Merge pull request #288 from KW-ClassLog/Chore/#276-deploy

📦 Chore/#276 배포 테스트 2

Author: sunninz

.github/workflows/CD.yml

@@ -0,0 +1,117 @@
+name: ClassLog CD
+
+on:
+  push:
+    branches: ["test-deploy"]
+
+permissions:
+  contents: read
+  packages: write
+
+env:
+  IMAGE_TAG: ${{ github.sha }}
+  BACKEND_IMAGE: ${{ secrets.DOCKER_USERNAME }}/classlog-backend
+  FRONTEND_IMAGE: ${{ secrets.DOCKER_USERNAME }}/classlog-frontend
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name : Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+
+      - name: Grant execute permission for gradlew
+        working-directory: ./backend
+        run: chmod +x gradlew
+
+      - name: Build with Gradle
+        working-directory: ./backend
+        run: ./gradlew clean bootJar
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Build & Push Backend Image
+        run: |
+          docker build -t ${BACKEND_IMAGE}:latest -t ${BACKEND_IMAGE}:${IMAGE_TAG} ./backend
+          docker push ${BACKEND_IMAGE}:latest
+          docker push ${BACKEND_IMAGE}:${IMAGE_TAG}
+
+      - name: Build & Push Frontend Image
+        run: |
+          docker build -t ${FRONTEND_IMAGE}:latest -t ${FRONTEND_IMAGE}:${IMAGE_TAG} ./frontend
+          docker push ${FRONTEND_IMAGE}:latest
+          docker push ${FRONTEND_IMAGE}:${IMAGE_TAG}
+  deploy:
+    needs: build-and-push
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Create backend/.env on server
+        uses: appleboy/[email protected]
+        with:
+          host: ${{ secrets.SSH_HOST }}
+          username: ${{ secrets.SSH_USER }}
+          key: ${{ secrets.SSH_KEY }}
+          script: |
+            mkdir -p /home/ubuntu/classlog/backend
+            cat > /home/ubuntu/classlog/backend/.env <<EOF
+            DB_USERNAME=${{ secrets.DB_USERNAME }}
+            DB_PASSWORD=${{ secrets.DB_PASSWORD }}
+            DB_NAME=${{ secrets.DB_NAME }}
+            DB_HOST=${{ secrets.DB_HOST }}
+            DB_PORT=${{ secrets.DB_PORT }}
+            REDIS_HOST=${{ secrets.REDIS_HOST }}
+            REDIS_PORT=${{ secrets.REDIS_PORT }}
+            JWT_SECRET=${{ secrets.JWT_SECRET }}
+            MAIL_HOST=${{ secrets.MAIL_HOST }}
+            MAIL_PORT=${{ secrets.MAIL_PORT }}
+            MAIL_USERNAME=${{ secrets.MAIL_USERNAME }}
+            MAIL_PASSWORD=${{ secrets.MAIL_PASSWORD }}
+            AWS_REGION=${{ secrets.AWS_REGION }}
+            AWS_ACCESS_KEY=${{ secrets.AWS_ACCESS_KEY }}
+            AWS_SECRET_KEY=${{ secrets.AWS_SECRET_KEY }}
+            AWS_S3_BUCKET_NAME=${{ secrets.AWS_S3_BUCKET_NAME }}
+            AI_SERVER_URL=${{ secrets.AI_SERVER_URL }}
+            OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
+            KAKAO_API_KEY=${{ secrets.KAKAO_API_KEY }}
+            KAKAO_REDIRECT_URI=${{ secrets.KAKAO_REDIRECT_URI }}
+            CORS_ORIGIN=${{ secrets.CORS_CORIGIN}}
+            EOF
+
+      - name: Create frontend/.env on server
+        uses: appleboy/[email protected]
+        with:
+          host: ${{ secrets.SSH_HOST }}
+          username: ${{ secrets.SSH_USER }}
+          key: ${{ secrets.SSH_KEY }}
+          script: |
+            mkdir -p /home/ubuntu/classlog/frontend
+            cat > /home/ubuntu/classlog/frontend/.env <<EOF
+            NEXT_PUBLIC_API_BASE_URL=${{secrets.NEXT_PUBLIC_API_BASE_URL}}
+            EOF
+
+      - name: Deploy containers
+        uses: appleboy/[email protected]
+        with:
+          host: ${{ secrets.SSH_HOST }}
+          username: ${{ secrets.SSH_USER }}
+          key: ${{ secrets.SSH_KEY }}
+          script: |
+            cd /home/ubuntu/classlog
+            export DOCKERHUB_USERNAME="${{ secrets.DOCKER_USERNAME }}"
+            export IMAGE_TAG="${{ github.sha }}"
+            
+            echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${DOCKERHUB_USERNAME}" --password-stdin
+            docker compose pull
+            docker compose up -d
+            docker image prune -f

.github/workflows/CI-backend.yml

@@ -0,0 +1,66 @@
+name: ClassLog CI - Backend
+on:
+  pull_request:
+    paths:
+      - 'backend/**'
+    branches: ["dev"]
+
+permissions:
+  contents: read
+  checks: write
+  pull-requests: write
+
+jobs:
+  backend-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name : Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+
+      - name :  Set up redis
+        uses: supercharge/[email protected]
+        with:
+          redis-version: 7
+
+      - name: Grant execute permission for gradlew
+        working-directory: ./backend
+        run: chmod +x gradlew
+
+      - name: Build with Gradle
+        working-directory: ./backend
+        env:
+          DB_USERNAME: ${{ secrets.DB_HOST }}
+          DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
+          DB_NAME: ${{ secrets.DB_NAME }}
+          DB_HOST: ${{ secrets.DB_HOST }}
+          DB_PORT: ${{ secrets.DB_PORT }}
+          REDIS_HOST: ${{ secrets.REDIS_HOST }}
+          REDIS_PORT: ${{ secrets.REDIS_PORT }}
+          JWT_SECRET: ${{ secrets.JWT_SECRET }}
+          MAIL_HOST: ${{ secrets.MAIL_HOST }}
+          MAIL_PORT: ${{ secrets.MAIL_PORT }}
+          MAIL_USERNAME: ${{ secrets.MAIL_USERNAME }}
+          MAIL_PASSWORD: ${{ secrets.MAIL_PASSWORD }}
+          AWS_REGION: ${{ secrets.AWS_REGION }}
+          AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }}
+          AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }}
+          AI_SERVER_URL: ${{ secrets.AI_SERVER_URL }}
+          AWS_S3_BUCKET_NAME: ${{ secrets.AWS_S3_BUCKET_NAME }}
+          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
+          KAKAO_API_KEY: ${{ secrets.KAKAO_API_KEY }}
+          KAKAO_REDIRECT_URI: ${{ secrets.KAKAO_REDIRECT_URI }}
+        run: ./gradlew build
+
+      - name: ✅Passed
+        if: success()
+        run: echo "Backend Tests passed"
+
+      - name: ❌Failed
+        if: failure()
+        run: echo "Backend Tests failed"

.github/workflows/CI-frontend.yml

@@ -0,0 +1,41 @@
+name: ClassLog CI - Frontend
+on:
+  pull_request:
+    paths:
+      - 'frontend/**'
+    branches: ["dev"]
+
+permissions:
+  contents: read
+  checks: write
+  pull-requests: write
+
+jobs:
+  frontend-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Use Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '20'
+
+      - name: Install dependencies
+        working-directory: ./frontend
+        run: npm install
+
+      - name: Build with npm
+        working-directory: ./frontend
+        env:
+          NEXT_PUBLIC_API_BASE_URL : ${{ secrets.NEXT_PUBLIC_API_BASE_URL }}
+        run: npm run build
+
+      - name: ✅Passed
+        if: success()
+        run: echo "Frontend Tests passed"
+
+      - name: ❌Failed
+        if: failure()
+        run: echo "Frontend Tests failed"

backend/docker-compose.yml

@@ -31,7 +31,7 @@ public static void main(String[] args) {
 		System.setProperty("AWS_S3_BUCKET_NAME", dotenv.get("AWS_S3_BUCKET_NAME"));
 		System.setProperty("KAKAO_API_KEY", dotenv.get("KAKAO_API_KEY"));
 		System.setProperty("KAKAO_REDIRECT_URI", dotenv.get("KAKAO_REDIRECT_URI"));
-		System.setProperty("FRONTEND_ORIGIN",dotenv.get("FRONTEND_ORIGIN"));
+		System.setProperty("CORS_ORIGIN",dotenv.get("CORS_ORIGIN"));
 
 		SpringApplication.run(BackendApplication.class, args);
 	}

backend/gradlew

@@ -33,7 +33,7 @@ public ApiResponse<String> register(@Valid @RequestBody RegisterRequestDTO regis
         return ApiResponse.onSuccess("Register successfully");
     }
 
-    // 개인정보조회
+    // 개인 정보 조회
     @GetMapping("/me")
     public ApiResponse<UserProfileResponseDTO> profile(){
         UserProfileResponseDTO response = userService.getProfile();

backend/src/main/java/org/example/backend/BackendApplication.java

@@ -22,6 +22,7 @@
 import org.springframework.security.web.authentication.logout.LogoutFilter;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.CorsUtils;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
 import java.util.Arrays;
@@ -36,8 +37,8 @@ public class SecurityConfig {
     private final UserRedisService userRedisService;
     private final UserRepository userRepository;
 
-    @Value("${frontend.origin}")
-    private String frontendOrigin;
+    @Value("${cors.origin}")
+    private String[] corsOrigins;
 
     //AuthenticationManger Bean 등록
     @Bean
@@ -65,16 +66,18 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
 
         http
                 .csrf((auth)->auth.disable()) // csrf disable
-                .cors((cors) -> cors.configurationSource(corsConfigurationSource())) //cors 설정
+                .cors(cors -> cors.configurationSource(corsConfigurationSource())) //cors 설정
                 .formLogin((auth)->auth.disable()) //Form 로그인 방식 disable
                 .logout((auth)-> auth.disable())
                 .httpBasic((auth)-> auth.disable()) // http basic 인증방식 disable
                 .authorizeHttpRequests((auth)->auth // 경로별 인가 작업
-                        .anyRequest().permitAll())
-//                        .requestMatchers("/api/users","/api/users/verify-email","/api/users/login","/api/users/password/temp").permitAll()
-//                        .anyRequest().authenticated())
+//                        .anyRequest().permitAll()
+                        .requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
+                        .requestMatchers("/actuator/health").permitAll()
+                        .requestMatchers("/api/users","/api/users/verify-email","/api/users/login","/api/users/password/temp").permitAll()
+                        .anyRequest().authenticated())
                 .addFilterBefore(new FilterExceptionHandler(), LogoutFilter.class) // 예외처리 필터
-                .addFilterBefore(jwtFilter(),LoginFilter.class) // 미들웨어
+                .addFilterBefore(jwtFilter(),UsernamePasswordAuthenticationFilter.class) // 미들웨어
                 .addFilterAt(loginFilter, UsernamePasswordAuthenticationFilter.class) // custom한 login필터 추가
                 .sessionManagement((session)->session // 세션설정
                         .sessionCreationPolicy(SessionCreationPolicy.STATELESS));
@@ -85,7 +88,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
     @Bean
     public CorsConfigurationSource corsConfigurationSource() {
         CorsConfiguration configuration = new CorsConfiguration();
-        configuration.setAllowedOrigins(Arrays.asList("http://localhost:3000", frontendOrigin));
+        configuration.setAllowedOrigins(Arrays.asList(corsOrigins));
         configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
         configuration.setAllowedHeaders(Arrays.asList("*"));
         configuration.setAllowCredentials(true);