prgrms-web-devcourse-final-project
diff --git a/‎.github/workflows/CI-CD_Pipeline.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/CI-CD_Pipeline.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/deploy.yml‎
Lines changed: 92 additions & 0 deletions b/‎.github/workflows/deploy.yml‎
Lines changed: 92 additions & 0 deletions
diff --git a/‎backend/Dockerfile‎
Lines changed: 32 additions & 0 deletions b/‎backend/Dockerfile‎
Lines changed: 32 additions & 0 deletions
diff --git a/‎infra/.gitignore‎
Lines changed: 6 additions & 1 deletion b/‎infra/.gitignore‎
Lines changed: 6 additions & 1 deletion
@@ -86,7 +86,7 @@ jobs:
           SPRING_DATA_REDIS_EMBEDDED=false
 
           # JWT 설정 (application-test.yml에서 참조)
-          CUSTOM_JWT_SECRET_KEY=test-secret-key-for-testing-purposes-only-minimum-256-bits
+          CUSTOM_JWT_SECRET_KEY=${{ secrets.JWT_SECRET_KEY }}
           CUSTOM_JWT_ACCESS_TOKEN_EXPIRATION_SECONDS=3600
           EOF
 
 
@@ -0,0 +1,92 @@
+name: deploy
+on:
+  push:
+    paths:
+      - '.github/workflows/**'
+      - 'src/**'
+      - 'build.gradle.kts'
+      - 'settings.gradle.kts'
+      - 'Dockerfile'
+    branches:
+      - main
+jobs:
+  makeTagAndRelease:
+    runs-on: ubuntu-latest
+    outputs:
+      tag_name: ${{ steps.create_tag.outputs.new_tag }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Create Tag
+        id: create_tag
+        uses: mathieudutour/[email protected]
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Create Release
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ steps.create_tag.outputs.new_tag }}
+          release_name: Release ${{ steps.create_tag.outputs.new_tag }}
+          body: ${{ steps.create_tag.outputs.changelog }}
+          draft: false
+          prerelease: false
+  buildImageAndPush:
+    name: 도커 이미지 빌드와 푸시
+    needs: makeTagAndRelease
+    runs-on: ubuntu-latest
+    env:
+      DOCKER_IMAGE_NAME: balaw
+    outputs:
+      DOCKER_IMAGE_NAME: ${{ env.DOCKER_IMAGE_NAME }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: application-secret.yml 생성
+        env:
+          APPLICATION_SECRET: ${{ secrets.APPLICATION_SECRET_YML }}
+        run: echo "$APPLICATION_SECRET" > src/main/resources/application-secret.yml
+      - name: Docker Buildx 설치
+        uses: docker/setup-buildx-action@v2
+      - name: 레지스트리 로그인
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: set lower case owner name
+        run: |
+          echo "OWNER_LC=${OWNER,,}" >> ${GITHUB_ENV}
+        env:
+          OWNER: '${{ github.repository_owner }}'
+      - name: 빌드 앤 푸시
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          push: true
+          tags: |
+            ghcr.io/${{ env.OWNER_LC }}/${{ env.DOCKER_IMAGE_NAME }}:${{ needs.makeTagAndRelease.outputs.tag_name }},
+            ghcr.io/${{ env.OWNER_LC }}/${{ env.DOCKER_IMAGE_NAME }}:latest
+
+  deploy:
+    runs-on: ubuntu-latest
+    needs: [ buildImageAndPush ]
+    env:
+      DOCKER_IMAGE_NAME: ${{ needs.buildImageAndPush.outputs.DOCKER_IMAGE_NAME }}
+    steps:
+      - name: AWS SSM Send-Command
+        uses: peterkimzz/aws-ssm-send-command@master
+        id: ssm
+        with:
+          aws-region: ${{ secrets.AWS_REGION }}
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          instance-ids: "i-0b903187bca01a1c4"
+          working-directory: /
+          comment: Deploy
+          command: |
+            docker pull ghcr.io/doohyojeong/${{ env.DOCKER_IMAGE_NAME }}:latest
+            docker stop app1 2>/dev/null
+            docker rm app1 2>/dev/null
+            docker run -d --name app1 -p 8080:8080 ghcr.io/doohyojeong/${{ env.DOCKER_IMAGE_NAME }}:latest
+            docker rmi $(docker images -f "dangling=true" -q)
@@ -0,0 +1,32 @@
+# 첫 번째 스테이지: 빌드 스테이지
+FROM gradle:jdk-21-and-23-graal-jammy AS builder
+
+# 작업 디렉토리 설정
+WORKDIR /app
+
+# 소스 코드와 Gradle 래퍼 복사
+COPY build.gradle .
+COPY settings.gradle .
+
+# 종속성 설치
+RUN gradle dependencies --no-daemon
+
+# 소스 코드 복사
+COPY .env .
+COPY src src
+
+# 애플리케이션 빌드
+RUN gradle build --no-daemon
+
+# 두 번째 스테이지: 실행 스테이지
+FROM container-registry.oracle.com/graalvm/jdk:21
+
+# 작업 디렉토리 설정
+WORKDIR /app
+
+# 첫 번째 스테이지에서 빌드된 JAR 파일 복사
+COPY --from=builder /app/build/libs/*.jar app.jar
+COPY --from=builder /app/.env .env
+
+# 실행할 JAR 파일 지정
+ENTRYPOINT ["java", "-Dspring.profiles.active=prod", "-jar", "app.jar"]
@@ -1,2 +1,7 @@
 .idea
-.terraform
+.terraform
+.terraform.lock.hcl
+terraform.tfstate
+terraform.tfstate.backup
+.terraform.tfstate.lock.info
+secrets.tf