feat: 배포 파이프라인 구성 (#7)

* feat: 시큐리티 기본 설정 추가 * chore: src/main/resources/application.yml 삭제 및 gitignore 설정 * chore: Spring Actuator 의존성 추가 * chore: bootBuildImage 태스크 수정 * feat: 배포 파이프라인 추가 * fix: secrets 프로퍼티 이름 수정 * fix: distribution 설정 추가 * fix: 개행 제거 * fix: SSH 접속한 인스턴스에서 도커 스크립트를 실행하도록 수정 * fix: JVM 메모리 옵션 수정 * refactor: Kotlin DSL로 통일 * refactor: 중복된 task 제거 * chore: 적용 브랜치를 develop으로 변경
tteokguk-please · Jan 17, 2024 · 5cf28dc · 5cf28dc
1 parent 55a5cc3
commit 5cf28dc
Show file tree

Hide file tree

Showing 5 changed files with 87 additions and 14 deletions.
diff --git a/.github/workflows/dev-cd-jobs.yml b/.github/workflows/dev-cd-jobs.yml
@@ -0,0 +1,42 @@
+name: Deploy to Develop Environment
+
+on:
+  push:
+    branches:
+      - develop
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Setup Java 17
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'adopt'
+
+      - name: Update Git submodules
+        run: git submodule update --remote --recursive
+
+      - name: Build and test with Gradle
+        run: ./gradlew test
+
+      - name: Build and push Docker image
+        run: ./gradlew clean bootBuildImage -PDOCKERHUB_ID=${{ secrets.DOCKERHUB_ID }} -PDOCKERHUB_TOKEN=${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: SSH into EC2 instance
+        uses: appleboy/ssh-action@master
+        with:
+          host: ${{ secrets.DEV_EC2_HOST }}
+          username: ${{ secrets.DEV_EC2_USERNAME }}
+          key: ${{ secrets.DEV_EC2_PRIVATE_KEY }}
+          port: ${{ secrets.DEV_EC2_SSH_PORT }}
+          script: |
+            docker pull mungmnb777/tteokguk:latest
+            docker ps -f name=be-server -q | xargs --no-run-if-empty docker container stop
+            docker ps -a -f name=be-server -q | xargs --no-run-if-empty docker container rm
+            docker run -d --name be-server -p 80:8080 mungmnb777/tteokguk:latest
diff --git a/.gitignore b/.gitignore
@@ -41,3 +41,6 @@ out/
 
 ### VS Code ###
 .vscode/
+
+### local properties ###
+/src/main/resources/application.yml
diff --git a/build.gradle b/build.gradle
@@ -48,21 +48,38 @@ dependencies {
     annotationProcessor "com.querydsl:querydsl-apt:${dependencyManagement.importedProperties['querydsl.version']}:jakarta"
     annotationProcessor "jakarta.annotation:jakarta.annotation-api"
     annotationProcessor "jakarta.persistence:jakarta.persistence-api"
+
+    // Actuator
+    implementation 'org.springframework.boot:spring-boot-starter-actuator'
 }
 
 tasks.named('test') {
+    systemProperty "spring.profiles.active", "test"
     useJUnitPlatform()
 }
 
-task copyGitSubmodule(type: Copy) {
+tasks.register('copyGitSubmodule', Copy) {
     from './tteokguk-config'
     include '*.yml'
     into './src/main/resources'
 }
 
-test {
-    systemProperty "spring.profiles.active", "test"
-    useJUnitPlatform()
+tasks.named('bootBuildImage') {
+    environment["BPE_DELIM_JAVA_TOOL_OPTIONS"] = " "
+    environment["BPE_APPEND_JAVA_TOOL_OPTIONS"] = "-XX:+ExitOnOutOfMemoryError -XX:MaxDirectMemorySize=10M " +
+            "-XX:MaxMetaspaceSize=100M -XX:ReservedCodeCacheSize=60M -Xss256K"
+
+    def dockerhubId = project.property("DOCKERHUB_ID")
+    def dockerhubToken = project.property("DOCKERHUB_TOKEN")
+
+    imageName = dockerhubId + "/${project.name}"
+    publish = true
+    docker {
+        publishRegistry {
+            username = dockerhubId
+            password = dockerhubToken
+        }
+    }
 }
 
 processResources {

diff --git a/src/main/java/com/tteokguk/tteokguk/global/security/SecurityConfig.java b/src/main/java/com/tteokguk/tteokguk/global/security/SecurityConfig.java
@@ -0,0 +1,21 @@
+package com.tteokguk.tteokguk.global.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig {
+
+	@Bean
+	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+		return http
+			.csrf(AbstractHttpConfigurer::disable)
+			.formLogin(AbstractHttpConfigurer::disable)
+			.build();
+	}
+}
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml