Feature: 배포 세팅 (#5)

* feat: action workflow 작성 #3

* fix: workflow needs 오타 수정 #3

* fix: workflow 수정 #3

* fix: 오타 수정 #3

* feat: secret test 추가 #3

* feat: action test 추가 #3

* fix: docker login 방식 변경 #3

* fix: workflow script 수정 #3

* feat: dockerfile 생성 및 jdk 변경 #3

* fix: docker 명령어 수정 #3

* chore: 주석 삭제 #3

* fix: docker 명령어 수정 #3

* feat: nginx 추가 #3

* fix: 오타 수정 #3

* feat: nginx pull 명령어 추가 #3

* fix: workflow job 통합 #3

* fix: docker pull 명령어 수정 #3

* fix: docker-compose로 변경 #3

* fix: action 브랜치 수정 #3

* fix: deploy branch prod로 변경 #3

* fix: gradle cache key 변경 #3

* fix: gradle cache key, path 변경 #3

* fix: gradle cache key 변경 #3

* fix: no daemon 추가 #3

* fix: gradle cache 주석처리 #3

* feat: remove mysql data #3

* feat: run script 수정 #3

.github/workflows/CI.yml

@@ -26,19 +26,40 @@ jobs:
         with:
           java-version: ${{ matrix.java-version }}
           kotlin-version: ${{ matrix.kotlin-version }}
-          distribution: 'adopt'
+          distribution: 'corretto'
+
+      - name: Cache SonarCloud packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+
+      - name: Cache Gradle packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.gradle/caches
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle', '*.gradle') }}
+          restore-keys: ${{ runner.os }}-gradle
 
       # 빌드, ktlint check도 진행됨
       - name: Gradle Clean & Build
-        run: ./gradlew clean build
+        run: ./gradlew clean build --no-daemon
 
       # 컨테이너 실행
       - name: Start containers  # test 돌릴때 mysql 필요
         run: docker-compose up -d
 
       # jacoco, sonarcube
       - name: test and analyze
-        run: ./gradlew test sonar --stacktrace
+        run: ./gradlew test sonar --stacktrace --no-daemon
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUBTOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+
+      - name: docker stop and remove mysqldata
+        run: |
+          sudo docker stop $(sudo docker ps -a -q)
+          sudo docker rm $(sudo docker ps -a -q)
+          sudo docker rmi $(sudo docker images -q)
+          sudo rm -rf mysqldata

.github/workflows/Deploy.yml

@@ -0,0 +1,94 @@
+name: Deploy
+
+on:
+  push:
+    branches: ['main']
+
+env:
+  ACTIVE_PROFILE: "prod"
+  DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
+  DOCKERHUB_IMAGE_NAME: ${{ secrets.DOCKERHUB_IMAGE_NAME }}
+  DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
+
+permissions:
+  contents: read
+
+jobs:
+  build_and_push:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        kotlin-version: [ "1.8.22" ]
+        java-version: [ "17" ]
+
+    steps:
+      - name: Check Out The Repository
+        uses: actions/checkout@v3
+
+      - name: Set up Kotlin
+        uses: actions/setup-java@v3
+        with:
+          java-version: ${{ matrix.java-version }}
+          kotlin-version: ${{ matrix.kotlin-version }}
+          distribution: 'corretto'
+
+      - name: Grant execute permission for gradlew
+        run: chmod +x ./gradlew
+
+
+      - name: Build with Gradle
+        run: ./gradlew build --no-daemon
+
+      - name: Make image tag
+        run: echo "IMAGE_TAG=$ACTIVE_PROFILE-${GITHUB_SHA::7}" >> $GITHUB_ENV # activeProfile-커밋 hash 값
+
+      - name: Docker build and push
+        run: |
+          docker login -u $DOCKERHUB_USERNAME -p $DOCKERHUB_PASSWORD
+          docker build -t $DOCKERHUB_USERNAME/$DOCKERHUB_IMAGE_NAME:${{env.IMAGE_TAG}} .
+          docker push $DOCKERHUB_USERNAME/$DOCKERHUB_IMAGE_NAME:${{env.IMAGE_TAG}}
+
+      - name: Get Public IP
+        id: publicip
+        run: |
+          response=$(curl -s canhazip.com)
+          echo "ip='$response'" >> $GITHUB_OUTPUT
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ secrets.AWS_REGION }}
+
+      - name: Add GitHub IP to AWS
+        run: |
+          aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port ${{ secrets.EC2_SSH_PORT }} --cidr ${{ steps.publicip.outputs.ip  }}/32
+
+      - name: Deploy
+        uses: appleboy/ssh-action@master
+        with:
+          host: ${{ secrets.EC2_HOST }}
+          username: ${{ secrets.EC2_USERNAME }}
+          key: ${{ secrets.EC2_KEY }}
+          port: ${{ secrets.EC2_SSH_PORT }}
+          timeout: 60s
+          script: |
+            cd susu
+            
+            sudo touch .env
+            echo "${{ secrets.ENV_VARS }}" | sudo tee .env > /dev/null
+            echo "IMAGE_TAG=${{ env.IMAGE_TAG }}" >> .env
+            
+            sudo docker stop $(sudo docker ps -a -q)
+            sudo docker rm $(sudo docker ps -a -q)
+            sudo docker rmi $(sudo docker images -q)
+            sudo docker pull ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_IMAGE_NAME }}:${{env.IMAGE_TAG}}
+            sudo docker pull ${{ secrets.DOCKERHUB_USERNAME }}/susu-nginx:0.0.1
+            sudo docker-compose -f ~/susu/docker-compose.yml --env-file ~/susu/.env up --build -d
+
+            sudo docker system prune --all -f
+
+      - name: Remove IP FROM security group
+        run: |
+          aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port ${{ secrets.EC2_SSH_PORT }} --cidr ${{ steps.publicip.outputs.ip  }}/32

.gitignore

@@ -36,4 +36,8 @@ out/
 ### VS Code ###
 .vscode/
 
-mysqldata/
+mysqldata/
+
+.env
+
+docker-compose.prod.yml

Dockerfile

@@ -0,0 +1,9 @@
+FROM amazoncorretto:17
+
+ARG JAR_FILE=./build/libs/*.jar
+COPY ${JAR_FILE} app.jar
+
+ARG PROFILE=prod
+ENV PROFILE=${PROFILE}
+
+ENTRYPOINT ["java","-Dspring.profiles.active=${PROFILE}", "-Djava.security.egd=file:/dev/./urandom","-jar","/app.jar"]

src/main/resources/config/application-dev.yml

@@ -30,9 +30,9 @@ spring:
 
 # DEV-DATABASE-COMMON
 datasource: &dev-datasource
-  url: jdbc:mysql://localhost:3306/susu?useUnicode=true&charset=utf8mb4&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull
-  username: susu
-  password: susu
+  url: jdbc:mysql://${MYSQL_HOST:localhost}:${MYSQL_PORT:3306}/${DB_NAME:susu}?useUnicode=true&charset=utf8mb4&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull
+  username: ${MYSQL_USERNAME:susu}
+  password: ${MYSQL_PASSWORD:susu}
   hikari:
     minimum-idle: 2
     maximum-pool-size: 2

src/main/resources/config/application-prod.yml

@@ -0,0 +1,47 @@
+# ===================================================================
+# Spring Boot Configuration for the prod profile
+# ===================================================================
+
+# SERVER
+server:
+  error:
+    include-exception: true # Include the "exception" attribute.
+    include-stacktrace: always # When to include a "stacktrace" attribute.
+    whitelabel.enabled: true
+
+# LOGGING
+logging:
+  level:
+    root: INFO
+    com.oksusu: DEBUG
+    org.hibernate.SQL: DEBUG
+    org.hibernate.type.descriptor.sql.BasicBinder: TRACE
+    org.springframework.jdbc.core.JdbcTemplate: DEBUG
+    org.springframework.jdbc.core.StatementCreatorUtils: TRACE
+    org.springframework.orm.jpa.JpaTransactionManager: DEBUG
+    org.springframework.web.server.adapter.HttpWebHandlerAdapter: DEBUG
+    reactor.netty.http.client: DEBUG
+
+# SPRING
+spring:
+  jackson:
+    serialization:
+      indent_output: true
+
+# DEV-DATABASE-COMMON
+datasource: &prod-datasource
+  url: jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT}/${DB_NAME}?useUnicode=true&charset=utf8mb4&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull
+  username: ${MYSQL_USERNAME}
+  password: ${MYSQL_PASSWORD}
+  hikari:
+    minimum-idle: 2
+    maximum-pool-size: 2
+
+# DATABASE
+susu:
+  master.datasource: *prod-datasource
+  jpa:
+    properties:
+      hibernate.format_sql: true
+      hibernate.hbm2ddl.auto: none
+  maximum-jdbc-thread-pool-size: