[Feat] #10 - CI/CD 구축

.github/workflows/CD.yml

@@ -0,0 +1,59 @@
+name: CD
+
+on:
+ push:
+ branches: [ "develop" ]
+
+jobs:
+ deploy-ci:
+ runs-on: ubuntu-22.04
+
+ steps:
+ - name: checkout
+ uses: actions/checkout@v3
+
+ - name: Set up JDK 17
+ uses: actions/setup-java@v3
+ with:
+ distribution: 'corretto'
+ java-version: '17'
+
+ - name: application.yaml 생성
+ run: |
+ cd src/main/resources
+ echo "${{ secrets.APPLICATION }}" > ./application-deploy.yaml
+
+ - name: build
+ run: |
+ chmod +x gradlew
+ ./gradlew build -x test
+ shell: bash
+
+ - name: docker build setting
+ uses: docker/[email protected]
+
+ - name: docker hub login
+ uses: docker/[email protected]
+ with:
+ username: ${{ secrets.DOCKERHUB_LOGIN_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_LOGIN_ACCESSTOKEN }}
+
+ - name: docker image build and push
+ run: |
+ docker build --platform linux/amd64 -t teammoonshot/server .
+ docker push teammoonshot/server
+
+ deploy-cd:
+ needs: deploy-ci
+ runs-on: ubuntu-22.04
+
+ steps:
+ - name: docker container running
+ uses: appleboy/ssh-action@master
+ with:
+ host: ${{ secrets.RELEASE_SERVER_IP }}
+ username: ${{ secrets.RELEASE_SERVER_USER }}
+ key: ${{ secrets.RELEASE_SERVER_KEY }}
+ script: |
+ cd ~
+ ./deploy.sh

.github/workflows/CI.yml

@@ -0,0 +1,30 @@
+name: CI
+
+on:
+ pull_request:
+ branches: [ "develop" ]
+
+jobs:
+ build:
+ runs-on: ubuntu-22.04
+
+ steps:
+ - name: checkout
+ uses: actions/checkout@v3
+
+ - name: Set up JDK 17
+ uses: actions/setup-java@v3
+ with:
+ distribution: 'corretto'
+ java-version: '17'
+
+ - name: application.yaml 작성
+ run: |
+ cd src/main/resources
+ echo "${{ secrets.APPLICATION }}" > ./application-deploy.yaml
+
+ - name: build
+ run: |
+ chmod +x gradlew
+ ./gradlew build -x test
+ shell: bash

Dockerfile

@@ -0,0 +1,7 @@
+FROM amd64/amazoncorretto:17
+
+WORKDIR /app
+
+COPY ./build/libs/server-0.0.1-SNAPSHOT.jar /app/moonshot.jar
+
+CMD ["java", "-Duser.timezone=Asia/Seoul", "-jar", "-Dspring.profiles.active=deploy", "moonshot.jar"]

build.gradle

@@ -36,6 +36,9 @@ dependencies {
  annotationProcessor 'org.projectlombok:lombok'
  testImplementation 'org.springframework.boot:spring-boot-starter-test'
  testImplementation 'org.springframework.security:spring-security-test'
+
+ // spring-actuator
+ implementation 'org.springframework.boot:spring-boot-starter-actuator'
 }
 
 dependencyManagement {

deploy.sh

@@ -0,0 +1,99 @@
+#!/bin/bash
+
+nginx_config_path="/etc/nginx"
+all_port=("8080" "8081")
+available_port=()
+server_name=server
+
+docker_ps_output=$(docker ps | grep $server_name)
+running_container_name=$(echo "$docker_ps_output" | awk '{print $NF}')
+blue_port=$(echo "$running_container_name" | awk -F'-' '{print $NF}')
+web_health_check_url=/actuator/health
+
+if [ -z "$blue_port" ]; then
+ echo "> 실행 중인 서버의 포트: 없음"
+else
+ echo "> 실행 중인 서버의 포트: $blue_port"
+fi
+
+# 실행 가능한 포트 확인 ( all_port 중 blue_port를 제외한 port )
+for item in "${all_port[@]}"; do
+ if [ "$item" != "$blue_port" ]; then
+ available_port+=("$item")
+ fi
+done
+
+# 실행 가능한 포트 없으면 끝내기
+if [ ${#available_port[@]} -eq 0 ]; then
+ echo "> 실행 가능한 포트가 없습니다."
+ exit 1
+fi
+
+green_port=${available_port[0]}
+
+echo "----------------------------------------------------------------------"
+# docker image pull
+echo "> 도커 이미지 pull 받기"
+docker pull teammoonshot/${server_name}
+
+# green_port로 서버 실행
+echo "> ${green_port} 포트로 서버 실행"
+echo "> docker run -d --name ${server_name}-${green_port} -p ${green_port}:8080 -e TZ=Asia/Seoul teammoonshot/${server_name}"
+docker run -d --name ${server_name}-${green_port} -p ${green_port}:8080 -e TZ=Asia/Seoul teammoonshot/${server_name}
+echo "----------------------------------------------------------------------"
+
+# green_port 서버 제대로 실행 중인지 확인
+sleep 10
+for retry_count in {1..10}
+do
+ echo "> 서버 상태 체크"
+ echo "> curl -s http://localhost:${green_port}${web_health_check_url}"
+ # http://localhost:{그린포트}{health check 주소} -> nginx
+ response=$(curl -s http://localhost:${green_port}${web_health_check_url})
+ up_count=$(echo $response | grep 'UP' | wc -l)
+
+ if [ $up_count -ge 1 ]
+ then
+ echo "> 서버 실행 성공"
+ break
+ else
+ echo "> 아직 서버 실행 안됨"
+ echo "> 응답 결과: ${response}"
+ fi
+ if [ $retry_count -eq 10 ]
+ then
+ echo "> 서버 실행 실패"
+ docker rm -f ${server_name}-${green_port}
+
+ exit 1
+ fi
+ sleep 2
+done
+echo "----------------------------------------------------------------------"
+
+# nginx switching
+echo "> nginx 포트 스위칭"
+echo "set \$service_url http://127.0.0.1:${green_port};" | sudo tee ${nginx_config_path}/conf.d/service-url.inc
+sudo nginx -s reload
+
+sleep 1
+
+echo "----------------------------------------------------------------------"
+# nginx를 통해서 서버 접근 가능한지 확인
+response=$(curl -s http://localhost${web_health_check_url})
+up_count=$(echo $response | grep 'UP' | wc -l)
+if [ $up_count -ge 1 ]
+then
+ echo "> 서버 변경 성공"
+else
+ echo "> 서버 변경 실패"
+ echo "> 서버 응답 결과: ${response}"
+ exit 1
+fi
+
+# blue_port 서버 있다면 중단
+if [ -n "$blue_port" ]; then
+ echo "> 기존 ${blue_port}포트 서버 중단"
+ echo "> docker rm -f ${server_name}-${blue_port}"
+ sudo docker rm -f ${server_name}-${blue_port}
+fi

src/main/java/org/moonshot/server/global/config/SecurityConfig.java

@@ -20,7 +20,8 @@
 public class SecurityConfig {
  private static final String[] WHITELIST = {
  "/login/**",
- "/"
+ "/",
+ "/actuator/health"
  };
 
  private final MoonshotExceptionHandler moonshotExceptionHandler;