From 1ff477d617c9808e8f360f11ed61aa452e12ac03 Mon Sep 17 00:00:00 2001
From: choubung <choubung@sookmyung.ac.kr>
Date: Tue, 18 Nov 2025 18:20:51 +0900
Subject: [PATCH] =?UTF-8?q?fix:=20Cloud=20Run=20=EB=B0=B0=ED=8F=AC=20?=
 =?UTF-8?q?=EC=8B=9C=20=EB=AC=B4=ED=95=9C=20=EB=A6=AC=EB=94=94=EB=A0=89?=
 =?UTF-8?q?=EC=85=98=20=EB=AC=B8=EC=A0=9C=20=ED=95=B4=EA=B2=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- SecurityConfig에서 prod 프로필용 requiresSecure() 설정 제거
- Cloud Run의 TLS Termination으로 인한 HTTP/HTTPS 리디렉션 루프 방지
- HTTPS 처리는 Cloud Run 로드밸런서에 위임
---
 .github/workflows/cd.yml                      |  2 +-
 .../config/auth/SecurityConfig.java           | 24 +++----------------
 2 files changed, 4 insertions(+), 22 deletions(-)

diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
index e80b88e..f6088c2 100644
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -76,7 +76,7 @@ jobs:
           env_vars: |
             SPRING_PROFILES_ACTIVE=prod
             
-            DB_URL=jdbc:mysql://google/mydb?socketFactory=com.google.cloud.sql.mysql.SocketFactory&cloudSqlInstance=${{ secrets.GCP_SQL_CONNECTION_NAME }}&useSSL=false&serverTimezone=UTC&characterEncoding=UTF-8
+            DB_URL=jdbc:mysql:///mydb?socketFactory=com.google.cloud.sql.mysql.SocketFactory&cloudSqlInstance=${{ secrets.GCP_SQL_CONNECTION_NAME }}&useSSL=false&serverTimezone=UTC&characterEncoding=UTF-8
             DB_USERNAME=${{ secrets.DB_USERNAME }}
             DB_PASSWORD=${{ secrets.DB_PASSWORD }}
             GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }}
diff --git a/src/main/java/com/precourse/openMission/config/auth/SecurityConfig.java b/src/main/java/com/precourse/openMission/config/auth/SecurityConfig.java
index d66c069..d3d252d 100644
--- a/src/main/java/com/precourse/openMission/config/auth/SecurityConfig.java
+++ b/src/main/java/com/precourse/openMission/config/auth/SecurityConfig.java
@@ -19,28 +19,8 @@
 public class SecurityConfig {
     private final CustomOAuth2UserService customOAuth2UserService;
 
-    // (운영/배포) 환경 전용 SecurityFilterChain
     @Bean
-    @Profile("prod")
-    public SecurityFilterChain prodFilterChain(HttpSecurity http) throws Exception {
-        http.requiresChannel(channel -> channel
-                .anyRequest().requiresSecure()
-        );
-
-        commonSecurityConfig(http);
-
-        return http.build();
-    }
-
-    @Bean
-    @Profile("!prod")
-    public SecurityFilterChain devFilterChain(HttpSecurity http) throws Exception {
-        commonSecurityConfig(http);
-
-        return http.build();
-    }
-
-    private void commonSecurityConfig(HttpSecurity http) throws Exception {
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http
                 .authorizeHttpRequests((authz) -> authz
                         .requestMatchers("/").permitAll()
@@ -66,6 +46,8 @@ private void commonSecurityConfig(HttpSecurity http) throws Exception {
                                 .userService(customOAuth2UserService)
                         )
                 );
+
+        return http.build();
     }
 
     @Bean