Skip to content

Commit

Permalink
feat: CICD 파이프라인 구축 (#86) (KAN-150) (#89)
Browse files Browse the repository at this point in the history
  • Loading branch information
ywonchae1 authored Nov 6, 2024
1 parent 53c846e commit a559e21
Show file tree
Hide file tree
Showing 6 changed files with 156 additions and 1 deletion.
91 changes: 91 additions & 0 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@

name: Production 배포
runs-on: ubuntu-latest

steps:
- name: 기본 체크아웃
uses: actions/checkout@v3

- name: JDK 21 버전 설정
uses: actions/setup-java@v3
with:
distribution: 'corretto'
java-version: '21'

- name: Gradlew 실행 권한 설정
run: chmod +x ./gradlew

- name: Gradle 빌드
id: gradle
uses: gradle/gradle-build-action@v2
with:
arguments: |
build
--scan
-x test
cache-read-only: ${{ github.ref != 'refs/heads/main' && github.ref != 'refs/heads/develop' }}

- name: Dockerhub 로그인
uses: docker/login-action@v3
with:
username: ${{ env.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}

- name: Docker 메타데이터 추출
id: metadata
uses: docker/[email protected]
env:
DOCKERHUB_IMAGE_FULL_NAME: ${{ env.DOCKERHUB_USERNAME }}/${{ env.DOCKERHUB_IMAGE_NAME }}
with:
images: ${{ env.DOCKERHUB_IMAGE_FULL_NAME }}
tags:
${{ github.run_number }}
flavor: |
latest=false
- name: Docker 이미지 빌드 및 도커허브로 푸시
uses: docker/[email protected]
with:
file: scripts/Dockerfile
context: .
push: true
tags: ${{ steps.metadata.outputs.tags }}

- name: 환경변수 주입
run: |
echo "${{ secrets.APPLICATION_SECRETS }}" > .env
- name: 서버로 .env 파일 전송
uses: burnett01/[email protected]
with:
switches: -avzr --delete
remote_host: ${{ secrets.EC2_HOST }}
remote_user: ${{ secrets.EC2_USERNAME }}
remote_key: ${{ secrets.EC2_PRIVATE_KEY }}
path: .env
remote_path: /home/${{ secrets.EC2_USERNAME }}/

- name: 서버로 docker compose 파일 전송
uses: burnett01/[email protected]
with:
switches: -avzr --delete
remote_host: ${{ secrets.EC2_HOST }}
remote_user: ${{ secrets.EC2_USERNAME }}
remote_key: ${{ secrets.EC2_PRIVATE_KEY }}
path: scripts/docker-compose.yml
remote_path: /home/${{ secrets.EC2_USERNAME }}/

- name: EC2로 배포
uses: appleboy/ssh-action@master
env:
IMAGE_FULL_URL: ${{ steps.metadata.outputs.tags }}
with:
host: ${{ secrets.EC2_HOST }}
username: ${{ secrets.EC2_USERNAME }}
key: ${{ secrets.EC2_PRIVATE_KEY }}
envs: IMAGE_FULL_URL, DOCKERHUB_IMAGE_NAME
script: |
echo "${{ secrets.DOCKERHUB_ACCESS_TOKEN }}" | docker login -u "${{ env.DOCKERHUB_USERNAME }}" --password-stdin
docker compose down --remove-orphans
docker system prune -f
docker compose up --build -d
5 changes: 5 additions & 0 deletions scripts/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
FROM optimoz/openjre-21.0.3:0.4
ARG JAR_FILE=build/libs/*.jar
COPY ${JAR_FILE} app.jar
EXPOSE 8080
ENTRYPOINT ["java", "-Dspring.profiles.active=prod", "-jar", "/app.jar"]
45 changes: 45 additions & 0 deletions scripts/docker-compose.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
version: "3.3"
services:
traefik:
image: "traefik:v3.2"
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entryPoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
#- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myresolver.acme.email=meonghanyang@gmail.com"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "443:443"
- "8000:8080"
volumes:
- "./config:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
networks:
- mhn-net
server:
image: ${IMAGE_FULL_URL}
container_name: ${DOCKERHUB_IMAGE_NAME}
restart: always
environment:
- TZ=Asia/Seoul
ports:
- '8080:8080'
env_file: .env
volumes:
- "./client_secret.json:/client_secret.json"
labels:
- "traefik.enable=true"
- "traefik.http.routers.server.rule=Host(`api.meonghanyang.kro.kr`)"
- "traefik.http.routers.server.entrypoints=websecure"
- "traefik.http.routers.server.tls.certresolver=myresolver"
- "traefik.http.services.server.loadbalancer.server.port=8080"
networks:
- mhn-net
networks:
mhn-net:
name: mhn-net
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ public OpenAPI openAPI() {

Server productionServer = new Server();
productionServer.setDescription("Production Server");
productionServer.setUrl("https://my-server-name.com");
productionServer.setUrl("https://api.meonghanyang.kro.kr");

Server localServer = new Server();
localServer.setDescription("Local Server");
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
public CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(List.of("http://localhost:3000"));
configuration.addAllowedOriginPattern("*");
configuration.addAllowedMethod("*");
configuration.addAllowedHeader("*");
configuration.addExposedHeader("Authorization");
Expand Down
13 changes: 13 additions & 0 deletions src/main/resources/application-prod.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
spring:
config:
activate:
on-profile: prod
import: optional:application-secret.properties
jpa:
show-sql: true
properties:
hibernate:
format_sql: true
default_batch_fetch_size: 100
hibernate:
ddl-auto: create

0 comments on commit a559e21

Please sign in to comment.