build: Backend workflow 작성

Author: Louie-03

.github/workflows/gradle.yml

@@ -0,0 +1,81 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will build a package using Gradle and then publish it to GitHub packages when a release is created
+# For more information see: https://github.com/actions/setup-java/blob/main/docs/advanced-usage.md#Publishing-using-gradle
+
+name: Java CI with Gradle
+
+on:
+  push:
+    branches: [ BE-deploy ]
+  pull_request:
+    branches: [ BE-deploy ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./BE
+
+    steps:
+      - uses: actions/checkout@v2
+
+      # JDK11로 gradle 빌드
+      - name: Set up JDK 11
+        uses: actions/setup-java@v2
+        with:
+          java-version: '11'
+          distribution: 'temurin'
+
+      - name: Insert data source information into application.yml
+        run: |
+          sed -i "s|\${DATASOURCE_URL}|$DATASOURCE_URL|g" ./src/main/resources/application.yml
+          sed -i "s|\${DATASOURCE_USERNAME}|$DATASOURCE_USERNAME|g" ./src/main/resources/application.yml
+          sed -i "s|\${DATASOURCE_PASSWORD}|$DATASOURCE_PASSWORD|g" ./src/main/resources/application.yml
+
+          sed -i "s|\${OAUTH_CLIENT_SECRET}|$OAUTH_CLIENT_SECRET|g" ./src/main/resources/oauth.yml
+          sed -i "s|\${OAUTH_ACCESS_SCOPE}|$OAUTH_ACCESS_SCOPE|g" ./src/main/resources/oauth.yml
+          sed -i "s|\${OAUTH_LOGIN_FORM_URL}|$OAUTH_LOGIN_FORM_URL|g" ./src/main/resources/oauth.yml
+          sed -i "s|\${JWT_ISSUER}|$JWT_ISSUER|g" ./src/main/resources/oauth.yml
+          sed -i "s|\${JWT_SECRET_KEY}|$JWT_SECRET_KEY|g" ./src/main/resources/oauth.yml
+
+        env:
+          DATASOURCE_URL: ${{ secrets.DATASOURCE_URL }}
+          DATASOURCE_USERNAME: ${{ secrets.DATASOURCE_USERNAME }}
+          DATASOURCE_PASSWORD: ${{ secrets.DATASOURCE_PASSWORD }}
+          OAUTH_CLIENT_SECRET: ${{ secrets.OAUTH_CLIENT_SECRET }}
+          OAUTH_ACCESS_SCOPE: ${{ secrets.OAUTH_ACCESS_SCOPE }}
+          OAUTH_LOGIN_FORM_URL: ${{ secrets.OAUTH_LOGIN_FORM_URL }}
+          JWT_ISSUER: ${{ secrets.JWT_ISSUER }}
+          JWT_SECRET_KEY: ${{ secrets.JWT_SECRET_KEY }}
+
+      - name: Grant execute permission for gradlew
+        run: chmod +x gradlew
+      - name: Build with Gradle
+        run: ./gradlew build
+
+      # 도커 빌드(도커 이미지 생성)
+      - name: Docker build
+        run: |
+          docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
+          docker build -t ${{ secrets.DOCKER_USERNAME }}/issue-tracker:1.0 .
+          docker push ${{ secrets.DOCKER_USERNAME }}/issue-tracker:1.0
+          docker rmi ${{ secrets.DOCKER_USERNAME }}/issue-tracker:1.0
+
+      # 도커 이미지 배포 및 실행(EC2 ubuntu20.04로 배포)
+      - name: Deploy
+        uses: appleboy/ssh-action@master
+        with:
+          host: ${{ secrets.AWS_HOST_DNS }} #(생성한 인스턴스의 DNS주소)
+          username: ubuntu
+          key: ${{ secrets.SSH_PRIVATE_KEY }} #(인스턴스를 생성할 때 다운받은 pem키안에 값을 모두 복사해서 붙여넣기)
+          envs: GITHUB_SHA
+          script: |
+            sudo docker ps -a -q --filter "name=issue-tracker" | grep -q . && docker stop issue-tracker && docker rm issue-tracker | true
+            sudo docker rmi ${{ secrets.DOCKER_USERNAME }}/issue-tracker:1.0
+            sudo docker pull ${{ secrets.DOCKER_USERNAME }}/issue-tracker:1.0
+            sudo docker run -d -p 80:8080 --name issue-tracker ${{ secrets.DOCKER_USERNAME }}/issue-tracker:1.0
+            sudo docker rmi -f $(docker images -f "dangling=true" -q) || true

.gitignore

@@ -0,0 +1 @@
+.idea

BE/.gitignore

@@ -1,4 +1,3 @@
-oauth.yml
 HELP.md
 .gradle
 build/

BE/Dockerfile

@@ -0,0 +1,17 @@
+# JDK11 이미지 사용
+FROM openjdk:11-jdk
+
+#마운트에 /tmp를 사용하는 이유
+#spring boot의 Tomcat의 default 저장소가 /tmp인데
+#위와 같이 볼륨 마운트를 해주면 호스트의 /var/lib/docker에 임시파일을 만들고
+#컨테이너 안의 /tmp 와 연결할 수 있다는 뜻입니다.
+VOLUME /tmp
+
+# JAR_FILE 변수에 값을 저장
+ARG JAR_FILE=./build/libs/*.jar
+
+# 변수에 저장된 것을 컨테이너 실행시 이름을 app.jar파일로 변경하여 컨테이너에 저장
+COPY ${JAR_FILE} app.jar
+
+# 빌드된 이미지가 run 될 때 실행할 명령어
+ENTRYPOINT ["java","-jar","/app.jar"]

BE/build.gradle

@@ -35,3 +35,12 @@ dependencies {
 tasks.named('test') {
 	useJUnitPlatform()
 }
+
+jar {
+	enabled = false
+}
+bootJar {
+	archivesBaseName = 'app'
+	archiveFileName = 'app.jar'
+	archiveVersion = "0.0.0"
+}

BE/src/main/resources/application.yml

@@ -1,8 +1,8 @@
 spring:
   datasource:
-    url: ${MYSQL_URL}
-    username: ${MYSQL_USER}
-    password: ${MYSQL_PASSWORD}
+    url: ${DATASOURCE_URL}
+    username: ${DATASOURCE_USERNAME}
+    password: ${DATASOURCE_PASSWORD}
     driver-class-name: com.mysql.cj.jdbc.Driver
   sql:
     init:

BE/src/main/resources/oauth.yml

@@ -0,0 +1,12 @@
+oauth:
+  callback_url: http://louie-03/login/callback
+  client_id: 2a6bd51e5e7714959341
+  client_secret: ${OAUTH_CLIENT_SECRET}
+  access_scope: ${OAUTH_ACCESS_SCOPE}
+  access_token_api_url: https://github.com/login/oauth/access_token
+  login_form_url: ${OAUTH_LOGIN_FORM_URL}
+  user_api_url: https://api.github.com/user
+
+jwt:
+  issuer: ${JWT_ISSUER}
+  secret-key: ${JWT_SECRET_KEY}