diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml new file mode 100644 index 0000000..915fa25 --- /dev/null +++ b/.github/workflows/gradle.yml @@ -0,0 +1,92 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. +# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time +# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle + +name: hero-alignlab-api Gradle CI/CD + +# release 브랜치에 push 또는 pull request가 되면 스크립트 실행 +on: + push: + branches: [ "main" ] + pull_request: + branches: [ main ] + +# 해당 코드에서 사용될 변수 설정 +env: + AWS_REGION: ap-northeast-2 + PROJECT_NAME: hero-alignlab-api + S3_BUCKET_NAME: github-actions-s3-core-bucket + CODE_DEPLOY_APP_NAME: hero-alignlab-api + CODE_DEPLOY_DEPLOYMENT_GROUP_NAME: hero-alignlab-api-deployment + +permissions: + contents: read + +jobs: + build: + + # Github의 워크플로에서 실행될 OS 선택 + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Set up JDK 17 + uses: actions/setup-java@v3 + with: + java-version: '17' + distribution: 'temurin' + + # Secret Setup + - name: Set Prod Yml + uses: microsoft/variable-substitution@v1 + with: + files: ./src/main/resources/config/application-prod.yml + env: + spring.data.redis.host: ${{ secrets.SPRING_REDIS_HOST }} + spring.data.redis.port: ${{ secrets.SPRING_REDIS_PORT }} + hero.master.datasource.url: ${{ secrets.HERO_MASTER_DATASOURCE_URL }} + hero.master.datasource.username: ${{ secrets.HERO_MASTER_DATASOURCE_USERNAME }} + hero.master.datasource.password: ${{ secrets.HERO_MASTER_DATASOURCE_PASSWORD }} + cloud.aws.credentials.accessKey: ${{ secrets.AWS_ACCESS_KEY_ID }} + cloud.aws.credentials.secretKey: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + + # gradlew 파일 실행권한 설정 + - name: Grant execute permission for gradlew + run: chmod +x ./gradlew + shell: bash + + # Gradle build (Test 제외) + - name: Build with Gradle + run: ./gradlew clean --stacktrace --info build + shell: bash + + # AWS 인증 (IAM 사용자 Access Key, Secret Key 활용) + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ env.AWS_REGION }} + + # 빌드 결과물을 S3 버킷에 업로드 + - name: Upload to AWS S3 + run: | + aws deploy push \ + --application-name ${{ env.CODE_DEPLOY_APP_NAME }} \ + --ignore-hidden-files \ + --s3-location s3://$S3_BUCKET_NAME/$GITHUB_SHA.zip \ + --source . + + # S3 버킷에 있는 파일을 대상으로 CodeDeploy 실행 + - name: Deploy to AWS EC2 from S3 + run: | + aws deploy create-deployment \ + --application-name ${{ env.CODE_DEPLOY_APP_NAME }} \ + --deployment-config-name CodeDeployDefault.AllAtOnce \ + --deployment-group-name ${{ env.CODE_DEPLOY_DEPLOYMENT_GROUP_NAME }} \ + --s3-location bucket=$S3_BUCKET_NAME,key=$GITHUB_SHA.zip,bundleType=zip diff --git a/appspec.yml b/appspec.yml new file mode 100644 index 0000000..818b3b8 --- /dev/null +++ b/appspec.yml @@ -0,0 +1,38 @@ +version: 0.0 +os: linux + +# 배포 파일 설정 +## source: 인스턴스에 복사할 디렉터리 경로 +## destination: 인스턴스에서 파일이 복사되는 위치 +## overwrite: 복사할 위치에 파일이 있는 경우 대체 +files: + - source: / + destination: /home/ec2-user/apps/hero-aliginlab-api + overwrite: yes + +# files 섹션에서 복사한 파일에 대한 권한 설정 +## object: 권한이 지정되는 파일 또는 디렉터리 +## pattern (optional): 매칭되는 패턴에만 권한 부여 +## owner (optional): object 의 소유자 +## group (optional): object 의 그룹 이름 +permissions: + - object: / + pattern: "**" + owner: ec2-user + group: ec2-user + +# 배포 이후에 실행할 일련의 라이프사이클 +# 파일을 설치한 후 `AfterInstall` 에서 기존에 실행중이던 애플리케이션을 종료 +# `ApplicationStart` 에서 새로운 애플리케이션을 실행 +## location: hooks 에서 실행할 스크립트 위치 +## timeout (optional): 스크립트 실행에 허용되는 최대 시간이며, 넘으면 배포 실패로 간주됨 +## runas (optional): 스크립트를 실행하는 사용자 +hooks: + AfterInstall: + - location: scripts/stop.sh + timeout: 60 + runas: ec2-user + ApplicationStart: + - location: scripts/start.sh + timeout: 60 + runas: ec2-user diff --git a/scripts/start.sh b/scripts/start.sh new file mode 100644 index 0000000..193871b --- /dev/null +++ b/scripts/start.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash + +PROJECT_ROOT="/home/ec2-user/apps/hero-alignlab-api" +JAR_FILE="$PROJECT_ROOT/hero-alignlab-api.jar" + +APP_LOG="$PROJECT_ROOT/application.log" +ERROR_LOG="$PROJECT_ROOT/error.log" +WARN_LOG="$PROJECT_ROOT/warn.log" +DEPLOY_LOG="$PROJECT_ROOT/deploy.log" + +TIME_NOW=$(date +%c) + +# build 파일 복사 +echo "$TIME_NOW > $JAR_FILE 파일 복사" >> $DEPLOY_LOG +cp $PROJECT_ROOT/build/libs/*.jar $JAR_FILE + +# jar 파일 실행 +echo "$TIME_NOW > $JAR_FILE 파일 실행" >> $DEPLOY_LOG +nohup java -jar -DSpring.profiles.active=prod $JAR_FILE > $APP_LOG 2> $ERROR_LOG & + + +CURRENT_PID=$(pgrep -f $JAR_FILE) +echo "$TIME_NOW > 실행된 프로세스 아이디 $CURRENT_PID 입니다." >> $DEPLOY_LOG diff --git a/scripts/stop.sh b/scripts/stop.sh new file mode 100644 index 0000000..e3de550 --- /dev/null +++ b/scripts/stop.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +PROJECT_ROOT="/home/ec2-user/apps/hero-alignlab-api" +JAR_FILE="$PROJECT_ROOT/hero-alignlab-api.jar" + +DEPLOY_LOG="$PROJECT_ROOT/deploy.log" + +TIME_NOW=$(date +%c) + +# 현재 구동 중인 애플리케이션 pid 확인 +CURRENT_PID=$(pgrep -f $JAR_FILE) + +# 프로세스가 켜져 있으면 종료 +if [ -z $CURRENT_PID ]; then + echo "$TIME_NOW > 현재 실행중인 애플리케이션이 없습니다" >> $DEPLOY_LOG +else + echo "$TIME_NOW > 실행중인 $CURRENT_PID 애플리케이션 종료 " >> $DEPLOY_LOG + kill -15 $CURRENT_PID +fi diff --git a/src/main/resources/config/application-prod.yml b/src/main/resources/config/application-prod.yml new file mode 100644 index 0000000..45fb2f0 --- /dev/null +++ b/src/main/resources/config/application-prod.yml @@ -0,0 +1,50 @@ +# =================================================================== +# Spring Boot Configuration for the prod profile +# =================================================================== + +# SERVER +server: + error: + include-exception: true # Include the "exception" attribute. + include-stacktrace: always # When to include a "stacktrace" attribute. + whitelabel.enabled: true + +# LOGGING +logging: + level: + root: INFO + com.alignlab: DEBUG + org.hibernate.SQL: DEBUG + org.hibernate.type.descriptor.sql.BasicBinder: TRACE + org.springframework.jdbc.core.JdbcTemplate: DEBUG + org.springframework.jdbc.core.StatementCreatorUtils: TRACE + org.springframework.orm.jpa.JpaTransactionManager: DEBUG + org.springframework.web.server.adapter.HttpWebHandlerAdapter: DEBUG + reactor.netty.http.client: DEBUG + +# SPRING +spring: + jackson: + serialization: + indent_output: true + write-null-map-values: true + data: + redis: + host: + port: + +# DATABASE +hero: + master: + datasource: + url: + username: + password: + hikari: + minimum-idle: 10 + maximum-pool-size: 20 + jpa: + properties: + hibernate.hbm2ddl.auto: none + hibernate.criteria.literal_handling_mode: bind + maximum-jdbc-thread-pool-size: