Merge pull request #63 from depromeet/develop

[Chore][#23] 운영 서버 셋팅
depromeet · Aug 22, 2024 · 650a833 · 650a833
2 parents 2a13914 + b0ab20c
commit 650a833
Show file tree

Hide file tree

Showing 8 changed files with 119 additions and 5 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,8 @@
 FROM openjdk:21
 ARG JAR_FILE=build/libs/*.jar
 COPY ${JAR_FILE} app.jar
+
+ARG PROFILE=local
+ENV SPRING_PROFILES_ACTIVE=${PROFILE}
+
 ENTRYPOINT ["java","-jar","/app.jar"]
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -0,0 +1,76 @@
+pipeline {
+    agent any
+
+    tools {
+        jdk 'JDK21'
+    }
+
+    environment {
+        DOCKERHUB_CREDENTIALS = credentials('dockerhub-credentials-id')
+        DOCKER_IMAGE = credentials('docker-image')
+        K8S_URL = credentials('k8s-url')
+        K8S_NAMESPACE = credentials('k8s-namespace')
+        K8S_DEPLOY_NAME = credentials('k8s-deploy-name')
+        JAVA_HOME = "${tool 'JDK21'}"
+        PATH = "${env.JAVA_HOME}/bin:${env.PATH}"
+    }
+
+    stages {
+        stage('Checkout') {
+            steps {
+                checkout scm
+            }
+        }
+
+        stage('Build & Test') {
+            steps {
+                script {
+                    sh './gradlew clean build'
+                    sh './gradlew openapi3'
+                }
+            }
+            post {
+                failure {
+                    error 'Deployment failed!'
+                }
+            }
+        }
+
+        stage('Login'){
+            steps{
+                sh 'echo $DOCKERHUB_CREDENTIALS_PSW | docker login -u $DOCKERHUB_CREDENTIALS_USR --password-stdin' // docker hub 로그인
+            }
+        }
+
+        stage('Build & Push Docker Image') {
+            steps {
+                script {
+                    sh 'docker buildx build --push --platform linux/amd64 --build-arg PROFILE=prod -t $DOCKER_IMAGE .'
+                }
+            }
+        }
+
+        stage('ssh-test') {
+            steps{
+                script{
+                    sshagent (credentials: ['ncp-key']) {
+                        sh  """
+                        ssh -o StrictHostKeyChecking=no ${K8S_URL} << EOF
+                        microk8s kubectl rollout restart deploy ${K8S_DEPLOY_NAME} -n=${K8S_NAMESPACE}
+                        """
+                    }
+                }
+            }
+        }
+
+    }
+
+    post {
+        success {
+            echo 'Deployment was successful!'
+        }
+        failure {
+            error 'Deployment failed!'
+        }
+    }
+}
diff --git a/build.gradle b/build.gradle
@@ -38,6 +38,7 @@ dependencies {
     implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
     implementation 'org.springframework.boot:spring-boot-starter-security'
     implementation 'org.springframework.boot:spring-boot-starter-web'
+    implementation 'org.springframework.boot:spring-boot-starter-actuator'
     compileOnly 'org.projectlombok:lombok'
     runtimeOnly 'com.mysql:mysql-connector-j'
     annotationProcessor 'org.projectlombok:lombok'

diff --git a/src/main/java/com/server/bbo_gak/global/config/WebConfig.java b/src/main/java/com/server/bbo_gak/global/config/WebConfig.java
@@ -3,9 +3,11 @@
 import com.server.bbo_gak.global.annotation.AuthenticationArgumentResolver;
 import java.util.List;
 import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.scheduling.annotation.EnableScheduling;
 import org.springframework.transaction.annotation.EnableTransactionManagement;
+import org.springframework.web.filter.ForwardedHeaderFilter;
 import org.springframework.web.method.support.HandlerMethodArgumentResolver;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@@ -33,4 +35,9 @@ public void addCorsMappings(CorsRegistry registry) {
     public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) {
         resolvers.add(authenticationArgumentResolver);
     }
+
+    @Bean
+    ForwardedHeaderFilter forwardedHeaderFilter() {
+        return new ForwardedHeaderFilter();
+    }
 }
diff --git a/src/main/java/com/server/bbo_gak/global/config/security/SecurityConfig.java b/src/main/java/com/server/bbo_gak/global/config/security/SecurityConfig.java
@@ -27,8 +27,9 @@
 public class SecurityConfig {
 
     private final JwtTokenService jwtTokenService;
-    private String[] allowUrls = {"/", "/api/v1/users/test/login", "/api/v1/users/refreshToken", "/api/v1/users/social-login", "/api/v1/users/test/access-token", "/docs/**", "/v3/**",
-        "/favicon.ico"};
+    private String[] allowUrls = {"/", "/api/v1/users/test/login", "/docs/**", "/v3/**", "/favicon.ico",
+        "/api/v1/users/refreshToken", "/api/v1/users/social-login", "/api/v1/users/test/access-token",
+        "/api/docs/**", "/api/v3/**", "/api/health-check/**"};
 
     @Bean
     public WebSecurityCustomizer configure() {
@@ -64,7 +65,7 @@ public CorsConfigurationSource corsConfigurationSource() {
         CorsConfiguration configuration = new CorsConfiguration();
         configuration.setAllowedOrigins(
             List.of("http://114.70.23.79:8080", "http://localhost:8080", "http://52.65.6.74:8080",
-                "http://localhost:3000")); // 허용할 오리진 지정
+                "http://localhost:3000", "http://118.67.129.12", "https://bbogak.com"));
         configuration.addAllowedMethod("*");
         configuration.setAllowedHeaders(List.of("*")); // 허용할 헤더
         configuration.setAllowCredentials(true);
@@ -78,5 +79,4 @@ public CorsConfigurationSource corsConfigurationSource() {
     public BCryptPasswordEncoder bCryptPasswordEncoder() {
         return new BCryptPasswordEncoder();
     }
-
 }
diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml
@@ -0,0 +1,25 @@
+spring:
+  config:
+    activate:
+      on-profile: prod
+  jpa:
+    properties:
+      hibernate:
+        show_sql: true
+        format_sql: true
+        use_sql_comments: true
+    hibernate:
+      ddl-auto: update
+
+server:
+  forward-headers-strategy: framework
+
+management:
+  endpoints:
+    enabled-by-default: false
+    web:
+      base-path: /api/health-check
+  endpoint:
+    health:
+      enabled: true
+
diff --git a/src/main/resources/application-swagger.yml b/src/main/resources/application-swagger.yml
@@ -3,4 +3,4 @@ springdoc:
   default-produces-media-type: application/json;charset=UTF-8
   swagger-ui:
     url: /docs/open-api-3.0.1.json
-    path: /docs/swagger
+    path: /docs/swagger
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -5,6 +5,7 @@ spring:
       test: "test"
       local: "local, datasource"
       dev: "dev, datasource"
+      prod: "prod, datasource"
     include:
       - security
       - swagger