ok-su-su · wjdtkdgns · Nov 21, 2023 · Nov 19, 2023 · Nov 19, 2023 · Nov 19, 2023
diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml
@@ -28,6 +28,20 @@ jobs:
           kotlin-version: ${{ matrix.kotlin-version }}
           distribution: 'adopt'
 
+      - name: Cache SonarCloud packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+
+      - name: Cache Gradle packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.gradle/caches
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
+          restore-keys: ${{ runner.os }}-gradle
+
       # 빌드, ktlint check도 진행됨
       - name: Gradle Clean & Build
         run: ./gradlew clean build

diff --git a/.github/workflows/Deploy.yml b/.github/workflows/Deploy.yml
@@ -0,0 +1,94 @@
+name: Deploy
+
+on:
+  push:
+    branches: ['develop']
+
+env:
+  ACTIVE_PROFILE: "prod"
+  DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
+  DOCKERHUB_IMAGE_NAME: ${{ secrets.DOCKERHUB_IMAGE_NAME }}
+  DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
+
+permissions:
+  contents: read
+
+jobs:
+  build_and_push:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        kotlin-version: [ "1.8.22" ]
+        java-version: [ "17" ]
+
+    steps:
+      - name: Check Out The Repository
+        uses: actions/checkout@v3
+
+      - name: Set up Kotlin
+        uses: actions/setup-java@v3
+        with:
+          java-version: ${{ matrix.java-version }}
+          kotlin-version: ${{ matrix.kotlin-version }}
+          distribution: 'corretto'
+
+      - name: Grant execute permission for gradlew
+        run: chmod +x ./gradlew
+
+
+      - name: Build with Gradle
+        run: ./gradlew build --no-daemon
+
+      - name: Make image tag
+        run: echo "IMAGE_TAG=$ACTIVE_PROFILE-${GITHUB_SHA::7}" >> $GITHUB_ENV # activeProfile-커밋 hash 값
+
+      - name: Docker build and push
+        run: |
+          docker login -u $DOCKERHUB_USERNAME -p $DOCKERHUB_PASSWORD
+          docker build -t $DOCKERHUB_USERNAME/$DOCKERHUB_IMAGE_NAME:${{env.IMAGE_TAG}} .
+          docker push $DOCKERHUB_USERNAME/$DOCKERHUB_IMAGE_NAME:${{env.IMAGE_TAG}}
+
+      - name: Get Public IP
+        id: publicip
+        run: |
+          response=$(curl -s canhazip.com)
+          echo "ip='$response'" >> $GITHUB_OUTPUT
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ secrets.AWS_REGION }}
+
+      - name: Add GitHub IP to AWS
+        run: |
+          aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port ${{ secrets.EC2_SSH_PORT }} --cidr ${{ steps.publicip.outputs.ip  }}/32
+
+      - name: Deploy
+        uses: appleboy/ssh-action@master
+        with:
+          host: ${{ secrets.EC2_HOST }}
+          username: ${{ secrets.EC2_USERNAME }}
+          key: ${{ secrets.EC2_KEY }}
+          port: ${{ secrets.EC2_SSH_PORT }}
+          timeout: 60s
+          script: |
+            cd susu
+
+            sudo touch .env
+            echo "${{ secrets.ENV_VARS }}" | sudo tee .env > /dev/null
+            echo "IMAGE_TAG=${{ env.IMAGE_TAG }}" >> .env
+
+            sudo docker stop $(sudo docker ps -a -q)
+            sudo docker rm $(sudo docker ps -a -q)
+            sudo docker rmi $(sudo docker images -q)
+            sudo docker pull ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_IMAGE_NAME }}:${{env.IMAGE_TAG}}
+            sudo docker pull ${{ secrets.DOCKERHUB_USERNAME }}/susu-nginx:0.0.1
+            sudo docker-compose -f ~/susu/docker-compose.yml --env-file ~/susu/.env up --build -d
+
+            sudo docker system prune --all -f
+
+      - name: Remove IP FROM security group
+        run: |
+          aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port ${{ secrets.EC2_SSH_PORT }} --cidr ${{ steps.publicip.outputs.ip  }}/32
diff --git a/.gitignore b/.gitignore
@@ -36,4 +36,8 @@ out/
 ### VS Code ###
 .vscode/
 
-mysqldata/
+mysqldata/
+
+.env
+
+docker-compose.prod.yml
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,9 @@
+FROM amazoncorretto:17
+
+ARG JAR_FILE=./build/libs/*.jar
+COPY ${JAR_FILE} app.jar
+
+ARG PROFILE=dev
-ARG PROFILE=dev
+ARG PROFILE=prod
-ARG PROFILE=dev
+ARG PROFILE=prod
+ENV PROFILE=${PROFILE}
+
+ENTRYPOINT ["java","-Dspring.profiles.active=${PROFILE}", "-Djava.security.egd=file:/dev/./urandom","-jar","/app.jar"]
diff --git a/src/main/resources/config/application-dev.yml b/src/main/resources/config/application-dev.yml
@@ -30,9 +30,9 @@ spring:
 
 # DEV-DATABASE-COMMON
 datasource: &dev-datasource
-  url: jdbc:mysql://localhost:3306/susu?useUnicode=true&charset=utf8mb4&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull
-  username: susu
-  password: susu
+  url: jdbc:mysql://${MYSQL_HOST:localhost}:${MYSQL_PORT:3306}/${DB_NAME:susu}?useUnicode=true&charset=utf8mb4&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull
+  username: ${MYSQL_USERNAME:susu}
+  password: ${MYSQL_PASSWORD:susu}
   hikari:
     minimum-idle: 2
     maximum-pool-size: 2