diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 00000000..967fff47 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,70 @@ +name: CI/CD to EC2 with Docker and ECR + +on: + push: + branches: + - main + - feat/#106-cicd-setup + +jobs: + deploy: + name: Build and Deploy + runs-on: ubuntu-latest + + steps: + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'temurin' + + - name: make application.properties + run: | + cd ./src/main/resources + touch ./application.properties + echo "${{ secrets.APPLI_YML }}" > ./application.properties + shell: bash + + - name: Grant execute permission for gradlew + run: chmod +x gradlew + + - name: Build with Gradle + run: ./gradlew clean build -x test + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ap-northeast-2 + + - name: Log in to Amazon ECR + uses: aws-actions/amazon-ecr-login@v2 + + - name: Build Docker Image + run: | + docker build -t ${{ secrets.ECR_REPO_URI }}:latest . + + - name: Push to ECR + run: | + docker push ${{ secrets.ECR_REPO_URI }}:latest + + - name: SSH to EC2 and Deploy + uses: appleboy/ssh-action@v1.0.0 + with: + host: ${{ secrets.EC2_HOST }} + username: ${{ secrets.EC2_USERNAME }} + key: ${{ secrets.EC2_SSH_KEY }} + script: | + aws ecr get-login-password --region ap-northeast-2 \ + | docker login --username AWS --password-stdin ${{ secrets.ECR_REPO_URI }} + docker pull ${{ secrets.ECR_REPO_URI }}:latest + docker stop app || true + docker rm app || true + docker run -d --name app -p 8080:8080 ${{ secrets.ECR_REPO_URI }}:latest \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..c6551dd8 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,5 @@ +FROM openjdk:17-jdk + +COPY ./build/libs/wait4eat-0.0.1-SNAPSHOT.jar app.jar + +ENTRYPOINT ["java", "-jar", "/app.jar"] \ No newline at end of file diff --git a/src/main/java/com/example/wait4eat/global/auth/security/SecurityConfig.java b/src/main/java/com/example/wait4eat/global/auth/security/SecurityConfig.java index e6e1bbaa..1f3637ad 100644 --- a/src/main/java/com/example/wait4eat/global/auth/security/SecurityConfig.java +++ b/src/main/java/com/example/wait4eat/global/auth/security/SecurityConfig.java @@ -56,7 +56,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti .logout(AbstractHttpConfigurer::disable) .rememberMe(AbstractHttpConfigurer::disable) .authorizeHttpRequests(auth -> auth - .requestMatchers("/test-sse.html", "/css/**", "/payment/**", "/images/**").permitAll() + .requestMatchers("/test-sse.html", "/css/**", "/payment/**", "/images/**", "/health").permitAll() .requestMatchers("/" + tossWebhookEndpoint).permitAll() .requestMatchers(request -> request.getRequestURI().startsWith("/api/v1/notifications/subscribe")).permitAll() .requestMatchers(request -> request.getRequestURI().startsWith("/api/v1/auth")).permitAll() diff --git a/src/main/java/com/example/wait4eat/global/healthcheck/HealthCheckController.java b/src/main/java/com/example/wait4eat/global/healthcheck/HealthCheckController.java new file mode 100644 index 00000000..ec2e1942 --- /dev/null +++ b/src/main/java/com/example/wait4eat/global/healthcheck/HealthCheckController.java @@ -0,0 +1,14 @@ +package com.example.wait4eat.global.healthcheck; + +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RestController; + +@RestController +public class HealthCheckController { + + @GetMapping("/health") + public ResponseEntity healthCheck() { + return ResponseEntity.ok("OK"); + } +} \ No newline at end of file