[Update] setting deploy for prod server

teamWaggle · Jun 17, 2024 · cff30db · cff30db
1 parent abd5ec9
commit cff30db
Show file tree

Hide file tree

Showing 3 changed files with 179 additions and 43 deletions.
diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml
@@ -1,61 +1,61 @@
-name: Dev CI/CD using Github Actions & AWS CodeDeploy
+name: waggle dev CI/CD
 
 on:
   push:
-    branches: [ prod ]
-  workflow_dispatch:
-
-env:
-  S3_BUCKET_NAME: waggle-bucket
-  PROJECT_NAME: Waggle
-  CODE_DEPLOY_APP_NAME: waggle
-  CODE_DEPLOY_GROUP_NAME: waggle-deploy
+    branches:
+      - prod
 
 jobs:
   build:
     runs-on: ubuntu-latest
-    
+
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
-      - name: Set up JDK 17
-        uses: actions/setup-java@v2
+      - name: Set up JDK
+        uses: actions/setup-java@v3
         with:
-          java-version: '17'
-          distribution: 'temurin'
+          java-version: 17
+          distribution: 'adopt'
 
-      - name: Gradle Caching
-        uses: actions/cache@v2
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
         with:
-          path: |
-            ~/.gradle/caches
-            ~/.gradle/wrapper
-          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
-          restore-keys: |
-            ${{ runner.os }}-gradle-
+          aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ secrets.PROD_AWS_REGION }}
 
-      - name: Build with Gradle
-        run: ./gradlew build -x test
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v2
 
-      - name: Prepare Deployment Files
-        run: |
-          mkdir -p before-deploy
-          cp scripts/*.sh before-deploy/
-          cp appspec.yml before-deploy/
-          cp build/libs/*.jar before-deploy/
-          cp -r src/main/resources/ before-deploy/resources  
-          cd before-deploy && zip -r ${{ env.PROJECT_NAME }} *
+      - name: Build with Gradle & Upload Image to ECR
+        run: ./gradlew -Pprod clean jib
 
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v1
+      - name: Get current time
+        uses: josStorer/get-current-time@v2
+        id: current-time
         with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: ap-northeast-2
-
-      - name: Upload to S3
-        run: aws s3 cp before-deploy/${{ env.PROJECT_NAME }}.zip s3://$S3_BUCKET_NAME/$PROJECT_NAME/${{ env.PROJECT_NAME }}.zip
+          format: YYYYMMDD_HH-mm-ss
+          utcOffset: "+09:00"
 
-      - name: Code Deploy
-        run: aws deploy create-deployment --application-name $CODE_DEPLOY_APP_NAME --deployment-config-name CodeDeployDefault.AllAtOnce --deployment-group-name $CODE_DEPLOY_GROUP_NAME --s3-location bucket=$S3_BUCKET_NAME,bundleType=zip,key=$PROJECT_NAME/${{ env.PROJECT_NAME }}.zip
+      - name: Generate deployment package
+        run: |
+          mkdir -p deploy/.platform/nginx/conf.d
+          cp docker-compose.yml deploy/docker-compose.yml
+          cp -r .ebextensions-dev deploy/.ebextensions
+          cp .platform/nginx/conf.d/proxy-dev.conf deploy/.platform/nginx/conf.d/proxy.conf
+          cd deploy && zip -r deploy.zip .
+
+      - name: Beanstalk Deploy
+        uses: einaregilsson/beanstalk-deploy@v21
+        with:
+          aws_access_key: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }}
+          aws_secret_key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }}
+          application_name: waggle-prod
+          environment_name: Waggle-prod-env
+          version_label: waggle-dev-${{steps.current-time.outputs.formattedTime}}
+          region: ${{ secrets.PROD_AWS_REGION }}
+          deployment_package: deploy/deploy.zip
+          wait_for_environment_recovery: 500
diff --git a/profile-prod.gradle b/profile-prod.gradle
@@ -0,0 +1,20 @@
+jib {
+    from {
+        image = "amazoncorretto:17.0.4-al2"
+        platforms {
+            platform {
+                architecture = "amd64"
+                os = "linux"
+            }
+        }
+    }
+    to {
+        image = "905418335051.dkr.ecr.ap-northeast-2.amazonaws.com/waggle-prod-ecr"
+        tags = ["latest", "${project.name}-" + System.currentTimeMillis()]
+    }
+    container {
+        creationTime = "USE_CURRENT_TIMESTAMP"
+        jvmFlags = ['-Dspring.profiles.active=dev', '-XX:+UseContainerSupport']
+        ports = ['8080']
+    }
+}
diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml
@@ -0,0 +1,116 @@
+spring:
+  jpa:
+    hibernate:
+      ddl-auto: update
+  datasource:
+    url: jdbc:mysql://${RDS_HOSTNAME}:${RDS_PORT}/${RDS_DB_NAME}
+    username: ${RDS_USERNAME}
+    password: ${RDS_PASSWORD}
+    driver-class-name: com.mysql.cj.jdbc.Driver
+
+  security:
+    oauth2:
+      client:
+        registration:
+          google:
+            client-id: ${GOOGLE_CLIENT_ID}
+            client-secret: ${GOOGLE_CLIENT_SECRET}
+            scope: profile, email
+
+          naver:
+            client-id: ${NAVER_CLIENT_ID}
+            client-secret: ${NAVER_CLIENT_SECRET}
+            redirect-uri: ${NAVER_REDIRECT_URI}
+            authorization-grant-type: authorization_code
+            client-authentication-method: client_secret_post
+            scope: email
+            client-name: Naver
+
+          kakao:
+            client-id: ${KAKAO_CLIENT_ID}
+            client-secret: ${KAKAO_CLIENT_SECRET}
+            redirect-uri: ${KAKAO_REDIRECT_URI}
+            client-authentication-method: client_secret_post
+            authorization-grant-type: authorization_code
+            #            scope: profile_nickname, profile_image
+            client-name: Kakao
+
+        provider:
+          naver:
+            authorization-uri: 'https://nid.naver.com/oauth2.0/authorize'
+            token-uri: 'https://nid.naver.com/oauth2.0/token'
+            user-info-uri: 'https://openapi.naver.com/v1/nid/me'
+            user-name-attribute: response
+
+          kakao:
+            authorization-uri: https://kauth.kakao.com/oauth/authorize
+            token-uri: https://kauth.kakao.com/oauth/token
+            user-info-uri: https://kapi.kakao.com/v2/user/me
+            user-name-attribute: id
+
+
+  mail:
+    host: smtp.gmail.com
+    port: 587
+    username: ${MAIL_USERNAME}
+    password: ${MAIL_PASSWORD}
+    properties:
+      mail:
+        smtp:
+          auth: true
+          starttls:
+            enable: true
+
+  servlet:
+    multipart:
+      max-file-size: 10MB
+      max-request-size: 10MB
+
+  cache:
+    type: redis
+
+  redis:
+    host: ${REDIS_HOST_NAME}
+    port: ${REDIS_PORT}
+
+server:
+  error:
+    include-exception: false
+    include-message: always
+    include-stacktrace: on_param
+    whitelabel.enabled: true
+
+springdoc:
+  swagger-ui:
+    tags-sorter: alpha
+    operations-sorter: method
+  use-fqn: true
+
+cloud:
+  aws:
+    credentials:
+      access-key: ${S3_ACCESS_KEY}
+      secret-key: ${S3_SECRET_KEY}
+    s3:
+      bucket: waggle-prod-bucket
+    region:
+      static: ap-northeast-2
+    stack:
+      auto: false
+
+app:
+  oauth2:
+    authorizedRedirectUri: 'http://localhost:3001/auth'
+  jwt:
+    secret: ${JWT_SECRET}
+  server:
+    uri: ${SERVER_URI}
+
+
+mongodb:
+  client: ${MONGODB_CLIENT}
+  name: ${MONGODB_NAME}
+
+kafka:
+  waggle:
+    broker: kafka:9092