STACKPOT · jjaeroong · Jan 28, 2025 · Jan 28, 2025 · Jan 28, 2025 · Jan 28, 2025
diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml
@@ -13,84 +13,101 @@ jobs:
       contents: read
 
     steps:
-    # 코드 체크아웃
-    - uses: actions/checkout@v4
-
-    # Java와 Gradle 설정
-    - name: Set up JDK 17
-      uses: actions/setup-java@v4
-      with:
-        java-version: '17'
-        distribution: 'temurin'
-
-    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0
-
-    - name: Grant execute permission for gradlew
-      run: chmod +x gradlew
-
-    # 환경 변수 설정
-    - name: Set environment variables
-      run: |
-        echo "AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV
-        echo "AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV
-        echo "JWT_SECRET=${{ secrets.JWT_SECRET }}" >> $GITHUB_ENV
-        echo "KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }}" >> $GITHUB_ENV
-        echo "KAKAO_CLIENT_SECRET=${{ secrets.KAKAO_CLIENT_SECRET }}" >> $GITHUB_ENV
-        echo "mail.password=${{ secrets.MAIL_PASSWORD }}" >> $GITHUB_ENV
-        echo "mail.username=${{ secrets.MAIL_USERNAME }}" >> $GITHUB_ENV
-        echo "PASSWORD=${{ secrets.PASSWORD }}" >> $GITHUB_ENV
-        echo "URL=${{ secrets.URL }}" >> $GITHUB_ENV
-        echo "OPEN_API_KEY=${{ secrets.OPEN_API_KEY }}" >> $GITHUB_ENV
-        echo "USERNAME=${{ secrets.USERNAME }}" >> $GITHUB_ENV
-
-    # Spring Boot 어플리케이션 빌드
-    - name: Build with Gradle Wrapper
-      run: ./gradlew build
-
-    # Docker 이미지 빌드
-    - name: Docker image build
-      run: docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/stackpot-be-spring .
-
-    # DockerHub 로그인
-    - name: Docker login
-      uses: docker/login-action@v2
-      with:
-        username: ${{ secrets.DOCKERHUB_USERNAME }}
-        password: ${{ secrets.DOCKERHUB_PASSWORD }}
-
-    # Docker 이미지 푸시
-    - name: Docker image push
-      run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/stackpot-be-spring
+      # 코드 체크아웃
+      - uses: actions/checkout@v4
+
+      # Java와 Gradle 설정
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+
+      - name: Setup Gradle
+        uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0
+
+      - name: Grant execute permission for gradlew
+        run: chmod +x gradlew
+
+      # 환경 변수 설정
+      - name: Set environment variables
+        run: |
+          echo "AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV
+          echo "AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV
+          echo "JWT_SECRET=${{ secrets.JWT_SECRET }}" >> $GITHUB_ENV
+          echo "KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }}" >> $GITHUB_ENV
+          echo "KAKAO_CLIENT_SECRET=${{ secrets.KAKAO_CLIENT_SECRET }}" >> $GITHUB_ENV
+          echo "mail.password=${{ secrets.MAIL_PASSWORD }}" >> $GITHUB_ENV
+          echo "mail.username=${{ secrets.MAIL_USERNAME }}" >> $GITHUB_ENV
+          echo "PASSWORD=${{ secrets.PASSWORD }}" >> $GITHUB_ENV
+          echo "URL=${{ secrets.URL }}" >> $GITHUB_ENV
+          echo "OPEN_API_KEY=${{ secrets.OPEN_API_KEY }}" >> $GITHUB_ENV
+          echo "USERNAME=${{ secrets.USERNAME }}" >> $GITHUB_ENV
+
+      # Spring Boot 어플리케이션 빌드
+      - name: Build with Gradle Wrapper
+        run: ./gradlew build
+
+      # Docker 이미지 빌드
+      - name: Docker image build
+        run: |
+          docker build \
+            --build-arg AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \
+            --build-arg AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \
+            --build-arg JWT_SECRET=${{ secrets.JWT_SECRET }} \
+            --build-arg KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }} \
+            --build-arg KAKAO_CLIENT_SECRET=${{ secrets.KAKAO_CLIENT_SECRET }} \
+            --build-arg MAIL_PASSWORD=${{ secrets.MAIL_PASSWORD }} \
+            --build-arg MAIL_USERNAME=${{ secrets.MAIL_USERNAME }} \
+            --build-arg PASSWORD=${{ secrets.PASSWORD }} \
+            --build-arg URL=${{ secrets.URL }} \
+            --build-arg OPEN_API_KEY=${{ secrets.OPEN_API_KEY }} \
+            --build-arg USERNAME=${{ secrets.USERNAME }} \
+            -t ${{ secrets.DOCKERHUB_USERNAME }}/stackpot-be-spring .
+
+      # DockerHub 로그인
+      - name: Docker login
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_PASSWORD }}
+
+      # Docker 이미지 푸시
+      - name: Docker image push
+        run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/stackpot-be-spring
 
   deploy:
     needs: build-docker-image
     runs-on: self-hosted
 
     steps:
-    # Spring 컨테이너 실행
-    - name: Run Spring container
-      run: |
-        docker stop spring || true
-        docker rm spring || true
-        docker run -d --name spring --network stackpot-network \
-          -p 8080:8080 \
-          ${{ secrets.DOCKERHUB_USERNAME }}/stackpot-be-spring
-
-    # Nginx 컨테이너 실행
-    - name: Run Nginx container
-      run: |
-        docker stop nginx || true
-        docker rm nginx || true
-        docker run -d \
-          --name nginx --network stackpot-network \
-          -p 80:80 -p 443:443 \
-          -v /home/ubuntu/STACKPOT-BE/certbot/conf:/etc/letsencrypt \
-          -v /home/ubuntu/STACKPOT-BE/certbot/www:/var/www/certbot \
-          -v /home/ubuntu/STACKPOT-BE/nginx/conf.d:/etc/nginx/conf.d \
-          nginx:1.15-alpine
-
-    # Docker 이미지 및 컨테이너 정리
-    - name: Clean up Docker system
-      run: docker system prune -f
-
+      # Docker 네트워크 생성
+      - name: Create Docker network
+        run: |
+          docker network create stackpot-network || true
+
+      # Spring 컨테이너 실행
+      - name: Run Spring container
+        run: |
+          docker stop spring || true
+          docker rm spring || true
+          docker run -d --name spring --network stackpot-network \
+            -p 8080:8080 \
+            ${{ secrets.DOCKERHUB_USERNAME }}/stackpot-be-spring
+
+      # Nginx 컨테이너 실행
+      - name: Run Nginx container
+        run: |
+          docker stop nginx || true
+          docker rm nginx || true
+          docker run -d \
+            --name nginx --network stackpot-network \
+            -p 80:80 -p 443:443 \
+            -v /home/ubuntu/STACKPOT-BE/certbot/conf:/etc/letsencrypt \
+            -v /home/ubuntu/STACKPOT-BE/certbot/www:/var/www/certbot \
+            -v /home/ubuntu/STACKPOT-BE/nginx/conf.d:/etc/nginx/conf.d \
+            nginx:1.15-alpine
+
+      # Docker 이미지 및 컨테이너 정리
+      - name: Clean up Docker system
+        run: docker system prune -f
diff --git a/Dockerfile b/Dockerfile
@@ -1,11 +1,37 @@
-#FR open jdk 11 버전의 환경을 구성
-  FROM eclipse-temurin:17
+# OpenJDK 17 이미지를 기반으로 빌드
+FROM eclipse-temurin:17
 
-  # build가 되는 시점에 JAR_FILE이라는 변수 명에 build/libs/*.jar 선언
-  # build/libs - gradle로 빌드했을 "때 jar 파일이 생성되는 경로
-  ARG JAR_FILE=build/libs/stackpot-0.0.1-SNAPSHOT.jar
+# 빌드 시 사용할 ARG 선언
+ARG AWS_ACCESS_KEY_ID
+ARG AWS_SECRET_ACCESS_KEY
+ARG JWT_SECRET
+ARG KAKAO_CLIENT_ID
+ARG KAKAO_CLIENT_SECRET
+ARG MAIL_PASSWORD
+ARG MAIL_USERNAME
+ARG PASSWORD
+ARG URL
+ARG OPEN_API_KEY
+ARG USERNAME
 
-  # JAR_FILE을 app.jar로 복사
-  COPY ${JAR_FILE} app.jar
+# 런타임 환경변수로 설정 (ENV로 선언)
+ENV AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID \
+    AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY \
+    JWT_SECRET=$JWT_SECRET \
+    KAKAO_CLIENT_ID=$KAKAO_CLIENT_ID \
+    KAKAO_CLIENT_SECRET=$KAKAO_CLIENT_SECRET \
+    MAIL_PASSWORD=$MAIL_PASSWORD \
+    MAIL_USERNAME=$MAIL_USERNAME \
+    PASSWORD=$PASSWORD \
+    URL=$URL \
+    OPEN_API_KEY=$OPEN_API_KEY \
+    USERNAME=$USERNAME
 
-  ENTRYPOINT ["java", "-jar", "/app.jar"]
+# JAR 파일 경로 설정
+ARG JAR_FILE=build/libs/stackpot-0.0.1-SNAPSHOT.jar
+
+# JAR 파일을 컨테이너에 복사
+COPY ${JAR_FILE} app.jar
+
+# 애플리케이션 실행
+ENTRYPOINT ["java", "-jar", "/app.jar"]
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -10,6 +10,18 @@ services:
     restart: always
     env_file:
       - .env
+    environment:
+      AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID}
+      AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY}
+      JWT_SECRET: ${JWT_SECRET}
+      KAKAO_CLIENT_ID: ${KAKAO_CLIENT_ID}
+      KAKAO_CLIENT_SECRET: ${KAKAO_CLIENT_SECRET}
+      MAIL_PASSWORD: ${MAIL_PASSWORD}
+      MAIL_USERNAME: ${MAIL_USERNAME}
+      PASSWORD: ${PASSWORD}
+      URL: ${URL}
+      OPEN_API_KEY: ${OPEN_API_KEY}
+      USERNAME: ${USERNAME}
 
   nginx:
     container_name: nginx
@@ -23,8 +35,14 @@ services:
       - ./certbot/www:/var/www/certbot
     depends_on:
       - spring
+    environment:
+      SERVER_PORT: 80
+
   certbot:
     image: certbot/certbot
     volumes:
       - ./certbot/conf:/etc/letsencrypt
-      - ./certbot/www:/var/www/certbot
+      - ./certbot/www:/var/www/certbot
+    environment:
+      CERTBOT_EMAIL: ${CERTBOT_EMAIL}
+      CERTBOT_DOMAIN: ${CERTBOT_DOMAIN}