From 33280a2cc615b5f8fe87ad0220461f4446aa1e5b Mon Sep 17 00:00:00 2001 From: Hyomin Koo Date: Sun, 29 Sep 2024 02:04:22 +0900 Subject: [PATCH 1/3] =?UTF-8?q?chore:=20SSL=EC=9D=84=20=EC=9C=84=ED=95=9C?= =?UTF-8?q?=20keystore=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/resources/keystore.p12 | Bin 0 -> 1671 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 src/main/resources/keystore.p12 diff --git a/src/main/resources/keystore.p12 b/src/main/resources/keystore.p12 new file mode 100644 index 0000000000000000000000000000000000000000..0b56b733bee811e77559568f1541a0c36c80a263 GIT binary patch literal 1671 zcmai!dpOez7{~XUZEb8A%cUEkO)dP;awoMia>-@6BsM#&+q$WS=-ARU30>WCnZjHS zom?^soe*axnl7{MxkPSB)aW>R&Uxz3{&=7F`F_5CywCIg@d3Gr(@;PO#V6~=R6AYN=lf3rY##EUk|gSFqbS8Gj|V5cf|kfgEbz@#YZp`gdUf6us$RTaG} zc3*f{h+!T&J+5GdA*1B$>Q9Zg8B6p@$~XCwQu~-`f`>{;U!Dl$MW>L%e6G-FGXX^O za^8cKoPkR@oi!VLi@46H*rGUTfriBANZ&=^$ybJQpj~vJHaXOiYT?pd*_(WEP>>Zw z7;u@+h8J7~oC0b`xvbhOI(1g(kexd|IfP!&e2M~igzS9J^SPDD8A9hs6GPn19!0m* zXyD&YHJH7Mwq#=1CY=1E1sb!@^_Nlfv4))X$*;~UQIp~fi- zWVl{+^U^CCTReqD#AuUJ{D5Tc{%lW~#mGXp#M8?jcrOSIVSY62uPx~x`jX(c5%25~ z9BS1(eoe&K$$m!>JYuH4=ewYAa4SyB?+!OL2#qtc{hF|<9l_O58z*mC>ABkqkfDuD zm`Bwq?Q%1iZ+L=HKLWD74u3g^yWZp9+bnJOuAHxX7gkAUVHD1AgOP5T<&oAKdltkU zkJs>A(=lr4l*3p%29L8mqHe9Z-@u@QYt4!Ch5;Yqs$MquKkw>4=B#6@MqtI%%RRNP zdnbQz!no+AWz^oRBu_Hz_mXI`i>Le8k@}r&d95c6dOxgCt#0-5U*DmuD4w!8$bR9! zIl|3IBvUO5A0LuaHtqYT<-~kxsK_U+E6SmQm~y9VtbAAuv&o9BdX6T~Qz&}+rLi#^ zo(2~TlsDc9O3JeXXHhm0;yE71+e+O=kfdQH4py&f5{7gL zR{dGj-pV-^l!g?iOdR$lKB4Qo?wV>dgZU;~AnBRi^d@XP(7Y`PfAj_Vs?H!ec!C`u zpE&DbnTuUzN#nD=e8pYImdaC=w=K{s7~+8{Q26oeJVOvmTlnI^xVJENu;d8;`} zEliMq%1rcit#bd^(c*A9le)jNCdcv0o~o}H3OMA5F;@@L{Zh&K*hw`EYxFd#*p0R7 zqxZ6mpYhwF&k5}FANPq14OO_IRPn9jmyNajO;h2Yn7Tpj6W(j0?;kROteOqCTKKj- zARuS=RtLkcd}|H(iOE{JnXaY2poQ%zd^s>oFiMOdbch5}JG#q}smi2rLB#A>p2dxW zYKisZlH<$$R_9Lhu_T@iWq}RDH9l1eoIH;MNr=&X!qojX?dT{i_zRy`TY8Bm=9m0T zGV1qDW*IE`Ez;6hhMcaxd4RepLy2q*@5v=4GH%F-YmQb#Z8Wx>kxKKDSv`+(np44i^oqgaJG?cE&RMI7F4tW9CVbegls=~c8}Y~e38R-kHK5mP^;VC=}v-7gfZgmKd9 za=(pj%SrS&FUpX=TvAqdI$7bxawd8?JoFlzEZQ@vm*|409(bH_SDh)m(RhKR8PD|m zoK|+X+y2~}FTtK`Lp;H%7zv>mDz$E^*xaL(EsXzbSHDEA;(DQNL%61DucS4SmJr>c znIar));Xg!K-qndl=@*=oBDR6>tQLTpHUN^^BhTS1@ch- Date: Sun, 29 Sep 2024 02:05:48 +0900 Subject: [PATCH 2/3] =?UTF-8?q?chore:=20`dev`=20=EC=99=80=20`prod`?= =?UTF-8?q?=EC=97=90=20ssl=20=ED=99=9C=EC=84=B1=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile | 2 ++ src/main/resources/application-dev.yml | 6 ++++++ src/main/resources/application-prod.yml | 6 ++++++ 3 files changed, 14 insertions(+) create mode 100644 src/main/resources/application-dev.yml create mode 100644 src/main/resources/application-prod.yml diff --git a/Dockerfile b/Dockerfile index 08939ae..88fe5a9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,12 +7,14 @@ ARG DATABASE_USERNAME=root ARG DATABASE_PASSWORD=password ARG JWT_SECRET=9bc0a269dbe8910fa16ced43ef5d14113a120fe1ab2d9b66bbd4c9bc0a269dbe8910fa16ced43ef5d14113 ARG JWT_TOKEN_VALIDITY_TIME=864000 +ARG KEYSTORE_PASSWORD=changeit ENV spring.datasource.initialization-mode=always ENV SPRING_PROFILES_ACTIVE=${SPRING_PROFILES_ACTIVE} ENV DATABASE_ADDRESS=${DATABASE_ADDRESS} ENV DATABASE_USERNAME=${DATABASE_USERNAME} ENV DATABASE_PASSWORD=${DATABASE_PASSWORD} +ENV KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD} ENV JWT_SECRET=${JWT_SECRET} ENV JWT_TOKEN_VALIDITY_TIME=${JWT_TOKEN_VALIDITY_TIME} diff --git a/src/main/resources/application-dev.yml b/src/main/resources/application-dev.yml new file mode 100644 index 0000000..cd029e3 --- /dev/null +++ b/src/main/resources/application-dev.yml @@ -0,0 +1,6 @@ +server: + ssl: + enabled: true + key-store: classpath:keystore.p12 + key-store-password: ${KEYSTORE_PASSWORD} + key-store-type: PKCS12 \ No newline at end of file diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml new file mode 100644 index 0000000..cd029e3 --- /dev/null +++ b/src/main/resources/application-prod.yml @@ -0,0 +1,6 @@ +server: + ssl: + enabled: true + key-store: classpath:keystore.p12 + key-store-password: ${KEYSTORE_PASSWORD} + key-store-type: PKCS12 \ No newline at end of file From b61a227f69871aaf90079742762a872dda3a83f6 Mon Sep 17 00:00:00 2001 From: Hyomin Koo Date: Sun, 29 Sep 2024 02:07:56 +0900 Subject: [PATCH 3/3] =?UTF-8?q?chore:=20=EB=B0=B0=ED=8F=AC=EC=8B=9C=20?= =?UTF-8?q?=ED=99=98=EA=B2=BD=20=EB=B3=80=EC=88=98=20=EC=A0=81=EC=9A=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/publish-dev.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/publish-dev.yml b/.github/workflows/publish-dev.yml index bc9923c..a2e333e 100644 --- a/.github/workflows/publish-dev.yml +++ b/.github/workflows/publish-dev.yml @@ -60,7 +60,7 @@ jobs: path: build/libs/*.jar docker-build: name: 'Docker 이미지 빌드' - needs: [apply-terraform, build-server] + needs: [ apply-terraform, build-server ] runs-on: ubuntu-latest steps: - name: 레포지토리 체크아웃 @@ -79,6 +79,9 @@ jobs: --build-arg DATABASE_ADDRESS=${{ needs.apply-terraform.outputs.rds_endpoint }} \ --build-arg DATABASE_USERNAME=${{ secrets.DEV_DATABASE_USER }} \ --build-arg DATABASE_PASSWORD=${{ secrets.DEV_DATABASE_PASSWORD }} \ + --build-arg JWT_SECRET=${{ secrets.JWT_SECRET }} \ + --build-arg JWT_TOKEN_VALIDITY_TIME=${{ secrets.JWT_TOKEN_VALIDITY_TIME }} \ + --build-arg KEYSTORE_PASSWORD=${{ secrets.KEYSTORE_PASSWORD }} \ -t gooiman-api:${{ github.sha }} . - name: 도커 이미지 저장 @@ -92,7 +95,7 @@ jobs: ecr-push: name: 'ECR 푸시' - needs: [apply-terraform, docker-build] + needs: [ apply-terraform, docker-build ] runs-on: ubuntu-latest outputs: ecr_registry: ${{ steps.login-ecr.outputs.registry }} @@ -160,7 +163,7 @@ jobs: echo "docker-compose -f /var/deployment/docker-compose.yml up -d" >> scripts/deploy.sh zip -r ${{ github.sha }}.zip . aws s3 cp ${{ github.sha }}.zip s3://gooiman-${{ env.ENVIRONMENT }}-deploy-bucket/${{ github.sha }}.zip - + - name: CodeDeploy 배포 생성 run: |