feat: ci/cd 설정

Author: kikingki

.github/workflows/cicd.yml

@@ -0,0 +1,84 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle
+
+name: CI/CD
+
+#event trigger
+on:
+  push:
+    branches: [ "main" ]
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      # JDK 17 설정
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'oracle'
+
+      # Gradle 설정
+      - name: Setup Gradle
+        uses: gradle/gradle-build-action@v2
+
+      # Docker Hub 로그인
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      # gradlew 파일 권한 지정
+      - name: Grant execute permission for gradlew
+        run: chmod +x gradlew
+
+      # gradle Jib를 이용해 이미지를 만들고 원격 저장소에 Push
+      - name: Setup Jib with Gradle
+        run: ./gradlew jib
+
+      #  GET GitHub IP
+      - name: Get Github Actions IP
+        id: ip
+        uses: haythem/[email protected]
+
+      # AWS 접근 권한 취득(IAM)
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ap-northeast-2
+
+      #  github ip AWS 보안 그룹에 추가
+      - name: Add Github Actions IP to Security group
+        run: |
+          aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
+
+      # ssh로 접속해 재배포
+      - name: Deploy
+        uses: appleboy/ssh-action@master
+        with:
+          host: ${{ secrets.REMOTE_IP }}
+          username: ${{ secrets.REMOTE_SSH_ID }}
+          key: ${{ secrets.REMOTE_SSH_KEY }}
+          port: ${{ secrets.REMOTE_SSH_PORT }}
+          script: |
+            cd docker
+            docker-compose pull
+            docker-compose up -d
+
+      # 배포 후 보안 그룹에서 github ip 삭제
+      - name: Remove Github Actions IP From Security Group
+        run: |
+          aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32

build.gradle

@@ -2,6 +2,21 @@ plugins {
     id 'java'
     id 'org.springframework.boot' version '3.3.1'
     id 'io.spring.dependency-management' version '1.1.5'
+    id 'com.google.cloud.tools.jib' version '3.4.2'
+}
+
+jib {
+    from {
+        image = "openjdk:17-jdk-alpine"
+    }
+    to {
+        image = "kikingki/itit"
+        tags = ['latest']
+    }
+    container {
+        environment = [TZ: "Asia/Seoul"]
+        jvmFlags = ['-XX:+UseContainerSupport', '-Dfile.encoding=UTF-8', '-Duser.timezone="Asia/Seoul"']
+    }
 }
 
 group = 'com.dissonance'