Scrum 27 feature/aws deploy

.github/workflows/CICD.yml

@@ -0,0 +1,68 @@
+# 1 워크플로의 이름 지정
+name: CI and Deploy to Amazon EC2
+# 2 워크플로가 시작될 조건 지정
+env:
+  AWS_REGION: ap-northeast-2
+  S3_BUCKET_NAME: billage-deploy
+  CODE_DEPLOY_APPLICATION_NAME: billage-deploy
+  CODE_DEPLOY_DEPLOYMENT_GROUP_NAME: billage-deploy-group
+permissions:
+  contents: read
+on:
+  push:
+    branches: [ master,SCRUM-27--Feature/aws-deploy ]
+jobs:
+  build:
+    runs-on: ubuntu-latest # 3 실행 환경 지정
+    #4 실행스텝지정
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-java@v3
+        with:
+          distribution: 'zulu'
+          java-version: '17'
+      # db.properties 파일 생성
+      - name: Make application.properties
+        run: |
+          cd ./src/main/resources
+          echo "${{ secrets.SECRET_PROPERTIES }}" > ./application-prod.yml
+      - name: create firebase-admin.json
+        id: create-json
+        uses: jsdaniell/[email protected]
+        with:
+          name: FirebaseAdminSDK.json
+          json: ${{ secrets.AWS_FCM_JSON }}
+
+      - name: MOVE FCM JSON
+        run: |
+          mv FirebaseAdminSDK.json src/main/resources/
+          cd ./src/main/resources
+          mkdir -p firebase
+          mv FirebaseAdminSDK.json firebase/
+
+      - name: Grant execute permission for gradlew
+        run: chmod +x gradlew
+      - name: Build with Gradle
+        run: ./gradlew clean build
+      # (4) AWS 인증 (IAM 사용자 Access Key, Secret Key 활용)
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ env.AWS_REGION }}
+      # (5) 빌드 결과물을 S3 버킷에 업로드
+      - name: Upload to AWS S3
+        run: |
+          aws deploy push \
+            --application-name ${{ env.CODE_DEPLOY_APPLICATION_NAME }} \
+            --s3-location s3://$S3_BUCKET_NAME/$GITHUB_SHA.zip \
+            --source .
+        # (6) S3 버킷에 있는 파일을 대상으로 CodeDeploy 실행
+      - name: Deploy to AWS EC2 from S3
+        run: |
+          aws deploy create-deployment \
+            --application-name ${{ env.CODE_DEPLOY_APPLICATION_NAME }} \
+            --deployment-config-name CodeDeployDefault.AllAtOnce \
+            --deployment-group-name ${{ env.CODE_DEPLOY_DEPLOYMENT_GROUP_NAME }} \
+            --s3-location bucket=$S3_BUCKET_NAME,key=$GITHUB_SHA.zip,bundleType=zip

appspec.yml

@@ -0,0 +1,22 @@
+version: 0.0
+os: linux
+# destination에 아티팩트가 unzip된 결과가 생성될 디렉토리명을 넣어준다.
+files:
+  - source: /
+    destination: /home/ubuntu/build/
+    overwrite: yes
+permissions:
+  - object: /
+    pattern: "**"
+    owner: ubuntu
+    group: ubuntu
+
+hooks:
+  AfterInstall: #AfterInstall에서 기존에 실행중이던 어플리케이션 종료시키고 ApplicationStart에서 새로운 어플리케이션 실행
+    - location: scripts/stop.sh
+      timeout: 60
+      runas: ubuntu
+  ApplicationStart:
+    - location: scripts/start.sh
+      timeout: 60
+      runas: ubuntu

scripts/start.sh

@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+
+PROJECT_ROOT="/home/ubuntu"
+JAR_FILE="$PROJECT_ROOT/billage-0.0.1-SNAPSHOT.jar"
+
+APP_LOG="$PROJECT_ROOT/application.log"
+ERROR_LOG="$PROJECT_ROOT/error.log"
+DEPLOY_LOG="$PROJECT_ROOT/deploy.log"
+
+TIME_NOW=$(date +%c)
+
+# build 파일 복사
+echo "$TIME_NOW > $JAR_FILE 파일 복사" >> $DEPLOY_LOG
+cp $PROJECT_ROOT/build/build/libs/billage-0.0.1-SNAPSHOT.jar $JAR_FILE
+
+# jar 파일 실행
+echo "$TIME_NOW > $JAR_FILE 파일 실행" >> $DEPLOY_LOG
+nohup java -jar $JAR_FILE > $APP_LOG 2> $ERROR_LOG &
+
+CURRENT_PID=$(pgrep -f $JAR_FILE)
+echo "$TIME_NOW > 실행된 프로세스 아이디 $CURRENT_PID 입니다." >> $DEPLOY_LOG

scripts/stop.sh

@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+
+PROJECT_ROOT="/home/ubuntu"
+JAR_FILE="billage-0.0.1-SNAPSHOT.jar"
+
+DEPLOY_LOG="$PROJECT_ROOT/deploy.log"
+
+TIME_NOW=$(date +%c)
+
+# 현재 구동 중인 애플리케이션 pid 확인
+CURRENT_PID=$(pgrep -f $JAR_FILE)
+
+# 프로세스가 켜져 있으면 종료
+if [ -z $CURRENT_PID ]; then
+  echo "$TIME_NOW > 현재 실행중인 애플리케이션이 없습니다" >> $DEPLOY_LOG
+else
+  echo "$TIME_NOW > 실행중인 $CURRENT_PID 애플리케이션 종료 " >> $DEPLOY_LOG
+  kill -15 $CURRENT_PID
+fi

src/main/java/com/groomiz/billage/auth/config/SecurityConfig.java

@@ -56,7 +56,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 					"/api/v1/users/verify",
 					"/api/v1/users/check-email",
 					"/api/v1/users/check-nickname",
-				  "api/v1/univ/classroom/**",
+					"api/v1/univ/classroom/**",
 					"/images/**",
 					"api/v1/univ/**",
 					"/images/**",

src/main/java/com/groomiz/billage/global/config/SwaggerConfig.java

@@ -50,7 +50,7 @@ public OpenAPI openAPI() {
 			.title("빌리지 API Document")
 			.version("1.0")
 			.description(
-				"환영합니다! [발리지](https://example.com)는 서울과학기술대학교 강의실을 빌리기 위해서 위해 만들어진 플랫폼입니다. 이 API 문서는 빌리지의 API를 사용하는 방법을 설명합니다.\n")
+				"환영합니다! [발리지](https://billage.duckdns.org)는 서울과학기술대학교 강의실을 빌리기 위해서 위해 만들어진 플랫폼입니다. 이 API 문서는 빌리지의 API를 사용하는 방법을 설명합니다.\n")
 			.contact(new io.swagger.v3.oas.models.info.Contact().email("[email protected]"));
 
 		String jwtScheme = "jwtAuth";
@@ -65,6 +65,7 @@ public OpenAPI openAPI() {
 
 		return new OpenAPI()
 			.addServersItem(new Server().url("http://localhost:8080"))
+			.addServersItem(new Server().url("https://billage.duckdns.org"))
 			.components(new Components())
 			.info(info)
 			.addSecurityItem(securityRequirement)

src/main/resources/application.yml

@@ -1,7 +1,6 @@
 spring:
   profiles:
-    active: dev
-
+    active: prod
 
   data:
     redis: