Merge pull request #427 from boostcampwm2023/dev

release 업데이트 v0.1.1

.github/workflows/blue-green-cd.yml

@@ -4,6 +4,13 @@ on:
   push:
     branches: ["dev"]
 
+env:
+  DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+  GITHUB_SHA: ${{ github.sha }}
+  TURN_SERVER_NAME: ${{ secrets.TURN_SERVER_NAME }}
+  TURN_SERVER_USER: ${{ secrets.TURN_SERVER_USER }}
+  TURN_SERVER_PASSWORD: ${{ secrets.TURN_SERVER_PASSWORD }}
+
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -16,6 +23,11 @@ jobs:
         run: |
           cd backend
           echo "${{ secrets.ENV_FILE }}" > .env
+          echo "DOCKER_USERNAME=${{ secrets.DOCKER_USERNAME }}" >> .env
+          echo "GITHUB_SHA=${{ github.sha }}" >> .env
+          echo "TURN_SERVER_NAME=${{ secrets.TURN_SERVER_NAME }}" >> .env
+          echo "TURN_SERVER_USER=${{ secrets.TURN_SERVER_USER }}" >> .env
+          echo "TURN_SERVER_PASSWORD=${{ secrets.TURN_SERVER_PASSWORD }}" >> .env
           mkdir -p config/nginx/ssl/
           echo "${{ secrets.SSL_OPTIONS }}" > config/nginx/ssl/options-ssl-nginx.conf
           echo "${{ secrets.SSL_FULLCHAIN }}" > config/nginx/ssl/fullchain.pem
@@ -33,31 +45,19 @@ jobs:
           target: "~/app/"
           overwrite: true
 
-      - name: Build Docker Images (Blue)
-        run: |
-          cd backend
-          cp docker-compose.blue.yml docker-compose.${{ github.sha }}.blue.yml
-          docker-compose -f docker-compose.${{ github.sha }}.blue.yml build --no-cache -t "${{ secrets.DOCKER_USERNAME }}/magicconch:latest-blue"
-
-      - name: Push Docker Images to Registry (Blue)
+      - name: Docker login
         uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
-      - run: docker-compose -f backend/docker-compose.${{ github.sha }}.blue.yml push
 
-      - name: Build Docker Images (Green)
+      - name: Build & Push Docker Images (Blue & Green)
         run: |
           cd backend
-          cp docker-compose.green.yml docker-compose.${{ github.sha }}.green.yml
-          docker-compose -f docker-compose.${{ github.sha }}.green.yml build --no-cache -t "${{ secrets.DOCKER_USERNAME }}/magicconch:latest-green"
-
-      - name: Push Docker Images to Registry (Green)
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
-      - run: docker-compose -f backend/docker-compose.${{ github.sha }}.green.yml push
+          docker-compose -f docker-compose.blue.yml build
+          docker-compose -f docker-compose.green.yml build
+          docker-compose -f docker-compose.blue.yml push
+          docker-compose -f docker-compose.green.yml push
 
       - name: Copy Dockerfiles to Remote Server
         uses: appleboy/scp-action@master
@@ -66,18 +66,11 @@ jobs:
           username: ${{ secrets.SSH_USERNAME }}
           password: ${{ secrets.SSH_PASSWORD }}
           port: ${{ secrets.SSH_PORT }}
-          source: "backend/docker-compose.${{ github.sha }}.blue.yml,backend/docker-compose.${{ github.sha }}.green.yml,backend/Dockerfile.nginx,backend/Dockerfile.was,backend/Dockerfile.signal"
+          source: "backend/docker-compose.blue.yml,backend/docker-compose.green.yml,backend/Dockerfile.nginx,backend/Dockerfile.was,backend/Dockerfile.signal"
           target: "~/app/"
           overwrite: true
 
-      - name: Remove local docker-compose copied file
-        run: |
-          cd backend
-          rm docker-compose.${{ github.sha }}.blue.yml
-          rm docker-compose.${{ github.sha }}.green.yml
-
   deploy:
-    timeout-minutes: 30
     needs: build
     runs-on: ubuntu-latest
 
@@ -97,4 +90,5 @@ jobs:
           port: ${{ secrets.SSH_PORT }}
           script: |
             cd ~/app/backend
-            source deploy.sh "${{ github.sha }}"
+            chmod +x deploy.sh
+            source deploy.sh

backend/Dockerfile.signal

@@ -1,5 +1,7 @@
 FROM node:20
 
+RUN apt-get update && apt-get install -y tini
+
 WORKDIR /app
 
 COPY signal ./signal
@@ -9,4 +11,4 @@ WORKDIR /app/signal
 RUN npm install
 RUN npm run build
 
-CMD ["npm", "run", "start:prod"]
+CMD ["tini", "--", "npm", "run", "start:prod"]

backend/Dockerfile.was

@@ -1,5 +1,7 @@
 FROM node:20
 
+RUN apt-get update && apt-get install -y tini
+
 WORKDIR /app
 
 COPY was ./was
@@ -9,4 +11,4 @@ WORKDIR /app/was
 RUN npm install
 RUN npm run build
 
-CMD ["npm", "run", "start:prod"]
+CMD ["tini", "--", "npm", "run", "start:prod"]

backend/config/nginx/default.conf

@@ -7,6 +7,20 @@ server {
         root /var/www/certbot;
     }
 
+    location /turn {
+        proxy_pass http://coturn-server:3478;
+        proxy_redirect default;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-Host $server_name;
+
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+    }
+
     location /signal {
         proxy_pass http://signal-blue:3001;
         proxy_redirect default;
@@ -48,6 +62,20 @@ server {
     include /etc/letsencrypt/options-ssl-nginx.conf;
     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 
+    location /turn {
+        proxy_pass http://coturn-server:3478;
+        proxy_redirect default;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-Host $server_name;
+
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+    }
+
     location /signal {
         proxy_pass http://signal-blue:3001;
         proxy_redirect default;

backend/deploy.sh

@@ -1,59 +1,20 @@
 #!/bin/bash
 
-GITHUB_SHA=$1
 MAIN_SCRIPT="src/main.ts"
 DEBUG_LOG="debug.log"
-NPM_BUILD="npm run build"
 NPM_PROD="npm run start:prod"
 
-print_line() {
-  echo " " >> $DEBUG_LOG
-}
-
 run_docker() {
   local RUN_TARGET="$1"
 
-  DOCKER_COMPOSE_FILE="docker-compose.$GITHUB_SHA.$RUN_TARGET.yml"
+  DOCKER_COMPOSE_FILE="docker-compose.$RUN_TARGET.yml"
 
-  echo "<<< Run docker compose : $DOCKER_COMPOSE_FILE" > $DEBUG_LOG
+  echo "<<< Run docker compose : $DOCKER_COMPOSE_FILE" >> $DEBUG_LOG
 
   docker-compose -f "$DOCKER_COMPOSE_FILE" pull
   docker-compose -f "$DOCKER_COMPOSE_FILE" up -d
 
   echo ">>> Run complete" >> $DEBUG_LOG
-  print_line
-}
-
-change_port() {
-  local CONTAINER_ID="$1"
-  local RUN_PORT="$2"
-  local STOP_PORT="$3"
-
-  echo "* kill process running on $STOP_PORT" >> $DEBUG_LOG
-  docker exec $CONTAINER_ID /bin/bash -c "pkill -f ':$STOP_PORT'"
-
-  echo "* change port : $STOP_PORT to $RUN_PORT" >> $DEBUG_LOG
-  docker exec $CONTAINER_ID /bin/bash -c "sed -i 's/port: number = $STOP_PORT/port: number = $RUN_PORT/' $MAIN_SCRIPT"
-
-  echo "* restart application : " >> $DEBUG_LOG
-  docker exec -d $CONTAINER_ID /bin/bash -c "$NPM_BUILD && $NPM_PROD"
-}
-
-reload_application() {
-  local CONTAINER_NAME="$1"
-  local RUN_PORT="$2"
-  local STOP_PORT="$3"
-
-  CONTAINER_ID=$(docker ps --filter "name=$CONTAINER_NAME" -q)
-  echo "<<< Reload $CONTAINER_NAME ( $CONTAINER_ID )" >> $DEBUG_LOG
-
-  if ((RUN_PORT > 3001)); then
-    change_port "$CONTAINER_ID" $RUN_PORT $STOP_PORT
-    echo ">>> Reload complete : $CONTAINER_NAME running on $RUN_PORT" >> $DEBUG_LOG
-  else
-    echo ">>> Reload pass : $CONTAINER_NAME running on $RUN_PORT" >> $DEBUG_LOG
-  fi
-  print_line
 }
 
 reload_nginx() {
@@ -72,7 +33,6 @@ reload_nginx() {
   docker exec $NGINX_ID /bin/bash -c "nginx -s reload"
 
   echo ">>> Reload complete" >> $DEBUG_LOG
-  print_line
 }
 
 blue_green() {
@@ -81,25 +41,23 @@ blue_green() {
   local WAS_RUN_PORT="$3"
   local WAS_STOP_PORT="$4"
 
-  reload_application "was-$RUN_TARGET" $WAS_RUN_PORT $WAS_STOP_PORT
-  reload_application "signal-$RUN_TARGET" $((WAS_RUN_PORT + 1)) $((WAS_STOP_PORT + 1))
-
-  wait 
+  run_docker "$RUN_TARGET"
 
+  sleep 30
+
   reload_nginx "$RUN_TARGET" "$STOP_TARGET" $WAS_RUN_PORT $WAS_STOP_PORT
 
-  echo "Delete .env file" >> $DEBUG_LOG
-  print_line
+  echo "* Delete .env file" >> $DEBUG_LOG
   rm .env
 
-  echo "Down old version" >> $DEBUG_LOG
+  echo "* Down old version" >> $DEBUG_LOG
   STOP_CONTAINER_ID=$(docker ps --filter "name=$STOP_TARGET" --quiet)
   if [ -n "$STOP_CONTAINER_ID" ]; then
     docker rm -f $STOP_CONTAINER_ID
   fi
 }
 
-if docker ps --filter "name=was-blue" --format '{{.ID}}' | grep -E .; then
+if docker ps --filter "name=blue" --format '{{.ID}}' | grep -E .; then
   RUN_TARGET="green"
   STOP_TARGET="blue"
   WAS_RUN_PORT=3002
@@ -111,5 +69,4 @@ else
   WAS_STOP_PORT=3002
 fi
 
-run_docker "$RUN_TARGET"
 blue_green "$RUN_TARGET" "$STOP_TARGET" $WAS_RUN_PORT $WAS_STOP_PORT

backend/docker-compose.blue.yml

@@ -2,6 +2,8 @@ version: "3.3"
 
 services:
   was-blue:
+    image: "${DOCKER_USERNAME}/magicconch:was-blue-${GITHUB_SHA}"
+    container_name: "was-blue"
     build:
       context: .
       dockerfile: Dockerfile.was
@@ -15,19 +17,36 @@ services:
       - SECRET_KEY=${SECRET_KEY}
       - X_NCP_CLOVASTUDIO_API_KEY=${X_NCP_CLOVASTUDIO_API_KEY}
       - X_NCP_APIGW_API_KEY=${X_NCP_APIGW_API_KEY}
+      - PORT=3000
     expose:
       - "3000"
     volumes:
       - /var/log/was:/app/was/logs
+      - /var/log/typeorm:/app/was/typeorm.log
 
   signal-blue:
+    image: "${DOCKER_USERNAME}/magicconch:signal-blue-${GITHUB_SHA}"
+    container_name: "signal-blue"
     build:
       context: .
       dockerfile: Dockerfile.signal
+    environment:
+      - PORT=3001
     expose:
       - "3001"
 
+  coturn-server:
+    image: "coturn/coturn"
+    container_name: "coturn-server"
+    environment:
+      - TURN_SERVER_NAME=${TURN_SERVER_NAME}
+      - TURN_SERVER_USER=${TURN_SERVER_USER}
+      - TURN_SERVER_PASSWORD=${TURN_SERVER_PASSWORD}
+    expose:
+      - "3478"
+
   nginx:
+    container_name: "nginx-reverse-proxy"
     build:
       context: .
       dockerfile: Dockerfile.nginx
@@ -37,6 +56,7 @@ services:
     depends_on:
       - was-blue
       - signal-blue
+      - coturn-server
       - certbot
     volumes:
       - /var/log/nginx:/var/log/nginx

backend/docker-compose.green.yml

@@ -2,6 +2,8 @@ version: "3.3"
 
 services:
   was-green:
+    image: "${DOCKER_USERNAME}/magicconch:was-green-${GITHUB_SHA}"
+    container_name: "was-green"
     build:
       context: .
       dockerfile: Dockerfile.was
@@ -15,19 +17,36 @@ services:
       - SECRET_KEY=${SECRET_KEY}
       - X_NCP_CLOVASTUDIO_API_KEY=${X_NCP_CLOVASTUDIO_API_KEY}
       - X_NCP_APIGW_API_KEY=${X_NCP_APIGW_API_KEY}
+      - PORT=3002
     expose:
       - "3002"
     volumes:
       - /var/log/was:/app/was/logs
+      - /var/log/typeorm:/app/was/typeorm.log
 
   signal-green:
+    image: "${DOCKER_USERNAME}/magicconch:signal-green-${GITHUB_SHA}"
+    container_name: "signal-green"
     build:
       context: .
       dockerfile: Dockerfile.signal
+    environment:
+      - PORT=3003
     expose:
       - "3003"
 
+  coturn-server:
+    image: "coturn/coturn"
+    container_name: "coturn-server"
+    environment:
+      - TURN_SERVER_NAME=${TURN_SERVER_NAME}
+      - TURN_SERVER_USER=${TURN_SERVER_USER}
+      - TURN_SERVER_PASSWORD=${TURN_SERVER_PASSWORD}
+    expose:
+      - "3478"
+
   nginx:
+    container_name: "nginx-reverse-proxy"
     build:
       context: .
       dockerfile: Dockerfile.nginx
@@ -37,6 +56,7 @@ services:
     depends_on:
       - was-green
       - signal-green
+      - coturn-server
       - certbot
     volumes:
       - /var/log/nginx:/var/log/nginx