Merge pull request #383 from Team-Sopetit/develop

소프티 전신성형
Team-Sopetit · Feb 10, 2025 · e9ef80e · e9ef80e
2 parents 95c78a7 + 98b5f34
commit e9ef80e
Show file tree

Hide file tree

Showing 6 changed files with 113 additions and 89 deletions.
diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml
@@ -1,60 +1,67 @@
-name: deploy
-
-on:
-  push:
-    branches: [ main ]
-
-jobs:
-  build:
-    runs-on: ubuntu-22.04
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Set up JDK 17
-        uses: actions/setup-java@v3
-        with:
-          java-version: 17
-          distribution: 'temurin'
-          cache: gradle
-
-      - name: Create application-secret.yml
-        run: |
-          pwd
-          touch src/main/resources/application-secret.yml
-          echo "${{ secrets.APPLICATION_SECRET_YML }}" >> src/main/resources/application-secret.yml
-          cat src/main/resources/application-secret.yml
-
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v1-node16
-        with:
-          aws-access-key-id: ${{ secrets.ACCESS_KEY_ID_PROD }}
-          aws-secret-access-key: ${{ secrets.ACCESS_KEY_SECRET_PROD }}
-          aws-region: ap-northeast-2
-
-      - name: Grant execute permission for gradlew
-        run: chmod +x ./gradlew
-        shell: bash
-
-      - name: Build with Gradle
-        run: ./gradlew build
-        shell: bash
-
-      - name: Make zip file
-        run: zip -qq -r ./$GITHUB_SHA.zip .
-        shell: bash
-
-      - name: Upload to AWS S3
-        run: |
-          aws deploy push \
-            --application-name softie-code-deploy \
-            --ignore-hidden-files \
-            --s3-location s3://${{ secrets.AWS_BUCKET_NAME_PROD }}/$GITHUB_SHA.zip \
-            --source .
-
-      - name: Code Deploy
-        run: aws deploy create-deployment --application-name softie-code-deploy
-          --deployment-config-name CodeDeployDefault.AllAtOnce
-          --deployment-group-name prod-group
-          --s3-location bucket=${{ secrets.AWS_BUCKET_NAME_PROD }},bundleType=zip,key=$GITHUB_SHA.zip
+name: deploy-prod
+
+on:
+  push:
+    branches: [ main ]
+
+jobs:
+  build:
+    runs-on: ubuntu-22.04
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          java-version: 17
+          distribution: 'temurin'
+          cache: gradle
+
+      - name: Create application-secret.yml
+        run: |
+          pwd
+          touch src/main/resources/application-secret.yml
+          echo "${{ secrets.APPLICATION_SECRET_YML }}" >> src/main/resources/application-secret.yml
+          cat src/main/resources/application-secret.yml
+
+      - name: build
+        run: |
+          chmod +x gradlew
+          ./gradlew build -x test
+        working-directory: ${{ env.working-directory }}
+        shell: bash
+
+
+      - name: docker build 환경 설정
+        uses: docker/[email protected]
+
+      - name: docker hub 로그인
+        uses: docker/[email protected]
+        with:
+          username: ${{ secrets.DOCKER_LOGIN_USERNAME_PROD }}
+          password: ${{ secrets.DOCKER_LOGIN_ACCESSTOKEN_PROD }}
+
+      - name: docker image 빌드 및 푸시
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          file: ./Dockerfile-prod
+          push: true
+          tags: ${{ secrets.DOCKER_LOGIN_USERNAME_PROD }}/prod
+
+  cd:
+    needs: build
+    runs-on: ubuntu-22.04
+
+    steps:
+      - name: docker 컨테이너 실행
+        uses: appleboy/ssh-action@master
+        with:
+          host: ${{ secrets.SERVER_IP_PROD }}
+          username: ${{ secrets.SERVER_USER_PROD }}
+          key: ${{ secrets.SERVER_KEY_PROD }}
+          script: |
+            cd ~
+            ./deploy.sh
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -6,7 +6,7 @@ on:
       - published
 
 jobs:
-  build:
+  ci:
     runs-on: ubuntu-22.04
 
     steps:
@@ -27,35 +27,42 @@ jobs:
           echo "${{ secrets.APPLICATION_SECRET_YML }}" >> src/main/resources/application-secret.yml
           cat src/main/resources/application-secret.yml
 
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v1-node16
-        with:
-          aws-access-key-id: ${{ secrets.ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.ACCESS_KEY_SECRET }}
-          aws-region: ap-northeast-2
-
-      - name: Grant execute permission for gradlew
-        run: chmod +x ./gradlew
+      - name: build
+        run: |
+          chmod +x gradlew
+          ./gradlew build -x test
+        working-directory: ${{ env.working-directory }}
         shell: bash
 
-      - name: Build with Gradle
-        run: ./gradlew build
-        shell: bash
 
-      - name: Make zip file
-        run: zip -qq -r ./$GITHUB_SHA.zip .
-        shell: bash
+      - name: docker build 환경 설정
+        uses: docker/[email protected]
 
-      - name: Upload to AWS S3
-        run: |
-          aws deploy push \
-            --application-name sopetit-codedeploy \
-            --ignore-hidden-files \
-            --s3-location s3://${{ secrets.AWS_BUCKET_NAME }}/$GITHUB_SHA.zip \
-            --source .
-
-      - name: Code Deploy
-        run: aws deploy create-deployment --application-name sopetit-codedeploy
-          --deployment-config-name CodeDeployDefault.AllAtOnce
-          --deployment-group-name sopetit-group
-          --s3-location bucket=${{ secrets.AWS_BUCKET_NAME }},bundleType=zip,key=$GITHUB_SHA.zip
+      - name: docker hub 로그인
+        uses: docker/[email protected]
+        with:
+          username: ${{ secrets.DOCKER_LOGIN_USERNAME }}
+          password: ${{ secrets.DOCKER_LOGIN_ACCESSTOKEN }}
+
+      - name: docker image 빌드 및 푸시
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          file: ./Dockerfile-dev
+          push: true
+          tags: ${{ secrets.DOCKER_LOGIN_USERNAME }}/dev
+
+  cd:
+    needs: ci
+    runs-on: ubuntu-22.04
+
+    steps:
+      - name: docker 컨테이너 실행
+        uses: appleboy/ssh-action@master
+        with:
+          host: ${{ secrets.SERVER_IP }}
+          username: ${{ secrets.SERVER_USER }}
+          key: ${{ secrets.SERVER_KEY }}
+          script: |
+            cd ~
+            ./deploy.sh
diff --git a/Dockerfile-dev b/Dockerfile-dev
@@ -0,0 +1,4 @@
+FROM amd64/amazoncorretto:17
+WORKDIR /app
+COPY ./build/libs/server-0.0.1-SNAPSHOT.jar /app/Sofite.jar
+CMD ["java", "-Duser.timezone=Asia/Seoul" ,"-jar", "-Dspring.profiles.active=dev","Sofite.jar"]
diff --git a/Dockerfile-prod b/Dockerfile-prod
@@ -0,0 +1,4 @@
+FROM amd64/amazoncorretto:17
+WORKDIR /app
+COPY ./build/libs/server-0.0.1-SNAPSHOT.jar /app/Sofite.jar
+CMD ["java", "-Duser.timezone=Asia/Seoul" ,"-jar", "-Dspring.profiles.active=prod","Sofite.jar"]
diff --git a/build.gradle b/build.gradle
@@ -35,6 +35,7 @@ dependencies {
     implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
     implementation 'org.springframework.boot:spring-boot-starter-security'
     implementation 'org.springframework.boot:spring-boot-starter-web'
+    implementation 'org.springframework.boot:spring-boot-starter-actuator'
     implementation 'org.springframework.boot:spring-boot-starter-validation'
     compileOnly 'org.projectlombok:lombok'
     runtimeOnly 'com.h2database:h2'

diff --git a/src/main/java/com/soptie/server/config/SecurityConfig.java b/src/main/java/com/soptie/server/config/SecurityConfig.java
@@ -69,6 +69,7 @@ private void authorizeHttpRequests(HttpSecurity http) throws Exception {
 				.requestMatchers(new AntPathRequestMatcher("/api/v1/versions/client/app")).permitAll()
 				.requestMatchers(new AntPathRequestMatcher("/api/v2/routines/daily", "GET")).permitAll()
 				.requestMatchers(new AntPathRequestMatcher("/error")).permitAll()
+				.requestMatchers(new AntPathRequestMatcher("/actuator/health")).permitAll()
 				.anyRequest().authenticated()
 		);
 	}