feat: ci/cd deploy scripts

.github/workflows/gradle.yml

@@ -0,0 +1,92 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle
+
+name: hero-alignlab-api Gradle CI/CD
+
+# release 브랜치에 push 또는 pull request가 되면 스크립트 실행
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ main ]
+
+# 해당 코드에서 사용될 변수 설정
+env:
+  AWS_REGION: ap-northeast-2
+  PROJECT_NAME: hero-alignlab-api
+  S3_BUCKET_NAME: github-actions-s3-core-bucket
+  CODE_DEPLOY_APP_NAME: hero-alignlab-api
+  CODE_DEPLOY_DEPLOYMENT_GROUP_NAME: hero-alignlab-api-deployment
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+
+    # Github의 워크플로에서 실행될 OS 선택
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+
+      # Secret Setup
+      - name: Set Prod Yml
+        uses: microsoft/variable-substitution@v1
+        with:
+          files: ./src/main/resources/config/application-prod.yml
+        env:
+          spring.data.redis.host: ${{ secrets.SPRING_REDIS_HOST }}
+          spring.data.redis.port: ${{ secrets.SPRING_REDIS_PORT }}
+          hero.master.datasource.url: ${{ secrets.HERO_MASTER_DATASOURCE_URL }}
+          hero.master.datasource.username: ${{ secrets.HERO_MASTER_DATASOURCE_USERNAME }}
+          hero.master.datasource.password: ${{ secrets.HERO_MASTER_DATASOURCE_PASSWORD }}
+          cloud.aws.credentials.accessKey: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          cloud.aws.credentials.secretKey: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+
+      # gradlew 파일 실행권한 설정
+      - name: Grant execute permission for gradlew
+        run: chmod +x ./gradlew
+        shell: bash
+
+      # Gradle build (Test 제외)
+      - name: Build with Gradle
+        run: ./gradlew clean --stacktrace --info build
+        shell: bash
+
+      # AWS 인증 (IAM 사용자 Access Key, Secret Key 활용)
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ env.AWS_REGION }}
+
+      # 빌드 결과물을 S3 버킷에 업로드
+      - name: Upload to AWS S3
+        run: |
+          aws deploy push \
+            --application-name ${{ env.CODE_DEPLOY_APP_NAME }} \
+            --ignore-hidden-files \
+            --s3-location s3://$S3_BUCKET_NAME/$GITHUB_SHA.zip \
+            --source .
+
+      # S3 버킷에 있는 파일을 대상으로 CodeDeploy 실행
+      - name: Deploy to AWS EC2 from S3
+        run: |
+          aws deploy create-deployment \
+            --application-name ${{ env.CODE_DEPLOY_APP_NAME }} \
+            --deployment-config-name CodeDeployDefault.AllAtOnce \
+            --deployment-group-name ${{ env.CODE_DEPLOY_DEPLOYMENT_GROUP_NAME }} \
+            --s3-location bucket=$S3_BUCKET_NAME,key=$GITHUB_SHA.zip,bundleType=zip

appspec.yml

@@ -0,0 +1,38 @@
+version: 0.0
+os: linux
+
+# 배포 파일 설정
+## source: 인스턴스에 복사할 디렉터리 경로
+## destination: 인스턴스에서 파일이 복사되는 위치
+## overwrite: 복사할 위치에 파일이 있는 경우 대체
+files:
+  - source: /
+    destination: /home/ec2-user/apps/hero-aliginlab-api
+    overwrite: yes
+
+# files 섹션에서 복사한 파일에 대한 권한 설정
+## object: 권한이 지정되는 파일 또는 디렉터리
+## pattern (optional): 매칭되는 패턴에만 권한 부여
+## owner (optional): object 의 소유자
+## group (optional): object 의 그룹 이름
+permissions:
+  - object: /
+    pattern: "**"
+    owner: ec2-user
+    group: ec2-user
+
+# 배포 이후에 실행할 일련의 라이프사이클
+# 파일을 설치한 후 `AfterInstall` 에서 기존에 실행중이던 애플리케이션을 종료
+# `ApplicationStart` 에서 새로운 애플리케이션을 실행
+## location: hooks 에서 실행할 스크립트 위치
+## timeout (optional): 스크립트 실행에 허용되는 최대 시간이며, 넘으면 배포 실패로 간주됨
+## runas (optional): 스크립트를 실행하는 사용자
+hooks:
+  AfterInstall:
+    - location: scripts/stop.sh
+      timeout: 60
+      runas: ec2-user
+  ApplicationStart:
+    - location: scripts/start.sh
+      timeout: 60
+      runas: ec2-user

scripts/start.sh

@@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+
+PROJECT_ROOT="/home/ec2-user/apps/hero-alignlab-api"
+JAR_FILE="$PROJECT_ROOT/hero-alignlab-api.jar"
+
+APP_LOG="$PROJECT_ROOT/application.log"
+ERROR_LOG="$PROJECT_ROOT/error.log"
+WARN_LOG="$PROJECT_ROOT/warn.log"
+DEPLOY_LOG="$PROJECT_ROOT/deploy.log"
+
+TIME_NOW=$(date +%c)
+
+# build 파일 복사
+echo "$TIME_NOW > $JAR_FILE 파일 복사" >> $DEPLOY_LOG
+cp $PROJECT_ROOT/build/libs/*.jar $JAR_FILE
+
+# jar 파일 실행
+echo "$TIME_NOW > $JAR_FILE 파일 실행" >> $DEPLOY_LOG
+nohup java -jar -DSpring.profiles.active=prod $JAR_FILE > $APP_LOG 2> $ERROR_LOG &
+
+
+CURRENT_PID=$(pgrep -f $JAR_FILE)
+echo "$TIME_NOW > 실행된 프로세스 아이디 $CURRENT_PID 입니다." >> $DEPLOY_LOG

scripts/stop.sh

@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+
+PROJECT_ROOT="/home/ec2-user/apps/hero-alignlab-api"
+JAR_FILE="$PROJECT_ROOT/hero-alignlab-api.jar"
+
+DEPLOY_LOG="$PROJECT_ROOT/deploy.log"
+
+TIME_NOW=$(date +%c)
+
+# 현재 구동 중인 애플리케이션 pid 확인
+CURRENT_PID=$(pgrep -f $JAR_FILE)
+
+# 프로세스가 켜져 있으면 종료
+if [ -z $CURRENT_PID ]; then
+  echo "$TIME_NOW > 현재 실행중인 애플리케이션이 없습니다" >> $DEPLOY_LOG
+else
+  echo "$TIME_NOW > 실행중인 $CURRENT_PID 애플리케이션 종료 " >> $DEPLOY_LOG
+  kill -15 $CURRENT_PID
+fi

src/main/resources/config/application-prod.yml

@@ -0,0 +1,50 @@
+# ===================================================================
+# Spring Boot Configuration for the prod profile
+# ===================================================================
+
+# SERVER
+server:
+  error:
+    include-exception: true # Include the "exception" attribute.
+    include-stacktrace: always # When to include a "stacktrace" attribute.
+    whitelabel.enabled: true
+
+# LOGGING
+logging:
+  level:
+    root: INFO
+    com.alignlab: DEBUG
+    org.hibernate.SQL: DEBUG
+    org.hibernate.type.descriptor.sql.BasicBinder: TRACE
+    org.springframework.jdbc.core.JdbcTemplate: DEBUG
+    org.springframework.jdbc.core.StatementCreatorUtils: TRACE
+    org.springframework.orm.jpa.JpaTransactionManager: DEBUG
+    org.springframework.web.server.adapter.HttpWebHandlerAdapter: DEBUG
+    reactor.netty.http.client: DEBUG
+
+# SPRING
+spring:
+  jackson:
+    serialization:
+      indent_output: true
+      write-null-map-values: true
+  data:
+    redis:
+      host:
+      port:
+
+# DATABASE
+hero:
+  master:
+    datasource:
+      url:
+      username:
+      password:
+      hikari:
+        minimum-idle: 10
+        maximum-pool-size: 20
+  jpa:
+    properties:
+      hibernate.hbm2ddl.auto: none
+      hibernate.criteria.literal_handling_mode: bind
+  maximum-jdbc-thread-pool-size: