From 64c808a1cf66140112cbb829061f9a2a4597e30a Mon Sep 17 00:00:00 2001 From: junseoplee <147252523+junseoplee@users.noreply.github.com> Date: Wed, 11 Sep 2024 16:18:42 +0900 Subject: [PATCH] =?UTF-8?q?[Deploy]=20=ED=85=8C=EC=8A=A4=ED=8A=B8=20?= =?UTF-8?q?=EC=84=9C=EB=B2=84=20=EB=B0=B0=ED=8F=AC=20=EC=84=A4=EC=A0=95=20?= =?UTF-8?q?(#11)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * deploy: Github Actions Jobs 추가 (#6) * fix: jwt 개선된 문법으로 수정 (#6) * chore: 상세한 오류 내용 확인을 위한 문구 추가 (#6) * chore: jwt 주석 처리 수정 (#6) * chore: 도커 로그인 방식 최신화 (#6) * chore: 도커 로그인 방식 수정 (#6) * chore: 도커 레포지토리 수정 (#6) * chore: 도커 레포지토리 경로 수정 (#6) * chore: 도커 레포지토리 수정 (#6) * feat: WebConfig 추가 (#6) * chore: 레디스 관련 설정 (#6) --- .github/workflows/someup_dev.yml | 122 ++++++++++++++++++ Dockerfile | 4 + docker-compose.yml | 25 ++++ .../common/auth/token/TokenProvider.java | 6 +- .../backend/common/config/WebConfig.java | 25 ++++ src/main/resources/application.yml | 2 +- 6 files changed, 180 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/someup_dev.yml create mode 100644 Dockerfile create mode 100644 docker-compose.yml create mode 100644 src/main/java/project/backend/common/config/WebConfig.java diff --git a/.github/workflows/someup_dev.yml b/.github/workflows/someup_dev.yml new file mode 100644 index 0000000..c5d5f79 --- /dev/null +++ b/.github/workflows/someup_dev.yml @@ -0,0 +1,122 @@ +name: someup_dev + +on: + push: + branches: [ "develop" ] + pull_request: + branches: [ "develop" ] + +jobs: + develop: + # 실행 환경 + runs-on: ubuntu-22.04 + steps: + - name: Checkout + uses: actions/checkout@v3 + + # JDK 17 + - name: Set up JDK 17 + uses: actions/setup-java@v3 + with: + java-version: '17' + distribution: 'temurin' + + # Gradle Caching + - name: Gradle Caching + uses: actions/cache@v3 + with: + path: | + ~/.gradle/caches + ~/.gradle/wrapper + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} + restore-keys: | + ${{ runner.os }}-gradle- + # application-dev.yml + - name: Copy dev Secret + env: + DEV_SECRET: ${{ secrets.APPLICATION_DEV_YML }} + DEV_SECRET_DIR: src/main/resources + DEV_SECRET_DIR_FILE_NAME: application-dev.yml + run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME + + # application-oauth.yml + - name: Copy oauth Secret + env: + DEV_SECRET: ${{ secrets.APPLICATION_OAUTH_YML }} + DEV_SECRET_DIR: src/main/resources + DEV_SECRET_DIR_FILE_NAME: application-oauth.yml + run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME + + # application-jwt.yml + - name: Copy jwt Secret + env: + DEV_SECRET: ${{ secrets.APPLICATION_JWT_YML }} + DEV_SECRET_DIR: src/main/resources + DEV_SECRET_DIR_FILE_NAME: application-jwt.yml + run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME + + # ./gradlew 권한 설정 + - name: ./gradlew 권한 설정 + run: chmod +x ./gradlew + + # Gradle Build + - name: Build with Gradle + run: | + ./gradlew clean + ./gradlew compileJava + ./gradlew build + + # Docker Build하고 DockerHub에 Push + - name: Docker Build & Push to DockerHub + run: | + docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} + docker build -t ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPO }}:latest . + docker push ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPO }}:latest + + # GitHub IP를 요청 + - name: Get GitHub IP + id: ip + uses: haythem/public-ip@v1.2 + + # AWS 세팅 + - name: AWS Setting + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} + aws-region: ap-northeast-2 + + # GitHub IP를 AWS에 추가 + - name: Add GitHub IP to AWS + run: | + aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32 + + # docker-compose.yml 파일 EC2로 복사 + - name: Copy docker-compose.yml to EC2 + uses: appleboy/scp-action@master + with: + host: ${{ secrets.EC2_HOST }} + username: ${{ secrets.EC2_USERNAME }} + key: ${{ secrets.KEY }} + port: 22 + source: "./docker-compose.yml" + target: "./someup" + + # SSH Key로 서버에 접속하고 docker-compose image를 pull 받고 실행하기 + - name: Access Server with SSH Key, pull and execute docker-compose image + uses: appleboy/ssh-action@v0.1.6 + with: + host: ${{ secrets.EC2_HOST }} + username: ${{ secrets.EC2_USERNAME }} + key: ${{ secrets.KEY }} + port: 22 + script: | + cd someup + sudo docker-compose down + sudo docker-compose pull + sudo docker-compose up -d + sudo docker image prune -f + # Security Group에서 Github IP를 삭제 + - name: Remove Github IP From Security Group + run: | + aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32 diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..e02a9ef --- /dev/null +++ b/Dockerfile @@ -0,0 +1,4 @@ +FROM openjdk:17-jdk +ARG JAR_FILE=build/libs/*.jar +COPY ${JAR_FILE} /app.jar +ENTRYPOINT ["java", "-jar", "/app.jar"] diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..942f3d9 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,25 @@ +services: + springboot: + container_name: someup # ec2내에서 동작하는 컨테이너명 + image: someupsite/someup:latest + ports: + - 8080:8080 + environment: + SPRING_PROFILES_ACTIVE : dev-env # 사용할 profile + networks: + - my_network + + redis: + image: redis + container_name: redis-cache + environment: + REDIS_PASSWORD: password + command: ["redis-server", "--requirepass", "password", "--port", "6379"] + ports: + - 6379:6379 + networks: + - my_network + +networks: + my_network: + driver: bridge diff --git a/src/main/java/project/backend/common/auth/token/TokenProvider.java b/src/main/java/project/backend/common/auth/token/TokenProvider.java index 61007ae..4058b18 100644 --- a/src/main/java/project/backend/common/auth/token/TokenProvider.java +++ b/src/main/java/project/backend/common/auth/token/TokenProvider.java @@ -78,7 +78,7 @@ public TokenResponse createToken(String userId, String email, String role) { public Authentication getAuthentication(String token) { Claims claims = Jwts.parserBuilder() - .setSigningKey(secretKey) + .setSigningKey(key) .build() .parseClaimsJws(token) .getBody(); @@ -104,7 +104,7 @@ public Authentication getAuthentication(String token) { public boolean validate(String token) { try { Jwts.parserBuilder() - .setSigningKey(secretKey) + .setSigningKey(key) .build() .parseClaimsJws(token); return true; @@ -122,7 +122,7 @@ public boolean validate(String token) { public boolean validateExpired(String token) { try { Jwts.parserBuilder() - .setSigningKey(secretKey) + .setSigningKey(key) .build() .parseClaimsJws(token); return true; diff --git a/src/main/java/project/backend/common/config/WebConfig.java b/src/main/java/project/backend/common/config/WebConfig.java new file mode 100644 index 0000000..35bcd65 --- /dev/null +++ b/src/main/java/project/backend/common/config/WebConfig.java @@ -0,0 +1,25 @@ +package project.backend.common.config; + +import org.springframework.context.annotation.Configuration; +import org.springframework.http.HttpMethod; +import org.springframework.web.servlet.config.annotation.CorsRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; + +@Configuration +public class WebConfig implements WebMvcConfigurer { + + @Override + public void addCorsMappings(CorsRegistry registry) { + registry.addMapping("/**") + .allowedOriginPatterns("*") + .allowedMethods( + HttpMethod.GET.name(), + HttpMethod.POST.name(), + HttpMethod.PUT.name(), + HttpMethod.PATCH.name(), + HttpMethod.DELETE.name() + ) + .allowCredentials(true) + .exposedHeaders("*"); + } +} diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 5aa9b71..a3bbd77 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -1,7 +1,7 @@ spring: profiles: active: - local + dev group: local-env: - local