Merge branch 'release/1.11.3'

2025-07-28 10:48:44 +03:00 · 2025-07-28 10:48:44 +03:00 · 79de8dd896
commit 79de8dd896
parent 15f7673eb1 d6996aee25
11 changed files with 93 additions and 21 deletions
--- a/backend/pom.xml
+++ b/backend/pom.xml
@ -5,7 +5,7 @@
  <parent>
    <groupId>ru.micord.ervu.lkrp</groupId>
    <artifactId>fl</artifactId>
-    <version>1.10.0</version>
+    <version>1.11.3</version>
  </parent>
  <groupId>ru.micord.ervu.lkrp.fl</groupId>
  <artifactId>backend</artifactId>
--- a/backend/src/main/java/ru/micord/ervu/audit/service/impl/BaseAuditService.java
+++ b/backend/src/main/java/ru/micord/ervu/audit/service/impl/BaseAuditService.java
@ -4,6 +4,8 @@ import javax.servlet.http.HttpServletRequest;

 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Conditional;
 import org.springframework.stereotype.Service;
@ -26,6 +28,9 @@ import ru.micord.ervu.util.NetworkUtils;
@Service
@Conditional(AuditEnabledCondition.class)
 public class BaseAuditService implements AuditService {
+  private static final Logger LOGGER = LoggerFactory.getLogger(BaseAuditService.class);
+
+
  private final AuditKafkaPublisher auditPublisher;
  private final JwtTokenService jwtTokenService;
  private final ObjectMapper objectMapper;
@ -64,10 +69,20 @@ public class BaseAuditService implements AuditService {
  @Override
  public void processAuthEvent(HttpServletRequest request, PersonModel personModel, String status,
      String eventType) {
+    long startTime = System.currentTimeMillis();
    String serverIp = NetworkUtils.getServerIp();
+    LOGGER.info("Thread {} - server ip {} got in {} ms", Thread.currentThread().getId(), serverIp,
+        System.currentTimeMillis() - startTime);
+
+    startTime = System.currentTimeMillis();
    String clientIp = NetworkUtils.getClientIp(request);
+    LOGGER.info("Thread {} - client ip {} got in {} ms", Thread.currentThread().getId(), clientIp,
+        System.currentTimeMillis() - startTime);
+
+    startTime = System.currentTimeMillis();
    String serverHostName = NetworkUtils.getHostName(serverIp);
-    String clientHostName = NetworkUtils.getHostName(clientIp);
+    LOGGER.info("Thread {} - server host name {} got in {} ms", Thread.currentThread().getId(), serverHostName,
+        System.currentTimeMillis() - startTime);

    AuditAuthorizationEvent event = new AuditAuthorizationEvent(
        personModel.getPrnsId(),
@ -81,10 +96,12 @@ public class BaseAuditService implements AuditService {
        serverIp,
        serverHostName,
        clientIp,
-        clientHostName
+        clientIp
    );
    String message = convertToMessage(event);
    auditPublisher.publishEvent(authorizationTopic, message);
+    LOGGER.info("Thread {} - event published in {} ms", Thread.currentThread().getId(),
+        System.currentTimeMillis() - startTime);
  }

  @Override
--- a/backend/src/main/java/ru/micord/ervu/kafka/service/impl/BaseReplyingKafkaService.java
+++ b/backend/src/main/java/ru/micord/ervu/kafka/service/impl/BaseReplyingKafkaService.java
@ -29,13 +29,13 @@ public abstract class BaseReplyingKafkaService<T, V> implements ReplyingKafkaSer
    try {
      ConsumerRecord<String, V> result = Optional.ofNullable(replyFuture.get())
          .orElseThrow(() -> new KafkaMessageException("Kafka return result is null"));
-      LOGGER.info("Thread {} - KafkaSendMessageAndGetReply: {} ms",
-          Thread.currentThread().getId(), System.currentTimeMillis() - startTime);
+      LOGGER.info("Thread {} - KafkaSendMessageAndGetReply: {} ms, replyTopic: {}",
+          Thread.currentThread().getId(), System.currentTimeMillis() - startTime, replyTopic);
      return result;
    }
    catch (InterruptedException | ExecutionException e) {
-      LOGGER.error("Thread {} - KafkaSendMessageAndGetReply: {} ms",
-          Thread.currentThread().getId(), System.currentTimeMillis() - startTime);
+      LOGGER.error("Thread {} - KafkaSendMessageAndGetReply: {} ms, replyTopic: {}",
+          Thread.currentThread().getId(), System.currentTimeMillis() - startTime, replyTopic);
      throw new KafkaMessageReplyTimeoutException(e);
    }
  }
--- a/backend/src/main/java/ru/micord/ervu/security/esia/controller/EsiaController.java
+++ b/backend/src/main/java/ru/micord/ervu/security/esia/controller/EsiaController.java
@ -71,6 +71,7 @@ public class EsiaController {
  public String getUserFullname(HttpServletRequest request) {
    String accessToken = jwtTokenService.getAccessToken(request);
    PersonModel personModel = personalDataService.getPersonModel(accessToken);
-    return personModel.getLastName() + " " + personModel.getFirstName().charAt(0) + ". " + personModel.getMiddleName().charAt(0) + ".";
+    String middleName = personModel.getMiddleName() != null ? personModel.getMiddleName().charAt(0) + "." : "";
+    return personModel.getLastName() + " " + personModel.getFirstName().charAt(0) + ". " + middleName;
  }
 }
--- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
+++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
@ -183,11 +183,15 @@ public class EsiaAuthService {
  }

  public void authEsiaTokensByCode(String esiaAuthCode, String state, HttpServletResponse response, HttpServletRequest request) {
+    long startReqTime = System.currentTimeMillis();
+    long startSubReqTime = startReqTime;
    String esiaAccessTokenStr = null;
    String prnOid = null;
    Long expiresIn = null;
    long signSecret = 0, requestAccessToken = 0, verifySecret = 0;
    verifyStateFromCookie(request, state, response);
+    LOGGER.info("Thread {} - Verify state from cookie: {} ms", Thread.currentThread().getId(), System.currentTimeMillis() - startSubReqTime);
+
    try {
      String clientId = esiaConfig.getClientId();
      DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx");
@ -203,9 +207,9 @@ public class EsiaAuthService {
      parameters.put("state", "%s");
      parameters.put("redirect_uri", redirectUrl);
      parameters.put("code", esiaAuthCode);
-      long startTime = System.currentTimeMillis();
+      startSubReqTime = System.currentTimeMillis();
      SignResponse signResponse = signMap(parameters);
-      signSecret = System.currentTimeMillis() - startTime;
+      signSecret = System.currentTimeMillis() - startSubReqTime;
      String newState = signResponse.getState();
      String clientSecret = signResponse.getSignature();
      String authUrl = esiaConfig.getEsiaBaseUri() + esiaConfig.getEsiaTokenUrl();
@ -221,7 +225,7 @@ public class EsiaAuthService {
          .setParameter("token_type", "Bearer")
          .setParameter("client_certificate_hash", esiaConfig.getClientCertHash())
          .toFormUrlencodedString();
-      startTime = System.currentTimeMillis();
+      startSubReqTime = System.currentTimeMillis();
      HttpRequest postReq = HttpRequest.newBuilder(URI.create(authUrl))
          .header(HttpHeaders.CONTENT_TYPE, "application/x-www-form-urlencoded")
          .POST(HttpRequest.BodyPublishers.ofString(postBody))
@ -231,7 +235,7 @@ public class EsiaAuthService {
          .connectTimeout(Duration.ofSeconds(esiaConfig.getConnectionTimeout()))
          .build()
          .send(postReq, HttpResponse.BodyHandlers.ofString());
-      requestAccessToken = System.currentTimeMillis() - startTime;
+      requestAccessToken = System.currentTimeMillis() - startSubReqTime;
      String responseString = postResp.body();
      EsiaTokenResponse tokenResponse = objectMapper.readValue(responseString,
          EsiaTokenResponse.class
@ -246,9 +250,9 @@ public class EsiaAuthService {
        throw new EsiaException("Token invalid. State from request not equals with state from response.");
      }
      esiaAccessTokenStr = tokenResponse.getAccessToken();
-      startTime = System.currentTimeMillis();
+      startSubReqTime = System.currentTimeMillis();
      String verifyResult = verifyToken(esiaAccessTokenStr);
-      verifySecret = System.currentTimeMillis() - startTime;
+      verifySecret = System.currentTimeMillis() - startSubReqTime;
      if (verifyResult != null) {
        throw new EsiaException(verifyResult);
      }
@ -282,11 +286,17 @@ public class EsiaAuthService {
    }
    finally {
      if (personModel != null) {
+        startSubReqTime = System.currentTimeMillis();
        auditService.processAuthEvent(
            request, personModel, status, AuditConstants.LOGIN_EVENT_TYPE
        );
+        LOGGER.info("Thread {} - Process auth event: {} ms", Thread.currentThread().getId(), System.currentTimeMillis() - startSubReqTime);
      }
+      startSubReqTime = System.currentTimeMillis();
      createTokenAndAddCookie(response, prnOid, ervuId, expiresIn);
+      LOGGER.info("Thread {} - Creating token and add cookie: {} ms", Thread.currentThread().getId(), System.currentTimeMillis() - startSubReqTime);
+
+      LOGGER.info("Thread {} - Request time: {} ms", Thread.currentThread().getId(), System.currentTimeMillis() - startReqTime);
    }
  }

--- a/config/Dockerfile.backend
+++ b/config/Dockerfile.backend
@ -6,7 +6,8 @@ FROM $BUILDER_IMAGE AS builder
 ARG MVN_FLAGS="-Pprod"

 RUN apt-get update \
- && apt-get -y install git glibc-locales java-17-openjdk-devel maven node \
+ && apt-get -y install git glibc-locales java-17-openjdk-devel maven node curl \
+ && curl --location --insecure https://github.com/prometheus/jmx_exporter/releases/download/1.3.0/jmx_prometheus_javaagent-1.3.0.jar -o jmx_prometheus_javaagent.jar \
 && apt-get clean

 ENV JAVA_HOME=/usr/lib/jvm/java
@ -22,7 +23,6 @@ RUN mkdir -p $HOME/.m2 \
 && mvn clean \
 && mvn package -T4C ${MVN_FLAGS}

-
 FROM $RUNTIME_IMAGE
 ARG ADMIN_PASSWORD=Secr3t

@ -30,11 +30,16 @@ USER root

 COPY config/tomcat /

+ENV CATALINA_OPTS="-javaagent:/opt/jmx_exporter/jmx_prometheus_javaagent.jar=8081:/opt/jmx_exporter/config.yaml"
+
 RUN cat /etc/tomcat/webbpm.properties >> /etc/tomcat/catalina.properties \
 && sed -i -r "s/<must-be-changed>/$ADMIN_PASSWORD/g" /etc/tomcat/tomcat-users.xml \
 && chown root:tomcat /var/lib/tomcat/webapps \
 && chmod g+rw /var/lib/tomcat/webapps

+COPY --from=builder jmx_prometheus_javaagent.jar /opt/jmx_exporter/jmx_prometheus_javaagent.jar
+COPY config/jmx_exporter.yaml /opt/jmx_exporter/config.yaml
+
 USER tomcat

 COPY --from=builder /app/backend/target/fl*.war /var/lib/tomcat/webapps/fl.war
--- a/config/jmx_exporter.yaml
+++ b/config/jmx_exporter.yaml
@ -0,0 +1,39 @@
+lowercaseOutputLabelNames: true
+lowercaseOutputName: true
+whitelistObjectNames: ["java.lang:type=OperatingSystem", "Catalina:*"]
+blacklistObjectNames: []
+rules:
+  - pattern: 'Catalina<type=Server><>serverInfo: (.+)'
+    name: tomcat_serverinfo
+    value: 1
+    labels:
+      serverInfo: "$1"
+    type: COUNTER
+  - pattern: 'Catalina<type=GlobalRequestProcessor, name=\"(\w+-\w+)-(\d+)\"><>(\w+):'
+    name: tomcat_$3_total
+    labels:
+      port: "$2"
+      protocol: "$1"
+    help: Tomcat global $3
+    type: COUNTER
+  - pattern: 'Catalina<j2eeType=Servlet, WebModule=//([-a-zA-Z0-9+&@#/%?=~_|!:.,;]*[-a-zA-Z0-9+&@#/%=~_|]), name=([-a-zA-Z0-9+/$%~_-|!.]*), J2EEApplication=none, J2EEServer=none><>(requestCount|processingTime|errorCount):'
+    name: tomcat_servlet_$3_total
+    labels:
+      module: "$1"
+      servlet: "$2"
+    help: Tomcat servlet $3 total
+    type: COUNTER
+  - pattern: 'Catalina<type=ThreadPool, name="(\w+-\w+)-(\d+)"><>(currentThreadCount|currentThreadsBusy|keepAliveCount|connectionCount|acceptCount|acceptorThreadCount|pollerThreadCount|maxThreads|minSpareThreads):'
+    name: tomcat_threadpool_$3
+    labels:
+      port: "$2"
+      protocol: "$1"
+    help: Tomcat threadpool $3
+    type: GAUGE
+  - pattern: 'Catalina<type=Manager, host=([-a-zA-Z0-9+&@#/%?=~_|!:.,;]*[-a-zA-Z0-9+&@#/%=~_|]), context=([-a-zA-Z0-9+/$%~_-|!.]*)><>(processingTime|sessionCounter|rejectedSessions|expiredSessions):'
+    name: tomcat_session_$3_total
+    labels:
+      context: "$2"
+      host: "$1"
+    help: Tomcat session $3 total
+    type: COUNTER
--- a/distribution/pom.xml
+++ b/distribution/pom.xml
@ -4,7 +4,7 @@
  <parent>
    <groupId>ru.micord.ervu.lkrp</groupId>
    <artifactId>fl</artifactId>
-    <version>1.10.0</version>
+    <version>1.11.3</version>
  </parent>

  <groupId>ru.micord.ervu.lkrp.fl</groupId>
--- a/frontend/pom.xml
+++ b/frontend/pom.xml
@ -4,7 +4,7 @@
  <parent>
    <groupId>ru.micord.ervu.lkrp</groupId>
    <artifactId>fl</artifactId>
-    <version>1.10.0</version>
+    <version>1.11.3</version>
  </parent>

  <groupId>ru.micord.ervu.lkrp.fl</groupId>
--- a/pom.xml
+++ b/pom.xml
@ -4,7 +4,7 @@
  <modelVersion>4.0.0</modelVersion>
  <groupId>ru.micord.ervu.lkrp</groupId>
  <artifactId>fl</artifactId>
-  <version>1.10.0</version>
+  <version>1.11.3</version>
  <packaging>pom</packaging>
  <modules>
    <module>backend</module>
@ -262,7 +262,7 @@
      <dependency>
        <groupId>org.apache.kafka</groupId>
        <artifactId>kafka-clients</artifactId>
-        <version>3.9.0</version>
+        <version>3.9.1</version>
        <exclusions>
          <exclusion>
            <artifactId>snappy-java</artifactId>
--- a/resources/pom.xml
+++ b/resources/pom.xml
@ -4,7 +4,7 @@
  <parent>
    <groupId>ru.micord.ervu.lkrp</groupId>
    <artifactId>fl</artifactId>
-    <version>1.10.0</version>
+    <version>1.11.3</version>
  </parent>

  <groupId>ru.micord.ervu.lkrp.fl</groupId>