-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* ci: cd를 구성한다 * fix: SENTRY_AUTH_TOKEN을 env가 아닌, property로 가져오도록 수정한다 * fix: ghcr 레포지토리 명을 수정한다 * ci: 깃헙 패키지 권한을 확인한다 * build: plain.jar가 생성되지 않도록 한다 * ci: cd를 완성한다
- Loading branch information
Showing
7 changed files
with
180 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,105 @@ | ||
| name: 🎇 Deployer | ||
|
|
||
| on: | ||
| push: | ||
| branches: | ||
| - 'main' | ||
|
|
||
| jobs: | ||
| build: | ||
| name: build and set image | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| matrix: | ||
| java-version: [ 21 ] | ||
| steps: | ||
| - name: checkout code | ||
| uses: actions/checkout@v3 | ||
| with: | ||
| submodules: true | ||
|
|
||
| - name: Set up JDK 21 | ||
| uses: actions/setup-java@v3 | ||
| with: | ||
| distribution: 'zulu' | ||
| java-version: ${{ matrix.java-version }} | ||
| kotlin-version: ${{ matrix.kotlin-version }} | ||
|
|
||
| - name: Cache Gradle packages | ||
| uses: actions/cache@v3 | ||
| with: | ||
| path: ~/.gradle/caches | ||
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} | ||
| restore-keys: ${{ runner.os }}-gradle | ||
|
|
||
| - name: build server | ||
| run: ./gradlew build -x test -DSENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} | ||
|
|
||
| - name: docker arm64 build set up - qemu | ||
| uses: docker/setup-qemu-action@v2 | ||
|
|
||
| - name: docker arm64 build set up - buildx | ||
| uses: docker/setup-buildx-action@v2 | ||
|
|
||
| - name: login github container registry | ||
| uses: docker/login-action@v2 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.repository_owner }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - name: extract version | ||
| run: echo "##[set-output name=version;]$(echo '${{ github.event.head_commit.message }}' | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')" | ||
| id: extract_version_name | ||
|
|
||
| - name: push | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| context: . | ||
| platforms: linux/arm64/v8 | ||
| push: true | ||
| tags: | | ||
| ghcr.io/depromeet/teum-teum-server/api:${{ steps.extract_version_name.outputs.version }} | ||
| build-args: | | ||
| "KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }}" | ||
| "KAKAO_CLIENT_SECRET=${{ secrets.KAKAO_CLIENT_SECRET }}" | ||
| "KAKAO_REDIRECT_URI=${{ secrets.KAKAO_REDIRECT_URI }}" | ||
| "NAVER_CLIENT_ID=${{ secrets.NAVER_CLIENT_ID }}" | ||
| "NAVER_CLIENT_SECRET=${{ secrets.NAVER_CLIENT_SECRET }}" | ||
| "NAVER_REDIRECT_URI=${{ secrets.NAVER_REDIRECT_URI }}" | ||
| "JWT_SECRET_KEY=${{ secrets.NAVER_REDIRECT_URI }}" | ||
| "DB_URL=${{ secrets.DB_URL }}" | ||
| "DB_USERNAME=${{ secrets.DB_USERNAME }}" | ||
| "DB_PASSWORD=${{ secrets.DB_PASSWORD }}" | ||
| "SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }}" | ||
| "GPT_TOKEN=${{ secrets.GPT_TOKEN }}" | ||
| "REDIS_HOST=${{ secrets.REDIS_HOST }}" | ||
| "REDIS_PORT=${{ secrets.REDIS_PORT }}" | ||
| "AWS_ACCESS_KEY=${{ secrets.AWS_ACCESS_KEY }}" | ||
| "AWS_SECRET_KEY=${{ secrets.AWS_SECRET_KEY }}" | ||
| "AWS_REGION=${{ secrets.AWS_REGION }}" | ||
| "AWS_S3_BUCKET=${{ secrets.AWS_S3_BUCKET }}" | ||
| - name: create release | ||
| uses: actions/create-release@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| tag_name: ${{ steps.extract_version_name.outputs.version }} | ||
| release_name: ${{ steps.extract_version_name.outputs.version }} | ||
|
|
||
| deploy: | ||
| needs: build | ||
| name: deploy | ||
| runs-on: self-hosted | ||
| steps: | ||
| - name: extract version | ||
| run: echo "##[set-output name=version;]$(echo '${{ github.event.head_commit.message }}' | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')" | ||
| id: extract_version_name | ||
|
|
||
| - name: run server | ||
| run: | | ||
| sudo docker pull ghcr.io/depromeet/teum-teum-server/api:${{ steps.extract_version_name.outputs.version }} | ||
| sudo docker ps -q --filter "expose=8080" | xargs sudo docker stop | xargs sudo docker rm | ||
| sudo docker run -d -p 8080:8080 ghcr.io/depromeet/teum-teum-server/api:${{ steps.extract_version_name.outputs.version }} | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,67 @@ | ||
| FROM openjdk:11.0.11-jre-slim | ||
|
|
||
| ARG KAKAO_CLIENT_ID | ||
| ARG KAKAO_CLIENT_SECRET | ||
| ARG KAKAO_REDIRECT_URI | ||
| ARG NAVER_CLIENT_ID | ||
| ARG NAVER_CLIENT_SECRET | ||
| ARG NAVER_REDIRECT_URI | ||
| ARG JWT_SECRET_KEY | ||
| ARG DB_URL | ||
| ARG DB_USERNAME | ||
| ARG DB_PASSWORD | ||
| ARG SENTRY_AUTH_TOKEN | ||
| ARG GPT_TOKEN | ||
| ARG REDIS_HOST | ||
| ARG REDIS_PORT | ||
| ARG AWS_ACCESS_KEY | ||
| ARG AWS_SECRET_KEY | ||
| ARG AWS_REGION | ||
| ARG AWS_S3_BUCKET | ||
|
|
||
| ARG JAR_FILE=./build/libs/*.jar | ||
|
|
||
| COPY ${JAR_FILE} teum.jar | ||
|
|
||
| ENV kakao_client_id=${KAKAO_CLIENT_ID} \ | ||
| kakao_client_secret=${KAKAO_CLIENT_SECRET} \ | ||
| kakao_redirect_uri=${KAKAO_REDIRECT_URI} \ | ||
| naver_client_id=${NAVER_CLIENT_ID} \ | ||
| naver_client_secret=${NAVER_CLIENT_SECRET} \ | ||
| naver_redirect_uri=${NAVER_REDIRECT_URI} \ | ||
| jwt_secret_key=${JWT_SECRET_KEY} \ | ||
| db_url=${DB_URL} \ | ||
| db_user=${DB_USERNAME} \ | ||
| db_password=${DB_PASSWORD} \ | ||
| sentry_auth_token=${SENTRY_AUTH_TOKEN} \ | ||
| gpt_token=${GPT_TOKEN} \ | ||
| redis_host=${REDIS_HOST} \ | ||
| redis_port=${REDIS_PORT} \ | ||
| aws_access_key=${AWS_ACCESS_KEY} \ | ||
| aws_secret_key=${AWS_SECRET_KEY} \ | ||
| aws_region=${AWS_REGION} \ | ||
| aws_s3_bucket=${AWS_S3_BUCKET} | ||
|
|
||
|
|
||
| ENTRYPOINT java -jar teum.jar \ | ||
| --spring.datasource.url=${db_url} \ | ||
| --spring.security.oauth2.client.registration.kakao.client-id=${kakao_client_id} \ | ||
| --spring.security.oauth2.client.registration.kakao.client-secret=${kakao_client_secret} \ | ||
| --spring.security.oauth2.client.registration.kakao.redirect-uri=${kakao_redirect_uri} \ | ||
| --spring.security.oauth2.client.registration.naver.client-id=${naver_client_id} \ | ||
| --spring.security.oauth2.client.registration.naver.client-secret=${naver_client_secret} \ | ||
| --spring.security.oauth2.client.registration.naver.redirect-uri=${naver_redirect_uri} \ | ||
| --jwt.secret=${jwt_secret_key} \ | ||
| --spring.datasource.url=${db_url} \ | ||
| --spring.datasource.username=${db_user} \ | ||
| --spring.datasource.password=${db_password} \ | ||
| --spring.flyway.url=${db_url} \ | ||
| --spring.flyway.user=${db_user} \ | ||
| --spring.flyway.password=${db_password} \ | ||
| --gpt.token=${gpt_token} \ | ||
| --spring.data.redis.host=${redis_host} \ | ||
| --spring.data.redis.port=${redis_port} \ | ||
| --spring.cloud.aws.credentials.access-key=${aws_access_key} \ | ||
| --spring.cloud.aws.credentials.secret-key=${aws_secret_key} \ | ||
| --spring.cloud.aws.region.static=${aws_region} \ | ||
| --spring.cloud.aws.s3.bucket=${aws_s3_bucket} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,10 +1,7 @@ | ||
| sentry { | ||
| // Generates a JVM (Java, Kotlin, etc.) source bundle and uploads your source code to Sentry. | ||
| // This enables source context, allowing you to see your source | ||
| // code as part of your stack traces in Sentry. | ||
| includeSourceContext = true | ||
|
|
||
| org = "teum-teum" | ||
| projectName = "java-spring-boot" | ||
| authToken = System.getenv("SENTRY_AUTH_TOKEN") | ||
| authToken = System.getProperty("SENTRY_AUTH_TOKEN") | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,5 @@ | ||
| server: | ||
| port: ${APPLICATION_PORT:8080} | ||
| port: 8080 | ||
|
|
||
| spring: | ||
| application: | ||
|
|
||