From aeef4b176c0a48065c6190f6b56d27a45a62db33 Mon Sep 17 00:00:00 2001
From: jkv <jenskristianvilladsen@gmail.com>
Date: Sun, 20 Mar 2022 21:22:36 +0100
Subject: [PATCH 1/2] Add actuator

---
 pom.xml                             | 19 +++++++++++++++++++
 src/main/resources/application.yaml |  7 +++++++
 2 files changed, 26 insertions(+)

diff --git a/pom.xml b/pom.xml
index 69aef16..3c511ef 100644
--- a/pom.xml
+++ b/pom.xml
@@ -85,6 +85,12 @@
             <groupId>ca.uhn.hapi.fhir</groupId>
             <artifactId>hapi-fhir-jpaserver-subscription</artifactId>
             <version>${project.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>com.zaxxer</groupId>
+                    <artifactId>HikariCP-java7</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
 
         <!-- This dependency includes the JPA server itself, which is packaged separately from the rest of HAPI FHIR -->
@@ -301,6 +307,19 @@
             <version>${spring_boot_version}</version>
         </dependency>
 
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-actuator</artifactId>
+            <version>${spring_boot_version}</version>
+        </dependency>
+
+        <dependency>
+            <groupId>com.zaxxer</groupId>
+            <artifactId>HikariCP</artifactId>
+            <version>5.0.1</version>
+        </dependency>
+
+
         <dependency>
             <groupId>org.junit.jupiter</groupId>
             <artifactId>junit-jupiter-api</artifactId>
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 3131c7e..11da8d1 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -1,3 +1,10 @@
+#Adds the option to go to eg. http://localhost:8080/actuator/env for seeing the running configuration
+management:
+  endpoints:
+    web:
+      exposure:
+        include: "*"
+        exclude: "beans"
 spring:
   main:
     allow-circular-references: true

From da319e8761ed2ef017ed5e9dcbde489a99489123 Mon Sep 17 00:00:00 2001
From: craig mcclendon <XcrigX@users.noreply.github.com>
Date: Wed, 23 Mar 2022 14:12:48 -0500
Subject: [PATCH 2/2] disable springboot actuator endpoints other than 'health'
 for security reasons (#338)

Co-authored-by: Craig McClendon <craig.mcclendon@accenture.com>
---
 src/main/resources/application.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 11da8d1..b03dd76 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -1,10 +1,10 @@
-#Adds the option to go to eg. http://localhost:8080/actuator/env for seeing the running configuration
+#Adds the option to go to eg. http://localhost:8080/actuator/health for seeing the running configuration
+#see https://docs.spring.io/spring-boot/docs/current/reference/html/actuator.html#actuator.endpoints
 management:
   endpoints:
     web:
       exposure:
-        include: "*"
-        exclude: "beans"
+        include: "health"
 spring:
   main:
     allow-circular-references: true