feat : 모듈 구조 수정 및 ci/cd 파이프라인 구축

.github/workflows/CD-api.yml

@@ -0,0 +1,41 @@
+name: Deploy api module
+
+on:
+  workflow_call:
+    secrets:
+      AWS_ACCESS_KEY_ID:
+        required: true
+      AWS_SECRET_ACCESS_KEY:
+        required: true
+      AWS_REGION:
+        required: true
+  push:
+    branches:
+      - develop
+    paths:
+      - 'boot/api/**'
+
+jobs:
+  build:
+    uses: ./.github/workflows/gradle_build.yml
+    with:
+      project-name: api
+
+  push-image:
+    needs: build
+    uses: ./.github/workflows/ec2_push.yml
+    with:
+      project-name: api
+      docker-file-path: ./boot/api/Dockerfile
+      host-port: 8080
+      ecr-repository: 442042528525.dkr.ecr.ap-northeast-2.amazonaws.com/clibi/api
+      ecr-repository-name: clibi/api
+      container-name: api-server
+      secret-manager: arn:aws:secretsmanager:ap-northeast-2:442042528525:secret:dev/clibi/rds-eCWfXL
+    secrets:
+      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      AWS_REGION: ap-northeast-2
+      EC2_HOST: ${{ secrets.EC2_HOST }}
+      EC2_USER: ${{ secrets.EC2_USER }}
+      EC2_KEY: ${{ secrets.EC2_KEY }}

.github/workflows/CD-common.yml

@@ -0,0 +1,23 @@
+name: Deploy Common
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  deploy-Admin:
+    uses: ./.github/workflows/CD-office.yml
+    secrets:
+      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      AWS_REGION: ap-northeast-2
+
+  deploy-Api:
+    uses: ./.github/workflows/CD-api.yml
+    secrets:
+      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      AWS_REGION: ap-northeast-2
+
+

.github/workflows/CD-office.yml

@@ -0,0 +1,41 @@
+name: Deploy office module
+
+on:
+  workflow_call:
+    secrets:
+      AWS_ACCESS_KEY_ID:
+        required: true
+      AWS_SECRET_ACCESS_KEY:
+        required: true
+      AWS_REGION:
+        required: true
+  push:
+    branches:
+      - develop
+    paths:
+      - 'boot/api/**'
+
+jobs:
+  build:
+    uses: ./.github/workflows/gradle_build.yml
+    with:
+      project-name: office
+
+  push-image:
+    needs: build
+    uses: ./.github/workflows/ec2_push.yml
+    with:
+      project-name: office
+      docker-file-path: ./boot/office/Dockerfile
+      host-port: 8081
+      ecr-repository: 442042528525.dkr.ecr.ap-northeast-2.amazonaws.com/clibi/office
+      ecr-repository-name: clibi/office
+      secret-manager: arn:aws:secretsmanager:ap-northeast-2:442042528525:secret:dev/clibi/rds-eCWfXL
+      container-name: office-server
+    secrets:
+      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      AWS_REGION: ap-northeast-2
+      EC2_HOST: ${{ secrets.EC2_HOST }}
+      EC2_USER: ${{ secrets.EC2_USER }}
+      EC2_KEY: ${{ secrets.EC2_KEY }}

.github/workflows/CI.yml

@@ -0,0 +1,14 @@
+name: CI
+
+on:
+  pull_request:
+    branches:
+      - main
+      - develop
+
+
+jobs:
+  build:
+    uses: ./.github/workflows/gradle_build.yml
+    with:
+      project-name: ALL

.github/workflows/ec2_push.yml

@@ -0,0 +1,123 @@
+name: Push to EC2
+
+on:
+  workflow_call:
+    inputs:
+      project-name:
+        required: true
+        type: string
+      docker-file-path:
+        required: true
+        type: string
+      host-port:
+        required: false
+        type: number
+      ecr-repository:
+        required: true
+        type: string
+      ecr-repository-name:
+        required: true
+        type: string
+      secret-manager:
+        required: true
+        type: string
+      container-name:
+        required: true
+        type: string
+    secrets:
+      AWS_ACCESS_KEY_ID:
+        required: true
+      AWS_SECRET_ACCESS_KEY:
+        required: true
+      AWS_REGION:
+        required: true
+      EC2_HOST:
+        required: true
+      EC2_USER:
+        required: true
+      EC2_KEY:
+        required: true
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Download the gradle Build File
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{inputs.project-name}}-build
+          path: ./boot/${{inputs.project-name}}/build/libs
+
+      - name: Configure AWS credentials For ECR and Secrets Manager
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-region: ${{ secrets.AWS_REGION }}
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+
+      - name: Docker Build And Push
+        env:
+          ECR_REPOSITORY_URI: ${{ inputs.ecr-repository }}
+        run: |
+          docker build -t ${{ inputs.ecr-repository-name }} -f .deploy/Dockerfile-dev .
+          docker tag ${{ inputs.ecr-repository-name }}:latest ${{ inputs.ecr-repository }}
+          docker push ${{ inputs.ecr-repository }}
+
+      - name: Verify image in ECR
+        id: verify-image
+        env:
+          ECR_REPOSITORY_URI: ${{ inputs.ecr-repository }}
+        run: |
+          REPOSITORY_NAME=${{ inputs.ecr-repository-name }}
+          REGION=${{ secrets.AWS_REGION }}
+          IMAGE_TAG="latest"
+
+          if aws ecr describe-images \
+            --repository-name ${REPOSITORY_NAME} \
+            --image-ids imageTag=${IMAGE_TAG} \
+            --region ${REGION}; then
+            echo "Image successfully verified in ECR"
+            echo "status=success" >> $GITHUB_OUTPUT
+          else
+            echo "Image verification failed"
+            exit 1
+          fi
+
+      - name: Deploy to EC2
+        uses: appleboy/ssh-action@v0.1.8
+        if: steps.verify-image.outputs.status == 'success'
+        with:
+          host: ${{ secrets.EC2_HOST }}
+          username: ${{ secrets.EC2_USER }}
+          key: ${{ secrets.EC2_KEY }}
+          script: |
+            export AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }}
+            export AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }}
+            aws secretsmanager get-secret-value \
+            --region ${{ secrets.AWS_REGION }} \
+            --secret-id ${{ inputs.secret-manager }} \
+            --query 'SecretString' \
+            --output text | \
+            jq -r 'to_entries|map("\(.key)=\(.value|tostring)")|.[]' > secrets.env
+
+            docker pull ${{ inputs.ecr-repository }}
+
+            if [ "$(docker ps -q -f name=${{ inputs.container-name }})" ]; then
+            docker stop ${{ inputs.container-name }} && docker rm ${{ inputs.container-name }}
+            fi
+
+            docker system prune -f
+
+            docker run -d --name ${{ inputs.container-name }} \
+            --env-file ./secrets.env \
+            --restart always \
+            -p ${{ inputs.host-port || '8080' }}:8080 \
+            ${{ inputs.ecr-repository }}

.github/workflows/gradle_build.yml

@@ -0,0 +1,64 @@
+name: Build Gradle
+
+on:
+  workflow_call:
+    inputs:
+      project-name:
+        required: true
+        type: string
+        description: 'The name of the project to build'
+    outputs:
+      build-success:
+        description: "빌드 성공 여부"
+        value: ${{ jobs.build.outputs.success }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    outputs:
+      success: ${{ steps.build-result.outputs.success }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Setup JDK 21
+        uses: actions/setup-java@v3
+        with:
+          java-version: '21'
+          distribution: 'corretto'
+
+      - name: Gradle Caching
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.gradle/caches
+            ~/.gradle/wrapper
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+          restore-keys: |
+            ${{ runner.os }}-gradle-
+
+      - name: gradle setting
+        run: |
+          chmod +x gradlew
+
+      - name: ${{ inputs.project-name }} build
+        id: gradle-build
+        continue-on-error: true
+        run: ./gradlew build
+
+      - name: Determine build success
+        id: build-result
+        run: |
+          if [ "${{ steps.gradle-build.outcome }}" == "success" ]; then
+            echo "success=true" >> $GITHUB_OUTPUT
+          else
+            echo "success=false" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Upload build artifacts
+        if: ${{ inputs.project-name != 'ALL' }}
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ inputs.project-name }}-build
+          path: ./boot/${{ inputs.project-name }}/build/libs

.gitignore

@@ -1,24 +1,39 @@
-# Compiled class file
-*.class
+HELP.md
+.gradle
+**/.gradle
+build/
+!../gradle/wrapper/gradle-wrapper.jar
+!**/src/main/**/build/
+!**/src/test/**/build/
 
-# Log file
-*.log
+### STS ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+.sts4-cache
+bin/
+!**/src/main/**/bin/
+!**/src/test/**/bin/
 
-# BlueJ files
-*.ctxt
+### IntelliJ IDEA ###
+.idea
+**/.idea
+*.iws
+*.iml
+*.ipr
+out/
+!**/src/main/**/out/
+!**/src/test/**/out/
 
-# Mobile Tools for Java (J2ME)
-.mtj.tmp/
+### NetBeans ###
+/nbproject/private/
+/nbbuild/
+/dist/
+/nbdist/
+/.nb-gradle/
 
-# Package Files #
-*.jar
-*.war
-*.nar
-*.ear
-*.zip
-*.tar.gz
-*.rar
-
-# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
-hs_err_pid*
-replay_pid*
+### VS Code ###
+.vscode/

boot/api/Dockerfile

@@ -0,0 +1,7 @@
+FROM amazoncorretto:21-alpine-jdk
+ARG JAR_FILE=boot/api/build/libs/api.jar
+COPY ${JAR_FILE} app.jar
+
+EXPOSE 8080
+
+ENTRYPOINT ["java", "-Duser.timezone=Asia/Seoul", "-jar", "/app.jar"]

onething/boot/api/build.gradle → boot/api/build.gradle

@@ -7,6 +7,10 @@ plugins {
 group = 'com.clip'
 version = '0.0.1-SNAPSHOT'
 
+bootJar {
+    archiveFileName = 'api.jar'
+}
+
 java {
     toolchain {
         languageVersion = JavaLanguageVersion.of(21)