기능 구현 마무리 (#333)

KakaoFunding · Jul 21, 2024 · c4bc5a0 · c4bc5a0
2 parents 257c0ef + e48b994
commit c4bc5a0
Show file tree

Hide file tree

Showing 396 changed files with 26,148 additions and 88 deletions.
diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml
@@ -0,0 +1,75 @@
+name: CICD
+run-name: Running
+on:
+  push:
+    branches:
+      - deploy
+  pull_request:
+    branches:
+      - deploy
+
+env:
+  AWS_REGION: ap-northeast-2
+  AWS_S3_BUCKET: app-release-files
+  AWS_CODE_BUCKET_NAME: funding-cicd
+  AWS_CODE_DEPLOY_APPLICATION: funding-cd
+  AWS_CODE_DEPLOY_GROUP: funding-publish
+  DOCKER_HUB_REPOSITORY: yeachan05/application
+
+jobs:
+  build-with-gradle:
+    runs-on: ubuntu-20.04   # ubuntu ver
+    steps:
+      - name: deploy 브랜치로 이동
+        uses: actions/checkout@v3
+        with:
+          ref: deploy
+      - name: JDK 17 설치
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'corretto'
+
+      - name: gradlew에 실행 권한 부여
+        run: chmod +x ./gradlew
+
+      - name: 설정파일 디코딩 및 저장
+        run: |
+          mkdir -p src/main/resources
+          echo "${{ secrets.APPLICATION_YML }}" | base64 --decode > src/main/resources/application-prod.yml
+          find src
+
+      - name: 프로젝트 빌드
+        run: ./gradlew build -x test
+
+      - name: Docker 이미지 빌드
+        run: docker build -t ${{ env.DOCKER_HUB_REPOSITORY }}:latest .
+
+      - name: Docker Hub 로그인
+        run: echo "${{ secrets.DOCKER_HUB_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_HUB_USERNAME }}" --password-stdin
+
+      - name: Docker 이미지 푸시
+        run: docker push ${{ env.DOCKER_HUB_REPOSITORY }}:latest
+
+      - name: AWS credential 설정
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-region: ${{ env.AWS_REGION }}
+          aws-access-key-id: ${{ secrets.CICD_ACCESS_KEY }}
+          aws-secret-access-key: ${{ secrets.CICD_SECRET_KEY }}
+
+      - name: S3에 업로드
+        run: |
+          aws deploy push \
+          --application-name ${{ env.AWS_CODE_DEPLOY_APPLICATION }} \
+          --ignore-hidden-files \
+          --s3-location s3://${{ env.AWS_CODE_BUCKET_NAME }}/cicdDir/$GITHUB_SHA.zip \
+          --source .
+
+      - name: EC2에 배포
+        run: |
+          aws deploy create-deployment \
+          --application-name ${{ env.AWS_CODE_DEPLOY_APPLICATION }} \
+          --deployment-config-name CodeDeployDefault.AllAtOnce \
+          --deployment-group-name ${{ env.AWS_CODE_DEPLOY_GROUP }} \
+          --s3-location bucket=${{ env.AWS_CODE_BUCKET_NAME }},key=cicdDir/$GITHUB_SHA.zip,bundleType=zip
diff --git a/.github/workflows/pull-request-intergration.yml b/.github/workflows/pull-request-intergration.yml
@@ -60,4 +60,4 @@ jobs:
         uses: EnricoMi/publish-unit-test-result-action@v2
         if: always()
         with:
-          files: build/test-results/**/*.xml
+          files: build/test-results/**/*.xml
diff --git a/.gitignore b/.gitignore
@@ -5,6 +5,9 @@ build/
 !**/src/main/**/build/
 !**/src/test/**/build/
 
+### Config ###
+src/main/resources/application-prod.yml
+
 ### STS ###
 .apt_generated
 .classpath

diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,5 @@
+FROM openjdk:17-jdk
+ADD build/libs/*SNAPSHOT.jar /app.jar
+RUN bash -c 'touch /app.jar'
+ENTRYPOINT ["java", "-jar", "-Dspring.profiles.active=prod", "/app.jar"]
+
diff --git a/appspec.yml b/appspec.yml
@@ -0,0 +1,54 @@
+version: 0.0
+os: linux
+
+files:
+  - source: /
+    destination: /home/ec2-user/cicd
+    overwrite: yes
+    exclude:
+      - /home/ec2-user/cicd/src/main/resources/application-prod.yml
+
+file_exists_behavior: OVERWRITE
+
+permissions:
+  - object: /home/ec2-user/cicd/scripts/*.sh
+    mode: 755
+    pattern: "**"
+    owner: ec2-user
+    group: ec2-user
+  - object: /home/ec2-user/cicd
+    mode: 664
+    pattern: "**"
+    owner: ec2-user
+    group: ec2-user
+    type:
+      - file
+      - directory
+  - object: /home/ec2-user/cicd/*.log
+    mode: 664
+    pattern: "**"
+    owner: ec2-user
+    group: ec2-user
+    type:
+      - file
+
+hooks:
+  BeforeInstall:
+    - location: scripts/backup.sh
+      timeout: 60
+      runas: ec2-user
+
+  ApplicationStop:
+    - location: scripts/stop.sh
+      timeout: 60
+      runas: ec2-user
+
+  ApplicationStart:
+    - location: scripts/deploy.sh
+      timeout: 600
+      runas: ec2-user
+
+  AfterInstall:
+    - location: scripts/restore.sh
+      timeout: 60
+      runas: ec2-user
diff --git a/build.gradle b/build.gradle
@@ -27,7 +27,19 @@ dependencies {
 	implementation 'org.springframework.boot:spring-boot-starter-validation'
 	implementation 'org.springframework.boot:spring-boot-starter-web'
 	implementation 'com.querydsl:querydsl-jpa:5.0.0:jakarta'
-	implementation 'com.github.ulisesbocchio:jasypt-spring-boot-starter:3.0.5'
+	implementation 'org.springframework.boot:spring-boot-starter-oauth2-client'
+	implementation 'org.springframework.boot:spring-boot-starter-oauth2-resource-server'
+	implementation group: 'org.springframework.security.oauth', name: 'spring-security-oauth2', version: '2.5.2.RELEASE'
+	implementation 'org.springframework.security.oauth.boot:spring-security-oauth2-autoconfigure:2.6.8'
+	implementation 'io.jsonwebtoken:jjwt-api:0.11.5'
+	implementation 'io.jsonwebtoken:jjwt-impl:0.11.5'
+	implementation 'io.jsonwebtoken:jjwt-jackson:0.11.5'
+	implementation 'org.springframework.boot:spring-boot-starter-webflux'
+	implementation 'org.flywaydb:flyway-core'
+	implementation 'org.flywaydb:flyway-mysql'
+	testImplementation("org.springframework.cloud:spring-cloud-contract-wiremock:4.0.4")
+	implementation 'org.springframework.retry:spring-retry'
+
 	compileOnly 'org.projectlombok:lombok'
 	developmentOnly 'org.springframework.boot:spring-boot-devtools'
 	runtimeOnly 'com.h2database:h2'
@@ -37,11 +49,16 @@ dependencies {
 	annotationProcessor "jakarta.annotation:jakarta.annotation-api"
 	annotationProcessor "jakarta.persistence:jakarta.persistence-api"
 	testImplementation 'org.springframework.boot:spring-boot-starter-test'
+
+	implementation 'p6spy:p6spy:3.9.1'
+	implementation 'com.github.gavlyukovskiy:datasource-decorator-spring-boot-autoconfigure:1.9.0'
+
+	implementation 'org.springframework.boot:spring-boot-starter-actuator'
+	implementation 'io.micrometer:micrometer-registry-prometheus'
 }
 
 tasks.named('test') {
 	useJUnitPlatform()
-	systemProperty "jasypt.encryptor.password", System.getProperties().get("jasypt.encryptor.password")
 }
 
 def querydslDir = "$buildDir/generated/querydsl"

diff --git a/build.log b/build.log
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,113 @@
+version: '3.8'
+services:
+  nginx:
+    container_name: nginx
+    image: nginx
+    restart: always
+    volumes:
+      - ./nginx.conf:/etc/nginx/nginx.conf
+      - /etc/letsencrypt/live/fundina.shop/fullchain.pem:/etc/ssl/certs/fullchain.pem
+      - /etc/letsencrypt/live/fundina.shop/privkey.pem:/etc/ssl/private/privkey.pem
+      - /etc/letsencrypt/options-ssl-nginx.conf:/etc/nginx/snippets/options-ssl-nginx.conf
+      - /etc/letsencrypt/ssl-dhparams.pem:/etc/ssl/certs/ssl-dhparams.pem
+    ports:
+      - "80:80"
+      - "443:443"
+    environment:
+      - TZ=Asia/Seoul
+    depends_on:
+      - app1
+      - app2
+      - app3
+      - prometheus
+      - grafana
+
+  app1:
+    image: "yeachan05/application:latest"
+    restart: always
+    container_name: "app1"
+    ports:
+      - "8081:8080"
+    depends_on:
+      - redis
+    volumes:
+      - /home/ec2-user/application-prod.yml:/config/application-prod.yml
+    environment:
+      - TZ=Asia/Seoul
+      - spring.application.name=app1
+
+  app2:
+    image: "yeachan05/application:latest"
+    restart: always
+    container_name: "app2"
+    ports:
+      - "8082:8080"
+    depends_on:
+      - redis
+    volumes:
+      - /home/ec2-user/application-prod.yml:/config/application-prod.yml
+    environment:
+      - TZ=Asia/Seoul
+      - spring.application.name=app2
+
+  app3:
+    image: "yeachan05/application:latest"
+    restart: always
+    container_name: "app3"
+    ports:
+      - "8083:8080"
+    depends_on:
+      - redis
+    volumes:
+      - /home/ec2-user/application-prod.yml:/config/application-prod.yml
+    environment:
+      - TZ=Asia/Seoul
+      - spring.application.name=app3
+
+  redis:
+    container_name: redis
+    image: redis
+    restart: always
+    ports:
+      - "6379:6379"
+    volumes:
+      - redis-data:/data
+
+  prometheus:
+    image: prom/prometheus
+    container_name: prometheus
+    restart: always
+    volumes:
+      - ./prometheus.yml:/etc/prometheus/prometheus.yml
+      - prometheus-data:/prometheus
+    ports:
+      - "9090:9090"
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+
+  grafana:
+    image: grafana/grafana
+    container_name: grafana
+    restart: always
+    user: "472"
+    ports:
+      - "3009:3000"
+    environment:
+      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
+    volumes:
+      - grafana-storage:/var/lib/grafana
+
+  mysqld_exporter:
+    image: quay.io/prometheus/mysqld-exporter
+    container_name: mysqld-exporter
+    restart: unless-stopped
+    command:
+      - "--config.my-cnf=/etc/mysql/my.cnf"
+    ports:
+      - "9104:9104"
+    volumes:
+      - /home/ec2-user/my.cnf:/etc/mysql/my.cnf
+volumes:
+  grafana-storage:
+  prometheus-data:
+  redis-data: