icurfer
86064d48f9
All checks were successful
Build And Test / build-and-push (push) Successful in 2m21s
- LogoutView 추가: refresh token 블랙리스트 처리 - OpenTelemetry instrumentation 확장: requests, logging, dbapi - TRACE_CA_CERT TLS 지원 추가 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
92 lines
3.1 KiB
Python
92 lines
3.1 KiB
Python
"""
|
|
WSGI config for auth_prj project.
|
|
|
|
It exposes the WSGI callable as a module-level variable named ``application``.
|
|
|
|
For more information on this file, see
|
|
https://docs.djangoproject.com/en/4.2/howto/deployment/wsgi/
|
|
"""
|
|
|
|
import os
|
|
|
|
# ✅ Django 설정을 미리 불러온다 // 모듈 이름 주의
|
|
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'auth_prj.settings')
|
|
|
|
from django.conf import settings
|
|
from django.core.wsgi import get_wsgi_application
|
|
|
|
# ✅ DEBUG 모드 아닐 때만 OpenTelemetry 활성
|
|
if not settings.DEBUG:
|
|
import grpc
|
|
from opentelemetry import trace
|
|
from opentelemetry.sdk.resources import Resource
|
|
from opentelemetry.sdk.trace import TracerProvider
|
|
from opentelemetry.sdk.trace.export import BatchSpanProcessor
|
|
from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import OTLPSpanExporter
|
|
from opentelemetry.instrumentation.django import DjangoInstrumentor
|
|
from opentelemetry.instrumentation.requests import RequestsInstrumentor
|
|
from opentelemetry.instrumentation.logging import LoggingInstrumentor
|
|
from opentelemetry.instrumentation.dbapi import trace_integration
|
|
import MySQLdb
|
|
|
|
trace.set_tracer_provider(
|
|
TracerProvider(
|
|
resource=Resource.create({
|
|
"service.platform": settings.SERVICE_PLATFORM,
|
|
# "service.name": "msa-django-auth",
|
|
"service.name": settings.TRACE_SERVICE_NAME,
|
|
})
|
|
)
|
|
)
|
|
|
|
# TRACE_CA_CERT 설정에 따른 gRPC credentials 구성
|
|
# - 값이 있고 파일 존재: TLS + 해당 CA 인증서 사용
|
|
# - 값이 없거나 파일 없음: insecure 모드 (TLS 없이 연결)
|
|
credentials = None
|
|
ca_cert_path = os.getenv('TRACE_CA_CERT', '').strip()
|
|
if ca_cert_path and os.path.exists(ca_cert_path):
|
|
with open(ca_cert_path, 'rb') as f:
|
|
ca_cert = f.read()
|
|
credentials = grpc.ssl_channel_credentials(root_certificates=ca_cert)
|
|
insecure = False
|
|
else:
|
|
insecure = True
|
|
|
|
otlp_exporter = OTLPSpanExporter(
|
|
# endpoint="http://jaeger-collector.istio-system:4317",
|
|
# endpoint="jaeger-collector.observability.svc.cluster.local:4317",
|
|
endpoint=settings.TRACE_ENDPOINT,
|
|
insecure=insecure,
|
|
credentials=credentials,
|
|
headers={
|
|
"x-scope-orgid": settings.SERVICE_PLATFORM,
|
|
"x-service": settings.TRACE_SERVICE_NAME
|
|
}
|
|
)
|
|
|
|
trace.get_tracer_provider().add_span_processor(
|
|
BatchSpanProcessor(otlp_exporter)
|
|
)
|
|
|
|
# Django 요청/응답 추적
|
|
DjangoInstrumentor().instrument()
|
|
|
|
# HTTP 클라이언트 요청 추적 (requests 라이브러리)
|
|
RequestsInstrumentor().instrument()
|
|
|
|
# 로그와 Trace 연동 (trace_id, span_id를 로그에 자동 추가)
|
|
LoggingInstrumentor().instrument(set_logging_format=True)
|
|
|
|
# MySQL DB 쿼리 추적
|
|
trace_integration(
|
|
MySQLdb,
|
|
"connect",
|
|
"mysql",
|
|
capture_parameters=True, # 쿼리 파라미터 캡처
|
|
)
|
|
|
|
|
|
from django.core.wsgi import get_wsgi_application
|
|
|
|
application = get_wsgi_application()
|