Merge branch 'main' of github.com-java:vimal-java-dev/vimaltech-contact-api

vimal-java-dev · vimal-java-dev · commit de37de550299 · 2026-04-05T10:18:27.000+05:30
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -1,4 +1,4 @@
-name: Java CI + Docker Publish Pipeline
+name: Java CI + Docker Publish Pipeline + Deploy to VPS
 
 on:
   push:
@@ -35,7 +35,8 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout source code
+        uses: actions/checkout@v4
 
       - name: Log in to GHCR
         uses: docker/login-action@v3
@@ -50,4 +51,20 @@ jobs:
 
       - name: Push Docker image
         run: |
-          docker push ghcr.io/vimal-java-dev/vimaltech-contact-api:latest
+          docker push ghcr.io/vimal-java-dev/vimaltech-contact-api:latest
+
+  deploy:
+    # ✅ CRITICAL CONDITION (owner repo only)
+    if: github.event_name == 'push' && github.repository == 'vimal-java-dev/vimaltech-contact-api'
+    needs: docker
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Deploy to VPS via SSH
+        uses: appleboy/ssh-action@v1.0.3
+        with:
+          host: ${{ secrets.VPS_HOST }}
+          username: ${{ secrets.VPS_USER }}
+          key: ${{ secrets.VPS_SSH_KEY }}
+          script: |
+            /home/deploy/deploy.sh
diff --git a/.gitignore b/.gitignore
@@ -9,6 +9,11 @@ pom.xml.next
 release.properties
 dependency-reduced-pom.xml
 
+#####################
+target/
+temp-repo/
+.m2/
+
 ############################################
 # Logs
 ############################################
@@ -18,7 +23,7 @@ logs/
 ############################################
 # Environment / Secrets
 ############################################
-.env
+.env.dev
 .env.*
 *.env
 *.key
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -1,5 +1,3 @@
-version: "3.9"
-
 services:
 
   postgres:
@@ -15,10 +13,12 @@ services:
     volumes:
       - vimaltech_pgdata:/var/lib/postgresql/data
     healthcheck:
-      test: [ "CMD-SHELL", "pg_isready -U contactuser -d contactdb" ]
+      test: ["CMD-SHELL", "pg_isready -U contactuser -d contactdb"]
       interval: 10s
       timeout: 5s
       retries: 5
+    networks:
+      - monitoring-network
 
   contact-api:
     build: .
@@ -28,9 +28,17 @@ services:
         condition: service_healthy
     ports:
       - "8080:8080"
+    env_file:
+      - .env.prod
     environment:
-      SPRING_PROFILES_ACTIVE: dev
+      SPRING_PROFILES_ACTIVE: prod
     restart: unless-stopped
+    networks:
+      - monitoring-network
 
 volumes:
-  vimaltech_pgdata:
+  vimaltech_pgdata:
+
+networks:
+  monitoring-network:
+    name: monitoring-network
diff --git a/monitoring/docker-compose.yml b/monitoring/docker-compose.yml
@@ -0,0 +1,30 @@
+services:
+
+  prometheus:
+    image: prom/prometheus:latest
+    container_name: vimaltech-prometheus
+    restart: unless-stopped
+    volumes:
+      - ./prometheus/prometheus.yml:/etc/prometheus/prometheus.yml
+    ports:
+      - "9090:9090"
+    networks:
+      - monitoring-network
+
+  grafana:
+    image: grafana/grafana:latest
+    container_name: vimaltech-grafana
+    restart: unless-stopped
+    ports:
+      - "3000:3000"
+    networks:
+      - monitoring-network
+    volumes:
+      - grafana-data:/var/lib/grafana
+
+volumes:
+  grafana-data:
+
+networks:
+  monitoring-network:
+    external: true
diff --git a/monitoring/prometheus/prometheus.yml b/monitoring/prometheus/prometheus.yml
@@ -0,0 +1,8 @@
+global:
+  scrape_interval: 15s
+
+scrape_configs:
+  - job_name: 'contact-api'
+    metrics_path: /actuator/prometheus
+    static_configs:
+      - targets: ['contact-api:8080']
diff --git a/pom.xml b/pom.xml
@@ -87,26 +87,39 @@
 			<groupId>org.flywaydb</groupId>
 			<artifactId>flyway-core</artifactId>
 		</dependency>
+
 		<dependency>
 			<groupId>org.flywaydb</groupId>
 			<artifactId>flyway-database-postgresql</artifactId>
 		</dependency>
+
 		<dependency>
 			<groupId>com.bucket4j</groupId>
 			<artifactId>bucket4j-core</artifactId>
-			<version>8.6.0</version>
+			<version>8.9.0</version>
 		</dependency>
 
 		<dependency>
 			<groupId>com.bucket4j</groupId>
 			<artifactId>bucket4j-redis</artifactId>
-			<version>8.6.0</version>
+			<version>8.9.0</version>
 		</dependency>
 
+		<!-- Spring Redis -->
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-data-redis</artifactId>
 		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-actuator</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>io.micrometer</groupId>
+			<artifactId>micrometer-registry-prometheus</artifactId>
+		</dependency>
 	</dependencies>
 
 	<build>
diff --git a/src/main/java/com/vimaltech/contactapi/config/RateLimitConfig.java b/src/main/java/com/vimaltech/contactapi/config/RateLimitConfig.java
@@ -0,0 +1,30 @@
+package com.vimaltech.contactapi.config;
+
+import com.vimaltech.contactapi.security.IpRateLimitFilter;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+
+@Configuration
+@Profile("prod")
+public class RateLimitConfig {
+
+    @Bean
+    public IpRateLimitFilter ipRateLimitFilter() {
+        return new IpRateLimitFilter();
+    }
+
+    @Bean
+    public FilterRegistrationBean<IpRateLimitFilter> rateLimitFilterRegistration() {
+
+        FilterRegistrationBean<IpRateLimitFilter> registration =
+                new FilterRegistrationBean<>();
+
+        registration.setFilter(ipRateLimitFilter());
+        registration.addUrlPatterns("/*");
+        registration.setOrder(1);
+
+        return registration;
+    }
+}
diff --git a/src/main/java/com/vimaltech/contactapi/security/IpRateLimitFilter.java b/src/main/java/com/vimaltech/contactapi/security/IpRateLimitFilter.java
@@ -2,51 +2,28 @@
 
 import io.github.bucket4j.Bandwidth;
 import io.github.bucket4j.Bucket;
-import io.github.bucket4j.BucketConfiguration;
-import io.github.bucket4j.distributed.proxy.ProxyManager;
-import io.github.bucket4j.redis.lettuce.cas.LettuceBasedProxyManager;
-
-import io.lettuce.core.RedisClient;
-import io.lettuce.core.RedisURI;
 
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Profile;
 import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;
 
 import java.io.IOException;
 import java.time.Duration;
+import java.util.Map;
 import java.util.Optional;
+import java.util.concurrent.ConcurrentHashMap;
 
-@Component
-@Profile("prod")
-public class RedisRateLimitFilter extends OncePerRequestFilter {
-
-    private final ProxyManager<byte[]> proxyManager;
-
-    public RedisRateLimitFilter(
-            @Value("${spring.data.redis.host}") String host,
-            @Value("${spring.data.redis.port}") int port
-    ) {
-
-        RedisURI redisURI = RedisURI.Builder.redis(host)
-                .withPort(port)
-                .build();
-
-        RedisClient redisClient = RedisClient.create(redisURI);
+public class IpRateLimitFilter extends OncePerRequestFilter {
 
-        this.proxyManager = LettuceBasedProxyManager
-                .builderFor(redisClient)
-                .build();
-    }
+    private final Map<String, Bucket> buckets = new ConcurrentHashMap<>();
 
-    private BucketConfiguration configuration() {
-        return BucketConfiguration.builder()
+    private Bucket createBucket() {
+        return Bucket.builder()
                 .addLimit(Bandwidth.simple(10, Duration.ofMinutes(1)))
                 .build();
     }
@@ -57,7 +34,7 @@ protected void doFilterInternal(HttpServletRequest request,
                                     FilterChain filterChain)
             throws ServletException, IOException {
 
-        if (!request.getRequestURI().equals("/api/v1/contact")) {
+        if (!request.getServletPath().startsWith("/api/v1/contact")) {
             filterChain.doFilter(request, response);
             return;
         }
@@ -66,8 +43,7 @@ protected void doFilterInternal(HttpServletRequest request,
                 .map(s -> s.split(",")[0].trim())
                 .orElse(request.getRemoteAddr());
 
-        Bucket bucket = proxyManager.builder()
-                .build(("ip:" + ip).getBytes(), this::configuration);
+        Bucket bucket = buckets.computeIfAbsent(ip, k -> createBucket());
 
         if (bucket.tryConsume(1)) {
             filterChain.doFilter(request, response);
diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml
@@ -35,4 +35,18 @@ logging:
     root: WARN
     com.vimaltech.contactapi: INFO
     org.springframework: WARN
-    org.hibernate: WARN
+    org.hibernate: WARN
+
+management:
+  endpoints:
+    web:
+      exposure:
+        include: health,info,prometheus
+
+  endpoint:
+    health:
+      show-details: never
+
+  metrics:
+    tags:
+      application: contact-api
