update whatap agent build&secret,Deploy

Dockerfile

@@ -4,19 +4,32 @@
 FROM maven:3.9-eclipse-temurin-25 AS builder
 WORKDIR /app
 
-# 의존성 캐시
 COPY pom.xml ./
 RUN --mount=type=cache,target=/root/.m2 \
     mvn -q -DskipTests dependency:go-offline
 
-# 전체 소스 복사
 COPY . .
-
-# 패키징 (테스트 스킵)
 RUN --mount=type=cache,target=/root/.m2 \
     mvn -q -DskipTests package
 
+# =========================
+# 1.5) Whatap Agent unpack stage
+# =========================
+FROM eclipse-temurin:25-jdk AS whatap_agent
+WORKDIR /whatap
 
+# repo root 하위 whatap/whatap.agent.java.tar.gz 를 넣어둔 상태라고 했으니 그대로 복사
+COPY whatap/whatap.agent.java.tar.gz /tmp/whatap.agent.java.tar.gz
+
+RUN set -eux; \
+    mkdir -p /whatap; \
+    tar -xzf /tmp/whatap.agent.java.tar.gz -C /whatap; \
+    rm -f /tmp/whatap.agent.java.tar.gz; \
+    ls -al /whatap; \
+    # 버전이 붙은 jar명을 고정 파일명으로 링크/복사해두면 운영이 편함
+    AGENT_JAR="$(ls -1 /whatap/whatap.agent*.jar 2>/dev/null | head -n 1)"; \
+    test -n "$AGENT_JAR"; \
+    cp -f "$AGENT_JAR" /whatap/whatap.agent.jar
 
 # =========================
 # 2) jlink로 Slim JRE 생성
@@ -24,10 +37,8 @@ RUN --mount=type=cache,target=/root/.m2 \
 FROM eclipse-temurin:25-jdk AS jre
 WORKDIR /jrebuild
 
-# Fat JAR 복사
 COPY --from=builder /app/target/*.jar ./app.jar
 
-# jdeps + jlink : Spring Boot + Tomcat용 공통 모듈 세트 포함
 RUN set -eux; \
     DEPS="$(jdeps --ignore-missing-deps --multi-release=25 --print-module-deps app.jar)"; \
     jlink --strip-debug --no-man-pages --no-header-files --compress=2 \
@@ -37,28 +48,27 @@ java.logging,java.security.jgss,jdk.security.auth,java.security.sasl,java.instru
 jdk.crypto.ec,jdk.unsupported" \
       --output /opt/jre
 
-
 # =========================
 # 3) Runtime (Distroless)
 # =========================
 FROM gcr.io/distroless/base-debian12:nonroot
 WORKDIR /app
 
-# jlink로 만든 JRE + 앱 복사
-COPY --from=jre     /opt/jre                /opt/jre
-COPY --from=builder /app/target/*.jar       ./app.jar
+COPY --from=jre        /opt/jre              /opt/jre
+COPY --from=builder    /app/target/*.jar     ./app.jar
+
+# ✅ Whatap agent 파일도 런타임에 포함
+COPY --from=whatap_agent /whatap /whatap
 
-# java 실행 경로
 ENV PATH="/opt/jre/bin:${PATH}"
 
-# JVM 옵션
+# ✅ -javaagent는 여기서 기본 탑재 (배포에서 덮어써도 됨)
 ENV JAVA_TOOL_OPTIONS="\
+-javaagent:/whatap/whatap.agent.jar \
 -XX:+UseContainerSupport \
 -XX:MaxRAMPercentage=75 \
 -XX:+ExitOnOutOfMemoryError \
 -XX:+AlwaysActAsServerClassMachine"
 
 EXPOSE 8080
-
-ENTRYPOINT ["java", "-jar", "/app/app.jar"]
-
+ENTRYPOINT ["java", "-jar", "/app/app.jar"]

Dockerfile.bak

@@ -0,0 +1,64 @@
+# =========================
+# 1) Build (Maven + JDK 25)
+# =========================
+FROM maven:3.9-eclipse-temurin-25 AS builder
+WORKDIR /app
+
+# 의존성 캐시
+COPY pom.xml ./
+RUN --mount=type=cache,target=/root/.m2 \
+    mvn -q -DskipTests dependency:go-offline
+
+# 전체 소스 복사
+COPY . .
+
+# 패키징 (테스트 스킵)
+RUN --mount=type=cache,target=/root/.m2 \
+    mvn -q -DskipTests package
+
+
+
+# =========================
+# 2) jlink로 Slim JRE 생성
+# =========================
+FROM eclipse-temurin:25-jdk AS jre
+WORKDIR /jrebuild
+
+# Fat JAR 복사
+COPY --from=builder /app/target/*.jar ./app.jar
+
+# jdeps + jlink : Spring Boot + Tomcat용 공통 모듈 세트 포함
+RUN set -eux; \
+    DEPS="$(jdeps --ignore-missing-deps --multi-release=25 --print-module-deps app.jar)"; \
+    jlink --strip-debug --no-man-pages --no-header-files --compress=2 \
+      --add-modules "$DEPS,\
+java.desktop,java.management,jdk.management,java.sql,java.naming,\
+java.logging,java.security.jgss,jdk.security.auth,java.security.sasl,java.instrument,\
+jdk.crypto.ec,jdk.unsupported" \
+      --output /opt/jre
+
+
+# =========================
+# 3) Runtime (Distroless)
+# =========================
+FROM gcr.io/distroless/base-debian12:nonroot
+WORKDIR /app
+
+# jlink로 만든 JRE + 앱 복사
+COPY --from=jre     /opt/jre                /opt/jre
+COPY --from=builder /app/target/*.jar       ./app.jar
+
+# java 실행 경로
+ENV PATH="/opt/jre/bin:${PATH}"
+
+# JVM 옵션
+ENV JAVA_TOOL_OPTIONS="\
+-XX:+UseContainerSupport \
+-XX:MaxRAMPercentage=75 \
+-XX:+ExitOnOutOfMemoryError \
+-XX:+AlwaysActAsServerClassMachine"
+
+EXPOSE 8080
+
+ENTRYPOINT ["java", "-jar", "/app/app.jar"]
+

k8s/aws/10-petclinic-secret-whatap.yaml

@@ -0,0 +1,31 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: whatap-apm-secret
+  namespace: petclinic-ns
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: aws-secretsmanager
+    kind: ClusterSecretStore
+  target:
+    name: whatap-apm-secret
+    creationPolicy: Owner
+    template:
+      type: Opaque
+      data:
+        paramkey.txt: |
+          ABCDEF
+  data:
+    - secretKey: WHATAP_LICENSE
+      remoteRef:
+        key: /finalproj/dev/whatap-apm
+        property: license
+    - secretKey: WHATAP_SERVER_HOST
+      remoteRef:
+        key: /finalproj/dev/whatap-apm
+        property: server_host
+    - secretKey: WHATAP_MICRO_ENABLED
+      remoteRef:
+        key: /finalproj/dev/whatap-apm
+        property: micro_enabled

k8s/aws/20-petclinic-Deployments-postgre.yaml

@@ -15,7 +15,6 @@ spec:
       labels:
         app: petclinic
     spec:
-      # 🔹 여기: service account 지정
       serviceAccountName: petclinic-sa
 
       nodeSelector:
@@ -27,17 +26,25 @@ spec:
           value: "app"
           effect: "NoSchedule"
 
+      # ✅ (추가) paramkey.txt를 Secret에서 파일로 마운트하기 위한 볼륨
+      volumes:
+        - name: whatap-paramkey
+          secret:
+            secretName: whatap-apm-secret
+            items:
+              - key: paramkey.txt
+                path: paramkey.txt
+
       containers:
         - name: petclinic-container
           image: 723926525504.dkr.ecr.ap-northeast-2.amazonaws.com/eks/petclinic:138ba75
 
-
-          # DB 설정은 ConfigMap / Secret에서 그대로 가져오기
           envFrom:
             - secretRef:
                 name: petclinic-db-secret
+            - secretRef:
+                name: whatap-apm-secret
 
-          # 🔹 여기: Spring profile을 postgres용으로
           env:
             - name: SPRING_PROFILES_ACTIVE
               value: "postgres"
@@ -45,7 +52,26 @@ spec:
               value: "org.postgresql.Driver"
             - name: APP_VERSION
               value: "local"
-              
+
+            # ✅ Whatap + 기존 JVM 옵션 (덮어쓰기 주의 OK)
+            - name: JAVA_TOOL_OPTIONS
+              value: >-
+                -javaagent:/whatap/whatap.agent.jar
+                -Dwhatap.server.host=$(WHATAP_SERVER_HOST)
+                -Dlicense=$(WHATAP_LICENSE)
+                -Dwhatap.micro.enabled=$(WHATAP_MICRO_ENABLED)
+                -Dwhatap.paramkey=/whatap-conf/paramkey.txt
+                -XX:+UseContainerSupport
+                -XX:MaxRAMPercentage=75
+                -XX:+ExitOnOutOfMemoryError
+                -XX:+AlwaysActAsServerClassMachine
+
+          # ✅ (위치 중요) containers[] 내부에 있어야 함
+          volumeMounts:
+            - name: whatap-paramkey
+              mountPath: /whatap-conf
+              readOnly: true
+
           ports:
             - name: http
               containerPort: 8080