🏷️ RDS 설정
🏷️ 배포 DB 연결
인텔리제이에서 바로 연결을 해주었다
🏷️ applicaition-db.yml 설정
- application.yml
spring:
profiles:
active: local
group:
local: common, db2
blue: blue, common, db
green: green, common , db
server:
env: blue
---
spring:
config:
activate:
on-profile: common
servlet:
multipart:
max-file-size: 20MB
max-request-size: 50MB
jpa:
database-platform: org.hibernate.dialect.MySQL8Dialect
open-in-view: true
hibernate:
ddl-auto: create
show-sql: false
properties:
hibernate.format_sql: true
dialect: org.hibernate.dialect.MySQL8InnoDBDialect
mvc:
pathmatch:
matching-strategy: ant_path_matcher
serverName: common
---
spring:
config:
activate:
on-profile: blue
server:
port: 8080
serverName: blue_server
---
spring:
config:
activate:
on-profile: green
server:
port: 8081
serverName: green_server
---
- application-db.yml
spring:
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://${DB_HOST}:3306/${DB_NAME}?serverTimezone=Asia/Seoul&characterEncoding=UTF-8
username: ${DB_USERNAME}
password: ${DB_PASSWORD}- DB_HOST : RDS 엔드포인트
- DB_NAME : DB schema name
- DB_USERNAME : RDS 설정 시 DB username
- DB_PASSWORD : RDS 설정 시 DB password
🏷️ Dockerfile 설정
FROM amazoncorretto:21-alpine-jdk
ARG JAR_FILE=build/libs/*.jar
ARG PROFILES
ARG ENV
ARG DB_HOST
ARG DB_NAME
ARG DB_USERNAME
ARG DB_PASSWORD
COPY ${JAR_FILE} app.jar
ENV PROFILES=${PROFILES} ENV=${ENV} DB_HOST=${DB_HOST} DB_NAME=${DB_NAME} DB_USERNAME=${DB_USERNAME} DB_PASSWORD=${DB_PASSWORD}
ENTRYPOINT ["java", "-Dspring.profiles.active=${PROFILES}", "-Dserver.env=${ENV}", "-jar", "app.jar"]
처음엔 도커 파일 설정이 잘못되서.. 오류 속에 빠져버렸다
계속 DB정보값을 읽어내지 못하는 오류였다 그래서 아래 코드를 추가 설정을 해줬더니ㅠㅠ DB 환경변수 값을 docker 쪽에서 인식할 수 있었다
ENV PROFILES=${PROFILES} ENV=${ENV} DB_HOST=${DB_HOST} DB_NAME=${DB_NAME} DB_USERNAME=${DB_USERNAME} DB_PASSWORD=${DB_PASSWORD}🏷️ githubAction CICD.yml 설정
name: CICD
on:
push:
branches: [ "dev3" ]
pull_request:
branches: [ "dev3" ]
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install JDK 21
uses: actions/setup-java@v3
with:
java-version: '21'
distribution: 'temurin'
- name: Build with Gradle
run: |
chmod +x ./gradlew
./gradlew clean build -x test
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push
id: docker_build
uses: docker/build-push-action@v2
with:
context: .
push: true
tags: ${{ secrets.DOCKERHUB_USERNAME }}/live_server:latest
build-args: |
DB_HOST=${{ secrets.DB_HOST }}
DB_NAME=${{ secrets.DB_NAME }}
DB_USERNAME=${{ secrets.DB_USERNAME }}
DB_PASSWORD=${{ secrets.DB_PASSWORD }}
deploy:
needs: build
runs-on: ubuntu-latest
steps:
- name: Set target IP
run: |
STATUS=$(curl -o /dev/null -w "%{http_code}" "https://${{ secrets.LIVE_SERVER_IP }}/env")
echo $STATUS
if [ $STATUS = 200 ]; then
CURRENT_UPSTREAM=$(curl -s "https://${{ secrets.LIVE_SERVER_IP }}/env")
else
CURRENT_UPSTREAM=green
fi
echo CURRENT_UPSTREAM=$CURRENT_UPSTREAM >> $GITHUB_ENV
if [ $CURRENT_UPSTREAM = blue ]; then
echo "CURRENT_PORT=8080" >> $GITHUB_ENV
echo "STOPPED_PORT=8081" >> $GITHUB_ENV
echo "TARGET_UPSTREAM=green" >> $GITHUB_ENV
else
echo "CURRENT_PORT=8081" >> $GITHUB_ENV
echo "STOPPED_PORT=8080" >> $GITHUB_ENV
echo "TARGET_UPSTREAM=blue" >> $GITHUB_ENV
fi
- name: Docker compose
uses: appleboy/ssh-action@master
with:
username: ubuntu
host: ${{ secrets.LIVE_SERVER_IP }}
key: ${{ secrets.EC2_SSH_KEY }}
script_stop: true
script: |
sudo docker pull ${{ secrets.DOCKERHUB_USERNAME }}/live_server:latest
sudo docker-compose -f docker-compose-${{env.TARGET_UPSTREAM}}.yml up -d
- name: Check deploy server URL
uses: jtalk/url-health-check-action@v3
with:
url: https://${{ secrets.LIVE_SERVER_IP }}/env
max-attempts: 5
retry-delay: 10s
- name: Change nginx upstream
uses: appleboy/ssh-action@master
with:
username: ubuntu
host: ${{ secrets.LIVE_SERVER_IP }}
key: ${{ secrets.EC2_SSH_KEY }}
script_stop: true
script: |
sudo docker exec -i nginxserver bash -c 'echo "set \$service_url ${{ env.TARGET_UPSTREAM }};" > /etc/nginx/conf.d/service-env.inc && nginx -s reload'
- name: Stop current server
uses: appleboy/ssh-action@master
with:
username: ubuntu
host: ${{ secrets.LIVE_SERVER_IP }}
key: ${{ secrets.EC2_SSH_KEY }}
script_stop: true
script: |
sudo docker stop ${{env.CURRENT_UPSTREAM}}
sudo docker rm ${{env.CURRENT_UPSTREAM}}기존 githubAction CICD.yml 파일과 달라진 점이 있다면 docker Build and push 쪽에서 DB 환경변수 설정을 해주었다는 점이다
처음에는 docker-compose-blue.yml에 환경변수를 직접 주입하는 방식으로 진행을 하려했으나 그렇게 되면 docker image가 유출하는 사고가 생겼을 때 중요한 DB 정보까지 유출 될 수 있는 위험이 있다는 것을 알게 되었다 그래서 선택한 방법은
github Action secret 설정을 해준다
- DB_HOST : RDS 엔드포인트
- DB_NAME : DB schema name
- DB_USERNAME : RDS 설정 시 DB username
- DB_PASSWORD : RDS 설정 시 DB password
🖥️ ⌨️🖱️🩵