Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Deploy] 테스트 서버 배포 설정 #7

Closed
wants to merge 5 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
119 changes: 119 additions & 0 deletions .github/workflows/someup_dev.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,119 @@
name: someup_dev

on:
push:
branches: [ "develop" ]
pull_request:
branches: [ "develop" ]

jobs:
develop:
# 실행 환경
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v3

# JDK 17
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'

# Gradle Caching
- name: Gradle Caching
uses: actions/cache@v3
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
# application-dev.yml
- name: Copy dev Secret
env:
DEV_SECRET: ${{ secrets.APPLICATION_DEV_YML }}
DEV_SECRET_DIR: src/main/resources
DEV_SECRET_DIR_FILE_NAME: application-dev.yml
run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME

# application-oauth.yml
- name: Copy oauth Secret
env:
DEV_SECRET: ${{ secrets.APPLICATION_OAUTH_YML }}
DEV_SECRET_DIR: src/main/resources
DEV_SECRET_DIR_FILE_NAME: application-oauth.yml
run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME

# application-jwt.yml
# - name: Copy jwt Secret
# env:
# DEV_SECRET: ${{ secrets.APPLICATION_JWT_YML }}
# DEV_SECRET_DIR: src/main/resources
# DEV_SECRET_DIR_FILE_NAME: application-jwt.yml
# run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME

# ./gradlew 권한 설정
- name: ./gradlew 권한 설정
run: chmod +x ./gradlew

# Gradle Build
- name: Build with Gradle
run: |
./gradlew clean
./gradlew compileJava
./gradlew build
# Docker Build하고 DockerHub에 Push
- name: Docker Build & Push to DockerHub
run: |
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
docker build -t ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPO }}:latest .
docker push ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPO }}:latest
# GitHub IP를 요청
- name: Get GitHub IP
id: ip
uses: haythem/public-ip@v1.2

# AWS 세팅
- name: AWS Setting
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
aws-region: ap-northeast-2

# GitHub IP를 AWS에 추가
- name: Add GitHub IP to AWS
run: |
aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
# docker-compose.yml 파일 EC2로 복사
- name: Copy docker-compose.yml to EC2
uses: appleboy/scp-action@master
with:
host: ${{ secrets.EC2_HOST }}
username: ${{ secrets.EC2_USERNAME }}
key: ${{ secrets.KEY }}
port: 22
source: "./docker-compose.yml"
target: "./someup"

# SSH Key로 서버에 접속하고 docker-compose image를 pull 받고 실행하기
- name: Access Server with SSH Key, pull and execute docker-compose image
uses: appleboy/ssh-action@v0.1.6
with:
host: ${{ secrets.EC2_HOST }}
username: ${{ secrets.EC2_USERNAME }}
key: ${{ secrets.KEY }}
port: 22
script: |
cd someup
sudo docker-compose down
sudo docker-compose pull
sudo docker-compose up -d
sudo docker image prune -f
# Security Group에서 Github IP를 삭제
- name: Remove Github IP From Security Group
run: |
aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -40,3 +40,4 @@ out/
application-dev.yml
application-jwt.yml
application-oauth.yml
application-local.yml
4 changes: 4 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
FROM openjdk:17-jdk
ARG JAR_FILE=build/libs/*.jar
COPY ${JAR_FILE} /app.jar
ENTRYPOINT ["java", "-jar", "/app.jar"]
16 changes: 16 additions & 0 deletions docker-compose.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
version: '3'

services:
springboot:
container_name: someup # ec2내에서 동작하는 컨테이너명
image: junseoplee/someup:latest
ports:
- 8080:8080
environment:
SPRING_PROFILES_ACTIVE : dev-env # 사용할 profile
networks:
- my_network

networks:
my_network:
driver: bridge
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ public TokenResponse createToken(String userId, String email, String role) {

public Authentication getAuthentication(String token) {
Claims claims = Jwts.parserBuilder()
.setSigningKey(secretKey)
.setSigningKey(key)
.build()
.parseClaimsJws(token)
.getBody();
Expand All @@ -104,15 +104,11 @@ public Authentication getAuthentication(String token) {
public boolean validate(String token) {
try {
Jwts.parserBuilder()
.setSigningKey(secretKey)
.setSigningKey(key)
.build()
.parseClaimsJws(token);
return true;
} catch (SecurityException | MalformedJwtException e) {
return false;
} catch (UnsupportedJwtException e) {
return false;
} catch (IllegalArgumentException e) {
} catch (SecurityException | MalformedJwtException | UnsupportedJwtException | IllegalArgumentException e) {
return false;
} catch (ExpiredJwtException e) {
return true;
Expand All @@ -122,7 +118,7 @@ public boolean validate(String token) {
public boolean validateExpired(String token) {
try {
Jwts.parserBuilder()
.setSigningKey(secretKey)
.setSigningKey(key)
.build()
.parseClaimsJws(token);
return true;
Expand Down
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
package project.backend.user.repositoy;

import org.springframework.data.redis.repository.configuration.EnableRedisRepositories;
import org.springframework.data.repository.CrudRepository;
import project.backend.user.infra.security.jwt.token.RefreshToken;

@EnableRedisRepositories
public interface RefreshTokenRedisRepository extends CrudRepository<RefreshToken, Long> {

RefreshToken findByRefreshToken(String refreshToken);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@

import java.util.Optional;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.stereotype.Repository;
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
import project.backend.user.domain.User;

@Repository
@EnableJpaRepositories
public interface UserRepository extends JpaRepository<User, Long> {

Optional<User> findByEmail(String email);
Expand Down
3 changes: 1 addition & 2 deletions src/main/resources/application-local.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ spring:
enabled: true

datasource:
url: jdbc:h2:tcp://localhost/~/backend
url: jdbc:h2:mem:testdb
username: sa
driver-class-name: org.h2.Driver

Expand All @@ -27,4 +27,3 @@ spring:
redis:
host: localhost
port: 6379
password: password
2 changes: 1 addition & 1 deletion src/main/resources/application.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
spring:
profiles:
active:
local
dev
group:
local-env:
- local
Expand Down
Loading