WIP

mash-up-kr · Jun 19, 2024 · 1317879 · 1317879
1 parent 9d3608c
commit 1317879
Show file tree

Hide file tree

Showing 9 changed files with 159 additions and 35 deletions.
diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml
@@ -0,0 +1,51 @@
+name: CD
+on:
+  push:
+    branches:
+      - main
+      - develop
+  pull_request:
+    branches:
+      - develop
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Set up JDK 21
+        uses: actions/setup-java@v3
+        with:
+          java-version: 21
+          distribution: temurin
+
+      - name: Get CurrentTime
+        uses: 1466587594/get-current-time@v2
+        id: current-time
+        with:
+          format: YYYY-MM-DDTHH-mm-ss
+          utcOffset: "+09:00"
+
+      - run: chmod +x gradlew && ./gradlew build
+
+      - name: 도커 이미지 빌드 & 푸시 by jib
+        run: |
+          ./gradlew :pic-api:jib -Prelease
+        env:
+          DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
+          DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
+
+      - name: Beanstalk Deploy
+        uses: einaregilsson/beanstalk-deploy@v21
+        with:
+          aws_access_key: ${{ secrets.AWS_BEANSTALK_ACCESS_KEY }}
+          aws_secret_key: ${{ secrets.AWS_BEANSTALK_SECRET_KEY }}
+          application_name: pic-backend-eb-app
+          environment_name: pic-backend-eb-app-env
+          version_label: pic-deploy-${{steps.current-time.outputs.formattedTime}}
+          region: ap-northeast-2
+          deployment_package: ./deploy/Dockerrun.aws.json
+          wait_for_deployment: false
diff --git a/build.gradle.kts b/build.gradle.kts
@@ -1,9 +1,10 @@
 plugins {
     kotlin("jvm") version "1.9.24"
-    kotlin("plugin.spring") version "1.9.24"
-    kotlin("plugin.jpa") version "1.9.24"
-    id("org.springframework.boot") version "3.3.0"
-    id("io.spring.dependency-management") version "1.1.5"
+    kotlin("plugin.spring") version "1.9.24" apply false
+    kotlin("plugin.jpa") version "1.9.24" apply false
+    id("org.springframework.boot") version "3.3.0" apply false
+    id("io.spring.dependency-management") version "1.1.5" apply false
+    id("com.google.cloud.tools.jib") version "3.4.3" apply false
 }
 
 java.sourceCompatibility = JavaVersion.VERSION_21
@@ -41,15 +42,11 @@ subprojects {
         }
     }
 
-    tasks.bootJar {
+    tasks.getByName("bootJar") {
         enabled = false
     }
 
-    tasks.jar {
+    tasks.getByName("jar") {
         enabled = true
     }
 }
-
-tasks.bootJar {
-    enabled = false
-}
diff --git a/deploy/Dockerrun.aws.json b/deploy/Dockerrun.aws.json
@@ -0,0 +1,13 @@
+{
+  "AWSEBDockerrunVersion": "1",
+  "Image": {
+    "Name": "gappangzip/pic-api:latest",
+    "Update": "true"
+  },
+  "Ports": [
+    {
+      "ContainerPort": 8080,
+      "HostPort": 5000
+    }
+  ]
+}
diff --git a/gradle.properties b/gradle.properties
@@ -1,2 +1,4 @@
 jjwtVersion=0.11.5
 mysqlConnectorVersion=8.0.33
+### Jib version for containerization
+jibVersion=3.3.2
diff --git a/pic-api/build.gradle.kts b/pic-api/build.gradle.kts
@@ -1,3 +1,5 @@
+import com.google.cloud.tools.jib.gradle.JibExtension
+
 tasks.bootJar {
     enabled = true
 }
@@ -6,6 +8,8 @@ tasks.jar {
     enabled = false
 }
 
+apply(plugin = "com.google.cloud.tools.jib")
+
 val jjwtVersion: String by project.extra
 
 dependencies {
@@ -29,3 +33,46 @@ dependencies {
     developmentOnly("org.springframework.boot:spring-boot-devtools")
     testImplementation("org.springframework.boot:spring-boot-starter-test")
 }
+
+configure<JibExtension> {
+    val registryUsername = System.getenv("DOCKERHUB_USERNAME")
+    val (activeProfile, containerImageName) = getProfileAndImageName(registryUsername)
+
+    from {
+        image = "eclipse-temurin:21-jre"
+    }
+
+    to {
+        image = containerImageName
+        tags = setOf("$version", "latest")
+        auth {
+            username = registryUsername
+            password = System.getenv("DOCKERHUB_PASSWORD")
+        }
+    }
+
+    container {
+        // TODO: 서버 스펙에 따라 Xmx/Xms, Initial/Min/MaxRAMFraction 설정
+        jvmFlags = listOf(
+            "-server",
+            "-XX:+UseContainerSupport",
+            "-XX:+UseStringDeduplication",
+            "-Dserver.port=8080",
+            "-Dfile.encoding=UTF-8",
+            "-Djava.awt.headless=true",
+            "-Dspring.profiles.active=${activeProfile}"
+        )
+        ports = listOf("8080")
+        environment = mapOf(
+            "TZ" to "Asia/Seoul"
+        )
+    }
+}
+
+fun getProfileAndImageName(registryUsername: String?): Array<String> {
+    val containerImageName = "${registryUsername}/${project.name}"
+    if (project.hasProperty("release")) {
+        return arrayOf("release", containerImageName)
+    }
+    return arrayOf("dev", "$containerImageName-dev")
+}
diff --git a/pic-api/src/main/kotlin/com/mashup/pic/PicApplication.kt b/pic-api/src/main/kotlin/com/mashup/pic/PicApplication.kt
@@ -1,12 +1,25 @@
 package com.mashup.pic
 
+import org.springframework.boot.ApplicationArguments
+import org.springframework.boot.ApplicationRunner
 import org.springframework.boot.autoconfigure.SpringBootApplication
 import org.springframework.boot.runApplication
 import org.springframework.cache.annotation.EnableCaching
+import org.springframework.web.bind.annotation.GetMapping
+import org.springframework.web.bind.annotation.RequestMapping
+import org.springframework.web.bind.annotation.RestController
 
 @EnableCaching
 @SpringBootApplication
-class PicApplication
+@RestController
+@RequestMapping("/health")
+class PicApplication {
+
+    @GetMapping
+    fun sample(): String {
+        return "hello"
+    }
+}
 
 fun main(args: Array<String>) {
     runApplication<PicApplication>(*args)

diff --git a/pic-api/src/main/kotlin/com/mashup/pic/config/SecurityConfig.kt b/pic-api/src/main/kotlin/com/mashup/pic/config/SecurityConfig.kt
@@ -22,31 +22,32 @@ class SecurityConfig(
     @Bean
     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
         return http
-                .cors { it.disable() }
-                .csrf { it.disable() }
-                .httpBasic { it.disable() }
-                .formLogin { it.disable() }
-                .authorizeHttpRequests { authorization ->
-                    authorization
-                            .requestMatchers(*WHITELIST_ENDPOINTS).permitAll()
-                            .requestMatchers(ADMIN_ENDPOINT_PATTERN).hasRole(ADMIN_ROLE)
-                            .anyRequest().hasRole(MEMBER_ROLE)
-                }
-                .addFilterBefore(JwtFilter(jwtTokenUtil, objectMapper), UsernamePasswordAuthenticationFilter::class.java)
-                .exceptionHandling {
-                    it.authenticationEntryPoint(HttpStatusAuthenticationEntryPoint())
-                    it.accessDeniedHandler(HttpStatusAccessDeniedHandler())
-                }
-                .build()
+            .cors { it.disable() }
+            .csrf { it.disable() }
+            .httpBasic { it.disable() }
+            .formLogin { it.disable() }
+            .authorizeHttpRequests { authorization ->
+                authorization
+                    .requestMatchers(*WHITELIST_ENDPOINTS).permitAll()
+                    .requestMatchers(ADMIN_ENDPOINT_PATTERN).hasRole(ADMIN_ROLE)
+                    .anyRequest().hasRole(MEMBER_ROLE)
+            }
+            .addFilterBefore(JwtFilter(jwtTokenUtil, objectMapper), UsernamePasswordAuthenticationFilter::class.java)
+            .exceptionHandling {
+                it.authenticationEntryPoint(HttpStatusAuthenticationEntryPoint())
+                it.accessDeniedHandler(HttpStatusAccessDeniedHandler())
+            }
+            .build()
     }
 
     companion object {
         private const val ADMIN_ENDPOINT_PATTERN = "/api/v1/admin/**"
         private const val ADMIN_ROLE = "ADMIN"
         private const val MEMBER_ROLE = "MEMBER"
         private val WHITELIST_ENDPOINTS = arrayOf(
-                "/api/v1/auth/login",
-                "/api/v1/auth/token"
+            "/api/v1/auth/login",
+            "/api/v1/auth/token",
+            "/health",
         )
     }
 

diff --git a/pic-api/src/main/resources/application-domain.yaml b/pic-api/src/main/resources/application-domain.yaml
@@ -1,8 +1,8 @@
 spring:
   datasource:
-    url: ${MYSQL_URL}
-    username: ${MYSQL_USERNAME}
-    password: ${MYSQL_PASSWORD}
+    url: "jdbc:mysql://pic.c54wsc844g8x.ap-northeast-2.rds.amazonaws.com:3306/pic"
+    username: "root"
+    password: "pic-the-best0614"
     driver-class-name: com.mysql.cj.jdbc.Driver
   jpa:
     hibernate:

diff --git a/pic-api/src/main/resources/application.yaml b/pic-api/src/main/resources/application.yaml
@@ -5,10 +5,10 @@ spring:
     import:
       - classpath:/application-domain.yaml
 jwt:
-  secret-key: ${SECRET_KEY}
+  secret-key: "ddddddddddddddddddafhasdhsaiasinddsnaisiadnlsad"
 kakao:
   issuer: https://kauth.kakao.com
   audience:
-    rest: ${KAKAO_REST_KEY}
-    native: ${KAKAO_NATIVE_KEY}
+    rest: "5363ff2aa13b9956ace377d6a6b06857"
+    native: "780d820d0746affeeb251adf0ade6075"
   jwk-uri: https://kauth.kakao.com/.well-known/jwks.json