From fd057f66b6b77326b37047e3aaae8a18e22ca03e Mon Sep 17 00:00:00 2001 From: thguss Date: Mon, 26 Aug 2024 12:54:54 +0900 Subject: [PATCH 1/4] add: added health check --- smeem-bootstrap/build.gradle | 1 + .../src/main/java/com/smeem/http/config/SecurityConfig.java | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/smeem-bootstrap/build.gradle b/smeem-bootstrap/build.gradle index 13ce7154..2e69f09d 100644 --- a/smeem-bootstrap/build.gradle +++ b/smeem-bootstrap/build.gradle @@ -11,6 +11,7 @@ dependencies { implementation project(':smeem-output-oauth:kakao') implementation 'org.springframework.boot:spring-boot-starter-web' + implementation 'org.springframework.boot:spring-boot-starter-actuator' } tasks.bootJar { diff --git a/smeem-input-http/src/main/java/com/smeem/http/config/SecurityConfig.java b/smeem-input-http/src/main/java/com/smeem/http/config/SecurityConfig.java index b34eb80e..3a5b37a0 100644 --- a/smeem-input-http/src/main/java/com/smeem/http/config/SecurityConfig.java +++ b/smeem-input-http/src/main/java/com/smeem/http/config/SecurityConfig.java @@ -47,7 +47,8 @@ private void setHttp(HttpSecurity http) throws Exception { .authorizeHttpRequests(authorizeHttpRequests -> authorizeHttpRequests .requestMatchers(new AntPathRequestMatcher("/api/v2/auth", "POST")).permitAll() - .requestMatchers(new AntPathRequestMatcher("/api/v2/test")).permitAll() + .requestMatchers(new AntPathRequestMatcher("/actuator/health")).permitAll() + .requestMatchers(new AntPathRequestMatcher("/api/v2/test")).permitAll() //TODO: 삭제 .requestMatchers(new AntPathRequestMatcher("/api/v2/versions/client/app")).permitAll() .requestMatchers(new AntPathRequestMatcher("/api/v2/goals/{type}")).permitAll() .requestMatchers(new AntPathRequestMatcher("/api/v2/goals")).permitAll() From 294a7410dcdbaa09aa995e84dc8c69868384120b Mon Sep 17 00:00:00 2001 From: thguss Date: Mon, 26 Aug 2024 13:39:58 +0900 Subject: [PATCH 2/4] delete: deleted unused file --- appspec.yml | 25 ------------------------- scripts/health_check.sh | 33 --------------------------------- scripts/run_new_was.sh | 37 ------------------------------------- scripts/switch.sh | 37 ------------------------------------- 4 files changed, 132 deletions(-) delete mode 100644 appspec.yml delete mode 100644 scripts/health_check.sh delete mode 100644 scripts/run_new_was.sh delete mode 100644 scripts/switch.sh diff --git a/appspec.yml b/appspec.yml deleted file mode 100644 index aa391031..00000000 --- a/appspec.yml +++ /dev/null @@ -1,25 +0,0 @@ -version: 0.0 -os: linux - -files: - - source: / - destination: /home/ubuntu/smeme/ - overwrite: yes - -permissions: - - object: /home/ubuntu - pattern: '**' - owner: ubuntu - group: ubuntu - -hooks: - ApplicationStart: - - location: scripts/run_new_was.sh - timeout: 180 - runas: ubuntu - - location: scripts/health_check.sh - timeout: 300 - runas: ubuntu - - location: scripts/switch.sh - timeout: 180 - runas: ubuntu \ No newline at end of file diff --git a/scripts/health_check.sh b/scripts/health_check.sh deleted file mode 100644 index 908455ff..00000000 --- a/scripts/health_check.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -# Crawl current connected port of WAS -# shellcheck disable=SC2002 -CURRENT_PORT=$(cat /etc/nginx/conf.d/service-url.inc | grep -Po '[0-9]+' | tail -1) -TARGET_PORT=0 - -# Toggle port Number -if [ "${CURRENT_PORT}" -eq 8081 ]; then - TARGET_PORT=8082 -elif [ "${CURRENT_PORT}" -eq 8082 ]; then - TARGET_PORT=8081 -else - echo "> No WAS is connected to nginx" - exit 1 -fi - -echo "> Start health check of WAS at 'http://127.0.0.1:${TARGET_PORT}/api/v2/test' ..." - -for RETRY_COUNT in 1 2 3 4 5 6 7 8 9 10 -do - echo "> #${RETRY_COUNT} trying..." - RESPONSE_CODE=$(curl -s -o /dev/null -w "%{http_code}" http://127.0.0.1:${TARGET_PORT}/api/v2/test) - - if [ "${RESPONSE_CODE}" -eq 200 ]; then - echo "> New WAS successfully running" - exit 0 - elif [ ${RETRY_COUNT} -eq 10 ]; then - echo "> Health check failed." - exit 1 - fi - sleep 10 -done diff --git a/scripts/run_new_was.sh b/scripts/run_new_was.sh deleted file mode 100644 index 54107642..00000000 --- a/scripts/run_new_was.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash - -# shellcheck disable=SC2002 -CURRENT_PORT=$(cat /etc/nginx/conf.d/service-url.inc | grep -Po '[0-9]+' | tail -1) -TARGET_PORT=0 - -echo "> Current port of running WAS is ${CURRENT_PORT}." - -if [ "${CURRENT_PORT}" -eq 8081 ]; then - TARGET_PORT=8082 -elif [ "${CURRENT_PORT}" -eq 8082 ]; then - TARGET_PORT=8081 -else - echo "> No WAS is connected to nginx" -fi - -TARGET_PID=$(lsof -Fp -i TCP:${TARGET_PORT} | grep -Po 'p[0-9]+' | grep -Po '[0-9]+') - -# shellcheck disable=SC2236 -if [ ! -z "${TARGET_PID}" ]; then - echo "> Kill WAS running at ${TARGET_PORT}." - sudo kill "${TARGET_PID}" -fi - -if [ "$DEPLOYMENT_GROUP_NAME" == "prod-group" ] -then - nohup java -jar -Dserver.port=${TARGET_PORT} -Dspring.profiles.active=prod /home/ubuntu/smeme/smeem-bootstrap/build/libs/smeem-bootstrap-0.0.1-SNAPSHOT.jar > /dev/null 2> /dev/null < /dev/null & - echo "> Now new WAS runs at ${TARGET_PORT}." -fi - -if [ "$DEPLOYMENT_GROUP_NAME" == "smeme-group" ] -then - nohup java -jar -Dserver.port=${TARGET_PORT} -Dspring.profiles.active=dev /home/ubuntu/smeme/smeem-bootstrap/build/libs/smeem-bootstrap-0.0.1-SNAPSHOT.jar > /dev/null 2> /dev/null < /dev/null & - echo "> Now new WAS runs at ${TARGET_PORT}." -fi - -exit 0 diff --git a/scripts/switch.sh b/scripts/switch.sh deleted file mode 100644 index b2752a43..00000000 --- a/scripts/switch.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash - -# Crawl current connected port of WAS -# shellcheck disable=SC2002 -CURRENT_PORT=$(cat /etc/nginx/conf.d/service-url.inc | grep -Po '[0-9]+' | tail -1) -TARGET_PORT=0 - -echo "> Nginx currently proxies to ${CURRENT_PORT}." - -# Toggle port number -if [ "${CURRENT_PORT}" -eq 8081 ]; then - TARGET_PORT=8082 -elif [ "${CURRENT_PORT}" -eq 8082 ]; then - TARGET_PORT=8081 -else - echo "> No WAS is connected to nginx" - exit 1 -fi - -# Change proxying port into target port -echo "set \$service_url http://127.0.0.1:${TARGET_PORT};" |sudo tee /etc/nginx/conf.d/service-url.inc - -echo "> Now Nginx proxies to ${TARGET_PORT}." - -# Reload nginx -sudo service nginx reload - -echo "> Nginx reloaded." - -sudo iptables -t nat -D PREROUTING 1 -sudo iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port ${TARGET_PORT} - -echo "> Forward ${TARGET_PORT} port" - -CURRENT_PID=$(lsof -Fp -i TCP:"${CURRENT_PORT}" | grep -Po 'p[0-9]+' | grep -Po '[0-9]+') - -sudo kill "${CURRENT_PID}" From e13deecda754b5e6f9dc5addc48c749da6b60b17 Mon Sep 17 00:00:00 2001 From: thguss Date: Mon, 26 Aug 2024 13:40:03 +0900 Subject: [PATCH 3/4] delete: deleted unused file --- .github/workflows/cd-dev.yml | 61 ------------------------------------ 1 file changed, 61 deletions(-) delete mode 100644 .github/workflows/cd-dev.yml diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml deleted file mode 100644 index 6856e806..00000000 --- a/.github/workflows/cd-dev.yml +++ /dev/null @@ -1,61 +0,0 @@ -name: deploy-dev - -## docker image 배포 대체, 추가 배포 자동화 필요 -#on: -# push: -# branches: [ develop ] - -jobs: - build: - runs-on: ubuntu-20.04 - - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Set up JDK 17 - uses: actions/setup-java@v3 - with: - java-version: 17 - distribution: 'temurin' - cache: gradle - - - name: Create application-secret.yml - run: | - pwd - cd ./smeem-bootstrap/src/main/resources - touch ./application-secret.yml - echo "${{ secrets.APPLICATION_SECRET_YML }}" >> ./application-secret.yml - cat ./application-secret.yml - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} - aws-region: ${{ secrets.AWS_REGION }} - - - name: Create FireBase JSON file From AWS - run: | - aws s3 cp --region ap-northeast-2 s3://${{ secrets.AWS_BUCKET_NAME }}/json/smeem_fcm.json smeem-notification/src/main/resources/firebase-config/smeem_fcm.json - - - name: Grant execute permission for gradlew - run: chmod +x ./gradlew - shell: bash - - - name: Build with Gradle - run: ./gradlew build - shell: bash - - - name: Make zip file - run: zip -r ./$GITHUB_SHA.zip . - shell: bash - - - name: Upload to S3 - run: aws s3 cp --region ap-northeast-2 ./$GITHUB_SHA.zip s3://${{ secrets.AWS_BUCKET_NAME }}/deploy/$GITHUB_SHA.zip - - - name: Code Deploy - run: aws deploy create-deployment --application-name smeme-codedeploy - --deployment-config-name CodeDeployDefault.AllAtOnce - --deployment-group-name smeme-group - --s3-location bucket=${{ secrets.AWS_BUCKET_NAME }},bundleType=zip,key=deploy/$GITHUB_SHA.zip From e87ff55abeeefac776fe5e2e00222b4e3cfbd736 Mon Sep 17 00:00:00 2001 From: thguss Date: Mon, 26 Aug 2024 13:41:54 +0900 Subject: [PATCH 4/4] add: added deploy script for dev --- .github/workflows/deploy-dev.yml | 88 ++++++++++++++++++++++++++++++++ Dockerfile => Dockerfile-dev | 0 script/deploy.sh | 49 ++++++++++++++++++ 3 files changed, 137 insertions(+) create mode 100644 .github/workflows/deploy-dev.yml rename Dockerfile => Dockerfile-dev (100%) create mode 100644 script/deploy.sh diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml new file mode 100644 index 00000000..13f60148 --- /dev/null +++ b/.github/workflows/deploy-dev.yml @@ -0,0 +1,88 @@ +name: deploy-dev + +on: + push: + branches: [ develop ] #TODO: change trigger + +jobs: + build: + runs-on: ubuntu-20.04 + + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Set up JDK 17 + uses: actions/setup-java@v3 + with: + java-version: 17 + distribution: 'temurin' + cache: gradle + + - name: Create application-secret.yml + run: | + pwd + cd ./smeem-bootstrap/src/main/resources + touch ./application-secret.yml + echo "${{ secrets.APPLICATION_SECRET_YML }}" >> ./application-secret.yml + cat ./application-secret.yml + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} + aws-region: ${{ secrets.AWS_REGION }} + + - name: Create FireBase JSON file From AWS + run: | + aws s3 cp --region ap-northeast-2 s3://${{ secrets.AWS_BUCKET_NAME }}/json/smeem_fcm.json smeem-notification/src/main/resources/firebase-config/smeem_fcm.json + + - name: Build with Gradle + run: | + chmod +x ./gradlew + ./gradlew build -x test + shell: bash + + - name: Set docker + uses: docker/setup-buildx-action@v2.9.1 + + - name: Login docker + uses: docker/login-action@v2.2.0 + with: + username: ${{ secrets.DOCKERHUB_LOGIN_USERNAME_DEV }} + password: ${{ secrets.DOCKERHUB_LOGIN_ACCESSTOKEN_DEV }} + + - name: Build docker image + run: | + docker build --platform linux/amd64 -t smeemdev/smeem-dev:latest -f Dockerfile-prod . + docker push smeemdev/smeem-dev:latest + + deploy-cd: + needs: build + runs-on: ubuntu-20.04 + + steps: + - name: SSH로 서버 접속 + uses: appleboy/ssh-action@master + with: + host: ${{ secrets.RELEASE_SERVER_IP_DEV }} + username: ${{ secrets.RELEASE_SERVER_USER_DEV }} + key: ${{ secrets.RELEASE_SERVER_KEY_DEV }} + script: | + cd ~ + + # deploy.sh 파일 다운로드 + wget https://raw.githubusercontent.com/Team-Smeme/Smeme-server-renewal/develop/script/deploy.sh -O deploy.sh + chmod +x deploy.sh + + # .env 파일 추가 + if ! grep -q "REGISTRY_URL=" .env; then + echo "REGISTRY_URL=${{ secrets.IMAGE_NAME_DEV }}" >> .env + fi + if ! grep -q "IMAGE_NAME=" .env; then + echo "IMAGE_NAME=${{ secrets.REGISTRY_URL_DEV }}" >> .env + fi + + # 배포 스크립트 실행 + sudo ./deploy.sh diff --git a/Dockerfile b/Dockerfile-dev similarity index 100% rename from Dockerfile rename to Dockerfile-dev diff --git a/script/deploy.sh b/script/deploy.sh new file mode 100644 index 00000000..12b06fb7 --- /dev/null +++ b/script/deploy.sh @@ -0,0 +1,49 @@ +#!/bin/bash +source .env + +REGISTRY_URL=${REGISTRY_URL} +IMAGE_NAME=${IMAGE_NAME} +TAG="latest" +CONTAINER_NAME="smeem" +HEALTH_CHECK_URI="/actuator/health" + +echo "> Pull docker image" +sudo docker pull "${REGISTRY_URL}"/"${IMAGE_NAME}":"${TAG}" + +echo "> Stop running docker container" +if [ "$(docker ps -a -q -f name=${CONTAINER_NAME})" ]; then + sudo docker stop ${CONTAINER_NAME} + sudo docker rm ${CONTAINER_NAME} +fi + +echo "> Run docker" +sudo docker run -d --name ${CONTAINER_NAME} -p 80:8080 "${REGISTRY_URL}"/${IMAGE_NAME}:${TAG} + +echo "----------------------------------------------------------------------" + +sleep 15 +for RETRY_COUNT in {1..15} +do + echo "> Health check" + + RESPONSE=$(curl -s http://localhost:8080${HEALTH_CHECK_URI}) + # shellcheck disable=SC2126 + UP_COUNT=$(echo "${RESPONSE}" | grep 'UP' | wc -l) + + if [ "${UP_COUNT}" -ge 1 ] + then + echo "> Success" + break + else + echo "> Not run yet" + echo "> 응답 결과: ${RESPONSE}" + fi + if [ "${RETRY_COUNT}" -eq 15 ] + then + echo "> Failed to running server" + sudo docker rm -f ${CONTAINER_NAME} + exit 1 + fi + sleep 2 +done +echo "----------------------------------------------------------------------"