From 58ef035512a913dcfb1b1058ee7b130aafa310fd Mon Sep 17 00:00:00 2001
From: Sanghoon Jeong <67852689+wjdtkdgns@users.noreply.github.com>
Date: Tue, 21 Nov 2023 11:25:40 +0900
Subject: [PATCH] =?UTF-8?q?Feature:=20=EB=B0=B0=ED=8F=AC=20=EC=84=B8?=
 =?UTF-8?q?=ED=8C=85=20(#5)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* feat: action workflow 작성 #3

* fix: workflow needs 오타 수정 #3

* fix: workflow 수정 #3

* fix: 오타 수정 #3

* feat: secret test 추가 #3

* feat: action test 추가 #3

* fix: docker login 방식 변경 #3

* fix: workflow script 수정 #3

* feat: dockerfile 생성 및 jdk 변경 #3

* fix: docker 명령어 수정 #3

* chore: 주석 삭제 #3

* fix: docker 명령어 수정 #3

* feat: nginx 추가 #3

* fix: 오타 수정 #3

* feat: nginx pull 명령어 추가 #3

* fix: workflow job 통합 #3

* fix: docker pull 명령어 수정 #3

* fix: docker-compose로 변경 #3

* fix: action 브랜치 수정 #3

* fix: deploy branch prod로 변경 #3

* fix: gradle cache key 변경 #3

* fix: gradle cache key, path 변경 #3

* fix: gradle cache key 변경 #3

* fix: no daemon 추가 #3

* fix: gradle cache 주석처리 #3

* feat: remove mysql data #3

* feat: run script 수정 #3
---
 .github/workflows/CI.yml                      | 27 +++++-
 .github/workflows/Deploy.yml                  | 94 +++++++++++++++++++
 .gitignore                                    |  6 +-
 Dockerfile                                    |  9 ++
 src/main/resources/config/application-dev.yml |  6 +-
 .../resources/config/application-prod.yml     | 47 ++++++++++
 6 files changed, 182 insertions(+), 7 deletions(-)
 create mode 100644 .github/workflows/Deploy.yml
 create mode 100644 Dockerfile
 create mode 100644 src/main/resources/config/application-prod.yml

diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml
index eed85670..df40929f 100644
--- a/.github/workflows/CI.yml
+++ b/.github/workflows/CI.yml
@@ -26,11 +26,25 @@ jobs:
         with:
           java-version: ${{ matrix.java-version }}
           kotlin-version: ${{ matrix.kotlin-version }}
-          distribution: 'adopt'
+          distribution: 'corretto'
+
+      - name: Cache SonarCloud packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+
+      - name: Cache Gradle packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.gradle/caches
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle', '*.gradle') }}
+          restore-keys: ${{ runner.os }}-gradle
 
       # 빌드, ktlint check도 진행됨
       - name: Gradle Clean & Build
-        run: ./gradlew clean build
+        run: ./gradlew clean build --no-daemon
 
       # 컨테이너 실행
       - name: Start containers  # test 돌릴때 mysql 필요
@@ -38,7 +52,14 @@ jobs:
 
       # jacoco, sonarcube
       - name: test and analyze
-        run: ./gradlew test sonar --stacktrace
+        run: ./gradlew test sonar --stacktrace --no-daemon
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUBTOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+
+      - name: docker stop and remove mysqldata
+        run: |
+          sudo docker stop $(sudo docker ps -a -q)
+          sudo docker rm $(sudo docker ps -a -q)
+          sudo docker rmi $(sudo docker images -q)
+          sudo rm -rf mysqldata
\ No newline at end of file
diff --git a/.github/workflows/Deploy.yml b/.github/workflows/Deploy.yml
new file mode 100644
index 00000000..7038f0c3
--- /dev/null
+++ b/.github/workflows/Deploy.yml
@@ -0,0 +1,94 @@
+name: Deploy
+
+on:
+  push:
+    branches: ['main']
+
+env:
+  ACTIVE_PROFILE: "prod"
+  DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
+  DOCKERHUB_IMAGE_NAME: ${{ secrets.DOCKERHUB_IMAGE_NAME }}
+  DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
+
+permissions:
+  contents: read
+
+jobs:
+  build_and_push:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        kotlin-version: [ "1.8.22" ]
+        java-version: [ "17" ]
+
+    steps:
+      - name: Check Out The Repository
+        uses: actions/checkout@v3
+
+      - name: Set up Kotlin
+        uses: actions/setup-java@v3
+        with:
+          java-version: ${{ matrix.java-version }}
+          kotlin-version: ${{ matrix.kotlin-version }}
+          distribution: 'corretto'
+
+      - name: Grant execute permission for gradlew
+        run: chmod +x ./gradlew
+
+
+      - name: Build with Gradle
+        run: ./gradlew build --no-daemon
+
+      - name: Make image tag
+        run: echo "IMAGE_TAG=$ACTIVE_PROFILE-${GITHUB_SHA::7}" >> $GITHUB_ENV # activeProfile-커밋 hash 값
+
+      - name: Docker build and push
+        run: |
+          docker login -u $DOCKERHUB_USERNAME -p $DOCKERHUB_PASSWORD
+          docker build -t $DOCKERHUB_USERNAME/$DOCKERHUB_IMAGE_NAME:${{env.IMAGE_TAG}} .
+          docker push $DOCKERHUB_USERNAME/$DOCKERHUB_IMAGE_NAME:${{env.IMAGE_TAG}}
+
+      - name: Get Public IP
+        id: publicip
+        run: |
+          response=$(curl -s canhazip.com)
+          echo "ip='$response'" >> $GITHUB_OUTPUT
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ secrets.AWS_REGION }}
+
+      - name: Add GitHub IP to AWS
+        run: |
+          aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port ${{ secrets.EC2_SSH_PORT }} --cidr ${{ steps.publicip.outputs.ip  }}/32
+
+      - name: Deploy
+        uses: appleboy/ssh-action@master
+        with:
+          host: ${{ secrets.EC2_HOST }}
+          username: ${{ secrets.EC2_USERNAME }}
+          key: ${{ secrets.EC2_KEY }}
+          port: ${{ secrets.EC2_SSH_PORT }}
+          timeout: 60s
+          script: |
+            cd susu
+            
+            sudo touch .env
+            echo "${{ secrets.ENV_VARS }}" | sudo tee .env > /dev/null
+            echo "IMAGE_TAG=${{ env.IMAGE_TAG }}" >> .env
+            
+            sudo docker stop $(sudo docker ps -a -q)
+            sudo docker rm $(sudo docker ps -a -q)
+            sudo docker rmi $(sudo docker images -q)
+            sudo docker pull ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_IMAGE_NAME }}:${{env.IMAGE_TAG}}
+            sudo docker pull ${{ secrets.DOCKERHUB_USERNAME }}/susu-nginx:0.0.1
+            sudo docker-compose -f ~/susu/docker-compose.yml --env-file ~/susu/.env up --build -d
+
+            sudo docker system prune --all -f
+
+      - name: Remove IP FROM security group
+        run: |
+          aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port ${{ secrets.EC2_SSH_PORT }} --cidr ${{ steps.publicip.outputs.ip  }}/32
diff --git a/.gitignore b/.gitignore
index bf0b45e7..864c22a5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -36,4 +36,8 @@ out/
 ### VS Code ###
 .vscode/
 
-mysqldata/
\ No newline at end of file
+mysqldata/
+
+.env
+
+docker-compose.prod.yml
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 00000000..dcbae74c
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,9 @@
+FROM amazoncorretto:17
+
+ARG JAR_FILE=./build/libs/*.jar
+COPY ${JAR_FILE} app.jar
+
+ARG PROFILE=prod
+ENV PROFILE=${PROFILE}
+
+ENTRYPOINT ["java","-Dspring.profiles.active=${PROFILE}", "-Djava.security.egd=file:/dev/./urandom","-jar","/app.jar"]
diff --git a/src/main/resources/config/application-dev.yml b/src/main/resources/config/application-dev.yml
index 856bf135..fb4eca2b 100644
--- a/src/main/resources/config/application-dev.yml
+++ b/src/main/resources/config/application-dev.yml
@@ -30,9 +30,9 @@ spring:
 
 # DEV-DATABASE-COMMON
 datasource: &dev-datasource
-  url: jdbc:mysql://localhost:3306/susu?useUnicode=true&charset=utf8mb4&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull
-  username: susu
-  password: susu
+  url: jdbc:mysql://${MYSQL_HOST:localhost}:${MYSQL_PORT:3306}/${DB_NAME:susu}?useUnicode=true&charset=utf8mb4&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull
+  username: ${MYSQL_USERNAME:susu}
+  password: ${MYSQL_PASSWORD:susu}
   hikari:
     minimum-idle: 2
     maximum-pool-size: 2
diff --git a/src/main/resources/config/application-prod.yml b/src/main/resources/config/application-prod.yml
new file mode 100644
index 00000000..c47cb78f
--- /dev/null
+++ b/src/main/resources/config/application-prod.yml
@@ -0,0 +1,47 @@
+# ===================================================================
+# Spring Boot Configuration for the prod profile
+# ===================================================================
+
+# SERVER
+server:
+  error:
+    include-exception: true # Include the "exception" attribute.
+    include-stacktrace: always # When to include a "stacktrace" attribute.
+    whitelabel.enabled: true
+
+# LOGGING
+logging:
+  level:
+    root: INFO
+    com.oksusu: DEBUG
+    org.hibernate.SQL: DEBUG
+    org.hibernate.type.descriptor.sql.BasicBinder: TRACE
+    org.springframework.jdbc.core.JdbcTemplate: DEBUG
+    org.springframework.jdbc.core.StatementCreatorUtils: TRACE
+    org.springframework.orm.jpa.JpaTransactionManager: DEBUG
+    org.springframework.web.server.adapter.HttpWebHandlerAdapter: DEBUG
+    reactor.netty.http.client: DEBUG
+
+# SPRING
+spring:
+  jackson:
+    serialization:
+      indent_output: true
+
+# DEV-DATABASE-COMMON
+datasource: &prod-datasource
+  url: jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT}/${DB_NAME}?useUnicode=true&charset=utf8mb4&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull
+  username: ${MYSQL_USERNAME}
+  password: ${MYSQL_PASSWORD}
+  hikari:
+    minimum-idle: 2
+    maximum-pool-size: 2
+
+# DATABASE
+susu:
+  master.datasource: *prod-datasource
+  jpa:
+    properties:
+      hibernate.format_sql: true
+      hibernate.hbm2ddl.auto: none
+  maximum-jdbc-thread-pool-size: