Merge pull request #2 from S0ftwareC0ntest/develop

[FEAT/#1] CICD 구축

Author: 2ghrms

.github/workflows/cd.yml

@@ -11,14 +11,38 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
+      - name: Create application-secret.yml
+        run: |
+          mkdir -p ./temp_secret
+          echo "${{ secrets.APPLICATION_SECRET }}" > ./temp_secret/application-secret.yml
+        shell: bash
+
+      - name: Copy application-secret.yml to EC2
+        uses: appleboy/scp-action@v0.1.3
+        with:
+          username: ubuntu
+          host: ${{ secrets.EC2_HOST }}
+          key: ${{ secrets.EC2_SSH_KEY }}
+          source: ./temp_secret/application-secret.yml
+          target: /home/ubuntu/secret/
+
+      - name: Copy docker-compose.yml
+        uses: appleboy/scp-action@v0.1.3
+        with:
+          username: ubuntu
+          host: ${{ secrets.EC2_HOST }}
+          key: ${{ secrets.EC2_SSH_KEY }}
+          source: ./docker-compose.yml
+          target: /home/ubuntu/app/
+
       - name: Upload deploy.sh to EC2
         uses: appleboy/scp-action@v0.1.3
         with:
           host: ${{ secrets.EC2_HOST }}
           username: ${{ secrets.EC2_USER }}
           key: ${{ secrets.EC2_SSH_KEY }}
           source: ./deploy.sh
-          target: /home/ubuntu/
+          target: /home/ubuntu/app/
 
       - name: SSH and Deploy
         uses: appleboy/ssh-action@v1.0.0
@@ -28,6 +52,6 @@ jobs:
           key: ${{ secrets.EC2_SSH_KEY }}
           script: |
             echo ${{ secrets.DOCKERHUB_TOKEN }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
-            export DOCKERHUB_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}
-            chmod +x /home/ubuntu/deploy.sh
-            /home/ubuntu/deploy.sh
+            docker pull ${{ secrets.DOCKERHUB_USERNAME }}/assu-app:latest
+            sudo chmod +x /home/ubuntu/app/deploy.sh
+            sudo /home/ubuntu/app/deploy.sh

.github/workflows/ci.yml

@@ -9,6 +9,8 @@ on:
 jobs:
   ci:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
 
     steps:
       - uses: actions/checkout@v4
@@ -19,16 +21,57 @@ jobs:
           java-version: '17'
           distribution: 'temurin'
 
+      - name: Gradle Cache
+        uses: actions/cache@v4
+        with:
+          path: |
+            ~/.gradle/caches
+            ~/.gradle/wrapper
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+          restore-keys: ${{ runner.os }}-gradle-
+
+      - name: Grant execute permission to gradlew
+        run: chmod +x ./gradlew
+
       - name: Build and Test
         run: ./gradlew clean build test
 
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          install: true
+
+      - name: Create buildx builder
+        run: |
+          docker buildx create --use --name mybuilder
+          docker buildx inspect --bootstrap
+
       - name: Login to DockerHub
         uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
-      - name: Build and Push Docker Image
+      - name: Build & Push Dependency Cache
+        run: |
+          docker buildx build \
+          --builder mybuilder \
+          --platform linux/amd64 \
+          --push \
+          --file Dockerfile \
+          --tag ${{ secrets.DOCKERHUB_USERNAME }}/assu-app:dependency-cache \
+          --target dependencies \
+          --cache-to type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/assu-app:dependency-cache,mode=max \
+          .
+
+      - name: Build & Push Final App Image
         run: |
-          docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/assu-app:latest .
-          docker push ${{ secrets.DOCKERHUB_USERNAME }}/assu-app:latest
+          docker buildx build \
+            --builder mybuilder \
+            --platform linux/amd64 \
+            --push \
+            --file Dockerfile \
+            --tag ${{ secrets.DOCKERHUB_USERNAME }}/assu-app:latest \
+            --build-arg DEPENDENCY_IMAGE=${{ secrets.DOCKERHUB_USERNAME }}/assu-app:dependency-cache \
+            --cache-from type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/assu-app:dependency-cache \
+            .

.gitignore

@@ -1,3 +1,9 @@
+### build ###
+*.jar
+*.tar
+*.tar.gz
+*.zip
+
 HELP.md
 .gradle
 build/
@@ -38,9 +44,5 @@ out/
 
 ### Secret ###
 src/main/resources/application-secret.yml
-
-### build ###
-*.jar
-*.tar
-*.tar.gz
-*.zip
+src/test/resources/application-test.yml
+src/test/resources/application-secret.yml

.test-develop.txt

@@ -1,3 +1,32 @@
+# Stage 1: Dependencies
+FROM gradle:8.4.0-jdk17 AS dependencies
+WORKDIR /build
+
+COPY gradlew .
+# COPY gradle.properties /root/.gradle/gradle.properties
+COPY gradle/wrapper/gradle-wrapper.jar gradle/wrapper/
+COPY gradle/wrapper/gradle-wrapper.properties gradle/wrapper/
+COPY build.gradle settings.gradle ./
+
+RUN ./gradlew dependencies --no-daemon
+
+# Stage 2: Build
+FROM gradle:8.4.0-jdk17 AS builder
+WORKDIR /build
+
+COPY --from=dependencies /build /build
+COPY src src
+
+RUN ./gradlew bootJar -x test --build-cache --no-daemon
+
+# Stage 3: Final Image
 FROM openjdk:17-jdk-slim
-COPY server-0.0.1-SNAPSHOT.jar app.jar
-ENTRYPOINT ["java", "-jar", "/app.jar"]
+
+ENV TZ=Asia/Seoul
+RUN ln -sf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ >/etc/timezone
+
+WORKDIR /app
+
+COPY --from=builder /build/build/libs/*.jar app.jar
+
+ENTRYPOINT ["java", "-jar", "/app/app.jar"]

Dockerfile

@@ -41,6 +41,8 @@ dependencies {
 	testImplementation 'org.springframework.batch:spring-batch-test'
 	testImplementation 'org.springframework.security:spring-security-test'
 	testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
+
+	runtimeOnly 'com.h2database:h2'
 }
 
 tasks.named('test') {

build.gradle

@@ -1,34 +1,39 @@
 #!/bin/bash
 
+
+DOCKER_USERNAME=${DOCKERHUB_USERNAME}
 APP_NAME=assu-app
 TAG=latest
-DOCKER_USERNAME=${DOCKERHUB_USERNAME:-your_dockerhub_username}
 
 BLUE_CONTAINER="assu-blue"
 GREEN_CONTAINER="assu-green"
+COMPOSE_FILE="/home/ubuntu/app/docker-compose.yml"
+COMPOSE_PATH="/home/ubuntu/app"
 
 echo "[1] Determine currently running container"
 ACTIVE_CONTAINER=$(docker ps --filter "name=assu-" --format "{{.Names}}" | grep assu- | head -n 1)
 
 if [ "$ACTIVE_CONTAINER" == "$BLUE_CONTAINER" ]; then
   NEW_CONTAINER=$GREEN_CONTAINER
   OLD_CONTAINER=$BLUE_CONTAINER
+  NEW_PORT=8081
 else
   NEW_CONTAINER=$BLUE_CONTAINER
   OLD_CONTAINER=$GREEN_CONTAINER
+  NEW_PORT=8080
 fi
 
-echo "[2] Pull latest image"
+echo "[2] Pull latest Docker image"
 docker pull $DOCKER_USERNAME/$APP_NAME:$TAG
 
-echo "[3] Run new container: $NEW_CONTAINER"
-docker run -d --name $NEW_CONTAINER -p 8080:8080 $DOCKER_USERNAME/$APP_NAME:$TAG
-
-echo "[4] Wait for new container to start (basic health delay)"
-sleep 10
-
-echo "[5] Stop and remove old container: $OLD_CONTAINER"
+echo "[3] Stop and remove old container if exists: $OLD_CONTAINER"
 docker stop $OLD_CONTAINER || true
 docker rm $OLD_CONTAINER || true
 
-echo "[✅] Switched to $NEW_CONTAINER"
+echo "[4] Start new container: $NEW_CONTAINER"
+docker compose -f $COMPOSE_FILE up -d $NEW_CONTAINER
+
+echo "[5] Wait for container to start (basic health delay)"
+sleep 10
+
+echo "[✅] $NEW_CONTAINER deployed on port $NEW_PORT"

compose.yaml

@@ -0,0 +1,38 @@
+version: "3.8"
+
+services:
+  assu-blue:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    image: andylee259/assu-app:latest
+    container_name: assu-blue
+    ports:
+      - "8080:8080"
+    environment:
+      - SPRING_PROFILES_ACTIVE=blue
+      - SPRING_CONFIG_ADDITIONAL_LOCATION=file:/app/config/
+    volumes:
+      - /home/ubuntu/app/config/application-secret.yml:/app/config/application-secret.yml:ro
+    networks:
+      - assu-network
+
+  assu-green:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    image: andylee259/assu-app:latest
+    container_name: assu-green
+    ports:
+      - "8081:8080"
+    environment:
+      - SPRING_PROFILES_ACTIVE=green
+      - SPRING_CONFIG_ADDITIONAL_LOCATION=file:/app/config/
+    volumes:
+      - /home/ubuntu/app/config/application-secret.yml:/app/config/application-secret.yml:ro
+    networks:
+      - assu-network
+
+networks:
+  assu-network:
+    driver: bridge