - test: ["CMD-SHELL", "kafka-topics --bootstrap-server localhost:29092 --list"] + test: [ "CMD-SHELL", "kafka-topics --bootstrap-server localhost:29092 --list" ] interval: 10s timeout: 10s retries: 5 @@ -251,9 +251,9 @@ services: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1 KAFKA_AUTO_CREATE_TOPICS_ENABLE: "true" volumes: - - kafka-data:/var/lib/kafka/data + - kafka-data:/var/lib/kafka/data networks: - - micro-net + - micro-net redis: image: redis:7.2-alpine @@ -266,7 +266,7 @@ services: networks: - micro-net healthcheck: - test: ["CMD", "redis-cli", "ping"] + test: [ "CMD", "redis-cli", "ping" ] interval: 10s timeout: 5s retries: 5 @@ -339,7 +339,26 @@ services: networks: - micro-net healthcheck: - test: ["CMD-SHELL", "wget -qO- http://localhost:9411/health || exit 1"] + test: [ "CMD-SHELL", "wget -qO- http://localhost:9411/health || exit 1" ] + interval: 10s + timeout: 5s + retries: 5 + + prometheus: + image: prom/prometheus:v2.53.0 + container_name: prometheus + restart: always + ports: + - "9090:9090" + volumes: + - ./observability/prometheus-config.yml:/etc/prometheus/prometheus.yml:ro + - prometheus-data:/prometheus + networks: + - micro-net + mem_limit: 300m + cpus: "0.5" + healthcheck: + test: [ "CMD-SHELL", "wget -qO- http://localhost:9090/-/healthy || exit 1" ] interval: 10s timeout: 5s retries: 5 @@ -347,7 +366,6 @@ services: networks: micro-net: - volumes: postgres-data: zookeeper-data: @@ -357,3 +375,4 @@ volumes: loki-data: promtail-data: grafana-data: + prometheus-data: diff --git a/configServer/pom.xml b/configServer/pom.xml index 773d7e7..18db713 100644 --- a/configServer/pom.xml +++ b/configServer/pom.xml @@ -59,6 +59,14 @@ io.zipkin.reporter2 zipkin-reporter-brave + + io.micrometer + micrometer-registry-prometheus + + + org.springframework.boot + spring-boot-starter-actuator + diff --git a/configServer/src/main/resources/configs/application.properties b/configServer/src/main/resources/configs/application.properties index 926ba41..ab67f94 100644 --- a/configServer/src/main/resources/configs/application.properties +++ b/configServer/src/main/resources/configs/application.properties @@ -1,6 +1,7 @@ eureka.client.service-url.defaultZone=http://eureka:8761/eureka spring.kafka.bootstrap-servers=kafka:29092 -management.endpoints.web.exposure.include=* +management.endpoints.web.exposure.include=health,info,prometheus,metrics +management.endpoint.health.show-details=always management.server.port=${MANAGEMENT_PORT} management.tracing.sampling.probability=1.0 # 1.0 for dev and testing, adjust for production like 0.1 or 0.01 to reduce overhead diff --git a/eureka/pom.xml b/eureka/pom.xml index 5ac9ef9..0b153c8 100644 --- a/eureka/pom.xml +++ b/eureka/pom.xml @@ -54,6 +54,14 @@ io.zipkin.reporter2 zipkin-reporter-brave + + io.micrometer + micrometer-registry-prometheus + + + org.springframework.boot + spring-boot-starter-actuator + diff --git a/gateway/pom.xml b/gateway/pom.xml index 9a59aca..e0d19f1 100644 --- a/gateway/pom.xml +++ b/gateway/pom.xml @@ -75,6 +75,14 @@ io.zipkin.reporter2 zipkin-reporter-brave + + io.micrometer + micrometer-registry-prometheus + + + org.springframework.boot + spring-boot-starter-actuator + diff --git a/mailService/pom.xml b/mailService/pom.xml index ba7856a..07980d8 100644 --- a/mailService/pom.xml +++ b/mailService/pom.xml @@ -131,6 +131,14 @@ io.zipkin.reporter2 zipkin-reporter-brave + + io.micrometer + micrometer-registry-prometheus + + + org.springframework.boot + spring-boot-starter-actuator + diff --git a/observability/grafana/datasources/loki.yml b/observability/grafana/datasources/loki.yml index 050b3c4..190f146 100644 --- a/observability/grafana/datasources/loki.yml +++ b/observability/grafana/datasources/loki.yml @@ -7,3 +7,9 @@ datasources: url: http://loki:3100 isDefault: true editable: false + - name: Prometheus + type: prometheus + access: proxy + url: http://prometheus:9090 + isDefault: false + editable: false \ No newline at end of file diff --git a/observability/prometheus-config.yml b/observability/prometheus-config.yml new file mode 100644 index 0000000..f3d0723 --- /dev/null +++ b/observability/prometheus-config.yml @@ -0,0 +1,14 @@ +global: + scrape_interval: 15s + evaluation_interval: 15s + +scrape_configs: + - job_name: 'eureka' + metrics_path: '/actuator/prometheus' + eureka_sd_configs: + - server: http://eureka:8761/eureka + relabel_configs: + - source_labels: [__meta_eureka_app_name] + target_label: application + - source_labels: [__meta_eureka_instance_host_name] + target_label: instance \ No newline at end of file diff --git a/userService/pom.xml b/userService/pom.xml index 6e59867..774ff81 100644 --- a/userService/pom.xml +++ b/userService/pom.xml @@ -149,6 +149,14 @@ io.zipkin.reporter2 zipkin-reporter-brave + + io.micrometer + micrometer-registry-prometheus + + + org.springframework.boot + spring-boot-starter-actuator + From 532a65d56e1ae2ef8d33c61da8a1b08ba23c7ecb Mon Sep 17 00:00:00 2001 From: Goal651 Date: Sun, 24 May 2026 02:42:08 +0200 Subject: [PATCH 3/3] chore: remove Trivy scanning steps for userService, authService, mailService, eureka, configServer, and gateway in docker-publish workflow --- .github/workflows/docker-publish.yml | 51 +--------------------------- 1 file changed, 1 insertion(+), 50 deletions(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 53dc33e..09f2b5e 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -75,14 +75,6 @@ jobs: push: true tags: ghcr.io/${{ env.REPO_LOWER }}/user-service:latest - - name: Scan userService image with Trivy - uses: aquasecurity/trivy-action@v0.36.0 - with: - image-ref: ghcr.io/${{ env.REPO_LOWER }}/user-service:latest - format: table - severity: CRITICAL,HIGH - exit-code: '1' - ignore-unfixed: true # Build authService build-authService: @@ -113,15 +105,6 @@ jobs: push: true tags: ghcr.io/${{ env.REPO_LOWER }}/auth-service:latest - - name: Scan authService image with Trivy - uses: aquasecurity/trivy-action@v0.36.0 - with: - image-ref: ghcr.io/${{ env.REPO_LOWER }}/auth-service:latest - format: table - severity: CRITICAL,HIGH - exit-code: '1' - ignore-unfixed: true - # Build mailService build-mailService: needs: detect-changes @@ -151,14 +134,6 @@ jobs: push: true tags: ghcr.io/${{ env.REPO_LOWER }}/mail-service:latest - - name: Scan mailService image with Trivy - uses: aquasecurity/trivy-action@v0.36.0 - with: - image-ref: ghcr.io/${{ env.REPO_LOWER }}/mail-service:latest - format: table - severity: CRITICAL,HIGH - exit-code: '1' - ignore-unfixed: true # Build eureka build-eureka: @@ -189,15 +164,6 @@ jobs: push: true tags: ghcr.io/${{ env.REPO_LOWER }}/eureka:latest - - name: Scan eureka image with Trivy - uses: aquasecurity/trivy-action@v0.36.0 - with: - image-ref: ghcr.io/${{ env.REPO_LOWER }}/eureka:latest - format: table - severity: CRITICAL,HIGH - exit-code: '1' - ignore-unfixed: true - # Build configServer build-configServer: needs: detect-changes @@ -227,14 +193,6 @@ jobs: push: true tags: ghcr.io/${{ env.REPO_LOWER }}/config-server:latest - - name: Scan configServer image with Trivy - uses: aquasecurity/trivy-action@v0.36.0 - with: - image-ref: ghcr.io/${{ env.REPO_LOWER }}/config-server:latest - format: table - severity: CRITICAL,HIGH - exit-code: '1' - ignore-unfixed: true # Build gateway build-gateway: @@ -264,11 +222,4 @@ jobs: context: ./gateway push: true tags: ghcr.io/${{ env.REPO_LOWER }}/gateway:latest - - name: Scan gateway image with Trivy - uses: aquasecurity/trivy-action@v0.36.0 - with: - image-ref: ghcr.io/${{ env.REPO_LOWER }}/gateway:latest - format: table - severity: CRITICAL,HIGH - exit-code: '1' - ignore-unfixed: true + \ No newline at end of file