chore: 인프라 정리

.github/workflows/aws-cicd-dev.yml

@@ -7,7 +7,6 @@ on:
   pull_request:
     branches:
       - develop
-
 env:
   REGISTRY: "docker.io"
   NAMESPACE: "clean01"
@@ -21,11 +20,18 @@ jobs:
       packages: write
     outputs:
       deploy_target: ${{ steps.set-env.outputs.DEPLOY_TARGET }}
+
     steps:
+
+
       - name: Setup Env
         id: set-env
         run: |
-          echo "DEPLOY_TARGET=development" >> $GITHUB_OUTPUT
+          if [[ "${GITHUB_REF}" == "refs/heads/main" ]]; then
+            echo "DEPLOY_TARGET=production" >> $GITHUB_OUTPUT
+          else
+            echo "DEPLOY_TARGET=development" >> $GITHUB_OUTPUT
+          fi
 
   build:
     name: build
@@ -36,7 +42,7 @@ jobs:
       packages: write
 
     env:
-      DEPLOY_TARGET: ${{ needs.setup.outputs.deploy_target }}
+      DEPLOY_TARGET: ${{ needs.setup.outputs.deploy_target }} # 이부분
       REGISTRY: "docker.io"
       NAMESPACE: "clean01"
       APPLICATION_SECRET_PROPERTIES: ${{ secrets.AWS_APPLICATION_SECRET_PROPERTIES }}
@@ -59,7 +65,7 @@ jobs:
         run: |
           echo "${APPLICATION_SECRET_PROPERTIES}" > ./layer-api/src/main/resources/application-secret.properties
           echo "${APPLICATION_SECRET_PROPERTIES}" > ./layer-batch/src/main/resources/application-secret.properties
-          echo "${APPLICATION_SECRET_PROPERTIES}" > ./layer-admin/src/main/resources/application-secret.properties
+          echo "${APPLICATION_SECRET_PROPERTIES}" > ./layer-admin/src/main/resources/application-secret.properties      
 
       - name: Build layer-api module
         run: ./gradlew :layer-api:build
@@ -92,38 +98,45 @@ jobs:
           images: |
             ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}_layer-api
             ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}_layer-batch
-            ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}_layer-admin
+            ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}_layer-admin      
 
       - name: Push layer-api Docker Image
         uses: docker/build-push-action@v4
         with:
           context: ./layer-api
-          file: ./layer-api/Dockerfile-dev # Dockerfile 이름 지정
+          file: ./layer-api/Dockerfile # Dockerfile 이름 지정
           platforms: linux/amd64
           push: true
           tags: |
             ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}_layer-api:latest
-
+          build-args: |
+            SPRING_PROFILE=dev
+          no-cache: true
 
       - name: Push layer-batch Docker Image
         uses: docker/build-push-action@v4
         with:
           context: ./layer-batch
-          file: ./layer-batch/Dockerfile-batch # Dockerfile 이름 지정
+          file: ./layer-batch/Dockerfile # Dockerfile 이름 지정
           platforms: linux/amd64
           push: true
           tags: |
             ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}_layer-batch:latest
+          build-args: |
+            SPRING_PROFILE=dev
+          no-cache: true
 
       - name: Push layer-admin Docker Image
         uses: docker/build-push-action@v4
         with:
           context: ./layer-admin
-          file: ./layer-admin/Dockerfile-admin # Dockerfile 이름 지정
+          file: ./layer-admin/Dockerfile # Dockerfile 이름 지정
           platforms: linux/amd64
           push: true
           tags: |
             ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}_layer-admin:latest
+          build-args: |
+            SPRING_PROFILE=dev
 
   deploy:
     name: Deploy
@@ -132,6 +145,7 @@ jobs:
     if: github.event_name != 'pull_request'
     env:
       DEPLOY_TARGET: ${{ needs.setup.outputs.deploy_target }}
+      HOST_IP: ${{ needs.setup.outputs.host_ip }}
 
     steps:
       - name: Checkout sources
@@ -171,6 +185,17 @@ jobs:
             sudo chown -R ubuntu:ubuntu /home/ubuntu/layer-api/infra/${{ env.DEPLOY_TARGET }}
 
 
+      - name: Set Permissions on Transferred Files
+        uses: appleboy/ssh-action@master
+        with:
+          host: ${{ secrets.AWS_DEV_INSTANCE_HOST }}
+          username: ubuntu
+          key: ${{ secrets.AWS_INSTANCE_PEM }}
+          port: 22
+          script: |
+            sudo chmod -R 755 /home/ubuntu/layer-api/infra/${{ env.DEPLOY_TARGET }}
+            sudo chown -R ubuntu:ubuntu /home/ubuntu/layer-api/infra/${{ env.DEPLOY_TARGET }}
+
       - name: Deploy with Docker Compose
         uses: appleboy/ssh-action@master
         with:
@@ -184,5 +209,6 @@ jobs:
             sudo apt install docker-compose
             sudo docker login --username ${{ secrets.DOCKER_EMAIL }} --password ${{ secrets.DOCKER_PASSWORD }}
             cd /home/ubuntu/layer-api/infra/${{ env.DEPLOY_TARGET }}
-            sudo docker-compose pull && sudo docker-compose up -d
+            chmod 777 ./deploy.sh
+            ./deploy.sh
             sudo docker image prune -a -f

.github/workflows/aws-cicd-prod.yml

@@ -21,6 +21,7 @@ jobs:
       packages: write
     outputs:
       deploy_target: ${{ steps.set-env.outputs.DEPLOY_TARGET }}
+
     steps:
       - name: Setup Env
         id: set-env
@@ -36,7 +37,7 @@ jobs:
       packages: write
 
     env:
-      DEPLOY_TARGET: ${{ needs.setup.outputs.deploy_target }}
+      DEPLOY_TARGET: ${{ needs.setup.outputs.deploy_target }} # 이부분
       REGISTRY: "docker.io"
       NAMESPACE: "clean01"
       APPLICATION_SECRET_PROPERTIES: ${{ secrets.AWS_APPLICATION_SECRET_PROPERTIES }}
@@ -98,33 +99,39 @@ jobs:
         uses: docker/build-push-action@v4
         with:
           context: ./layer-api
-          file: ./layer-api/Dockerfile-prod # Dockerfile 이름 지정
+          file: ./layer-api/Dockerfile # Dockerfile 이름 지정
           platforms: linux/amd64
           push: true
           tags: |
             ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}_layer-api:latest
+          build-args: |
+            SPRING_PROFILE=prod
           no-cache: true
 
       - name: Push layer-batch Docker Image
         uses: docker/build-push-action@v4
         with:
           context: ./layer-batch
-          file: ./layer-batch/Dockerfile-batch # Dockerfile 이름 지정
+          file: ./layer-batch/Dockerfile # Dockerfile 이름 지정
           platforms: linux/amd64
           push: true
           tags: |
             ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}_layer-batch:latest
+          build-args: |
+            SPRING_PROFILE=prod
           no-cache: true
 
       - name: Push layer-admin Docker Image
         uses: docker/build-push-action@v4
         with:
           context: ./layer-admin
-          file: ./layer-admin/Dockerfile-admin # Dockerfile 이름 지정
+          file: ./layer-admin/Dockerfile # Dockerfile 이름 지정
           platforms: linux/amd64
           push: true
           tags: |
             ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}_layer-admin:latest
+          build-args: |
+            SPRING_PROFILE=prod
 
   deploy:
     name: Deploy
@@ -133,6 +140,7 @@ jobs:
     if: github.event_name != 'pull_request'
     env:
       DEPLOY_TARGET: ${{ needs.setup.outputs.deploy_target }}
+      HOST_IP: ${{ needs.setup.outputs.host_ip }}
 
     steps:
       - name: Checkout sources
@@ -151,7 +159,7 @@ jobs:
       - name: Send Docker Compose
         uses: appleboy/scp-action@master
         with:
-          host: ${{ secrets.AWS_PROD_INSTANCE_HOST }}
+          host: ${{ secrets.AWS_PROD_INSTANCE_HOST }} # aws-cicd-dev.yml과 분리한 이유
           username: ubuntu
           key: ${{ secrets.AWS_INSTANCE_PEM }}
           port: 22

layer-admin/Dockerfile-admin → layer-admin/Dockerfile

@@ -7,4 +7,4 @@ COPY ${JAR_FILE} layer-admin.jar
 
 ENV SPRING_PROFILE=${SPRING_PROFILE}
 
-ENTRYPOINT ["java", "-Duser.timezone=Asia/Seoul" ,"-jar" ,"layer-admin.jar"]
+ENTRYPOINT ["java", "-Duser.timezone=Asia/Seoul", "-Dspring.profiles.active=${SPRING_PROFILE}","-jar" ,"layer-admin.jar"]

layer-api/Dockerfile-dev → layer-api/Dockerfile

@@ -1,4 +1,10 @@
 FROM openjdk:17
+
 ARG JAR_FILE=./build/libs/*.jar
+ARG SPRING_PROFILE
+
 COPY ${JAR_FILE} layer-server.jar
-ENTRYPOINT ["java", "-Duser.timezone=Asia/Seoul","-Dspring.profiles.active=dev" ,"-jar" ,"layer-server.jar"]
+
+ENV SPRING_PROFILE=${SPRING_PROFILE}
+
+ENTRYPOINT ["java", "-Duser.timezone=Asia/Seoul","-Dspring.profiles.active=${SPRING_PROFILE}" ,"-jar" ,"layer-server.jar"]

layer-api/infra/development/deploy.sh

@@ -0,0 +1,66 @@
+#!/bin/bash
+
+IS_GREEN=$(sudo docker ps | grep layer-api-green) # 현재 실행중인 App이 blue인지 확인합니다.
+DEFAULT_CONF="/etc/nginx/nginx.conf"
+
+
+if [ -z $IS_GREEN  ];then # blue라면
+
+  echo "### BLUE => GREEN ###"
+
+  echo "1. get green image"
+  cd ./layer-api/infra/production
+
+  echo "1.1. pull latest green image"
+  sudo docker-compose -f docker-compose-green.yaml pull
+
+  echo "2. green container up"
+  sudo docker-compose -f docker-compose-green.yaml up -d
+
+  while [ 1 = 1 ]; do
+  echo "3. green health check..."
+  sudo sleep 3
+
+  REQUEST=$(sudo curl http://127.0.0.1:8080/actuator/health) # green으로 request
+    if [ -n "$REQUEST" ]; then # 서비스 가능하면 health check 중지
+            echo "health check success"
+            break ;
+            fi
+  done;
+
+  echo "4. reload nginx"
+  sudo cp ./nginx.green.conf /etc/nginx/nginx.conf
+  sudo nginx -s reload
+
+  echo "5. blue container down"
+  sudo docker-compose -f docker-compose-blue.yaml rm -s -f layer-api-blue batch-job-blue admin-app-blue
+else
+  echo "### GREEN => BLUE ###"
+  echo "1. get blue image"
+  cd ./layer-api/infra/production
+
+  echo "1.1. pull latest blue image"
+  sudo docker-compose -f docker-compose-blue.yaml pull
+
+  echo "2. blue container up"
+  sudo docker-compose -f docker-compose-blue.yaml up -d
+
+
+  while [ 1 = 1 ]; do
+    echo "3. blue health check..."
+    sleep 3
+    REQUEST=$(curl http://127.0.0.1:8081/actuator/health) # blue로 request
+
+    if [ -n "$REQUEST" ]; then # 서비스 가능하면 health check 중지
+      echo "health check success"
+      break ;
+    fi
+  done;
+
+  echo "4. reload nginx"
+  sudo cp ./nginx.blue.conf /etc/nginx/nginx.conf
+  sudo nginx -s reload
+
+  echo "5. green container down"
+  sudo docker-compose -f docker-compose-green.yaml rm -s -f layer-api-green batch-job-green admin-app-green
+fi

layer-api/infra/development/docker-compose-blue.yaml

@@ -0,0 +1,78 @@
+services:
+  redis:
+    build:
+      context: .
+      dockerfile: Dockerfile-redis
+    ports:
+      - "6379:6379"
+    volumes:
+      - redis-data:/data # Persistent data storage
+    restart: always
+    networks:
+      - app-network
+
+  layer-api-blue:
+    image: docker.io/clean01/layer-server_layer-api:latest
+    container_name: layer-api-blue
+    ports:
+      - "8081:8080"
+    environment:
+      - TZ=Asia/Seoul
+      - SPRING_PROFILES_ACTIVE=dev
+    volumes:
+      - ./application-secret.properties:/config/application-secret.properties
+      - ./tokens:/config/tokens
+    networks:
+      - app-network
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "10m"
+        max-file: "3"
+
+  batch-job-blue:
+    image: docker.io/clean01/layer-server_layer-batch:latest
+    container_name: layer-batch-blue
+    environment:
+      - TZ=Asia/Seoul
+    volumes:
+      - ./application-secret.properties:/config/application-secret.properties
+      - ./tokens:/config/tokens
+    networks:
+      - app-network
+    depends_on:
+      - layer-api-blue
+    restart: always
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "10m"
+        max-file: "3"
+
+  admin-app-blue:
+    image: docker.io/clean01/layer-server_layer-admin:latest #
+    container_name: layer-admin-blue
+    ports:
+      - "3001:3000"
+    environment:
+      - TZ=Asia/Seoul
+      - SPRING_PROFILES_ACTIVE=dev
+    volumes:
+      - ./application-secret.properties:/config/application-secret.properties
+      - ./tokens:/config/tokens
+    networks:
+      - app-network
+    depends_on:
+      - layer-api-blue
+    restart: always
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "10m"
+        max-file: "3"
+
+networks:
+  app-network:
+
+volumes:
+  redis-data: