From 5750297a9939aff6462fed366d8a745aa8c37fc8 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Fri, 15 Nov 2024 16:57:13 +0900 Subject: [PATCH 01/33] =?UTF-8?q?[FEAT]=20=EA=B8=B0=EB=B3=B8=20=EC=96=B4?= =?UTF-8?q?=ED=94=8C=EB=A6=AC=EC=BC=80=EC=9D=B4=EC=85=98=20=EB=B9=8C?= =?UTF-8?q?=EB=93=9C=20=ED=99=95=EC=9D=B8=20CI=20Script=20=EC=9E=91?= =?UTF-8?q?=EC=84=B1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/ci.yml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..f04314c --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,35 @@ +name: Continuous Integration for SOPT makers Authentication Project + +on: + pull_request: + branches: [ develop ] + +jobs: + build: + runs-on: ubuntu-22.04 + + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: βš™οΈ Set up JDK 21 + uses: actions/setup-java@v3 + with: + java-version: 21 + distribution: 'corretto' + cache: gradle + + - name: 🀝 Grant execute permission for gradlew + run: chmod +x ./gradlew + shell: bash + + - name: πŸ”‘ Create Application Property File + env: + APPLICATION_RESOURCE_PATH: ./src/main/resources + run: | + touch $APPLICATION_RESOURCE_PATH/application.properties + echo "${{ secrets.APPLICATION_PROPERTIES }}" >> $APPLICATION_RESOURCE_PATH/application.properties + + - name: 🧱 Build with Gradle + run: ./gradlew clean build + shell: bash \ No newline at end of file From 129af149814c7faef89090d9e57ab5bd9a401fb2 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Sat, 16 Nov 2024 11:20:55 +0900 Subject: [PATCH 02/33] =?UTF-8?q?[FEAT]=201=EC=B0=A8=20CI/CD=20workflow=20?= =?UTF-8?q?script=20=EC=9E=91=EC=84=B1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/cd-dev.yml | 118 ++++++++++++++++++++++++++++++++++ .github/workflows/cd-prod.yml | 115 +++++++++++++++++++++++++++++++++ 2 files changed, 233 insertions(+) create mode 100644 .github/workflows/cd-dev.yml create mode 100644 .github/workflows/cd-prod.yml diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml new file mode 100644 index 0000000..04b7772 --- /dev/null +++ b/.github/workflows/cd-dev.yml @@ -0,0 +1,118 @@ +name: Continuous Deployment for SOPT makers Authentication Development Server + +on: + push: + branches: [ develop ] + +jobs: + build: + runs-on: ubuntu-22.04 + + steps: + - name: Checkout + uses: actions/checkout@v3 + +jobs: + build-and-push-image: + runs-on: ubuntu-22.04 + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: βœ… Set up JDK 21 + uses: actions/setup-java@v3 + with: + java-version: 21 + distribution: 'corretto' + cache: gradle + + - name: 🀝 Grant execute permission for gradlew + run: chmod +x ./gradlew + shell: bash + + - name: βš™οΈ Create Gradle Property File + env: + GRADLE_PROPERTY: ${{ secrets.GRADLE_PROPERTY }} + run: | + touch gradle.properties + echo "$GRADLE_PROPERTY" >> ./gradle.properties + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: $AWS_ACCESS_KEY + aws-secret-access-key: $AWS_SECRET_KEY + aws-region: $AWS_REGION + + - name: 🧱 Build Image and Push to ECR + env: + AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} + AWS_ECR_REPO: ${{ secrets.AWS_ECR_PROD_REPOSITORY_NAME }} + run: | + aws ecr-public get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin public.ecr.aws/$AWS_ACCOUNT_ID + docker build -t $AWS_ECR_REPO:latest . + docker tag $AWS_ECR_REPO:latest public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest + docker push public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest + + + create-deploy: + needs: build-and-push-image + runs-on: ubuntu-22.04 + steps: + - name: βš™οΈ Create Application Property Files + env: + APPLICATION_RESOURCE_PATH: ./src/main/resources + APPLICATION_PROPERTY: ${{ secrets.APPLICATION_PROPERTY }} + JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_PROD_RSA_PUBLIC_KEY }} + JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_PROD_RSA_PRIVATE_KEY }} + run: | + mkdir -p property + + touch application.properties + echo "$APPLICATION_PROPERTY" >> ./property/application.properties + + touch jwt_public_key.pem + echo "$JWT_PUBLIC_KEY_PEM" >> ./property/jwt_public_key.pem + + touch application.properties + echo "$JWT_PRIVATE_KEY_PEM" >> ./property/jwt_private_key.pem + + - name: πŸ“„ Create Script Files + env: + BUILD_SCRIPT: + SWITCH_SCRIPT: + run: | + mkdir -p script + + touch application.properties + echo "$APPLICATION_PROPERTY" >> ./script/.sh + + touch jwt_public_key.pem + echo "$JWT_PUBLIC_KEY_PEM" >> ./script/.sh + + touch application.properties + echo "$JWT_PRIVATE_KEY_PEM" >> ./script/.sh + + - name: πŸ“ Make files to zip + run: zip -r ./$GITHUB_SHA.zip ./script ./property + shell: bash + + - name: πŸ”‘ Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: $AWS_ACCESS_KEY + aws-secret-access-key: $AWS_SECRET_KEY + aws-region: $AWS_REGION + + - name: πŸš€ Upload Property Zip to S3 and Create Code Deploy + env: + AWS_DEPLOY_APPLICATION_NAME: ${{ secrets.AWS_DEPLOY_APPLICATION_NAME }} + AWS_DEPLOY_GROUP_NAME: ${{ secrets.AWS_PROD_DEPLOY_GROUP_NAME }} + AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }} + AWS_BUCKET_DEPLOY_PATH: ${{ secrets.AWS_BUCKET_PROD_DEPLOY_PATH }} + run: | + aws s3 cp --region $AWS_REGION ./$GITHUB_SHA.zip s3://$AWS_BUCKET_NAME$AWS_BUCKET_DEPLOY_PATH/$GITHUB_SHA.zip + aws deploy create-deployment --application-name $AWS_DEPLOY_APPLICATION_NAME + --deployment-config-name CodeDeployDefault.AllAtOnce + --deployment-group-name $AWS_DEPLOY_GROUP_NAME + --s3-location bucket=$AWS_BUCKET_NAME,bundleType=zip,key=$AWS_BUCKET_DEPLOY_PATH/$GITHUB_SHA.zip \ No newline at end of file diff --git a/.github/workflows/cd-prod.yml b/.github/workflows/cd-prod.yml new file mode 100644 index 0000000..4619941 --- /dev/null +++ b/.github/workflows/cd-prod.yml @@ -0,0 +1,115 @@ +name: Continuous Deployment for SOPT makers Authentication Production Server + +on: + push: + branches: [ main ] + +env: + AWS_REGION: ${{ secrets.AWS_REGION }} + AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }} + AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }} + +jobs: + build-and-push-image: + runs-on: ubuntu-22.04 + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: βœ… Set up JDK 21 + uses: actions/setup-java@v3 + with: + java-version: 21 + distribution: 'corretto' + cache: gradle + + - name: 🀝 Grant execute permission for gradlew + run: chmod +x ./gradlew + shell: bash + + - name: βš™οΈ Create Gradle Property File + env: + GRADLE_PROPERTY: ${{ secrets.GRADLE_PROPERTY }} + run: | + touch gradle.properties + echo "$GRADLE_PROPERTY" >> ./gradle.properties + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: $AWS_ACCESS_KEY + aws-secret-access-key: $AWS_SECRET_KEY + aws-region: $AWS_REGION + + - name: 🧱 Build Image and Push to ECR + env: + AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} + AWS_ECR_REPO: ${{ secrets.AWS_ECR_DEV_REPOSITORY_NAME }} + run: | + aws ecr-public get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin public.ecr.aws/$AWS_ACCOUNT_ID + docker build -t $AWS_ECR_REPO:latest . + docker tag $AWS_ECR_REPO:latest public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest + docker push public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest + + + create-deploy: + needs: build-and-push-image + runs-on: ubuntu-22.04 + steps: + - name: βš™οΈ Create Application Property Files + env: + APPLICATION_RESOURCE_PATH: ./src/main/resources + APPLICATION_PROPERTY: ${{ secrets.APPLICATION_PROPERTY }} + JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_DEV_RSA_PUBLIC_KEY }} + JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_DEV_RSA_PRIVATE_KEY }} + run: | + mkdir -p property + + touch application.properties + echo "$APPLICATION_PROPERTY" >> ./property/application.properties + + touch jwt_public_key.pem + echo "$JWT_PUBLIC_KEY_PEM" >> ./property/jwt_public_key.pem + + touch application.properties + echo "$JWT_PRIVATE_KEY_PEM" >> ./property/jwt_private_key.pem + + - name: πŸ“„ Create Script Files + env: + BUILD_SCRIPT: + SWITCH_SCRIPT: + run: | + mkdir -p script + + touch application.properties + echo "$APPLICATION_PROPERTY" >> ./script/.sh + + touch jwt_public_key.pem + echo "$JWT_PUBLIC_KEY_PEM" >> ./script/.sh + + touch application.properties + echo "$JWT_PRIVATE_KEY_PEM" >> ./script/.sh + + - name: πŸ“ Make files to zip + run: zip -r ./$GITHUB_SHA.zip ./script ./property + shell: bash + + - name: πŸ”‘ Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: $AWS_ACCESS_KEY + aws-secret-access-key: $AWS_SECRET_KEY + aws-region: $AWS_REGION + + - name: πŸš€ Upload Property Zip to S3 and Create Code Deploy + env: + AWS_DEPLOY_APPLICATION_NAME: ${{ secrets.AWS_DEPLOY_APPLICATION_NAME }} + AWS_DEPLOY_GROUP_NAME: ${{ secrets.AWS_DEV_DEPLOY_GROUP_NAME }} + AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }} + AWS_BUCKET_DEPLOY_PATH: ${{ secrets.AWS_BUCKET_DEV_DEPLOY_PATH }} + run: | + aws s3 cp --region $AWS_REGION ./$GITHUB_SHA.zip s3://$AWS_BUCKET_NAME$AWS_BUCKET_DEPLOY_PATH/$GITHUB_SHA.zip + aws deploy create-deployment --application-name $AWS_DEPLOY_APPLICATION_NAME + --deployment-config-name CodeDeployDefault.AllAtOnce + --deployment-group-name $AWS_DEPLOY_GROUP_NAME + --s3-location bucket=$AWS_BUCKET_NAME,bundleType=zip,key=$AWS_BUCKET_DEPLOY_PATH/$GITHUB_SHA.zip \ No newline at end of file From cd0ddf9a41593fe5e253721888055c32dc6cb0db Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Sat, 16 Nov 2024 11:23:09 +0900 Subject: [PATCH 03/33] =?UTF-8?q?[FEAT]=20Build=20=EB=B0=8F=20Run=20?= =?UTF-8?q?=EB=8F=84=EC=BB=A4=ED=8C=8C=EC=9D=BC=20=EC=9E=91=EC=84=B1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..2bc806b --- /dev/null +++ b/Dockerfile @@ -0,0 +1,24 @@ +FROM gradle:8.10.2 as builder + +# mkdir /app-build && cd /app-build +WORKDIR /app-build + +# docker cp . gradle:app-build +COPY . /app-build + +# create .jar +RUN gradle clean build --no-daemon + +# Run-Time Image Setting +FROM openjdk:21-jdk-slim as production + +# mkdir /app-run && cd /app-run +WORKDIR /app-run + +# copy .jar to Run-Time Image +COPY --from=builder /app-build/build/libs/*.jar /app-run/authentication.jar + + +EXPOSE 8080 +ENTRYPOINT ["java"] +CMD ["-jar", "authentication.jar"] \ No newline at end of file From 05ab304d5cc94374f78c61809a46800fb9c30cc9 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Sat, 16 Nov 2024 11:23:54 +0900 Subject: [PATCH 04/33] =?UTF-8?q?[FEAT]=20Code=20Deploy=20=EC=8B=A4?= =?UTF-8?q?=ED=96=89=20=EB=8B=A8=EA=B3=84=20=EB=B0=8F=20=EC=8B=A4=ED=96=89?= =?UTF-8?q?=EC=9C=84=EC=B9=98=20=EC=84=A4=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- appspec.yml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 appspec.yml diff --git a/appspec.yml b/appspec.yml new file mode 100644 index 0000000..577a5fc --- /dev/null +++ b/appspec.yml @@ -0,0 +1,19 @@ +version: 0.0 +os: linux + +files: + - source: / + destination: /home/ubuntu +hooks: + ApplicationStop: + - location: script/.sh + timeout: 60 + runas: root + AfterInstall: + - location: script/.sh + timeout: 60 + runas: root + ValidateService: + - location: script/.sh + timeout: 100 + runas: root \ No newline at end of file From 615c5851b91545475bd5c0d1fd2dc7d171f1ebab Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Mon, 18 Nov 2024 17:31:55 +0900 Subject: [PATCH 05/33] =?UTF-8?q?[FEAT]=20Code=20Deploy=20`appspec.yml`=20?= =?UTF-8?q?=EC=8B=A4=ED=96=89=20Script=20=EC=88=9C=EC=84=9C=20=EC=A7=80?= =?UTF-8?q?=EC=A0=95=20=EB=B0=8F=20=EC=9D=B4=EB=A6=84=20=EC=A7=80=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- appspec.yml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/appspec.yml b/appspec.yml index 577a5fc..48c29b9 100644 --- a/appspec.yml +++ b/appspec.yml @@ -5,15 +5,14 @@ files: - source: / destination: /home/ubuntu hooks: - ApplicationStop: - - location: script/.sh - timeout: 60 - runas: root AfterInstall: - - location: script/.sh - timeout: 60 + - location: script/deploy.sh + timeout: 120 + runas: root + - location: script/switch.sh + timeout: 120 runas: root ValidateService: - - location: script/.sh - timeout: 100 + - location: script/valid.sh + timeout: 60 runas: root \ No newline at end of file From 3a881a1f107521c0c056b068f83fd88d371b1515 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Mon, 18 Nov 2024 22:09:01 +0900 Subject: [PATCH 06/33] =?UTF-8?q?[FEAT]=20CD=20Script=20=EC=9E=91=EC=84=B1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 도컀 이미지 Push와 Deploy 파일 μ„ΈνŒ… 단계λ₯Ό λΆ„λ¦¬ν–ˆμŠ΅λ‹ˆλ‹€. --- .github/workflows/cd-dev.yml | 33 +++++++++++++++------------------ 1 file changed, 15 insertions(+), 18 deletions(-) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml index 04b7772..6902b2b 100644 --- a/.github/workflows/cd-dev.yml +++ b/.github/workflows/cd-dev.yml @@ -4,13 +4,10 @@ on: push: branches: [ develop ] -jobs: - build: - runs-on: ubuntu-22.04 - - steps: - - name: Checkout - uses: actions/checkout@v3 +env: + AWS_REGION: ${{ secrets.AWS_REGION }} + AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }} + AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }} jobs: build-and-push-image: @@ -63,18 +60,18 @@ jobs: env: APPLICATION_RESOURCE_PATH: ./src/main/resources APPLICATION_PROPERTY: ${{ secrets.APPLICATION_PROPERTY }} - JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_PROD_RSA_PUBLIC_KEY }} - JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_PROD_RSA_PRIVATE_KEY }} + JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_RSA_PUBLIC_KEY }} + JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_RSA_PRIVATE_KEY }} run: | mkdir -p property - touch application.properties + touch ./property/application.properties echo "$APPLICATION_PROPERTY" >> ./property/application.properties - touch jwt_public_key.pem + touch ./property/jwt_public_key.pem echo "$JWT_PUBLIC_KEY_PEM" >> ./property/jwt_public_key.pem - touch application.properties + touch ./property/jwt_private_key.pem echo "$JWT_PRIVATE_KEY_PEM" >> ./property/jwt_private_key.pem - name: πŸ“„ Create Script Files @@ -84,14 +81,14 @@ jobs: run: | mkdir -p script - touch application.properties - echo "$APPLICATION_PROPERTY" >> ./script/.sh + touch ./script/deploy.sh + echo "$DEPLOY_SCRIPT" >> ./script/deploy.sh - touch jwt_public_key.pem - echo "$JWT_PUBLIC_KEY_PEM" >> ./script/.sh + touch ./script/switch.sh + echo "$SWITCH_SCRIPT" >> ./script/switch.sh - touch application.properties - echo "$JWT_PRIVATE_KEY_PEM" >> ./script/.sh + touch ./script/valid.sh + echo "$VALIDATE_SCRIPT" >> ./script/.sh - name: πŸ“ Make files to zip run: zip -r ./$GITHUB_SHA.zip ./script ./property From 39219838e2eb41373eca2ea736c398a687b87725 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Mon, 18 Nov 2024 22:13:52 +0900 Subject: [PATCH 07/33] =?UTF-8?q?[FEAT]=20CI=20Script=20=EB=82=B4=20Key=20?= =?UTF-8?q?Pem=20=ED=8C=8C=EC=9D=BC=20=EC=83=9D=EC=84=B1=20=EB=AA=85?= =?UTF-8?q?=EB=A0=B9=EC=96=B4=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/ci.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f04314c..8f5b6c4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -28,7 +28,12 @@ jobs: APPLICATION_RESOURCE_PATH: ./src/main/resources run: | touch $APPLICATION_RESOURCE_PATH/application.properties + touch $APPLICATION_RESOURCE_PATH/jwt_public_key.pem + touch $APPLICATION_RESOURCE_PATH/jwt_private_key.pem + echo "${{ secrets.APPLICATION_PROPERTIES }}" >> $APPLICATION_RESOURCE_PATH/application.properties + echo "${{ secrets.JWT_RSA_PUBLIC_KEY }}" >> $APPLICATION_RESOURCE_PATH/jwt_public_key.pem + echo "${{ secrets.JWT_RSA_PRIVATE_KEY }}" >> $APPLICATION_RESOURCE_PATH/jwt_private_key.pem - name: 🧱 Build with Gradle run: ./gradlew clean build From 101c84127b1b22a20c585fb814e901ad44031775 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Mon, 18 Nov 2024 22:17:42 +0900 Subject: [PATCH 08/33] =?UTF-8?q?[FEAT]=20scripts=20=ED=99=98=EA=B2=BD?= =?UTF-8?q?=EB=B3=80=EC=88=98=20=EC=A3=BC=EC=9E=85=20=EC=84=B8=ED=8C=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/cd-dev.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml index 6902b2b..f09b2a1 100644 --- a/.github/workflows/cd-dev.yml +++ b/.github/workflows/cd-dev.yml @@ -76,8 +76,9 @@ jobs: - name: πŸ“„ Create Script Files env: - BUILD_SCRIPT: - SWITCH_SCRIPT: + DEPLOY_SCRIPT: ${{ secrets.DEPLOY_SCRIPT }} + SWITCH_SCRIPT: ${{ secrets.SWITCH_SCRIPT }} + VALIDATE_SCRIPT: ${{ secrets.VALIDATE_SCRIPT }} run: | mkdir -p script From bcdb501cc490f61a1056e55e858ac8ba1167fc78 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 19 Nov 2024 14:38:22 +0900 Subject: [PATCH 09/33] =?UTF-8?q?[CHORE]=20`.gitignore`=20=EB=82=B4=20?= =?UTF-8?q?=EB=B0=B0=ED=8F=AC=20=EA=B3=BC=EC=A0=95=EC=97=90=20=EC=82=AC?= =?UTF-8?q?=EC=9A=A9=EB=90=98=EB=8A=94=20script=20=ED=8F=B4=EB=8D=94=20pat?= =?UTF-8?q?h=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 본래 ScriptλŠ” Github Actions CD 슀크립트 μ‹€ν–‰ μ‹œμ μ— μƒμ„±λ˜κ³  S3λ₯Ό 톡해 κ΄€λ¦¬λ˜λŠ” μžμ›μ΄μ§€λ§Œ μž‘μ—…μžλ“€μ΄ ν”„λ‘œμ νŠΈ μž‘μ—… κ³Όμ •μ—μ„œ μš©μ΄ν•˜κ²Œ ν™•μΈν•˜λ©° 관리할 수 μžˆλ„λ‘ λ²„μ „κ΄€λ¦¬λŠ” λ˜μ§€ μ•Šλ„λ‘ μ œμ™Έν–ˆμŠ΅λ‹ˆλ‹€. --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 288da7d..f4b2b5f 100644 --- a/.gitignore +++ b/.gitignore @@ -43,3 +43,5 @@ out/ *.pem *p8 +### Deploy ### +script/ \ No newline at end of file From 9ba2c5b4a1b56e49a1897d86d2fc7b7c74aa6ba3 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 19 Nov 2024 14:39:44 +0900 Subject: [PATCH 10/33] =?UTF-8?q?[CHORE]=20Spring=20Actuator=20=EB=9D=BC?= =?UTF-8?q?=EC=9D=B4=EB=B8=8C=EB=9F=AC=EB=A6=AC=20=EC=9D=98=EC=A1=B4?= =?UTF-8?q?=EC=84=B1=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Deploy μ‹œ μ‚¬μš©λ˜λŠ” Health Check API 제곡 - Prometheus λͺ¨λ‹ˆν„°λ§ μ§€ν‘œ Collector 좜처둜 μ‚¬μš© --- build.gradle.kts | 1 + 1 file changed, 1 insertion(+) diff --git a/build.gradle.kts b/build.gradle.kts index 09dd7f2..b2d4838 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -44,6 +44,7 @@ dependencies { implementation("org.springframework.boot:spring-boot-starter-security") implementation("org.springframework.boot:spring-boot-starter-validation") implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server") + implementation("org.springframework.boot:spring-boot-starter-actuator") implementation("org.springframework.retry:spring-retry") implementation("com.fasterxml.jackson.core:jackson-databind:${jacksonCoreVersion}") From 5fa64cfae0d4f9af30f13f99c52a7d9e5c3b92fa Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 19 Nov 2024 14:57:37 +0900 Subject: [PATCH 11/33] =?UTF-8?q?[FEAT]=201=EC=B0=A8=20=EB=B0=B0=ED=8F=AC?= =?UTF-8?q?=20Script=20=EC=9E=91=EC=84=B1=20=EC=99=84=EB=A3=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/cd-dev.yml | 12 +++++------ .github/workflows/cd-prod.yml | 38 ++++++++++++++++++----------------- 2 files changed, 26 insertions(+), 24 deletions(-) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml index f09b2a1..b196e31 100644 --- a/.github/workflows/cd-dev.yml +++ b/.github/workflows/cd-dev.yml @@ -1,6 +1,7 @@ name: Continuous Deployment for SOPT makers Authentication Development Server on: + workflow_dispatch: push: branches: [ develop ] @@ -31,10 +32,10 @@ jobs: env: GRADLE_PROPERTY: ${{ secrets.GRADLE_PROPERTY }} run: | - touch gradle.properties + touch ./gradle.properties echo "$GRADLE_PROPERTY" >> ./gradle.properties - - name: Configure AWS credentials + - name: πŸ”’Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: $AWS_ACCESS_KEY @@ -58,7 +59,6 @@ jobs: steps: - name: βš™οΈ Create Application Property Files env: - APPLICATION_RESOURCE_PATH: ./src/main/resources APPLICATION_PROPERTY: ${{ secrets.APPLICATION_PROPERTY }} JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_RSA_PUBLIC_KEY }} JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_RSA_PRIVATE_KEY }} @@ -89,7 +89,7 @@ jobs: echo "$SWITCH_SCRIPT" >> ./script/switch.sh touch ./script/valid.sh - echo "$VALIDATE_SCRIPT" >> ./script/.sh + echo "$VALIDATE_SCRIPT" >> ./script/valid.sh - name: πŸ“ Make files to zip run: zip -r ./$GITHUB_SHA.zip ./script ./property @@ -105,9 +105,9 @@ jobs: - name: πŸš€ Upload Property Zip to S3 and Create Code Deploy env: AWS_DEPLOY_APPLICATION_NAME: ${{ secrets.AWS_DEPLOY_APPLICATION_NAME }} - AWS_DEPLOY_GROUP_NAME: ${{ secrets.AWS_PROD_DEPLOY_GROUP_NAME }} + AWS_DEPLOY_GROUP_NAME: ${{ secrets.AWS_DEV_DEPLOY_GROUP_NAME }} AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }} - AWS_BUCKET_DEPLOY_PATH: ${{ secrets.AWS_BUCKET_PROD_DEPLOY_PATH }} + AWS_BUCKET_DEPLOY_PATH: ${{ secrets.AWS_BUCKET_DEV_DEPLOY_PATH }} run: | aws s3 cp --region $AWS_REGION ./$GITHUB_SHA.zip s3://$AWS_BUCKET_NAME$AWS_BUCKET_DEPLOY_PATH/$GITHUB_SHA.zip aws deploy create-deployment --application-name $AWS_DEPLOY_APPLICATION_NAME diff --git a/.github/workflows/cd-prod.yml b/.github/workflows/cd-prod.yml index 4619941..32211d4 100644 --- a/.github/workflows/cd-prod.yml +++ b/.github/workflows/cd-prod.yml @@ -1,6 +1,7 @@ name: Continuous Deployment for SOPT makers Authentication Production Server on: + workflow_dispatch: push: branches: [ main ] @@ -31,10 +32,10 @@ jobs: env: GRADLE_PROPERTY: ${{ secrets.GRADLE_PROPERTY }} run: | - touch gradle.properties + touch ./gradle.properties echo "$GRADLE_PROPERTY" >> ./gradle.properties - - name: Configure AWS credentials + - name: πŸ”’Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: $AWS_ACCESS_KEY @@ -58,37 +59,38 @@ jobs: steps: - name: βš™οΈ Create Application Property Files env: - APPLICATION_RESOURCE_PATH: ./src/main/resources APPLICATION_PROPERTY: ${{ secrets.APPLICATION_PROPERTY }} - JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_DEV_RSA_PUBLIC_KEY }} - JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_DEV_RSA_PRIVATE_KEY }} + JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_RSA_PUBLIC_KEY }} + JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_RSA_PRIVATE_KEY }} run: | mkdir -p property - touch application.properties + touch ./property/application.properties echo "$APPLICATION_PROPERTY" >> ./property/application.properties - touch jwt_public_key.pem + touch ./property/jwt_public_key.pem echo "$JWT_PUBLIC_KEY_PEM" >> ./property/jwt_public_key.pem - touch application.properties + touch ./property/jwt_private_key.pem echo "$JWT_PRIVATE_KEY_PEM" >> ./property/jwt_private_key.pem - name: πŸ“„ Create Script Files env: - BUILD_SCRIPT: - SWITCH_SCRIPT: + DEPLOY_SCRIPT: ${{ secrets.DEPLOY_SCRIPT }} + SWITCH_SCRIPT: ${{ secrets.SWITCH_SCRIPT }} + VALIDATE_SCRIPT: ${{ secrets.VALIDATE_SCRIPT }} run: | mkdir -p script - touch application.properties - echo "$APPLICATION_PROPERTY" >> ./script/.sh + touch ./script/deploy.sh + echo "$DEPLOY_SCRIPT" >> ./script/deploy.sh - touch jwt_public_key.pem - echo "$JWT_PUBLIC_KEY_PEM" >> ./script/.sh + touch ./script/switch.sh + echo "$SWITCH_SCRIPT" >> ./script/switch.sh - touch application.properties - echo "$JWT_PRIVATE_KEY_PEM" >> ./script/.sh + touch ./script/valid.sh + echo "$VALIDATE_SCRIPT" >> ./script/valid.sh + shell: bash - name: πŸ“ Make files to zip run: zip -r ./$GITHUB_SHA.zip ./script ./property @@ -104,9 +106,9 @@ jobs: - name: πŸš€ Upload Property Zip to S3 and Create Code Deploy env: AWS_DEPLOY_APPLICATION_NAME: ${{ secrets.AWS_DEPLOY_APPLICATION_NAME }} - AWS_DEPLOY_GROUP_NAME: ${{ secrets.AWS_DEV_DEPLOY_GROUP_NAME }} + AWS_DEPLOY_GROUP_NAME: ${{ secrets.AWS_PROD_DEPLOY_GROUP_NAME }} AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }} - AWS_BUCKET_DEPLOY_PATH: ${{ secrets.AWS_BUCKET_DEV_DEPLOY_PATH }} + AWS_BUCKET_DEPLOY_PATH: ${{ secrets.AWS_BUCKET_PROD_DEPLOY_PATH }} run: | aws s3 cp --region $AWS_REGION ./$GITHUB_SHA.zip s3://$AWS_BUCKET_NAME$AWS_BUCKET_DEPLOY_PATH/$GITHUB_SHA.zip aws deploy create-deployment --application-name $AWS_DEPLOY_APPLICATION_NAME From 0e8b9d1e1498b16990fec77cfd2d97002b33c5d3 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 19 Nov 2024 15:00:38 +0900 Subject: [PATCH 12/33] =?UTF-8?q?[FIX]=20Jwt=20Pem=20=ED=8C=8C=EC=9D=BC=20?= =?UTF-8?q?=ED=99=98=EA=B2=BD=EB=B3=84=20=EB=B6=84=EB=A6=AC=EC=97=90=20?= =?UTF-8?q?=EB=94=B0=EB=A5=B8=20Script=20=ED=99=98=EA=B2=BD=20=EB=B3=80?= =?UTF-8?q?=EC=88=98=20=EB=B0=98=EC=98=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/cd-dev.yml | 4 ++-- .github/workflows/cd-prod.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml index b196e31..3a3bb1a 100644 --- a/.github/workflows/cd-dev.yml +++ b/.github/workflows/cd-dev.yml @@ -60,8 +60,8 @@ jobs: - name: βš™οΈ Create Application Property Files env: APPLICATION_PROPERTY: ${{ secrets.APPLICATION_PROPERTY }} - JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_RSA_PUBLIC_KEY }} - JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_RSA_PRIVATE_KEY }} + JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_DEV_RSA_PUBLIC_KEY }} + JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_DEV_RSA_PRIVATE_KEY }} run: | mkdir -p property diff --git a/.github/workflows/cd-prod.yml b/.github/workflows/cd-prod.yml index 32211d4..416570c 100644 --- a/.github/workflows/cd-prod.yml +++ b/.github/workflows/cd-prod.yml @@ -60,8 +60,8 @@ jobs: - name: βš™οΈ Create Application Property Files env: APPLICATION_PROPERTY: ${{ secrets.APPLICATION_PROPERTY }} - JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_RSA_PUBLIC_KEY }} - JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_RSA_PRIVATE_KEY }} + JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_PROD_RSA_PUBLIC_KEY }} + JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_PROD_RSA_PRIVATE_KEY }} run: | mkdir -p property From a36a4a9b37fe31d561d47d9674f93575b3cd3324 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 19 Nov 2024 15:14:18 +0900 Subject: [PATCH 13/33] =?UTF-8?q?[FEAT]=20Apple=20Credential=20=ED=8C=8C?= =?UTF-8?q?=EC=9D=BC=20=EB=B0=98=EC=98=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/cd-dev.yml | 5 +++++ .github/workflows/cd-prod.yml | 6 ++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml index 3a3bb1a..06f8309 100644 --- a/.github/workflows/cd-dev.yml +++ b/.github/workflows/cd-dev.yml @@ -62,6 +62,8 @@ jobs: APPLICATION_PROPERTY: ${{ secrets.APPLICATION_PROPERTY }} JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_DEV_RSA_PUBLIC_KEY }} JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_DEV_RSA_PRIVATE_KEY }} + APPLE_CREDENTIAL_KEY: ${{ secrets.APPLE_DEV_AUTH_P8_NAME }} + APPLE_CREDENTIAL: ${{ secrets.APPLE_DEV_AUTH_P8_CONTENT }} run: | mkdir -p property @@ -73,6 +75,9 @@ jobs: touch ./property/jwt_private_key.pem echo "$JWT_PRIVATE_KEY_PEM" >> ./property/jwt_private_key.pem + + touch ./property/$APPLE_CREDENTIAL_KEY + echo "$APPLE_CREDENTIAL_CONTENT" >> ./property/$APPLE_CREDENTIAL_KEY - name: πŸ“„ Create Script Files env: diff --git a/.github/workflows/cd-prod.yml b/.github/workflows/cd-prod.yml index 416570c..2a8b8f5 100644 --- a/.github/workflows/cd-prod.yml +++ b/.github/workflows/cd-prod.yml @@ -62,6 +62,8 @@ jobs: APPLICATION_PROPERTY: ${{ secrets.APPLICATION_PROPERTY }} JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_PROD_RSA_PUBLIC_KEY }} JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_PROD_RSA_PRIVATE_KEY }} + APPLE_CREDENTIAL_KEY: ${{ secrets.APPLE_PROD_AUTH_P8_NAME }} + APPLE_CREDENTIAL_CONTENT: ${{ secrets.APPLE_PROD_AUTH_P8_CONTENT }} run: | mkdir -p property @@ -71,8 +73,8 @@ jobs: touch ./property/jwt_public_key.pem echo "$JWT_PUBLIC_KEY_PEM" >> ./property/jwt_public_key.pem - touch ./property/jwt_private_key.pem - echo "$JWT_PRIVATE_KEY_PEM" >> ./property/jwt_private_key.pem + touch ./property/$APPLE_CREDENTIAL_KEY + echo "$APPLE_CREDENTIAL_CONTENT" >> ./property/$APPLE_CREDENTIAL_KEY - name: πŸ“„ Create Script Files env: From b9d7e8d1c415bab29817a4a8618e3c30e1bdc92a Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 19 Nov 2024 15:16:17 +0900 Subject: [PATCH 14/33] =?UTF-8?q?[FEAT]=20EC2=20=EB=82=B4=20=ED=8C=8C?= =?UTF-8?q?=EC=9D=BC=20=EC=A1=B4=EC=9E=AC=20=EC=8B=9C,=20=EB=8D=AE?= =?UTF-8?q?=EC=96=B4=EC=93=B8=20=EC=88=98=20=EC=9E=88=EB=8F=84=EB=A1=9D=20?= =?UTF-8?q?appspec.yml=20=EB=B0=98=EC=98=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- appspec.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/appspec.yml b/appspec.yml index 48c29b9..e390d40 100644 --- a/appspec.yml +++ b/appspec.yml @@ -4,6 +4,8 @@ os: linux files: - source: / destination: /home/ubuntu +file_exists_behavior: OVERWRITE + hooks: AfterInstall: - location: script/deploy.sh From affb7c4b1e604f52f175c4003a4f7ec16a863042 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 26 Nov 2024 22:11:58 +0900 Subject: [PATCH 15/33] =?UTF-8?q?[FIX]=20appspec=20file=20path=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- appspec.yml | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/appspec.yml b/appspec.yml index e390d40..47b35b0 100644 --- a/appspec.yml +++ b/appspec.yml @@ -6,15 +6,21 @@ files: destination: /home/ubuntu file_exists_behavior: OVERWRITE +permissions: + - object: /home/ubuntu + pattern: '**' + owner: ubuntu + group: ubuntu + hooks: AfterInstall: - - location: script/deploy.sh + - location: script/auth/deploy.sh timeout: 120 runas: root - - location: script/switch.sh + - location: script/auth/switch.sh timeout: 120 runas: root ValidateService: - - location: script/valid.sh + - location: script/auth/valid.sh timeout: 60 runas: root \ No newline at end of file From a53748096483012d25badb2ee4053343dd9d4adc Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Wed, 27 Nov 2024 01:11:25 +0900 Subject: [PATCH 16/33] =?UTF-8?q?[FEAT]=20.dockerignore=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .dockerignore | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 .dockerignore diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..48cad17 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,7 @@ +.idea +*.md +appspec.yml +.github +.gitignore +.gitattributes +script \ No newline at end of file From d9ac72d9a131304c1dae9589c30bff5c0c4f17a1 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Wed, 27 Nov 2024 03:13:51 +0900 Subject: [PATCH 17/33] =?UTF-8?q?[CHORE]=20=EB=B6=88=ED=95=84=EC=9A=94?= =?UTF-8?q?=ED=95=9C=20=EB=AA=85=EB=A0=B9=20=EC=A0=9C=EA=B1=B0=20=EB=B0=8F?= =?UTF-8?q?=20=EB=B8=8C=EB=9E=9C=EC=B9=98=20=EC=9D=B4=EB=A6=84=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/ci.yml | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8f5b6c4..93ea156 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,7 +2,7 @@ name: Continuous Integration for SOPT makers Authentication Project on: pull_request: - branches: [ develop ] + branches: [ dev ] jobs: build: @@ -24,16 +24,12 @@ jobs: shell: bash - name: πŸ”‘ Create Application Property File - env: - APPLICATION_RESOURCE_PATH: ./src/main/resources run: | - touch $APPLICATION_RESOURCE_PATH/application.properties - touch $APPLICATION_RESOURCE_PATH/jwt_public_key.pem - touch $APPLICATION_RESOURCE_PATH/jwt_private_key.pem + touch ./gradle.properties + touch ./src/main/resources/application.properties - echo "${{ secrets.APPLICATION_PROPERTIES }}" >> $APPLICATION_RESOURCE_PATH/application.properties - echo "${{ secrets.JWT_RSA_PUBLIC_KEY }}" >> $APPLICATION_RESOURCE_PATH/jwt_public_key.pem - echo "${{ secrets.JWT_RSA_PRIVATE_KEY }}" >> $APPLICATION_RESOURCE_PATH/jwt_private_key.pem + echo "${{ secrets.GRADLE_PROPERTIES }}" >> ./gradle.properties + echo "${{ secrets.APPLICATION_PROPERTIES }}" >> ./src/main/resources/application.properties - name: 🧱 Build with Gradle run: ./gradlew clean build From 32dd59df287be4b3d7cd0f472f85b61222cd12c4 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Wed, 27 Nov 2024 03:59:42 +0900 Subject: [PATCH 18/33] =?UTF-8?q?[FIX]=20CodeDeploy=20resource=20mapped=20?= =?UTF-8?q?path=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- appspec.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/appspec.yml b/appspec.yml index 47b35b0..107c558 100644 --- a/appspec.yml +++ b/appspec.yml @@ -2,8 +2,8 @@ version: 0.0 os: linux files: - - source: / - destination: /home/ubuntu + - source: /script + destination: /home/ubuntu/script/auth file_exists_behavior: OVERWRITE permissions: From 74e67447069a44fcbb7cb9d0ac792917fc3e8157 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Wed, 27 Nov 2024 04:14:09 +0900 Subject: [PATCH 19/33] =?UTF-8?q?[FIX]=20=EC=84=A4=EC=A0=95=20=ED=8C=8C?= =?UTF-8?q?=EC=9D=BC=20=EA=B4=80=EB=A6=AC=EB=B0=A9=EB=B2=95=20=EB=B3=80?= =?UTF-8?q?=EA=B2=BD=20=EB=B0=98=EC=98=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/cd-dev.yml | 126 ++++++++++++++++------------------- .github/workflows/ci.yml | 4 +- 2 files changed, 59 insertions(+), 71 deletions(-) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml index 06f8309..f7c0d3b 100644 --- a/.github/workflows/cd-dev.yml +++ b/.github/workflows/cd-dev.yml @@ -3,14 +3,10 @@ name: Continuous Deployment for SOPT makers Authentication Development Server on: workflow_dispatch: push: - branches: [ develop ] - -env: - AWS_REGION: ${{ secrets.AWS_REGION }} - AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }} - AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }} + branches: [ dev ] jobs: + build-and-push-image: runs-on: ubuntu-22.04 steps: @@ -28,27 +24,44 @@ jobs: run: chmod +x ./gradlew shell: bash - - name: βš™οΈ Create Gradle Property File - env: - GRADLE_PROPERTY: ${{ secrets.GRADLE_PROPERTY }} + - name: πŸ”’ Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} + aws-region: ${{ secrets.AWS_REGION }} + + - name: βš™οΈ Create Property File run: | touch ./gradle.properties - echo "$GRADLE_PROPERTY" >> ./gradle.properties + touch ./src/main/resources/application.properties + + echo "${{ secrets.PROPERTY_GRADLE }}" >> ./gradle.properties + echo "${{ secrets.PROPERTY_APPLICATION }}" >> ./src/main/resources/application.properties - - name: πŸ”’Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: $AWS_ACCESS_KEY - aws-secret-access-key: $AWS_SECRET_KEY - aws-region: $AWS_REGION + - name: πŸ”‘ Copy Key File + env: + REGION: ${{ secrets.AWS_REGION }} + APPLE_KEY: ${{ secrets.APPLE_KEY }} + JWT_PUBLIC_KEY: ${{ secrets.JWT_PUBLIC_KEY }} + JWT_PRIVATE_KEY: ${{ secrets.JWT_PRIVATE_KEY }} + S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} + PROPERTY_PATH: src/main/resources + run: | + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/dev/static/$JWT_PUBLIC_KEY $PROPERTY_PATH/$JWT_PUBLIC_KEY + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/dev/static/$JWT_PRIVATE_KEY $PROPERTY_PATH/$JWT_PRIVATE_KEY + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/dev/static/$APPLE_KEY $PROPERTY_PATH/$APPLE_KEY - name: 🧱 Build Image and Push to ECR env: AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} - AWS_ECR_REPO: ${{ secrets.AWS_ECR_PROD_REPOSITORY_NAME }} + AWS_ECR_REPO: ${{ secrets.AWS_ECR_REPO_DEV }} run: | - aws ecr-public get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin public.ecr.aws/$AWS_ACCOUNT_ID - docker build -t $AWS_ECR_REPO:latest . + aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws + docker build -t $AWS_ECR_REPO . docker tag $AWS_ECR_REPO:latest public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest docker push public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest @@ -57,65 +70,40 @@ jobs: needs: build-and-push-image runs-on: ubuntu-22.04 steps: - - name: βš™οΈ Create Application Property Files - env: - APPLICATION_PROPERTY: ${{ secrets.APPLICATION_PROPERTY }} - JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_DEV_RSA_PUBLIC_KEY }} - JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_DEV_RSA_PRIVATE_KEY }} - APPLE_CREDENTIAL_KEY: ${{ secrets.APPLE_DEV_AUTH_P8_NAME }} - APPLE_CREDENTIAL: ${{ secrets.APPLE_DEV_AUTH_P8_CONTENT }} - run: | - mkdir -p property - - touch ./property/application.properties - echo "$APPLICATION_PROPERTY" >> ./property/application.properties - - touch ./property/jwt_public_key.pem - echo "$JWT_PUBLIC_KEY_PEM" >> ./property/jwt_public_key.pem - - touch ./property/jwt_private_key.pem - echo "$JWT_PRIVATE_KEY_PEM" >> ./property/jwt_private_key.pem - - touch ./property/$APPLE_CREDENTIAL_KEY - echo "$APPLE_CREDENTIAL_CONTENT" >> ./property/$APPLE_CREDENTIAL_KEY + - name: πŸ”’ Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} + aws-region: ${{ secrets.AWS_REGION }} - - name: πŸ“„ Create Script Files + - name: πŸ“ Copy Script File env: - DEPLOY_SCRIPT: ${{ secrets.DEPLOY_SCRIPT }} - SWITCH_SCRIPT: ${{ secrets.SWITCH_SCRIPT }} - VALIDATE_SCRIPT: ${{ secrets.VALIDATE_SCRIPT }} + REGION: ${{ secrets.AWS_REGION }} + S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} run: | - mkdir -p script - - touch ./script/deploy.sh - echo "$DEPLOY_SCRIPT" >> ./script/deploy.sh - - touch ./script/switch.sh - echo "$SWITCH_SCRIPT" >> ./script/switch.sh - - touch ./script/valid.sh - echo "$VALIDATE_SCRIPT" >> ./script/valid.sh + mkdir script + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/dev/script/deploy.sh script/deploy.sh + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/dev/script/switch.sh script/switch.sh + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/dev/script/valid.sh script/valid.sh - name: πŸ“ Make files to zip - run: zip -r ./$GITHUB_SHA.zip ./script ./property + run: zip -r ./$GITHUB_SHA.zip ./script shell: bash - - name: πŸ”‘ Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: $AWS_ACCESS_KEY - aws-secret-access-key: $AWS_SECRET_KEY - aws-region: $AWS_REGION - - name: πŸš€ Upload Property Zip to S3 and Create Code Deploy env: - AWS_DEPLOY_APPLICATION_NAME: ${{ secrets.AWS_DEPLOY_APPLICATION_NAME }} - AWS_DEPLOY_GROUP_NAME: ${{ secrets.AWS_DEV_DEPLOY_GROUP_NAME }} - AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }} - AWS_BUCKET_DEPLOY_PATH: ${{ secrets.AWS_BUCKET_DEV_DEPLOY_PATH }} + REGION: ${{ secrets.AWS_REGION }} + DEPLOY_APPLICATION: ${{ secrets.AWS_DEPLOY_APPLICATION }} + DEPLOY_GROUP: ${{ secrets.AWS_DEPLOY_GROUP_DEV }} + S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} run: | - aws s3 cp --region $AWS_REGION ./$GITHUB_SHA.zip s3://$AWS_BUCKET_NAME$AWS_BUCKET_DEPLOY_PATH/$GITHUB_SHA.zip + aws s3 cp --region $REGION ./$GITHUB_SHA.zip s3://$S3_PATH/dev/deploy/$GITHUB_SHA.zip + aws deploy create-deployment --application-name $AWS_DEPLOY_APPLICATION_NAME --deployment-config-name CodeDeployDefault.AllAtOnce - --deployment-group-name $AWS_DEPLOY_GROUP_NAME - --s3-location bucket=$AWS_BUCKET_NAME,bundleType=zip,key=$AWS_BUCKET_DEPLOY_PATH/$GITHUB_SHA.zip \ No newline at end of file + --deployment-group-name $DEPLOY_GROUP + --s3-location bucket=$AWS_BUCKET_NAME,bundleType=zip,key=dev/deploy/$GITHUB_SHA.zip \ No newline at end of file diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 93ea156..58791ca 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -28,8 +28,8 @@ jobs: touch ./gradle.properties touch ./src/main/resources/application.properties - echo "${{ secrets.GRADLE_PROPERTIES }}" >> ./gradle.properties - echo "${{ secrets.APPLICATION_PROPERTIES }}" >> ./src/main/resources/application.properties + echo "${{ secrets.PROPERTY_GRADLE }}" >> ./gradle.properties + echo "${{ secrets.PROPERTY_APPLICATION }}" >> ./src/main/resources/application.properties - name: 🧱 Build with Gradle run: ./gradlew clean build From d194e1bd809dc8ec5319166ddb54be9ba6926cea Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Wed, 27 Nov 2024 04:58:15 +0900 Subject: [PATCH 20/33] =?UTF-8?q?[CHORE]=20=EB=B0=B0=ED=8F=AC=20=EB=B3=80?= =?UTF-8?q?=EA=B2=BD=20=EC=82=AC=ED=95=AD=20Prod=20script=20sync?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/cd-prod.yml | 122 ++++++++++++++++------------------ 1 file changed, 56 insertions(+), 66 deletions(-) diff --git a/.github/workflows/cd-prod.yml b/.github/workflows/cd-prod.yml index 2a8b8f5..5716733 100644 --- a/.github/workflows/cd-prod.yml +++ b/.github/workflows/cd-prod.yml @@ -5,12 +5,8 @@ on: push: branches: [ main ] -env: - AWS_REGION: ${{ secrets.AWS_REGION }} - AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }} - AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }} - jobs: + build-and-push-image: runs-on: ubuntu-22.04 steps: @@ -28,27 +24,44 @@ jobs: run: chmod +x ./gradlew shell: bash - - name: βš™οΈ Create Gradle Property File - env: - GRADLE_PROPERTY: ${{ secrets.GRADLE_PROPERTY }} + - name: πŸ”’ Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} + aws-region: ${{ secrets.AWS_REGION }} + + - name: βš™οΈ Create Property File run: | touch ./gradle.properties - echo "$GRADLE_PROPERTY" >> ./gradle.properties + touch ./src/main/resources/application.properties + + echo "${{ secrets.PROPERTY_GRADLE }}" >> ./gradle.properties + echo "${{ secrets.PROPERTY_APPLICATION }}" >> ./src/main/resources/application.properties - - name: πŸ”’Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: $AWS_ACCESS_KEY - aws-secret-access-key: $AWS_SECRET_KEY - aws-region: $AWS_REGION + - name: πŸ”‘ Copy Key File + env: + REGION: ${{ secrets.AWS_REGION }} + APPLE_KEY: ${{ secrets.APPLE_KEY }} + JWT_PUBLIC_KEY: ${{ secrets.JWT_PUBLIC_KEY }} + JWT_PRIVATE_KEY: ${{ secrets.JWT_PRIVATE_KEY }} + S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} + PROPERTY_PATH: src/main/resources + run: | + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/prod/static/$JWT_PUBLIC_KEY $PROPERTY_PATH/$JWT_PUBLIC_KEY + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/prod/static/$JWT_PRIVATE_KEY $PROPERTY_PATH/$JWT_PRIVATE_KEY + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/prod/static/$APPLE_KEY $PROPERTY_PATH/$APPLE_KEY - name: 🧱 Build Image and Push to ECR env: AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} - AWS_ECR_REPO: ${{ secrets.AWS_ECR_DEV_REPOSITORY_NAME }} + AWS_ECR_REPO: ${{ secrets.AWS_ECR_REPO_PROD }} run: | - aws ecr-public get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin public.ecr.aws/$AWS_ACCOUNT_ID - docker build -t $AWS_ECR_REPO:latest . + aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws + docker build -t $AWS_ECR_REPO . docker tag $AWS_ECR_REPO:latest public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest docker push public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest @@ -57,63 +70,40 @@ jobs: needs: build-and-push-image runs-on: ubuntu-22.04 steps: - - name: βš™οΈ Create Application Property Files - env: - APPLICATION_PROPERTY: ${{ secrets.APPLICATION_PROPERTY }} - JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_PROD_RSA_PUBLIC_KEY }} - JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_PROD_RSA_PRIVATE_KEY }} - APPLE_CREDENTIAL_KEY: ${{ secrets.APPLE_PROD_AUTH_P8_NAME }} - APPLE_CREDENTIAL_CONTENT: ${{ secrets.APPLE_PROD_AUTH_P8_CONTENT }} - run: | - mkdir -p property - - touch ./property/application.properties - echo "$APPLICATION_PROPERTY" >> ./property/application.properties - - touch ./property/jwt_public_key.pem - echo "$JWT_PUBLIC_KEY_PEM" >> ./property/jwt_public_key.pem - - touch ./property/$APPLE_CREDENTIAL_KEY - echo "$APPLE_CREDENTIAL_CONTENT" >> ./property/$APPLE_CREDENTIAL_KEY + - name: πŸ”’ Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} + aws-region: ${{ secrets.AWS_REGION }} - - name: πŸ“„ Create Script Files + - name: πŸ“ Copy Script File env: - DEPLOY_SCRIPT: ${{ secrets.DEPLOY_SCRIPT }} - SWITCH_SCRIPT: ${{ secrets.SWITCH_SCRIPT }} - VALIDATE_SCRIPT: ${{ secrets.VALIDATE_SCRIPT }} + REGION: ${{ secrets.AWS_REGION }} + S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} run: | - mkdir -p script - - touch ./script/deploy.sh - echo "$DEPLOY_SCRIPT" >> ./script/deploy.sh - - touch ./script/switch.sh - echo "$SWITCH_SCRIPT" >> ./script/switch.sh - - touch ./script/valid.sh - echo "$VALIDATE_SCRIPT" >> ./script/valid.sh - shell: bash + mkdir script + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/prod/script/deploy.sh script/deploy.sh + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/prod/script/switch.sh script/switch.sh + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/prod/script/valid.sh script/valid.sh - name: πŸ“ Make files to zip - run: zip -r ./$GITHUB_SHA.zip ./script ./property + run: zip -r ./$GITHUB_SHA.zip ./script shell: bash - - name: πŸ”‘ Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: $AWS_ACCESS_KEY - aws-secret-access-key: $AWS_SECRET_KEY - aws-region: $AWS_REGION - - name: πŸš€ Upload Property Zip to S3 and Create Code Deploy env: - AWS_DEPLOY_APPLICATION_NAME: ${{ secrets.AWS_DEPLOY_APPLICATION_NAME }} - AWS_DEPLOY_GROUP_NAME: ${{ secrets.AWS_PROD_DEPLOY_GROUP_NAME }} - AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }} - AWS_BUCKET_DEPLOY_PATH: ${{ secrets.AWS_BUCKET_PROD_DEPLOY_PATH }} + REGION: ${{ secrets.AWS_REGION }} + DEPLOY_APPLICATION: ${{ secrets.AWS_DEPLOY_APPLICATION }} + DEPLOY_GROUP: ${{ secrets.AWS_DEPLOY_GROUP_PROD }} + S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} run: | - aws s3 cp --region $AWS_REGION ./$GITHUB_SHA.zip s3://$AWS_BUCKET_NAME$AWS_BUCKET_DEPLOY_PATH/$GITHUB_SHA.zip + aws s3 cp --region $REGION ./$GITHUB_SHA.zip s3://$S3_PATH/prod/deploy/$GITHUB_SHA.zip + aws deploy create-deployment --application-name $AWS_DEPLOY_APPLICATION_NAME --deployment-config-name CodeDeployDefault.AllAtOnce - --deployment-group-name $AWS_DEPLOY_GROUP_NAME - --s3-location bucket=$AWS_BUCKET_NAME,bundleType=zip,key=$AWS_BUCKET_DEPLOY_PATH/$GITHUB_SHA.zip \ No newline at end of file + --deployment-group-name $DEPLOY_GROUP + --s3-location bucket=$AWS_BUCKET_NAME,bundleType=zip,key=prod/deploy/$GITHUB_SHA.zip \ No newline at end of file From 353779becb1156d49934f27da42b69ae079cff87 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Wed, 27 Nov 2024 05:04:16 +0900 Subject: [PATCH 21/33] =?UTF-8?q?[FIX]=20=EC=9E=98=EB=AA=BB=EB=90=9C=20git?= =?UTF-8?q?=20ignore=20=EB=93=B1=EB=A1=9D=20=EC=9A=94=EC=86=8C=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitignore | 3 ++- gradle/wrapper/gradle-wrapper.properties | 7 +++++++ 2 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 gradle/wrapper/gradle-wrapper.properties diff --git a/.gitignore b/.gitignore index f4b2b5f..775c697 100644 --- a/.gitignore +++ b/.gitignore @@ -37,7 +37,8 @@ out/ .vscode/ ### Propety ### -*.properties +gradle.properties +**/src/main/resources/*.properties ### Key ### *.pem diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties new file mode 100644 index 0000000..df97d72 --- /dev/null +++ b/gradle/wrapper/gradle-wrapper.properties @@ -0,0 +1,7 @@ +distributionBase=GRADLE_USER_HOME +distributionPath=wrapper/dists +distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.2-bin.zip +networkTimeout=10000 +validateDistributionUrl=true +zipStoreBase=GRADLE_USER_HOME +zipStorePath=wrapper/dists From 87d0cce979af02ba35e9a0a81eaacffa8714ee8b Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Wed, 27 Nov 2024 05:12:26 +0900 Subject: [PATCH 22/33] =?UTF-8?q?[FIX]=20CI=20=EB=B9=8C=EB=93=9C=20?= =?UTF-8?q?=EC=8B=A4=ED=96=89=20=EB=AA=85=EB=A0=B9=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - pem ν‚€λ“± μ™ΈλΆ€ S3에 κ΄€λ¦¬λ˜κ³  μžˆλŠ” μžμ›μ΄ ν•„μš”ν•˜μ—¬ ν…ŒμŠ€νŠΈ μ‹€ν–‰ 없이 λΉŒλ“œλ˜λ„λ‘ λ³€κ²½ν–ˆμŠ΅λ‹ˆλ‹€. - μΆ”ν›„ Test ν™˜κ²½ λ³€μˆ˜ μ£Όμž…μœΌλ‘œ 별도 ν…ŒμŠ€νŠΈ 톡과 STEP 생성을 고렀해도 쒋을 것 κ°™μŠ΅λ‹ˆλ‹€. --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 58791ca..45632fb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -32,5 +32,5 @@ jobs: echo "${{ secrets.PROPERTY_APPLICATION }}" >> ./src/main/resources/application.properties - name: 🧱 Build with Gradle - run: ./gradlew clean build + run: gradle build -x test shell: bash \ No newline at end of file From 63dd7a81bc5d516d29a4475e1f73d27d1c893e10 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 3 Dec 2024 00:08:18 +0900 Subject: [PATCH 23/33] =?UTF-8?q?[FIX]=20appspec=20=EC=86=8C=EC=8A=A4?= =?UTF-8?q?=ED=8C=8C=EC=9D=BC=20=EC=A0=80=EC=9E=A5=20=EC=9C=84=EC=B9=98=20?= =?UTF-8?q?=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- appspec.yml | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/appspec.yml b/appspec.yml index 107c558..6569a54 100644 --- a/appspec.yml +++ b/appspec.yml @@ -2,8 +2,17 @@ version: 0.0 os: linux files: - - source: /script + - source: script/deploy.sh destination: /home/ubuntu/script/auth + overwrite: yes + - source: script/switch.sh + destination: /home/ubuntu/script/auth + overwrite: yes + - source: script/valid.sh + destination: /home/ubuntu/script/auth + overwrite: yes + - source: application.env + destination: /home/ubuntu/env/auth file_exists_behavior: OVERWRITE permissions: @@ -14,13 +23,13 @@ permissions: hooks: AfterInstall: - - location: script/auth/deploy.sh + - location: script/deploy.sh timeout: 120 runas: root - - location: script/auth/switch.sh + - location: script/switch.sh timeout: 120 runas: root ValidateService: - - location: script/auth/valid.sh + - location: script/valid.sh timeout: 60 runas: root \ No newline at end of file From d93541f1eff80243e0cfc0d9b1c56021f9a1533d Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 3 Dec 2024 01:05:55 +0900 Subject: [PATCH 24/33] =?UTF-8?q?[FEAT]=20Spring=20Actuator=20Health=20Che?= =?UTF-8?q?ck=20=EC=97=94=EB=93=9C=ED=8F=AC=EC=9D=B8=ED=8A=B8=20=EC=84=A4?= =?UTF-8?q?=EC=A0=95=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/resources/application-dev.yaml | 6 ++++++ src/main/resources/application-local.yaml | 6 ++++++ src/main/resources/application-prod.yaml | 7 ++++++- src/main/resources/application-test.yaml | 6 ++++++ 4 files changed, 24 insertions(+), 1 deletion(-) diff --git a/src/main/resources/application-dev.yaml b/src/main/resources/application-dev.yaml index 27ab84c..53d6390 100644 --- a/src/main/resources/application-dev.yaml +++ b/src/main/resources/application-dev.yaml @@ -14,3 +14,9 @@ spring: auth: client: url: ${DEV_AUTH_URL} + +management: + endpoints: + web: + exposure: + include: health diff --git a/src/main/resources/application-local.yaml b/src/main/resources/application-local.yaml index ecdf56e..200f1c5 100644 --- a/src/main/resources/application-local.yaml +++ b/src/main/resources/application-local.yaml @@ -21,3 +21,9 @@ auth: rsa: public-key: ${RSA_PUBLIC_KEY_PATH} private-key: ${RSA_PRIVATE_KEY_PATH} + +management: + endpoints: + web: + exposure: + include: health diff --git a/src/main/resources/application-prod.yaml b/src/main/resources/application-prod.yaml index 97012df..9b0555f 100644 --- a/src/main/resources/application-prod.yaml +++ b/src/main/resources/application-prod.yaml @@ -14,4 +14,9 @@ spring: driver-class-name: ${PROD_DB_DRIVER_CLASS} auth: client: - url: ${PROD_AUTH_URL} \ No newline at end of file + url: ${PROD_AUTH_URL} +management: + endpoints: + web: + exposure: + include: health \ No newline at end of file diff --git a/src/main/resources/application-test.yaml b/src/main/resources/application-test.yaml index f9e8e19..d1c9fba 100644 --- a/src/main/resources/application-test.yaml +++ b/src/main/resources/application-test.yaml @@ -17,3 +17,9 @@ auth: rsa: public-key: classpath:jwt_public_key.pem private-key: classpath:jwt_private_key.pem + +management: + endpoints: + web: + exposure: + include: health \ No newline at end of file From f01193b9ae77fd0fe2e3b8b83e946bdbae7b766a Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 3 Dec 2024 01:13:04 +0900 Subject: [PATCH 25/33] =?UTF-8?q?[FEAT]=20appspec=20pem=20=ED=8C=8C?= =?UTF-8?q?=EC=9D=BC=20=EB=B0=8F=20key=20=ED=8C=8C=EC=9D=BC=20=EB=A6=AC?= =?UTF-8?q?=EC=86=8C=EC=8A=A4=20path=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - docker 싀행에 ν•„μš”ν•œ μžμ›λ“€μ„ μΆ”κ°€ν•©λ‹ˆλ‹€. - Github Secret으둜 κ΄€λ¦¬λ˜λŠ” μžμ›μ— λŒ€ν•΄ μ˜¬λ°”λ₯΄κ²Œ μ£Όμž…λ˜μ—ˆλŠ”μ§€ ν™•μΈν•˜κΈ° μœ„ν•΄μ„œλ„ μ‚¬μš©λœ λ¦¬μ†ŒμŠ€λ₯Ό /home/ubuntu 내에 μ €μž₯될 수 μžˆλ„λ‘ ν•©λ‹ˆλ‹€. --- appspec.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/appspec.yml b/appspec.yml index 6569a54..46a273d 100644 --- a/appspec.yml +++ b/appspec.yml @@ -11,6 +11,10 @@ files: - source: script/valid.sh destination: /home/ubuntu/script/auth overwrite: yes + - source: pem + destination: /home/ubuntu/property/auth/pem + - source: key + destination: /home/ubuntu/property/auth/key - source: application.env destination: /home/ubuntu/env/auth file_exists_behavior: OVERWRITE From 69bc98789d4f3c5ef036f71782810e9f00f1b61c Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 3 Dec 2024 01:53:58 +0900 Subject: [PATCH 26/33] =?UTF-8?q?[FIX]=20.env=20=ED=8C=8C=EC=9D=BC=20?= =?UTF-8?q?=EC=A3=BC=EC=9E=85=20=EB=B0=A9=EC=8B=9D=20=EB=B3=80=EA=B2=BD?= =?UTF-8?q?=EC=97=90=20=EB=8C=80=ED=95=9C=20application=20yaml=20=ED=8C=8C?= =?UTF-8?q?=EC=9D=BC=20=EB=B0=98=EC=98=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - λΆˆν•„μš”ν•œ properties 선언을 쀄이고 env 파일 뢄리λ₯Ό 톡해 ν™˜κ²½λ³€μˆ˜ 관리λ₯Ό μš©μ΄ν•˜κ²Œ ν•˜κ³ μž ν–ˆμŠ΅λ‹ˆλ‹€. --- src/main/resources/application-dev.yaml | 11 ++- src/main/resources/application-local.yaml | 18 ++--- src/main/resources/application-prod.yaml | 13 ++-- src/main/resources/application-test.yaml | 8 --- src/main/resources/external.yaml | 82 ++++++++--------------- src/main/resources/jwt.yaml | 23 ++----- 6 files changed, 46 insertions(+), 109 deletions(-) diff --git a/src/main/resources/application-dev.yaml b/src/main/resources/application-dev.yaml index 53d6390..4797a01 100644 --- a/src/main/resources/application-dev.yaml +++ b/src/main/resources/application-dev.yaml @@ -7,13 +7,10 @@ spring: - classpath:external.yaml - classpath:jwt.yaml datasource: - url: ${DEV_DB_URL} - username: ${DEV_DB_USERNAME} - password: ${DEV_DB_PASSWORD} - driver-class-name: ${DEV_DB_DRIVER_CLASS} -auth: - client: - url: ${DEV_AUTH_URL} + url: ${DB_URL} + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: ${DB_DRIVER_CLASS} management: endpoints: diff --git a/src/main/resources/application-local.yaml b/src/main/resources/application-local.yaml index 200f1c5..af822da 100644 --- a/src/main/resources/application-local.yaml +++ b/src/main/resources/application-local.yaml @@ -7,20 +7,10 @@ spring: - classpath:external.yaml - classpath:jwt.yaml datasource: - url: ${LOCAL_DB_URL} - username: ${LOCAL_DB_USERNAME} - password: ${LOCAL_DB_PASSWORD} - driver-class-name: ${LOCAL_DB_DRIVER_CLASS} - jpa: - hibernate: - ddl-auto: create -auth: - client: - url: ${LOCAL_AUTH_URL} - -rsa: - public-key: ${RSA_PUBLIC_KEY_PATH} - private-key: ${RSA_PRIVATE_KEY_PATH} + url: ${DB_URL} + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: ${DB_DRIVER_CLASS} management: endpoints: diff --git a/src/main/resources/application-prod.yaml b/src/main/resources/application-prod.yaml index 9b0555f..fbf0209 100644 --- a/src/main/resources/application-prod.yaml +++ b/src/main/resources/application-prod.yaml @@ -1,4 +1,3 @@ -spring.profiles.active: prod spring: config: activate: @@ -8,13 +7,11 @@ spring: - classpath:external.yaml - classpath:jwt.yaml datasource: - url: ${PROD_DB_URL} - username: ${PROD_DB_USERNAME} - password: ${PROD_DB_PASSWORD} - driver-class-name: ${PROD_DB_DRIVER_CLASS} -auth: - client: - url: ${PROD_AUTH_URL} + url: ${DB_URL} + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: ${DB_DRIVER_CLASS} + management: endpoints: web: diff --git a/src/main/resources/application-test.yaml b/src/main/resources/application-test.yaml index d1c9fba..7ffd73f 100644 --- a/src/main/resources/application-test.yaml +++ b/src/main/resources/application-test.yaml @@ -9,14 +9,6 @@ spring: datasource: url: jdbc:h2:mem:testdb username: sa - password: -auth: - client: - url: ${LOCAL_AUTH_URL} - -rsa: - public-key: classpath:jwt_public_key.pem - private-key: classpath:jwt_private_key.pem management: endpoints: diff --git a/src/main/resources/external.yaml b/src/main/resources/external.yaml index c0a6cfa..9834557 100644 --- a/src/main/resources/external.yaml +++ b/src/main/resources/external.yaml @@ -1,38 +1,11 @@ -spring.config.activate.on-profile: prod -external: - makers: - url: ${PROD_PLAYGROUND_URL} - token: ${PROD_PLAYGROUND_TOKEN} - gabia: - sms: - id: ${GABIA_SMS_ID} - key: ${GABIA_SMS_KEY} - url: ${GABIA_SMS_URL} - phone: ${GABIA_SMS_PHONE} - oauth: - apple: - aud: ${PROD_APPLE_AUD} - sub: ${PROD_APPLE_SUB} - key: - id: ${PROD_APPLE_KEY_ID} - path: ${PROD_APPLE_KEY_PATH} - team: - id: ${PROD_APPLE_TEAM_ID} - expiration: - token-expiration: ${APPLE_TOKEN_EXPIRATION_TIME} - google: - redirect: - url: ${PROD_GOOGLE_REDIRECT_URL} - client: - id: ${PROD_GOOGLE_CLIENT_ID} - secret: ${PROD_GOOGLE_CLIENT_SECRET} ---- spring.config.activate.on-profile: + - prod - dev + - local external: makers: - url: ${DEV_PLAYGROUND_URL} - token: ${DEV_PLAYGROUND_TOKEN} + url: ${PLAYGROUND_URL} + token: ${PLAYGROUND_TOKEN} gabia: sms: id: ${GABIA_SMS_ID} @@ -41,49 +14,48 @@ external: phone: ${GABIA_SMS_PHONE} oauth: apple: - aud: ${DEV_APPLE_AUD} - sub: ${DEV_APPLE_SUB} + aud: ${APPLE_AUD} + sub: ${APPLE_SUB} key: - id: ${DEV_APPLE_KEY_ID} - path: ${DEV_APPLE_KEY_PATH} + id: ${APPLE_KEY_ID} + path: ${APPLE_KEY_PATH} team: - id: ${DEV_APPLE_TEAM_ID} + id: ${APPLE_TEAM_ID} expiration: token-expiration: ${APPLE_TOKEN_EXPIRATION_TIME} google: redirect: - url: ${DEV_GOOGLE_REDIRECT_URL} + url: ${GOOGLE_REDIRECT_URL} client: - id: ${DEV_GOOGLE_CLIENT_ID} - secret: ${DEV_GOOGLE_CLIENT_SECRET} + id: ${GOOGLE_CLIENT_ID} + secret: ${GOOGLE_CLIENT_SECRET} --- spring.config.activate.on-profile: - - local - test external: makers: - url: ${DEV_PLAYGROUND_URL} - token: ${DEV_PLAYGROUND_TOKEN} + url: test + token: test gabia: sms: - id: ${GABIA_SMS_ID} - key: ${GABIA_SMS_KEY} - url: ${GABIA_SMS_URL} - phone: ${GABIA_SMS_PHONE} + id: test + key: test + url: test + phone: test oauth: apple: - aud: ${LOCAL_APPLE_AUD} - sub: ${LOCAL_APPLE_SUB} + aud: test + sub: test key: - id: ${LOCAL_APPLE_KEY_ID} - path: ${LOCAL_APPLE_KEY_PATH} + id: test + path: test team: - id: ${LOCAL_APPLE_TEAM_ID} + id: test expiration: - token-expiration: ${APPLE_TOKEN_EXPIRATION_TIME} + token-expiration: 0 google: redirect: - url: ${LOCAL_GOOGLE_REDIRECT_URL} + url: test client: - id: ${LOCAL_GOOGLE_CLIENT_ID} - secret: ${LOCAL_GOOGLE_CLIENT_SECRET} + id: test + secret: test diff --git a/src/main/resources/jwt.yaml b/src/main/resources/jwt.yaml index cf92d49..ea112e0 100644 --- a/src/main/resources/jwt.yaml +++ b/src/main/resources/jwt.yaml @@ -1,6 +1,7 @@ spring.config.activate.on-profile: - prod - dev + - local jwt: secret: rsa: @@ -12,26 +13,14 @@ jwt: issuer: issuer-name: ${ISSUER} --- -spring.config.activate.on-profile: local -jwt: - secret: - rsa: - public-key: ${RSA_PUBLIC_KEY_PATH_ON_LOCAL} - private-key: ${RSA_PRIVATE_KEY_PATH_ON_LOCAL} - expiration: - access-token-expiration: ${ACCESS_TOKEN_EXPIRATION_TIME} - refresh-token-expiration: ${REFRESH_TOKEN_EXPIRATION_TIME} - issuer: - issuer-name: ${ISSUER_ON_LOCAL} ---- spring.config.activate.on-profile: test jwt: secret: rsa: - public-key: ${RSA_PUBLIC_KEY_PATH_ON_TEST} - private-key: ${RSA_PRIVATE_KEY_PATH_ON_TEST} + public-key: test + private-key: test expiration: - access-token-expiration: ${ACCESS_TOKEN_EXPIRATION_TIME} - refresh-token-expiration: ${REFRESH_TOKEN_EXPIRATION_TIME} + access-token-expiration: 0 + refresh-token-expiration: 0 issuer: - issuer-name: ${ISSUER_ON_TEST} + issuer-name: test From b94aed161d401868d4c9b92d6102a44daec7d6ae Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 3 Dec 2024 01:54:50 +0900 Subject: [PATCH 27/33] =?UTF-8?q?[CHORE]=20gitignore=20.env=20=ED=8C=8C?= =?UTF-8?q?=EC=9D=BC=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 775c697..e0bfc51 100644 --- a/.gitignore +++ b/.gitignore @@ -39,6 +39,7 @@ out/ ### Propety ### gradle.properties **/src/main/resources/*.properties +**/src/main/resources/**/*.env ### Key ### *.pem From 014d12edcccf1563d4ef3506a6ac4ee5fae2d33c Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 3 Dec 2024 02:28:51 +0900 Subject: [PATCH 28/33] =?UTF-8?q?[FEAT]=20=EB=8F=99=EC=A0=81=20Profile=20p?= =?UTF-8?q?arameter=20=EC=A3=BC=EC=9E=85=20Build=20=EB=B0=A9=EC=8B=9D=20&?= =?UTF-8?q?=20=EC=83=9D=EC=84=B1=20jar=20=ED=8C=8C=EC=9D=BC=20=EC=A7=80?= =?UTF-8?q?=EC=A0=95=20=EB=82=B4=EC=9A=A9=20`build.gradle.kts`=20=EB=B0=98?= =?UTF-8?q?=EC=98=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - κΈ°λ³Έ profile둜 testκ°€ μ£Όμž…λ˜λ„λ‘ μ„€μ •ν–ˆμŠ΅λ‹ˆλ‹€. - Docker Build 및 Run μ‹œ, 볡수의 jar 파일 μΆ”μ μœΌλ‘œ 인해 인식이 μ•ˆλ˜λŠ” 문제λ₯Ό ν•΄κ²°ν•˜κΈ° μœ„ν•΄ bootJar μ‹œ μƒμ„±λ˜λŠ” jar 파일의 이름을 직접 μ§€μ •ν–ˆμŠ΅λ‹ˆλ‹€. --- build.gradle.kts | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/build.gradle.kts b/build.gradle.kts index b2d4838..06ec8a9 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -1,3 +1,5 @@ +import org.springframework.boot.gradle.tasks.bundling.BootJar + val googleJavaFormatVersion = "1.18.1" plugins { @@ -100,7 +102,26 @@ tasks.named("compileJava") { dependsOn("makeGitHooksExecutable") } +val jarName = "authentication.jar" +tasks.named("bootJar") { + archiveFileName.set(jarName) +} + // *-SNAPSHOT-plain.jar 생성 방지 tasks.getByName("jar"){ enabled=false } + +val profile: String = project.findProperty("profile") as? String ?: "test" +println("Build Profile: $profile") + +tasks.register("processProfileYaml") { + from("src/main/resources/application-$profile.yaml") + into("build/resources/main") // λΉŒλ“œ μ‹œ μ‚¬μš©ν•  λ¦¬μ†ŒμŠ€ 경둜 + rename { "application.yaml" } // λͺ¨λ“  ν”„λ‘œνŒŒμΌ νŒŒμΌμ„ application.yaml둜 λ³€κ²½ +} + +// processResources μž‘μ—… 후에 μ‹€ν–‰λ˜λ„λ‘ μ˜μ‘΄μ„± μΆ”κ°€ +tasks.named("processResources") { + dependsOn("processProfileYaml") +} From e6421f8bc43664851bdd074bffd2e275e932a7fd Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 3 Dec 2024 02:30:04 +0900 Subject: [PATCH 29/33] =?UTF-8?q?[REFACTOR]=20copy=20=EC=8B=9C,=20?= =?UTF-8?q?=EB=AA=85=EC=8B=9C=EB=90=9C=20jar=EB=A7=8C=20=EB=B3=B5=EC=82=AC?= =?UTF-8?q?=ED=95=A0=20=EC=88=98=20=EC=9E=88=EB=8F=84=EB=A1=9D=20=EC=88=98?= =?UTF-8?q?=EC=A0=95=20=EB=B0=8F=20build=20=EC=A3=BC=EC=B2=B4=20=EB=B3=80?= =?UTF-8?q?=EA=B2=BD(Gradle=20->=20OpenJDK)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2bc806b..37e03bb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,7 @@ -FROM gradle:8.10.2 as builder +FROM openjdk:21-jdk-slim as builder + +# κΈ°λ³Έκ°’ : test +ARG PROFILE=test # mkdir /app-build && cd /app-build WORKDIR /app-build @@ -7,7 +10,7 @@ WORKDIR /app-build COPY . /app-build # create .jar -RUN gradle clean build --no-daemon +RUN echo "Build with PROFILE=${PROFILE}" && ./gradlew build -x test -Pprofile=${PROFILE} --no-daemon # Run-Time Image Setting FROM openjdk:21-jdk-slim as production @@ -16,7 +19,7 @@ FROM openjdk:21-jdk-slim as production WORKDIR /app-run # copy .jar to Run-Time Image -COPY --from=builder /app-build/build/libs/*.jar /app-run/authentication.jar +COPY --from=builder /app-build/build/libs/authentication.jar /app-run/authentication.jar EXPOSE 8080 From 9f47d131cf85154d1936918420f8ba4a4bb6a318 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 3 Dec 2024 02:30:33 +0900 Subject: [PATCH 30/33] =?UTF-8?q?[REFACTOR]=20CI=20Build=20=EB=B0=A9?= =?UTF-8?q?=EC=8B=9D=20Docker=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/ci.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 45632fb..36162ae 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,7 +2,7 @@ name: Continuous Integration for SOPT makers Authentication Project on: pull_request: - branches: [ dev ] + branches: [ dev, prod ] jobs: build: @@ -26,11 +26,9 @@ jobs: - name: πŸ”‘ Create Application Property File run: | touch ./gradle.properties - touch ./src/main/resources/application.properties echo "${{ secrets.PROPERTY_GRADLE }}" >> ./gradle.properties - echo "${{ secrets.PROPERTY_APPLICATION }}" >> ./src/main/resources/application.properties - name: 🧱 Build with Gradle - run: gradle build -x test + run: docker build -t app-ci . shell: bash \ No newline at end of file From 54021686125e1a0c8e8e3fe5b0eb9c94c15ee20b Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 3 Dec 2024 02:33:14 +0900 Subject: [PATCH 31/33] =?UTF-8?q?[REFACTOR]=20CD=20Script=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - docker μ‹€ν–‰ μ‹œ, env 파일 μ£Όμž… 방식 반영 - build profile 동적 μ£Όμž… 방식 반영 - ν•„μš”ν•œ resource S3 copy 방식 반영 --- .github/workflows/cd-dev.yml | 50 +++++++++++++++++++----------------- 1 file changed, 27 insertions(+), 23 deletions(-) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml index f7c0d3b..9eff142 100644 --- a/.github/workflows/cd-dev.yml +++ b/.github/workflows/cd-dev.yml @@ -34,26 +34,8 @@ jobs: - name: βš™οΈ Create Property File run: | touch ./gradle.properties - touch ./src/main/resources/application.properties echo "${{ secrets.PROPERTY_GRADLE }}" >> ./gradle.properties - echo "${{ secrets.PROPERTY_APPLICATION }}" >> ./src/main/resources/application.properties - - - name: πŸ”‘ Copy Key File - env: - REGION: ${{ secrets.AWS_REGION }} - APPLE_KEY: ${{ secrets.APPLE_KEY }} - JWT_PUBLIC_KEY: ${{ secrets.JWT_PUBLIC_KEY }} - JWT_PRIVATE_KEY: ${{ secrets.JWT_PRIVATE_KEY }} - S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} - PROPERTY_PATH: src/main/resources - run: | - aws s3 cp --region $REGION \ - s3://$S3_BUCKET/dev/static/$JWT_PUBLIC_KEY $PROPERTY_PATH/$JWT_PUBLIC_KEY - aws s3 cp --region $REGION \ - s3://$S3_BUCKET/dev/static/$JWT_PRIVATE_KEY $PROPERTY_PATH/$JWT_PRIVATE_KEY - aws s3 cp --region $REGION \ - s3://$S3_BUCKET/dev/static/$APPLE_KEY $PROPERTY_PATH/$APPLE_KEY - name: 🧱 Build Image and Push to ECR env: @@ -61,7 +43,7 @@ jobs: AWS_ECR_REPO: ${{ secrets.AWS_ECR_REPO_DEV }} run: | aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws - docker build -t $AWS_ECR_REPO . + docker build --build-arg PROFILE=dev -t $AWS_ECR_REPO . docker tag $AWS_ECR_REPO:latest public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest docker push public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest @@ -77,21 +59,43 @@ jobs: aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} aws-region: ${{ secrets.AWS_REGION }} + - name: πŸ”‘ Copy Key File + env: + REGION: ${{ secrets.AWS_REGION }} + APPLE_KEY: ${{ secrets.APPLE_KEY }} + JWT_PUBLIC_KEY: ${{ secrets.JWT_PUBLIC_KEY }} + JWT_PRIVATE_KEY: ${{ secrets.JWT_PRIVATE_KEY }} + S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} + run: | + mkdir ./pem + mkdir ./key + + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/dev/static/$JWT_PUBLIC_KEY ./pem/$JWT_PUBLIC_KEY + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/dev/static/$JWT_PRIVATE_KEY ./pem/$JWT_PRIVATE_KEY + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/dev/static/$APPLE_KEY ./key/$APPLE_KEY + - name: πŸ“ Copy Script File env: REGION: ${{ secrets.AWS_REGION }} S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} + S3_ENV_FILE_NAME: ${{ secrets.ENV_FILE_NAME_PROD }} run: | - mkdir script + mkdir ./script aws s3 cp --region $REGION \ s3://$S3_BUCKET/dev/script/deploy.sh script/deploy.sh aws s3 cp --region $REGION \ s3://$S3_BUCKET/dev/script/switch.sh script/switch.sh aws s3 cp --region $REGION \ s3://$S3_BUCKET/dev/script/valid.sh script/valid.sh + + aws s3 cp --region $REGION \ + s3://$S3_BUCKET/dev/$S3_ENV_FILE_NAME application.env - name: πŸ“ Make files to zip - run: zip -r ./$GITHUB_SHA.zip ./script + run: zip -r ./$GITHUB_SHA.zip ./script ./pem ./key ./appspec.yml ./application.env shell: bash - name: πŸš€ Upload Property Zip to S3 and Create Code Deploy @@ -101,9 +105,9 @@ jobs: DEPLOY_GROUP: ${{ secrets.AWS_DEPLOY_GROUP_DEV }} S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} run: | - aws s3 cp --region $REGION ./$GITHUB_SHA.zip s3://$S3_PATH/dev/deploy/$GITHUB_SHA.zip + aws s3 cp --region $REGION ./$GITHUB_SHA.zip s3://$S3_BUCKET/dev/deploy/$GITHUB_SHA.zip aws deploy create-deployment --application-name $AWS_DEPLOY_APPLICATION_NAME --deployment-config-name CodeDeployDefault.AllAtOnce --deployment-group-name $DEPLOY_GROUP - --s3-location bucket=$AWS_BUCKET_NAME,bundleType=zip,key=dev/deploy/$GITHUB_SHA.zip \ No newline at end of file + --s3-location bucket=$S3_BUCKET,bundleType=zip,key=dev/deploy/$GITHUB_SHA.zip \ No newline at end of file From b42cf66b06ae950f5cd85ca57618ee29466746f3 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Tue, 3 Dec 2024 02:37:42 +0900 Subject: [PATCH 32/33] =?UTF-8?q?[FIX]=20docker=20=EB=B9=8C=EB=93=9C=20?= =?UTF-8?q?=EC=8B=9C,=20=EC=88=98=ED=96=89=EB=90=98=EB=8A=94=20`.github/sc?= =?UTF-8?q?ript/pre-commit`=20=ED=8C=8C=EC=9D=BC=20.dockerignore=20?= =?UTF-8?q?=EC=A0=9C=EC=99=B8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .dockerignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.dockerignore b/.dockerignore index 48cad17..9b93415 100644 --- a/.dockerignore +++ b/.dockerignore @@ -2,6 +2,7 @@ *.md appspec.yml .github +!.github/script/pre-commit .gitignore .gitattributes script \ No newline at end of file From c2b10f1fef3aff7051bf71844e4a9394de69bef7 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Thu, 5 Dec 2024 21:19:20 +0900 Subject: [PATCH 33/33] =?UTF-8?q?[CHORE]=20Spotless=20=EC=8A=A4=ED=8E=99?= =?UTF-8?q?=20=ED=86=B5=EC=9D=BC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- gradle/wrapper/gradle-wrapper.properties | 2 +- .../authentication/support/code/domain/failure/AuthFailure.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 3fa8f86..df97d72 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.4-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.2-bin.zip networkTimeout=10000 validateDistributionUrl=true zipStoreBase=GRADLE_USER_HOME diff --git a/src/main/java/sopt/makers/authentication/support/code/domain/failure/AuthFailure.java b/src/main/java/sopt/makers/authentication/support/code/domain/failure/AuthFailure.java index 5bce0f6..5a18ca4 100644 --- a/src/main/java/sopt/makers/authentication/support/code/domain/failure/AuthFailure.java +++ b/src/main/java/sopt/makers/authentication/support/code/domain/failure/AuthFailure.java @@ -19,7 +19,7 @@ public enum AuthFailure implements FailureCode { NOT_FOUND_PHONE_VERIFICATION(HttpStatus.NOT_FOUND, "μ‘΄μž¬ν•˜μ§€ μ•ŠλŠ” 번호 인증 이λ ₯μž…λ‹ˆλ‹€."), NOT_FOUND_USER_WITH_SOCIAL_ACCOUNT(HttpStatus.BAD_REQUEST, "μ†Œμ…œ 계정 정보와 μΌμΉ˜ν•˜λŠ” νšŒμ›μ΄ μ—†μŠ΅λ‹ˆλ‹€"), ; - + private final HttpStatus status; private final String message; }