diff --git a/.github/workflows/develop_build_deploy.yml b/.github/workflows/develop_build_deploy.yml new file mode 100644 index 0000000..818524b --- /dev/null +++ b/.github/workflows/develop_build_deploy.yml @@ -0,0 +1,106 @@ +name: develop push Build and Deploy + +on: + push: + branches: [ "develop" ] + +env: + DOCKERHUB_USERNAME: fittheman + DOCKERHUB_IMAGE_NAME: fittheman-server + +jobs: + build-deploy: + runs-on: ubuntu-latest + environment: DEV + + steps: + # 체크아웃 + - name: Checkout + uses: actions/checkout@v4 + + # JDK 17 세팅 + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'temurin' + + # Gradlew 생행 권한 허용 + - name: Grant Execute Permission for Gradlew + run: chmod +x ./gradlew + + # Gradle 빌드 + - name: Build with Gradle + id: gradle + uses: gradle/gradle-build-action@v2 + with: + arguments: | + build + --scan + cache-read-only: ${{ github.ref != 'refs/heads/main' && github.ref != 'refs/heads/develop' }} + + # Dockerhub 로그인 + - name: Login to Dockerhub + uses: docker/login-action@v3 + with: + username: ${{ env.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }} + + # Docker 메타데이터 + - name: Extract Docker metadata + id: metadata + uses: docker/metadata-action@v5.5.0 + env: + DOCKERHUB_IMAGE_FULL_NAME: ${{ env.DOCKERHUB_USERNAME }}/${{ env.DOCKERHUB_IMAGE_NAME }} + with: + images: ${{ env.DOCKERHUB_IMAGE_FULL_NAME }} + tags: | + type=sha,prefix= + + # Docker 이미지 빌드, 도커허브 푸시 + - name: Build and Push Docker image + uses: docker/build-push-action@v3 + with: + context: . + push: true + tags: ${{ steps.metadata.outputs.tags }} # 추출된 도커 메타데이터 tags -> "${DOCKERHUB_USERNAME}/${DOCKERHUB_IMAGE_NAME}:{TAG} + + # EC2 서버로 docker-compose.yml 파일 복사 + - name: Copy docker-compose file to EC2 + uses: burnett01/rsync-deployments@7.0.1 + with: + switches: -avzr --delete + path: docker-compose.yml + remote_host: ${{ secrets.EC2_HOST }} + remote_user: ${{ secrets.EC2_USER }} + remote_key: ${{ secrets.SSH_PRIVATE_KEY }} + remote_path: /home/ubuntu/ + + # EC2 서버로 nginx 파일 복사 + # docker-compose.yml 에서 nginx 컨테이너 실행 시 파일을 마운트하기 위함 + - name: Copy default.conf file to EC2 + uses: burnett01/rsync-deployments@7.0.1 + with: + switches: -avzr --delete + path: ./nginx + remote_host: ${{ secrets.EC2_HOST }} + remote_user: ${{ secrets.EC2_USER }} + remote_key: ${{ secrets.SSH_PRIVATE_KEY }} + remote_path: /home/ubuntu + + # EC2 배포 + - name: Deploy to EC2 Server + uses: appleboy/ssh-action@v1.0.3 + env: + IMAGE_FULL_PATH: ${{ steps.metadata.outputs.tags }} + DOCKERHUB_IMAGE_NAME: ${{ env.DOCKERHUB_IMAGE_NAME }} + with: + host: ${{ secrets.EC2_HOST }} + username: ${{ secrets.EC2_USER }} + key: ${{ secrets.SSH_PRIVATE_KEY }} + envs: IMAGE_FULL_PATH, DOCKERHUB_IMAGE_NAME # docker-compose.yml 에서 사용할 환경 변수 + debug: true + script: | + echo "${{ secrets.DOCKERHUB_ACCESS_TOKEN }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin + docker compose up -d + docker image prune -a -f \ No newline at end of file diff --git a/.github/workflows/develop_pull_request.yml b/.github/workflows/develop_pull_request.yml new file mode 100644 index 0000000..577d77d --- /dev/null +++ b/.github/workflows/develop_pull_request.yml @@ -0,0 +1,36 @@ +name: develop pull request Check and Test + +on: + pull_request: + branches: [ "develop" ] + +jobs: + test: + runs-on: ubuntu-latest + + steps: + # 체크아웃 + - name: Checkout + uses: actions/checkout@v4 + + # ENV 설정 + - name: Load ENV into Environment Variable + run: echo "${{ secrets.ENV }}" >> $GITHUB_ENV + + # JDK 17 세팅 + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'temurin' + + # Gradlew 생행 권한 허용 + - name: Grant Execute Permission for Gradlew + run: chmod +x ./gradlew + + # Gradle setup, check(코드 품질 관리, 테스트) 실행 + - name: Setup Gradle + uses: gradle/gradle-build-action@v2 + with: + arguments: check + cache-read-only: ${{ github.ref != 'refs/heads/main' && github.ref != 'refs/heads/develop' }} \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..f036759 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,4 @@ +FROM amazoncorretto:17-alpine-jdk +ARG JAR_FILE=build/libs/*.jar +COPY ${JAR_FILE} app.jar +ENTRYPOINT ["java", "-jar", "/app.jar"] \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..5dff262 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,55 @@ +services: + backend: # 서버 컨테이너 + image: ${IMAGE_FULL_PATH} + container_name: ${DOCKERHUB_IMAGE_NAME} + expose: # nginx 에서만 접근 가능하도록 expose 설정 + - "8080" + volumes: + - ./app-logs/errors:/logs # 서버 에러 경로 볼륨 마운트 + restart: always + environment: + - TZ=Asia/Seoul + networks: + - "ftm-network" + env_file: # 배포 환경 .env 파일 참조 + - .env + + redis: # Redis 컨테이너 + image: "redis:alpine" + container_name: redis + ports: + - "6379:6379" + environment: + - TZ=Asia/Seoul + networks: + - "ftm-network" + + nginx: # Nginx 컨테이너 + image: "nginx:alpine" + container_name: nginx + ports: + - "80:80" + - "443:443" + restart: always + volumes: + - ./nginx/default.conf:/etc/nginx/conf.d/default.conf + - ./data/certbot/conf:/etc/letsencrypt + - ./data/certbot/www:/var/www/certbot + environment: + - TZ=Asia/Seoul + networks: + - "ftm-network" + depends_on: + - backend + - certbot + + certbot: # certbot 컨테이너 (ssl/tls 인증서 자동 갱신 및 관리 도구) + image: "certbot/certbot" + volumes: + - ./data/certbot/conf:/etc/letsencrypt + - ./data/certbot/www:/var/www/certbot + entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew --quiet && nginx -s reload; sleep 12h & wait $${!}; done;'" + +networks: + ftm-network: + driver: bridge \ No newline at end of file diff --git a/nginx/default.conf b/nginx/default.conf new file mode 100644 index 0000000..c663eb1 --- /dev/null +++ b/nginx/default.conf @@ -0,0 +1,28 @@ +server { + listen 80; + server_name dev-api.fittheman.site; + + location /.well-known/acme-challenge/ { + allow all; + root /var/www/certbot; + } + + location / { + return 301 https://$host$request_uri; + } +} + +server { + listen 443 ssl; + server_name dev-api.fittheman.site; + + ssl_certificate /etc/letsencrypt/live/dev-api.fittheman.site/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev-api.fittheman.site/privkey.pem; + + location / { + proxy_pass http://fittheman-server:8080; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } +} \ No newline at end of file diff --git a/src/test/java/com/ftm/server/ServerApplicationTests.java b/src/test/java/com/ftm/server/ServerApplicationTests.java index add3522..9634091 100644 --- a/src/test/java/com/ftm/server/ServerApplicationTests.java +++ b/src/test/java/com/ftm/server/ServerApplicationTests.java @@ -7,7 +7,5 @@ class ServerApplicationTests { @Test - void contextLoads() { - } - + void contextLoads() {} }