Skip to content

[chore/#67] CI/CD 파이프라인 구현 #68

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
2ghrms merged 11 commits into from
Dec 26, 2025
Merged

[chore/#67] CI/CD 파이프라인 구현 #68

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
9578796
[chore/#67] CI/CD 파이프라인 구현
yongjun0511 Sep 21, 2025
57b3690
refactor: 카카오와 APPLE DEV PROD 환경 통일
yongjun0511 Sep 23, 2025
118b576
chore: 테스트 용도로 임시로 Github Action 발동 조건 변경
yongjun0511 Sep 23, 2025
6fa2a14
fix: 오타 수정
yongjun0511 Sep 27, 2025
50ae631
fix: Dockerfile 경로 수정
yongjun0511 Oct 14, 2025
16be361
fix: 오타 수정
yongjun0511 Oct 14, 2025
564a04e
fix: jdk 버전 수정
yongjun0511 Oct 14, 2025
2ad7802
fix: compose 파일명 수정
yongjun0511 Oct 14, 2025
772b2c0
fix: 경로 수정
yongjun0511 Oct 14, 2025
28bb287
fix: 이름 정정
yongjun0511 Oct 14, 2025
75834a6
fix: 도커 허브 로그인 추가
yongjun0511 Oct 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 41 additions & 0 deletions .dockerignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
# Git 관련
.git
.gitignore
.gitattributes

# IDE 관련
.idea/
.vscode/
*.iml
*.ipr
*.iws

# Build 관련
build/
.gradle/
gradle/wrapper/gradle-wrapper.jar

# 로그 파일
*.log

# OS 관련
.DS_Store
Thumbs.db

# 테스트 관련
**/test/
**/src/test/

# 문서
README.md
documentation/

# Docker 관련
Dockerfile*
docker-compose*.yml
.dockerignore

# 기타
*.md
.env
.env.local
120 changes: 60 additions & 60 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,60 +1,60 @@
name: Clokey CI

on:
pull_request:
branches: [ "main", "develop" ]
paths:
- "clokey-api/**"
- "clokey-domain/**"
- "clokey-common/**"
- "clokey-common-web/**"
- ".github/workflows/ci.yml"

permissions:
contents: read

jobs:
build:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v4
with:
clean: true

- name: Setup Java 21
uses: actions/setup-java@v4
with:
distribution: 'corretto'
java-version: '21'

- name: Start Redis container for test
run: docker compose -f ./docker-compose-test.yml up -d

- name: Gradle Caching
uses: actions/cache@v4
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: ${{ runner.os }}-gradle-

- name: Grant execute permission for gradlew
run: chmod +x ./gradlew

- name: Spotless Check
run: ./gradlew spotlessCheck

- name: SonarCloud Caching
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar

- name: Test and Analyze
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: ./gradlew test sonar --info --stacktrace
#name: Clokey CI
#
#on:
# pull_request:
# branches: [ "main", "develop" ]
# paths:
# - "clokey-api/**"
# - "clokey-domain/**"
# - "clokey-common/**"
# - "clokey-common-web/**"
# - ".github/workflows/ci.yml"
#
#permissions:
# contents: read
#
#jobs:
# build:
# runs-on: ubuntu-latest
#
# steps:
# - uses: actions/checkout@v4
# with:
# clean: true
#
# - name: Setup Java 21
# uses: actions/setup-java@v4
# with:
# distribution: 'corretto'
# java-version: '21'
#
# - name: Start Redis container for test
# run: docker compose -f ./docker-compose-test.yml up -d
#
# - name: Gradle Caching
# uses: actions/cache@v4
# with:
# path: |
# ~/.gradle/caches
# ~/.gradle/wrapper
# key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
# restore-keys: ${{ runner.os }}-gradle-
#
# - name: Grant execute permission for gradlew
# run: chmod +x ./gradlew
#
# - name: Spotless Check
# run: ./gradlew spotlessCheck
#
# - name: SonarCloud Caching
# uses: actions/cache@v4
# with:
# path: ~/.sonar/cache
# key: ${{ runner.os }}-sonar
# restore-keys: ${{ runner.os }}-sonar
#
# - name: Test and Analyze
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
# run: ./gradlew test sonar --info --stacktrace
109 changes: 109 additions & 0 deletions .github/workflows/dev-cd.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,109 @@
name: Clokey-Dev CD

on:
pull_request:
branches: [ develop ]

jobs:
dev-cd:
runs-on: ubuntu-latest
permissions:
contents: read

steps:
- uses: actions/checkout@v4
with:
clean: true

- name: Setup Java 21
uses: actions/setup-java@v4
with:
distribution: 'corretto'
java-version: '21'

- name: Gradle Cache
uses: actions/cache@v4
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: ${{ runner.os }}-gradle-

- name: Grant gradlew permission
run: chmod +x ./gradlew

- name: Log in to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Build & Push App Image
run: |
docker buildx build \
--platform linux/amd64 \
--push \
--file clokey-api/Dockerfile \
--tag ${{ secrets.DOCKERHUB_USERNAME }}/clokey-docker-2025:dev-app \
.

- name: Copy dev-docker-compose.yml
uses: appleboy/[email protected]
with:
username: ubuntu
host: ${{ secrets.DEV_EC2_HOST }}
key: ${{ secrets.DEV_EC2_SSH_KEY }}
source: ./clokey-api/dev-compose.yml
target: /home/ubuntu/

- name: Deploy App
uses: appleboy/ssh-action@master
with:
username: ubuntu
host: ${{ secrets.DEV_EC2_HOST }}
key: ${{ secrets.DEV_EC2_SSH_KEY }}
envs: DOCKERHUB_USERNAME,DEV_MYSQL_HOST,MYSQL_PORT,DB_NAME,DB_USERNAME,DB_PASSWORD,REDIS_HOST,REDIS_PORT,REDIS_PASSWORD,DEV_KAKAO_CLIENT_ID,DEV_KAKAO_CLIENT_SECRET,DEV_APPLE_CLIENT_ID,DEV_APPLE_CLIENT_SECRET,JWT_ACCESS_TOKEN_SECRET,JWT_REFRESH_TOKEN_SECRET,JWT_ACCESS_TOKEN_EXPIRATION_TIME,JWT_REFRESH_TOKEN_EXPIRATION_TIME,JWT_ISSUER,DEV_AWS_ACCESS_KEY_ID,DEV_AWS_SECRET_ACCESS_KEY,AWS_REGION,DEV_S3_BUCKET,DEV_S3_ENDPOINT,SWAGGER_USERNAME,SWAGGER_PASSWORD
script: |
export DOCKERHUB_NAME=${{ secrets.DOCKERHUB_USERNAME }}
export DOCKER_TAG=dev-app

export DEV_MYSQL_HOST=${{ secrets.DEV_MYSQL_HOST }}
export MYSQL_PORT=${{ secrets.MYSQL_PORT }}
export DB_NAME=${{ secrets.DB_NAME }}
export DB_USERNAME=${{ secrets.DB_USERNAME }}
export DB_PASSWORD=${{ secrets.DB_PASSWORD }}

export REDIS_HOST=${{ secrets.REDIS_HOST }}
export REDIS_PORT=${{ secrets.REDIS_PORT }}
export REDIS_PASSWORD=${{ secrets.REDIS_PASSWORD }}

export KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }}
export KAKAO_CLIENT_SECRET=${{ secrets.DEV_KAKAO_CLIENT_SECRET }}

export APPLE_CLIENT_ID=${{ secrets.APPLE_CLIENT_ID }}
export APPLE_CLIENT_SECRET=${{ secrets.APPLE_CLIENT_SECRET }}

export JWT_ACCESS_TOKEN_SECRET=${{ secrets.JWT_ACCESS_TOKEN_SECRET }}
export JWT_REFRESH_TOKEN_SECRET=${{ secrets.JWT_REFRESH_TOKEN_SECRET }}
export JWT_ACCESS_TOKEN_EXPIRATION_TIME=${{ secrets.JWT_ACCESS_TOKEN_EXPIRATION_TIME }}
export JWT_REFRESH_TOKEN_EXPIRATION_TIME=${{ secrets.JWT_REFRESH_TOKEN_EXPIRATION_TIME }}
export JWT_ISSUER=${{ secrets.JWT_ISSUER }}

export DEV_AWS_ACCESS_KEY_ID=${{ secrets.DEV_AWS_ACCESS_KEY_ID }}
export DEV_AWS_SECRET_ACCESS_KEY=${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }}
export AWS_REGION=${{ secrets.AWS_REGION }}
export DEV_S3_BUCKET=${{ secrets.DEV_S3_BUCKET }}
export DEV_S3_ENDPOINT=${{ secrets.DEV_S3_ENDPOINT }}

export SWAGGER_USERNAME=${{ secrets.SWAGGER_USERNAME }}
export SWAGGER_PASSWORD=${{ secrets.SWAGGER_PASSWORD }}

echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin

cd /home/ubuntu
docker compose -f clokey-api/dev-compose.yml up -d

echo "Cleaning up dangling Docker images..."
docker image prune -f

119 changes: 119 additions & 0 deletions .github/workflows/prod-cd.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,119 @@
name: Clokey-Prod CD

on:
push:
branches: [ main ]

jobs:
dev-cd:
runs-on: ubuntu-latest
permissions:
contents: read

steps:
- uses: actions/checkout@v4
with:
clean: true

- name: Setup Java 21
uses: actions/setup-java@v4
with:
distribution: 'corretto'
java-version: '21'

- name: Gradle Cache
uses: actions/cache@v4
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: ${{ runner.os }}-gradle-

- name: Grant gradlew permission
run: chmod +x ./gradlew

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
install: true

- name: Create buildx builder
run: |
docker buildx create --use --name mybuilder
docker buildx inspect --bootstrap

- name: Log in to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Build & Push App Image
run: |
docker buildx build \
--platform linux/amd64 \
--push \
--file clokey-api/Dockerfile \
--tag ${{ secrets.DOCKERHUB_USERNAME }}/clokey-docker-2025:prod-app \
.

- name: Copy prod-docker-compose.yml
uses: appleboy/[email protected]
with:
username: ubuntu
host: ${{ secrets.PROD_EC2_HOST }}
key: ${{ secrets.PROD_EC2_SSH_KEY }}
source: ./clokey-api/prod-compose.yml
target: /home/ubuntu/

- name: Deploy App
uses: appleboy/ssh-action@master
with:
username: ubuntu
host: ${{ secrets.PROD_EC2_HOST }}
key: ${{ secrets.PROD_EC2_SSH_KEY }}
envs: DOCKERHUB_USERNAME,SPRING_PROFILES_ACTIVE,PROD_MYSQL_HOST,MYSQL_PORT,DB_NAME,DB_USERNAME,DB_PASSWORD,REDIS_HOST,REDIS_PORT,REDIS_PASSWORD,PROD_KAKAO_CLIENT_ID,PROD_KAKAO_CLIENT_SECRET,PROD_APPLE_CLIENT_ID,PROD_APPLE_CLIENT_SECRET,JWT_ACCESS_TOKEN_SECRET,JWT_REFRESH_TOKEN_SECRET,JWT_ACCESS_TOKEN_EXPIRATION_TIME,JWT_REFRESH_TOKEN_EXPIRATION_TIME,JWT_ISSUER,PROD_AWS_ACCESS_KEY_ID,PROD_AWS_SECRET_ACCESS_KEY,AWS_REGION,PROD_S3_BUCKET,PROD_S3_ENDPOINT,SWAGGER_USERNAME,SWAGGER_PASSWORD
script: |
export DOCKERHUB_NAME=${{ secrets.DOCKERHUB_USERNAME }}
export DOCKER_TAG=prod-app

export DEV_MYSQL_HOST=${{ secrets.PROD_MYSQL_HOST }}
export MYSQL_PORT=${{ secrets.MYSQL_PORT }}
export DB_NAME=${{ secrets.DB_NAME }}
export DB_USERNAME=${{ secrets.DB_USERNAME }}
export DB_PASSWORD=${{ secrets.DB_PASSWORD }}

export REDIS_HOST=${{ secrets.REDIS_HOST }}
export REDIS_PORT=${{ secrets.REDIS_PORT }}
export REDIS_PASSWORD=${{ secrets.REDIS_PASSWORD }}

export KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }}
export KAKAO_CLIENT_SECRET=${{ secrets.KAKAO_CLIENT_SECRET }}

export APPLE_CLIENT_ID=${{ secrets.APPLE_CLIENT_ID }}
export APPLE_CLIENT_SECRET=${{ secrets.APPLE_CLIENT_SECRET }}

export JWT_ACCESS_TOKEN_SECRET=${{ secrets.JWT_ACCESS_TOKEN_SECRET }}
export JWT_REFRESH_TOKEN_SECRET=${{ secrets.JWT_REFRESH_TOKEN_SECRET }}
export JWT_ACCESS_TOKEN_EXPIRATION_TIME=${{ secrets.JWT_ACCESS_TOKEN_EXPIRATION_TIME }}
export JWT_REFRESH_TOKEN_EXPIRATION_TIME=${{ secrets.JWT_REFRESH_TOKEN_EXPIRATION_TIME }}
export JWT_ISSUER=${{ secrets.JWT_ISSUER }}

export DEV_AWS_ACCESS_KEY_ID=${{ secrets.PROD_AWS_ACCESS_KEY_ID }}
export DEV_AWS_SECRET_ACCESS_KEY=${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }}
export AWS_REGION=${{ secrets.AWS_REGION }}
export DEV_S3_BUCKET=${{ secrets.PROD_S3_BUCKET }}
export DEV_S3_ENDPOINT=${{ secrets.PROD_S3_ENDPOINT }}

export SWAGGER_USERNAME=${{ secrets.SWAGGER_USERNAME }}
export SWAGGER_PASSWORD=${{ secrets.SWAGGER_PASSWORD }}

echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin

cd /home/ubuntu
docker compose -f clokey-api/prod-compose.yml up -d

echo "Cleaning up dangling Docker images..."
docker image prune -f

Loading