Merge pull request #25 from jisung-in/deploy/19-jisungincokr-deploy

[Deploy] jisungin.co.kr 배포 설정

.github/workflows/jisungin_dev.yml

@@ -0,0 +1,124 @@
+name: jisungin_dev
+
+on:
+  push:
+    branches: [ "develop" ]
+  pull_request:
+    branches: [ "develop" ]
+
+jobs:
+  develop:
+    # 실행 환경
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      # JDK 17
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+
+      # Gradle Caching
+      - name: Gradle Caching
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.gradle/caches
+            ~/.gradle/wrapper
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+          restore-keys: |
+            ${{ runner.os }}-gradle-
+
+      # application-dev.yml
+      - name: Copy dev Secret
+        env:
+          DEV_SECRET: ${{ secrets.APPLICATION_DEV_YML }}
+          DEV_SECRET_DIR: src/main/resources
+          DEV_SECRET_DIR_FILE_NAME: application-dev.yml
+        run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME
+
+      # application-oauth.yml
+      - name: Copy oauth Secret
+        env:
+          DEV_SECRET: ${{ secrets.APPLICATION_OAUTH_YML }}
+          DEV_SECRET_DIR: src/main/resources
+          DEV_SECRET_DIR_FILE_NAME: application-oauth.yml
+        run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME
+
+      # application-jwt.yml
+      # - name: Copy jwt Secret
+      #   env:
+      #     DEV_SECRET: ${{ secrets.APPLICATION_JWT_YML }}
+      #     DEV_SECRET_DIR: src/main/resources
+      #     DEV_SECRET_DIR_FILE_NAME: application-jwt.yml
+      #   run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME
+
+      # ./gradlew 권한 설정
+      - name: ./gradlew 권한 설정
+        run: chmod +x ./gradlew
+
+      # Gradle Build
+      - name: Build with Gradle
+        run: |
+          ./gradlew clean
+          ./gradlew compileJava
+          ./gradlew build
+
+      # Docker Build하고 DockerHub에 Push
+      - name: Docker Build & Push to DockerHub
+        run: |
+          docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
+          docker build -t ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPO }}:latest .
+          docker push ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPO }}:latest
+
+      # GitHub IP를 요청
+      - name: Get GitHub IP
+        id: ip
+        uses: haythem/[email protected]
+
+      # AWS 세팅
+      - name: AWS Setting
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
+          aws-region: ap-northeast-2
+
+      # GitHub IP를 AWS에 추가
+      - name: Add GitHub IP to AWS
+        run: |
+          aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
+
+      # docker-compose.yml 파일 EC2로 복사
+      - name: Copy docker-compose.yml to EC2
+        uses: appleboy/scp-action@master
+        with:
+          host: ${{ secrets.EC2_HOST }}
+          username: ${{ secrets.EC2_USERNAME }}
+          key: ${{ secrets.KEY }}
+          port: 22
+          source: "./docker-compose.yml"
+          target: "./jisungin"
+
+      # SSH Key로 서버에 접속하고 docker-compose image를 pull 받고 실행하기
+      - name: Access Server with SSH Key, pull and execute docker-compose image
+        uses: appleboy/[email protected]
+        with:
+          host: ${{ secrets.EC2_HOST }}
+          username: ${{ secrets.EC2_USERNAME }}
+          key: ${{ secrets.KEY }}
+          port: 22
+          script: |
+            cd jisungin
+            sudo docker-compose down
+            sudo docker-compose pull
+            sudo docker-compose up -d
+            sudo docker image prune -f
+
+      # Security Group에서 Github IP를 삭제
+      - name: Remove Github IP From Security Group
+        run: |
+          aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32

Dockerfile

@@ -0,0 +1,4 @@
+FROM openjdk:17-jdk
+ARG JAR_FILE=build/libs/*.jar
+COPY ${JAR_FILE} /app.jar
+ENTRYPOINT ["java", "-jar", "/app.jar"]

docker-compose.yml

@@ -0,0 +1,16 @@
+version: '3'
+
+services:
+  springboot:
+    container_name: spring-dev # ec2 내에서 동작하는 컨테이너명
+    image: jisungincokr/develop:latest
+    ports:
+      - 8080:8080
+    environment:
+      SPRING_PROFILES_ACTIVE: dev-env # 사용할 profile
+    networks:
+      - my_network
+
+networks:
+  my_network:
+    driver: bridge