Wait4Eat · Park-EJ · May 2, 2025 · Apr 30, 2025 · May 2, 2025 · May 2, 2025
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -0,0 +1,70 @@
+name: CI/CD to EC2 with Docker and ECR
+
+on:
+  push:
+    branches:
+      - main
+      - feat/#106-cicd-setup
+
+jobs:
+  deploy:
+    name: Build and Deploy
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Source Code
+        uses: actions/checkout@v4
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+
+      - name: make application.properties
+        run: |
+          cd ./src/main/resources
+          touch ./application.properties
+          echo "${{ secrets.APPLI_YML }}" > ./application.properties
+        shell: bash
+
+      - name: Grant execute permission for gradlew
+        run: chmod +x gradlew
+
+      - name: Build with Gradle
+        run: ./gradlew clean build -x test
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ap-northeast-2
+
+      - name: Log in to Amazon ECR
+        uses: aws-actions/amazon-ecr-login@v2
+
+      - name: Build Docker Image
+        run: |
+          docker build -t ${{ secrets.ECR_REPO_URI }}:latest .
+
+      - name: Push to ECR
+        run: |
+          docker push ${{ secrets.ECR_REPO_URI }}:latest
+
+      - name: SSH to EC2 and Deploy
+        uses: appleboy/ssh-action@v1.0.0
+        with:
+          host: ${{ secrets.EC2_HOST }}
+          username: ${{ secrets.EC2_USERNAME }}
+          key: ${{ secrets.EC2_SSH_KEY }}
+          script: |
+            aws ecr get-login-password --region ap-northeast-2 \
+            | docker login --username AWS --password-stdin ${{ secrets.ECR_REPO_URI }}
+            docker pull ${{ secrets.ECR_REPO_URI }}:latest
+            docker stop app || true
+            docker rm app || true
+            docker run -d --name app -p 8080:8080 ${{ secrets.ECR_REPO_URI }}:latest
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,5 @@
+FROM openjdk:17-jdk
+
+COPY ./build/libs/wait4eat-0.0.1-SNAPSHOT.jar app.jar
+
+ENTRYPOINT ["java", "-jar", "/app.jar"]
diff --git a/src/main/java/com/example/wait4eat/global/auth/security/SecurityConfig.java b/src/main/java/com/example/wait4eat/global/auth/security/SecurityConfig.java
@@ -56,7 +56,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
                 .logout(AbstractHttpConfigurer::disable)
                 .rememberMe(AbstractHttpConfigurer::disable)
                 .authorizeHttpRequests(auth -> auth
-                        .requestMatchers("/test-sse.html", "/css/**", "/payment/**", "/images/**").permitAll()
+                        .requestMatchers("/test-sse.html", "/css/**", "/payment/**", "/images/**", "/health").permitAll()
                         .requestMatchers("/" + tossWebhookEndpoint).permitAll()
                         .requestMatchers(request -> request.getRequestURI().startsWith("/api/v1/notifications/subscribe")).permitAll()
                         .requestMatchers(request -> request.getRequestURI().startsWith("/api/v1/auth")).permitAll()

diff --git a/src/main/java/com/example/wait4eat/global/healthcheck/HealthCheckController.java b/src/main/java/com/example/wait4eat/global/healthcheck/HealthCheckController.java
@@ -0,0 +1,14 @@
+package com.example.wait4eat.global.healthcheck;
+
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class HealthCheckController {
+
+    @GetMapping("/health")
+    public ResponseEntity<String> healthCheck() {
+        return ResponseEntity.ok("OK");
+    }
+}