diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml index f932b1d4..23ac9ef7 100644 --- a/.github/workflows/gradle.yml +++ b/.github/workflows/gradle.yml @@ -13,84 +13,101 @@ jobs: contents: read steps: - # 코드 체크아웃 - - uses: actions/checkout@v4 - - # Java와 Gradle 설정 - - name: Set up JDK 17 - uses: actions/setup-java@v4 - with: - java-version: '17' - distribution: 'temurin' - - - name: Setup Gradle - uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0 - - - name: Grant execute permission for gradlew - run: chmod +x gradlew - - # 환경 변수 설정 - - name: Set environment variables - run: | - echo "AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV - echo "AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV - echo "JWT_SECRET=${{ secrets.JWT_SECRET }}" >> $GITHUB_ENV - echo "KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }}" >> $GITHUB_ENV - echo "KAKAO_CLIENT_SECRET=${{ secrets.KAKAO_CLIENT_SECRET }}" >> $GITHUB_ENV - echo "mail.password=${{ secrets.MAIL_PASSWORD }}" >> $GITHUB_ENV - echo "mail.username=${{ secrets.MAIL_USERNAME }}" >> $GITHUB_ENV - echo "PASSWORD=${{ secrets.PASSWORD }}" >> $GITHUB_ENV - echo "URL=${{ secrets.URL }}" >> $GITHUB_ENV - echo "OPEN_API_KEY=${{ secrets.OPEN_API_KEY }}" >> $GITHUB_ENV - echo "USERNAME=${{ secrets.USERNAME }}" >> $GITHUB_ENV - - # Spring Boot 어플리케이션 빌드 - - name: Build with Gradle Wrapper - run: ./gradlew build - - # Docker 이미지 빌드 - - name: Docker image build - run: docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/stackpot-be-spring . - - # DockerHub 로그인 - - name: Docker login - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_PASSWORD }} - - # Docker 이미지 푸시 - - name: Docker image push - run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/stackpot-be-spring + # 코드 체크아웃 + - uses: actions/checkout@v4 + + # Java와 Gradle 설정 + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'temurin' + + - name: Setup Gradle + uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0 + + - name: Grant execute permission for gradlew + run: chmod +x gradlew + + # 환경 변수 설정 + - name: Set environment variables + run: | + echo "AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV + echo "AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV + echo "JWT_SECRET=${{ secrets.JWT_SECRET }}" >> $GITHUB_ENV + echo "KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }}" >> $GITHUB_ENV + echo "KAKAO_CLIENT_SECRET=${{ secrets.KAKAO_CLIENT_SECRET }}" >> $GITHUB_ENV + echo "mail.password=${{ secrets.MAIL_PASSWORD }}" >> $GITHUB_ENV + echo "mail.username=${{ secrets.MAIL_USERNAME }}" >> $GITHUB_ENV + echo "PASSWORD=${{ secrets.PASSWORD }}" >> $GITHUB_ENV + echo "URL=${{ secrets.URL }}" >> $GITHUB_ENV + echo "OPEN_API_KEY=${{ secrets.OPEN_API_KEY }}" >> $GITHUB_ENV + echo "USERNAME=${{ secrets.USERNAME }}" >> $GITHUB_ENV + + # Spring Boot 어플리케이션 빌드 + - name: Build with Gradle Wrapper + run: ./gradlew build + + # Docker 이미지 빌드 + - name: Docker image build + run: | + docker build \ + --build-arg AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \ + --build-arg AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \ + --build-arg JWT_SECRET=${{ secrets.JWT_SECRET }} \ + --build-arg KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }} \ + --build-arg KAKAO_CLIENT_SECRET=${{ secrets.KAKAO_CLIENT_SECRET }} \ + --build-arg MAIL_PASSWORD=${{ secrets.MAIL_PASSWORD }} \ + --build-arg MAIL_USERNAME=${{ secrets.MAIL_USERNAME }} \ + --build-arg PASSWORD=${{ secrets.PASSWORD }} \ + --build-arg URL=${{ secrets.URL }} \ + --build-arg OPEN_API_KEY=${{ secrets.OPEN_API_KEY }} \ + --build-arg USERNAME=${{ secrets.USERNAME }} \ + -t ${{ secrets.DOCKERHUB_USERNAME }}/stackpot-be-spring . + + # DockerHub 로그인 + - name: Docker login + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASSWORD }} + + # Docker 이미지 푸시 + - name: Docker image push + run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/stackpot-be-spring deploy: needs: build-docker-image runs-on: self-hosted steps: - # Spring 컨테이너 실행 - - name: Run Spring container - run: | - docker stop spring || true - docker rm spring || true - docker run -d --name spring --network stackpot-network \ - -p 8080:8080 \ - ${{ secrets.DOCKERHUB_USERNAME }}/stackpot-be-spring - - # Nginx 컨테이너 실행 - - name: Run Nginx container - run: | - docker stop nginx || true - docker rm nginx || true - docker run -d \ - --name nginx --network stackpot-network \ - -p 80:80 -p 443:443 \ - -v /home/ubuntu/STACKPOT-BE/certbot/conf:/etc/letsencrypt \ - -v /home/ubuntu/STACKPOT-BE/certbot/www:/var/www/certbot \ - -v /home/ubuntu/STACKPOT-BE/nginx/conf.d:/etc/nginx/conf.d \ - nginx:1.15-alpine - - # Docker 이미지 및 컨테이너 정리 - - name: Clean up Docker system - run: docker system prune -f - + # Docker 네트워크 생성 + - name: Create Docker network + run: | + docker network create stackpot-network || true + + # Spring 컨테이너 실행 + - name: Run Spring container + run: | + docker stop spring || true + docker rm spring || true + docker run -d --name spring --network stackpot-network \ + -p 8080:8080 \ + ${{ secrets.DOCKERHUB_USERNAME }}/stackpot-be-spring + + # Nginx 컨테이너 실행 + - name: Run Nginx container + run: | + docker stop nginx || true + docker rm nginx || true + docker run -d \ + --name nginx --network stackpot-network \ + -p 80:80 -p 443:443 \ + -v /home/ubuntu/STACKPOT-BE/certbot/conf:/etc/letsencrypt \ + -v /home/ubuntu/STACKPOT-BE/certbot/www:/var/www/certbot \ + -v /home/ubuntu/STACKPOT-BE/nginx/conf.d:/etc/nginx/conf.d \ + nginx:1.15-alpine + + # Docker 이미지 및 컨테이너 정리 + - name: Clean up Docker system + run: docker system prune -f diff --git a/Dockerfile b/Dockerfile index e1235bcb..e4705073 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,11 +1,37 @@ -#FR open jdk 11 버전의 환경을 구성 - FROM eclipse-temurin:17 +# OpenJDK 17 이미지를 기반으로 빌드 +FROM eclipse-temurin:17 - # build가 되는 시점에 JAR_FILE이라는 변수 명에 build/libs/*.jar 선언 - # build/libs - gradle로 빌드했을 "때 jar 파일이 생성되는 경로 - ARG JAR_FILE=build/libs/stackpot-0.0.1-SNAPSHOT.jar +# 빌드 시 사용할 ARG 선언 +ARG AWS_ACCESS_KEY_ID +ARG AWS_SECRET_ACCESS_KEY +ARG JWT_SECRET +ARG KAKAO_CLIENT_ID +ARG KAKAO_CLIENT_SECRET +ARG MAIL_PASSWORD +ARG MAIL_USERNAME +ARG PASSWORD +ARG URL +ARG OPEN_API_KEY +ARG USERNAME - # JAR_FILE을 app.jar로 복사 - COPY ${JAR_FILE} app.jar +# 런타임 환경변수로 설정 (ENV로 선언) +ENV AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID \ + AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY \ + JWT_SECRET=$JWT_SECRET \ + KAKAO_CLIENT_ID=$KAKAO_CLIENT_ID \ + KAKAO_CLIENT_SECRET=$KAKAO_CLIENT_SECRET \ + MAIL_PASSWORD=$MAIL_PASSWORD \ + MAIL_USERNAME=$MAIL_USERNAME \ + PASSWORD=$PASSWORD \ + URL=$URL \ + OPEN_API_KEY=$OPEN_API_KEY \ + USERNAME=$USERNAME - ENTRYPOINT ["java", "-jar", "/app.jar"] \ No newline at end of file +# JAR 파일 경로 설정 +ARG JAR_FILE=build/libs/stackpot-0.0.1-SNAPSHOT.jar + +# JAR 파일을 컨테이너에 복사 +COPY ${JAR_FILE} app.jar + +# 애플리케이션 실행 +ENTRYPOINT ["java", "-jar", "/app.jar"] diff --git a/docker-compose.yml b/docker-compose.yml index 0b5737ae..5f307bdb 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,6 +10,18 @@ services: restart: always env_file: - .env + environment: + AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID} + AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY} + JWT_SECRET: ${JWT_SECRET} + KAKAO_CLIENT_ID: ${KAKAO_CLIENT_ID} + KAKAO_CLIENT_SECRET: ${KAKAO_CLIENT_SECRET} + MAIL_PASSWORD: ${MAIL_PASSWORD} + MAIL_USERNAME: ${MAIL_USERNAME} + PASSWORD: ${PASSWORD} + URL: ${URL} + OPEN_API_KEY: ${OPEN_API_KEY} + USERNAME: ${USERNAME} nginx: container_name: nginx @@ -23,8 +35,14 @@ services: - ./certbot/www:/var/www/certbot depends_on: - spring + environment: + SERVER_PORT: 80 + certbot: image: certbot/certbot volumes: - ./certbot/conf:/etc/letsencrypt - - ./certbot/www:/var/www/certbot \ No newline at end of file + - ./certbot/www:/var/www/certbot + environment: + CERTBOT_EMAIL: ${CERTBOT_EMAIL} + CERTBOT_DOMAIN: ${CERTBOT_DOMAIN}