diff --git a/.github/workflows/deploy-test.yml b/.github/workflows/deploy-test.yml new file mode 100644 index 00000000..509be4c4 --- /dev/null +++ b/.github/workflows/deploy-test.yml @@ -0,0 +1,78 @@ +name: Develop 브랜치 CI/CD 테스트 + +on: + pull_request: + branches: [ "develop" ] + +permissions: + contents: read + +jobs: + test-develop-cicd: + runs-on: ubuntu-latest + steps: + - name: 소스 코드 체크아웃 + uses: actions/checkout@v3 + + - name: JDK 17 설정 + uses: actions/setup-java@v3 + with: + java-version: '17' + distribution: 'temurin' + + - name: Gradle 캐싱 + uses: actions/cache@v3 + with: + path: | + ~/.gradle/caches + ~/.gradle/wrapper + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} + restore-keys: | + ${{ runner.os }}-gradle- + + - name: application.yml 생성 + run: | + echo "spring: + profiles: + include: dev" > ./src/main/resources/application.yml + shell: bash + + - name: gradlew 실행 권한 부여 + run: chmod +x gradlew + + - name: Gradle 빌드 + run: ./gradlew clean build -x test + + - name: Docker Hub 로그인 + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Docker 이미지 빌드 및 푸시 + run: | + docker build -f Dockerfile -t ${{ secrets.DOCKER_REPO }}/eatssu-dev . + docker push ${{ secrets.DOCKER_REPO }}/eatssu-dev + + - name: 개발 서버에 배포 + uses: appleboy/ssh-action@master + id: deploy-dev + with: + host: ${{ secrets.HOST_DEV }} + username: ${{ secrets.USERNAME }} + port: 22 + key: ${{ secrets.DEV_PRIVATE_KEY }} + script: | + sudo docker ps + sudo docker rm -f $(docker ps -qa) + sudo docker pull ${{ secrets.DOCKER_REPO }}/eatssu-dev + sudo docker run -d -p 9000:9000 \ + -e EATSSU_DB_URL_DEV="${{ secrets.EATSSU_DB_URL_DEV }}" \ + -e EATSSU_DB_USERNAME="${{ secrets.EATSSU_DB_USERNAME }}" \ + -e EATSSU_DB_PASSWORD="${{ secrets.EATSSU_DB_PASSWORD }}" \ + -e EATSSU_JWT_SECRET_DEV="${{ secrets.EATSSU_JWT_SECRET_DEV }}" \ + -e EATSSU_AWS_ACCESS_KEY_DEV="${{ secrets.EATSSU_AWS_ACCESS_KEY_DEV }}" \ + -e EATSSU_AWS_SECRET_KEY_DEV="${{ secrets.EATSSU_AWS_SECRET_KEY_DEV }}" \ + -e EATSSU_SLACK_TOKEN="${{ secrets.EATSSU_SLACK_TOKEN }}" \ + ${{ secrets.DOCKER_REPO }}/eatssu-dev + sudo docker image prune -f diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 00000000..a34b0285 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,118 @@ +name: EAT-SSU Server 개발 & 운영 서버 배포 파이프라인 + +on: + push: + branches: [ "main", "develop" ] + +permissions: + contents: read + +jobs: + CI-CD: + name: CI/CD + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: JDK 17 설치 + uses: actions/setup-java@v3 + with: + java-version: '17' + distribution: 'temurin' + + - name: Gradle 캐싱 + uses: actions/cache@v3 + with: + path: | + ~/.gradle/caches + ~/.gradle/wrapper + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} + restore-keys: | + ${{ runner.os }}-gradle- + + - name: dev 프로필 설정 + if: contains(github.ref, 'dev') + run: | + echo "spring: + profiles: + include: dev" > ./src/main/resources/application.yml + shell: bash + + - name: prod 프로필 설정 + if: contains(github.ref, 'main') + run: | + echo "spring: + profiles: + include: prod" > ./src/main/resources/application.yml + shell: bash + + - name: gradlew 실행 권한 부여 + run: chmod +x gradlew + + - name: Gradle로 빌드 + run: ./gradlew clean build -x test + + - name: Docker Hub 로그인 + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: prod 용 Docker 빌드 및 푸시 + if: contains(github.ref, 'main') + run: | + docker build -f Dockerfile -t ${{ secrets.DOCKER_REPO }}/eatssu-prod . + docker push ${{ secrets.DOCKER_REPO }}/eatssu-prod + + - name: dev 서버 용 Docker 빌드 및 푸시 + if: contains(github.ref, 'dev') + run: | + docker build -f Dockerfile -t ${{ secrets.DOCKER_REPO }}/eatssu-dev . + docker push ${{ secrets.DOCKER_REPO }}/eatssu-dev + + - name: prod에 배포 + uses: appleboy/ssh-action@master + id: deploy-prod + if: contains(github.ref, 'main') + with: + host: ${{ secrets.HOST_PROD }} + username: ubuntu + key: ${{ secrets.PROD_PRIVATE_KEY }} + envs: GITHUB_SHA + script: | + sudo docker ps + sudo docker rm -f $(docker ps -qa) + sudo docker pull ${{ secrets.DOCKER_REPO }}/eatssu-prod + sudo docker run -d -p 9000:9000 \ + -e EATSSU_DB_URL_PROD="${{ secrets.EATSSU_DB_URL_PROD }}" \ + -e EATSSU_DB_USERNAME="${{ secrets.EATSSU_DB_USERNAME }}" \ + -e EATSSU_DB_PASSWORD="${{ secrets.EATSSU_DB_PASSWORD }}" \ + -e EATSSU_JWT_SECRET_PROD="${{ secrets.EATSSU_JWT_SECRET_PROD }}" \ + -e EATSSU_AWS_ACCESS_KEY_PROD="${{ secrets.EATSSU_AWS_ACCESS_KEY_PROD }}" \ + -e EATSSU_AWS_SECRET_KEY_PROD="${{ secrets.EATSSU_AWS_SECRET_KEY_PROD }}" \ + -e EATSSU_SLACK_TOKEN="${{ secrets.EATSSU_SLACK_TOKEN }}" \ + ${{ secrets.DOCKER_REPO }}/eatssu-prod + sudo docker image prune -f + + - name: dev 서버에 배포 + uses: appleboy/ssh-action@master + id: deploy-dev + if: contains(github.ref, 'dev') + with: + host: ${{ secrets.HOST_DEV }} + username: ${{ secrets.USERNAME }} + port: 22 + key: ${{ secrets.DEV_PRIVATE_KEY }} + script: | + sudo docker ps + sudo docker rm -f $(docker ps -qa) + sudo docker pull ${{ secrets.DOCKER_REPO }}/eatssu-dev + sudo docker run -d -p 9000:9000 \ + -e EATSSU_DB_URL_DEV="${{ secrets.EATSSU_DB_URL_DEV }}" \ + -e EATSSU_DB_USERNAME="${{ secrets.EATSSU_DB_USERNAME }}" \ + -e EATSSU_DB_PASSWORD="${{ secrets.EATSSU_DB_PASSWORD }}" \ + -e EATSSU_JWT_SECRET_DEV="${{ secrets.EATSSU_JWT_SECRET_DEV }}" \ + -e EATSSU_AWS_ACCESS_KEY_DEV="${{ secrets.EATSSU_AWS_ACCESS_KEY_DEV }}" \ + -e EATSSU_AWS_SECRET_KEY_DEV="${{ secrets.EATSSU_AWS_SECRET_KEY_DEV }}" \ + -e EATSSU_SLACK_TOKEN="${{ secrets.EATSSU_SLACK_TOKEN }}" \ + ${{ secrets.DOCKER_REPO }}/eatssu-dev + sudo docker image prune -f diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml deleted file mode 100644 index ed350a06..00000000 --- a/.github/workflows/gradle.yml +++ /dev/null @@ -1,112 +0,0 @@ -name: CI/CD github Actions & Docker - -on: - push: - branches: [ "main", "dev" ] - -permissions: - contents: read - -jobs: - CI-CD: - runs-on: ubuntu-latest - steps: - # JDK setting - github actions에서 사용할 JDK 설정 (aws 과 project의 java 버전과 별도로 관리) - - uses: actions/checkout@v3 - - name: Set up JDK 17 - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'temurin' - - ## gradle caching (빌드 시간 줄이기) - - name: Gradle Caching - uses: actions/cache@v3 - with: - path: | - ~/.gradle/caches - ~/.gradle/wrapper - key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} - restore-keys: | - ${{ runner.os }}-gradle- - - # 환경별 yml 파일 생성(1) - dev - - name: make dev server application.yml - if: contains(github.ref, 'dev') - run: | - cd ./src/main/resources - touch ./application.yml - echo "${{ secrets.YML_DEV }}" > ./application.yml - shell: bash - - # 환경별 yml 파일 생성(2) - prod - - name: make prod server application.yml - if: contains(github.ref, 'main') - run: | - cd ./src/main/resources - touch ./application.yml - echo "${{ secrets.YML_PROD }}" > ./application.yml - shell: bash - - # gradle chmod - - name: Grant execute permission for gradlew - run: chmod +x gradlew - - # gradle build - - name: Build with Gradle - run: ./gradlew clean build -x test - - # docker login - - name: Docker Hub Login - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - # docker build & push to production - - name: Docker build & push to prod - if: contains(github.ref, 'main') - run: | - docker build -f Dockerfile -t ${{ secrets.DOCKER_REPO }}/eatssu-prod . - docker push ${{ secrets.DOCKER_REPO }}/eatssu-prod - - # docker build & push to develop - - name: Docker build & push to dev server - if: contains(github.ref, 'dev') - run: | - docker build -f Dockerfile -t ${{ secrets.DOCKER_REPO }}/eatssu-dev . - docker push ${{ secrets.DOCKER_REPO }}/eatssu-dev - - ## deploy to production - - name: Deploy to prod - uses: appleboy/ssh-action@master - id: deploy-prod - if: contains(github.ref, 'main') - with: - host: ${{ secrets.HOST_PROD }} # EC2 퍼블릭 IPv4 DNS - username: ubuntu - key: ${{ secrets.PROD_PRIVATE_KEY }} - envs: GITHUB_SHA - script: | - sudo docker ps - sudo docker rm -f $(docker ps -qa) - sudo docker pull ${{ secrets.DOCKER_REPO }}/eatssu-prod - sudo docker run -d -p 9000:9000 ${{ secrets.DOCKER_REPO }}/eatssu-prod - sudo docker image prune -f - - ## deploy to develop - - name: Deploy to dev server - uses: appleboy/ssh-action@master - id: deploy-dev - if: contains(github.ref, 'dev') - with: - host: ${{ secrets.HOST_DEV }} # EC2 퍼블릭 IPv4 DNS - username: ${{ secrets.USERNAME }} # ubuntu - port: 22 - key: ${{ secrets.DEV_PRIVATE_KEY }} - script: | - sudo docker ps - sudo docker rm -f $(docker ps -qa) - sudo docker pull ${{ secrets.DOCKER_REPO }}/eatssu-dev - sudo docker run -d -p 9000:9000 ${{ secrets.DOCKER_REPO }}/eatssu-dev - sudo docker image prune -f diff --git a/.gitignore b/.gitignore index a64042c7..4ec9ead9 100644 --- a/.gitignore +++ b/.gitignore @@ -36,14 +36,6 @@ out/ ### VS Code ### .vscode/ -### application files ### -application.yml -application-local.yml -application-dev.yml -application-test.yml -application-prod.yml - - ### Generated files ### /src/main/generated/ diff --git a/src/main/java/ssu/eatssu/domain/auth/infrastructure/SecurityConfig.java b/src/main/java/ssu/eatssu/domain/auth/infrastructure/SecurityConfig.java index 8827919a..341d0146 100644 --- a/src/main/java/ssu/eatssu/domain/auth/infrastructure/SecurityConfig.java +++ b/src/main/java/ssu/eatssu/domain/auth/infrastructure/SecurityConfig.java @@ -23,7 +23,7 @@ @RequiredArgsConstructor public class SecurityConfig { private static final String[] RESOURCE_LIST = { - "/swagger-ui/**", "/v3/api-docs/**", "/swagger-resources/**","/oauths/valid/token", "/admin/img/**", "/css/**", "/js/**", + "/swagger-ui.html", "/swagger-ui/**", "/v3/api-docs/**", "/swagger-resources/**","/oauths/valid/token", "/admin/img/**", "/css/**", "/js/**", "/favicon.ico", "/error/**", "/webjars/**", "/h2-console/**" }; diff --git a/src/main/resources/application-dev.yml b/src/main/resources/application-dev.yml new file mode 100644 index 00000000..73e0008b --- /dev/null +++ b/src/main/resources/application-dev.yml @@ -0,0 +1,99 @@ +## port number +server: + port: 9000 + env: dev + + +spring: + ## Database + datasource: + driver-class-name: com.mysql.cj.jdbc.Driver + url: ${EATSSU_DB_URL_DEV} + username: ${EATSSU_DB_USERNAME} + password: ${EATSSU_DB_PASSWORD} + hikari: + maximum-pool-size: 200 + minimum-idle: 10 + connection-timeout: 2500 + connection-init-sql: SELECT 1 + validation-timeout: 2000 + idle-timeout: 600000 + max-lifetime: 1800000 + + ## JPA + jpa: + hibernate: + ddl-auto: none + properties: + hibernate: + jdbc: + lob: + non_contextual_creation: true + format_sql: false + show_sql: true + + servlet: + multipart: + max-file-size: 20MB + max-request-size: 20MB + +## Auth +jwt: + secret: + key: ${EATSSU_JWT_SECRET_DEV} + token-validity-in-seconds: 86400 + refresh-token-validity-in-seconds: 604800 + +#S3 +cloud: + aws: + credentials: + accessKey: ${EATSSU_AWS_ACCESS_KEY_DEV} + secretKey: ${EATSSU_AWS_SECRET_KEY_DEV} + s3: + bucket: eatssu-bucket + region: + static: ap-northeast-2 + stack: + auto: false + +#Slack +slack: + token: ${EATSSU_SLACK_TOKEN} + +#Swagger +swagger: + url: https://dev.eat-ssu.store + description: Test Server Swagger API + +springdoc: + swagger-ui: + path: /swagger-ui.html + groups-order: DESC + operationsSorter: method + disable-swagger-default-url: true + display-request-duration: true + api-docs: + path: /v3/api-docs + show-actuator: true + default-consumes-media-type: application/json + default-produces-media-type: application/json + paths-to-match: + - /** + +logging: + level: + root: INFO + com.zaxxer.hikari: INFO + +management: + endpoint: + metrics: + enabled: true + prometheus: + enabled: true + + endpoints: + web: + exposure: + include: health, info, metrics, prometheus diff --git a/src/main/resources/application-local.yml b/src/main/resources/application-local.yml new file mode 100644 index 00000000..1a4ffcd6 --- /dev/null +++ b/src/main/resources/application-local.yml @@ -0,0 +1,96 @@ +## port number +server: + port: 9000 + env: local + + +spring: + ## Database + datasource: + driver-class-name: com.mysql.cj.jdbc.Driver + url: ${EATSSU_DB_URL_DEV} + username: ${EATSSU_DB_USERNAME} + password: ${EATSSU_DB_PASSWORD} + + ## JPA + jpa: + hibernate: + ddl-auto: none + properties: + hibernate: + jdbc: + lob: + non_contextual_creation: true + format_sql: true + show_sql: false + + servlet: + multipart: + max-file-size: 20MB + max-request-size: 20MB + +## Auth +jwt: + secret: + key: ${EATSSU_JWT_SECRET_LOCAL} + token-validity-in-seconds: 86400 + refresh-token-validity-in-seconds: 259200 + +#S3 +cloud: + aws: + credentials: + accessKey: ${EATSSU_AWS_ACCESS_KEY_DEV} + secretKey: ${EATSSU_AWS_SECRET_KEY_DEV} + s3: + bucket: eatssu-bucket + region: + static: ap-northeast-2 + stack: + auto: false + +#Slack +slack: + token: ${EATSSU_SLACK_TOKEN} + +#Swagger +swagger: + url: http://localhost:9000 + description: Test Server Swagger API + +springdoc: + swagger-ui: + # Swagger UI + path: /swagger-ui.html + # Group + groups-order: DESC + # API + operationsSorter: method + # Swagger UI + disable-swagger-default-url: true + # API + display-request-duration: true + api-docs: + path: /v3/api-docs + show-actuator: true + default-consumes-media-type: application/json + default-produces-media-type: application/json + paths-to-match: + - /** + +logging: + level: + root: INFO + com.zaxxer.hikari: INFO + +management: + endpoint: + metrics: + enabled: true + prometheus: + enabled: true + + endpoints: + web: + exposure: + include: health, info, metrics, prometheus diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml new file mode 100644 index 00000000..29d82927 --- /dev/null +++ b/src/main/resources/application-prod.yml @@ -0,0 +1,106 @@ +## port number +server: + port: 9000 + env: prod + + +spring: + ## Database + datasource: + driver-class-name: com.mysql.cj.jdbc.Driver + url: ${EATSSU_DB_URL_PROD} + username: ${EATSSU_DB_USERNAME} + password: ${EATSSU_DB_PASSWORD} + hikari: + maximum-pool-size: 200 + minimum-idle: 20 + connection-timeout: 2500 + connection-init-sql: SELECT 1 + validation-timeout: 2000 + idle-timeout: 600000 + max-lifetime: 1500000 + + ## JPA + jpa: + hibernate: + ddl-auto: none + properties: + hibernate: + jdbc: + lob: + non_contextual_creation: true + format_sql: true + show_sql: false + + servlet: + multipart: + max-file-size: 20MB + max-request-size: 20MB + +## Auth +jwt: + secret: + key: ${EATSSU_JWT_SECRET_PROD} + token-validity-in-seconds: 86400 + refresh-token-validity-in-seconds: 604800 + +#S3 +cloud: + aws: + credentials: + accessKey: ${EATSSU_AWS_ACCESS_KEY_PROD} + secretKey: ${EATSSU_AWS_SECRET_KEY_PROD} + s3: + bucket: eatssu-prod-bucket + region: + static: ap-northeast-2 + stack: + auto: false + +#Slack +slack: + token: ${EATSSU_SLACK_TOKEN} + +#Swagger +swagger: + url: https://eat-ssu.store + description: Prod-Server url + +springdoc: + swagger-ui: + # Swagger UI + path: /swagger-ui.html + # Group + groups-order: DESC + # API + operationsSorter: method + # Swagger UI + disable-swagger-default-url: true + # API + display-request-duration: true + api-docs: + path: /v3/api-docs + show-actuator: true + default-consumes-media-type: application/json + default-produces-media-type: application/json + paths-to-match: + - /** + +logging: + level: + root: INFO + com.zaxxer.hikari: INFO + + +management: + endpoint: + metrics: + enabled: true + prometheus: + enabled: true + + endpoints: + web: + exposure: + include: health, info, metrics, prometheus + diff --git a/src/main/resources/application-test.yml b/src/main/resources/application-test.yml new file mode 100644 index 00000000..e6835a44 --- /dev/null +++ b/src/main/resources/application-test.yml @@ -0,0 +1,74 @@ +## port number +server: + port: 9000 + + +spring: + ## Database + datasource: + driver-class-name: com.mysql.cj.jdbc.Driver + url: ${EATSSU_DB_URL_TEST} + username: ${EATSSU_DB_USERNAME_TEST} + password: ${EATSSU_DB_PASSWORD_TEST} + + ## JPA + jpa: + hibernate: + ddl-auto: update + properties: + hibernate: +# jdbc: + lob: + non_contextual_creation: true + format_sql: true + show_sql: true + dialect: org.hibernate.dialect.MySQLDialect + + servlet: + multipart: + max-file-size: 20MB + max-request-size: 20MB + +## Auth +jwt: + secret: + key: ${EATSSU_JWT_SECRET_TEST} + token-validity-in-seconds: 86400 + refresh-token-validity-in-seconds: 259200 + +#S3 +cloud: + aws: + credentials: + accessKey: ${EATSSU_AWS_ACCESS_KEY_PROD} + secretKey: ${EATSSU_AWS_SECRET_KEY_PROD} + s3: + bucket: eatssu-dev-bucket + region: + static: ap-northeast-2 + stack: + auto: false + +#Slack +slack: + token: ${EATSSU_SLACK_TOKEN} + +#Swagger +swagger: + url: http://localhost:9000 + description: Test Server Swagger API + +springdoc: + swagger-ui: + path: /swagger-ui.html + groups-order: DESC + operationsSorter: method + disable-swagger-default-url: true + display-request-duration: true + api-docs: + path: /v3/api-docs + show-actuator: true + default-consumes-media-type: application/json + default-produces-media-type: application/json + paths-to-match: + - /** \ No newline at end of file diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml new file mode 100644 index 00000000..fc14e1c2 --- /dev/null +++ b/src/main/resources/application.yml @@ -0,0 +1,6 @@ +spring: + profiles: +# include : prod +# include : dev + include : local +# include: test