dev 환경 서브모듈 제거 (#18)

* test: 암호화 처리 코드 테스트 작성 * feat: dev 환경 설정 파일 수정 * feat: encrypt 의존성 추가 * feat: dev codedeploy 설정 변경
resumeme · Oct 20, 2023 · f32f9d4 · f32f9d4
1 parent 5c69f08
commit f32f9d4
Show file tree

Hide file tree

Showing 8 changed files with 87 additions and 5 deletions.
diff --git a/.github/workflows/Deploy.yml b/.github/workflows/Deploy.yml
@@ -50,7 +50,11 @@ jobs:
         aws-access-key-id: ${{ secrets.ACCESS_KEY }}
         aws-secret-access-key: ${{ secrets.PRIVATE_KEY }}
         aws-region: ap-northeast-2
-
+
+    - name: Set encrypt Secret key
+      run: echo ${{ secrets.encrypt }} > properties.sh
+      shell: bash
+
     - name: Upload to S3
       run: aws s3 cp --region ap-northeast-2 ./$GITHUB_SHA.zip s3://$BUCKET_NAME/$DIRECTORY_NAME/$GITHUB_SHA.zip
 

diff --git a/build.gradle b/build.gradle
@@ -32,6 +32,8 @@ dependencies {
 	implementation 'org.springframework.boot:spring-boot-starter-oauth2-client'
 	implementation 'org.springframework.boot:spring-boot-starter-security'
 	implementation 'org.springframework.boot:spring-boot-starter-web'
+	implementation 'com.github.ulisesbocchio:jasypt-spring-boot-starter:3.0.5'
+	implementation 'org.jasypt:jasypt:1.9.3'
 	compileOnly 'org.projectlombok:lombok'
 	runtimeOnly 'com.h2database:h2'
 	annotationProcessor 'org.projectlombok:lombok'

diff --git a/scripts/deploy.sh b/scripts/deploy.sh
@@ -1,5 +1,7 @@
 #!/usr/bin/env bash
 
+source ./properties.sh
+
 PROJECT_NAME=resumeme
 REPOSITORY=/home/ubuntu/code
 PACKAGE=$REPOSITORY/build/libs/
@@ -25,4 +27,4 @@ fi
 echo "> 배포 - $JAR_PATH"
 chmod +x $JAR_PATH
 
-sudo nohup java -jar $JAR_PATH --spring.profiles.active=prod > /home/ubuntu/log/nohup_log.out 2> /home/ec2-user/log/nohup_error.out &
+sudo nohup java -jar $JAR_PATH --spring.profiles.active=dev --jasypt.encryptor.password=${encrypt} > /home/ubuntu/log/nohup_log.out 2> /home/ec2-user/log/nohup_error.out &
diff --git a/scripts/properties.sh b/scripts/properties.sh
diff --git a/src/main/java/org/devcourse/resumeme/global/config/PropertiesConfig.java b/src/main/java/org/devcourse/resumeme/global/config/PropertiesConfig.java
@@ -0,0 +1,36 @@
+package org.devcourse.resumeme.global.config;
+
+import org.jasypt.encryption.StringEncryptor;
+import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
+import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+
+@Profile("dev")
+@Configuration
+public class PropertiesConfig {
+
+    @Value("${jasypt.encryptor.password}")
+    private String password;
+
+    @Bean("jasyptStringEncryptor")
+    public StringEncryptor stringEncryptor() {
+        SimpleStringPBEConfig config = new SimpleStringPBEConfig();
+        config.setPassword(password);
+        config.setAlgorithm("PBEWithMD5AndDES");
+        config.setKeyObtentionIterations("1000");
+        config.setPoolSize("1");
+        config.setProviderName("SunJCE");
+        config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
+        config.setIvGeneratorClassName("org.jasypt.iv.NoIvGenerator");
+        config.setStringOutputType("base64");
+
+        PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
+        encryptor.setConfig(config);
+
+        return encryptor;
+    }
+
+}
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -22,10 +22,13 @@ spring:
   config:
     activate:
       on-profile: dev
-    import: secret/dev/application-db.yml
+  datasource:
+    url: ENC(nVr6D913Em2RKc2pl9G9uhj96NzWG2/w83OahFWq9X2Iak2ibpzazL2uWSvcr10dWGNyqh7gx504dMX2zMc2VJEXabv4yt7pblm/gGZchkbk4/7MJC3yflpKPhZBZl+9st48D6wVW9XEXoKQBjj/5xwHF5FSbgOG6wWwIPKcFEuLmASP623e3XERgx7cBBn+)
+    username: ENC(gtmvbXzNgrsKobqRpp5+gw==)
+    password: ENC(lPhG9/DaZ2r5T8Bx3/WDXqS+YE9ch3YD)
 ---
 spring:
   config:
     activate:
       on-profile: prod
-    import: secret/prod/application-db.yml
+    import: secret/application-db.yml
diff --git a/src/main/resources/secret b/src/main/resources/secret
diff --git a/src/test/java/org/devcourse/resumeme/common/EncryptTest.java b/src/test/java/org/devcourse/resumeme/common/EncryptTest.java
@@ -0,0 +1,35 @@
+package org.devcourse.resumeme.common;
+
+import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
+import org.junit.jupiter.api.Disabled;
+import org.junit.jupiter.api.Test;
+
+class EncryptTest {
+
+    @Test
+    @Disabled
+    void 프로퍼티_파일_값을_암호화_하는데_사용한다() {
+        StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
+
+        encryptor.setPassword("");
+        encryptor.setAlgorithm("PBEWithMD5AndDES");
+        encryptor.setStringOutputType("base64");
+
+        String url = "";
+        String username = "";
+        String password = "";
+        String urlResult = encryptor.encrypt(url);
+        String usernameResult = encryptor.encrypt(username);
+        String passwordReesult = encryptor.encrypt(password);
+
+        System.out.println("url plain : " + encryptor.decrypt(urlResult));
+        System.out.println("url encoding : " + urlResult);
+
+        System.out.println("username plain : " + encryptor.decrypt(usernameResult));
+        System.out.println("username encoding : " + usernameResult);
+
+        System.out.println("password plain : " + encryptor.decrypt(passwordReesult));
+        System.out.println("password encoding : " + passwordReesult);
+    }
+
+}