clay commit : ci/cd相关软件安装

docs/.vuepress/config.js

@@ -52,6 +52,14 @@ module.exports = {
           '/wiki/back-build/'
         ]  // 根据自己的需求来订，对应自己在docs下的文件夹名，默认首页是README.md
       },
+      {
+        title: '功能使用',
+        collapsable: false,
+        children: [
+          '/use/spring-amin/',
+        ]  // 根据自己的需求来订，对应自己在docs下的文件夹名，默认首页是README.md
+      },
+
       // {
       //   title: '模块介绍',
       //   collapsable: false,

docs/use/spring-amin/README.md

@@ -0,0 +1,107 @@
+# 监控模块使用
+
+监控模块使用 Spring Boot Admin,配合客户端引入spring-boot-starter-actuator依赖就可以在监控模块中看到对应服务的情况,但是Spring Boot Admin没有权限拦截,所以需要二次权限认证。
+
+## 实现原理
+- 引入 spring security
+
+```xml
+<!--security-->
+<dependency>
+	<groupId>org.springframework.boot</groupId>
+	<artifactId>spring-boot-starter-security</artifactId>
+</dependency>
+```
+
+- 配置 spring security
+```java
+/**
+ * 配置安全认证,以便其他服务注册
+ *
+ * @author Clay
+ * @date 2022/11/10
+ */
+@Configuration
+public class SecuritySecureConfig {
+
+    /**
+     * 应用上下文路径
+     */
+    private final String adminContextPath;
+
+    public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
+        this.adminContextPath = adminServerProperties.getContextPath();
+    }
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
+        successHandler.setTargetUrlParameter("redirectTo");
+        successHandler.setDefaultTargetUrl(adminContextPath + "/");
+        http.authorizeRequests()
+                //1.配置所有静态资源和登录也可以公开访问
+                .antMatchers(adminContextPath + "/assets/**")
+                .permitAll()
+                .antMatchers(adminContextPath + "/login")
+                .permitAll()
+                //2. 其他请求,必须经过认证
+                .antMatchers("/actuator/**","/instances").permitAll()
+                .anyRequest().authenticated()
+                .and()
+                //3. 配置登录和登出路径
+                .formLogin().loginPage(adminContextPath + "/login")
+                .successHandler(successHandler)
+                .and()
+                .logout().logoutUrl(adminContextPath + "/logout");
+
+
+        return http.build();
+    }
+
+    @Bean
+    public HttpHeadersProvider customHttpHeadersProvider() {
+        return (instance) -> {
+            HttpHeaders httpHeaders = new HttpHeaders();
+            httpHeaders.add(SecurityConstants.ACTUATOR_FROM, SecurityConstants.ACTUATOR_FROM_IN);
+            return httpHeaders;
+        };
+    }
+}
+```
+- 在对应的monitor-运行环境.yml 配置用户
+```yaml
+spring:
+  security:
+      user:
+        name: root
+        password: password
+```
+
+## 客户端配置
+- 在对应的application-运行环境.yml 配置actuator暴露信息
+```yaml
+management:
+  endpoints:
+    web:
+      exposure:
+        include: "*"  
+  server:
+    port: 9595 # 服务端口,在使用k8s的情况下,每一个服务都是在单独的一个docker中,所以他们的端口是不会发生冲突的
+  endpoint:
+    health:
+      show-details: ALWAYS
+```
+
+## 效果图
+![](./login.png)
+![](./application.png)
+![](./wallboard.png)
+![](./instances.png)
+
+
+
+
+
+
+
+