From a030679acac0ce0ee23cd678393137b1837c98b7 Mon Sep 17 00:00:00 2001 From: EunJiJung Date: Mon, 10 Feb 2025 08:08:22 +0900 Subject: [PATCH] =?UTF-8?q?[BE]=20refactor:=20=EC=84=9C=EB=B2=84=EB=B3=84?= =?UTF-8?q?=EB=B3=84=20bootstrap,=20config=20application.yml=20=EC=A3=BC?= =?UTF-8?q?=EC=9E=85=20(#24)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: EunJiJung --- .github/actions/ecr-push/action.yml | 41 ++++++++++++++++++++++ .github/workflows/be-main.yml | 53 ++++++++++++++++++++++------- 2 files changed, 81 insertions(+), 13 deletions(-) diff --git a/.github/actions/ecr-push/action.yml b/.github/actions/ecr-push/action.yml index fb1ae3fb..eb313125 100644 --- a/.github/actions/ecr-push/action.yml +++ b/.github/actions/ecr-push/action.yml @@ -41,6 +41,16 @@ inputs: container_port: description: "AWS EC2 container port" required: true + config_private_ip: + description: "Config private ip" + required: true + config_port: + description: "Config default port" + required: true + config_application_yml: + description: "Config application.yml" + required: true + runs: @@ -63,6 +73,34 @@ runs: id: login-ecr uses: aws-actions/amazon-ecr-login@v1 + - name: Generate dynamic bootstrap.yml & application.yml + shell: bash + run: | + if [[ "${{ inputs.container_name }}" == "config-server" ]]; then + # Config Server용 bootstrap.yml 생성 (private_ip는 암호화 key) + cat < ${{ inputs.folder }}/src/main/resources/bootstrap.yml +encrypt: + key: ${{ inputs.config_private_ip }} +EOF + + # Config Server의 application.yml 생성 (Base64 디코딩) + rm -f ${{ inputs.folder }}/src/main/resources/application.yml + echo "${{ inputs.config_application_yml }}" | base64 --decode > ${{ inputs.folder }}/src/main/resources/application.yml + else + # 일반 서비스용 bootstrap.yml 생성 + cat < ${{ inputs.folder }}/src/main/resources/bootstrap.yml +spring: + application: + name: ${{ inputs.container_name }} + cloud: + config: + uri: http://${{ inputs.config_private_ip }}:${{ inputs.config_port }} +EOF + fi + + + + # Docker 빌드 및 ECR에 푸시 - name: Build and push Docker image to Amazon ECR shell: bash @@ -81,6 +119,9 @@ runs: echo "Pushing image to Amazon ECR..." docker push $FULL_ECR_PATH:$IMAGE_TAG + echo "Cleaning up sensitive file..." + rm -f src/main/resources/bootstrap.yml + echo "Build & Push completed!" - name: EC2에서 ECR에 로그인하기 diff --git a/.github/workflows/be-main.yml b/.github/workflows/be-main.yml index c981fa11..3f564fd3 100644 --- a/.github/workflows/be-main.yml +++ b/.github/workflows/be-main.yml @@ -192,8 +192,11 @@ jobs: ec2_ip: ${{ secrets.AWS_DISCOVERY_EC2_IP }} ec2_username: ${{ secrets.AWS_EC2_USERNAME }} ec2_ssh_key: ${{ secrets.AWS_MSA_SSH_KEY }} - container_name: "discovery-container" - container_port: ${{ secrets.DISCOVERY_PORT}} + container_name: "discovery-server" + container_port: ${{ secrets.DISCOVERY_PORT }} + config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }} + config_port: ${{ secrets.CONFIG_PORT }} + config_application_yml: "" build-msa-config: @@ -219,8 +222,11 @@ jobs: ec2_ip: ${{ secrets.AWS_CONFIG_EC2_IP }} ec2_username: ${{ secrets.AWS_EC2_USERNAME }} ec2_ssh_key: ${{ secrets.AWS_MSA_SSH_KEY }} - container_name: "config-container" - container_port: ${{ secrets.CONFIG_PORT}} + container_name: "config-server" + container_port: ${{ secrets.CONFIG_PORT }} + config_private_ip: ${{ secrets.CONFIG_ENCRYPT_KEY }} + config_port: ${{ secrets.CONFIG_PORT }} + config_application_yml: ${{ secrets.CONFIG_APPLICATION_YML }} build-msa-apigateway: needs: check-folder-change @@ -244,8 +250,11 @@ jobs: ec2_ip: ${{ secrets.AWS_APIGATEWAY_EC2_IP }} ec2_username: ${{ secrets.AWS_EC2_USERNAME }} ec2_ssh_key: ${{ secrets.AWS_MSA_SSH_KEY }} - container_name: "apigateway-container" - container_port: ${{ secrets.APIGATEWAY_PORT}} + container_name: "apigateway-server" + container_port: ${{ secrets.APIGATEWAY_PORT }} + config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }} + config_port: ${{ secrets.CONFIG_PORT }} + config_application_yml: "" # Service 빌드 및 푸시 build-service-user: @@ -270,8 +279,11 @@ jobs: ec2_ip: ${{ secrets.AWS_USER_EC2_IP }} ec2_username: ${{ secrets.AWS_EC2_USERNAME }} ec2_ssh_key: ${{ secrets.AWS_SERVICE_SSH_KEY }} - container_name: "user-container" + container_name: "user-server" container_port: 0 + config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }} + config_port: ${{ secrets.CONFIG_PORT }} + config_application_yml: "" build-service-chat: needs: check-folder-change @@ -295,8 +307,11 @@ jobs: ec2_ip: ${{ secrets.AWS_CHAT_EC2_IP }} ec2_username: ${{ secrets.AWS_EC2_USERNAME }} ec2_ssh_key: ${{ secrets.AWS_CHAT_SSH_KEY }} - container_name: "chat-container" + container_name: "chat-server" container_port: 0 + config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }} + config_port: ${{ secrets.CONFIG_PORT }} + config_application_yml: "" build-service-state: needs: check-folder-change @@ -320,8 +335,11 @@ jobs: ec2_ip: ${{ secrets.AWS_STATE_EC2_IP }} ec2_username: ${{ secrets.AWS_EC2_USERNAME }} ec2_ssh_key: ${{ secrets.AWS_SERVICE_SSH_KEY }} - container_name: "state-container" + container_name: "state-server" container_port: 0 + config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }} + config_port: ${{ secrets.CONFIG_PORT }} + config_application_yml: "" build-service-guild: needs: check-folder-change @@ -345,8 +363,11 @@ jobs: ec2_ip: ${{ secrets.AWS_GUILD_EC2_IP }} ec2_username: ${{ secrets.AWS_EC2_USERNAME }} ec2_ssh_key: ${{ secrets.AWS_SERVICE_SSH_KEY }} - container_name: "guild-container" + container_name: "guild-server" container_port: 0 + config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }} + config_port: ${{ secrets.CONFIG_PORT }} + config_application_yml: "" build-service-notification: needs: check-folder-change @@ -370,8 +391,11 @@ jobs: ec2_ip: ${{ secrets.AWS_NOTIFICATION_EC2_IP }} ec2_username: ${{ secrets.AWS_EC2_USERNAME }} ec2_ssh_key: ${{ secrets.AWS_SERVICE_SSH_KEY }} - container_name: "notification-container" + container_name: "notification-server" container_port: 0 + config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }} + config_port: ${{ secrets.CONFIG_PORT }} + config_application_yml: "" build-service-signaling: needs: check-folder-change @@ -395,5 +419,8 @@ jobs: ec2_ip: ${{ secrets.AWS_SIGNALING_EC2_IP }} ec2_username: ${{ secrets.AWS_EC2_USERNAME }} ec2_ssh_key: ${{ secrets.AWS_SERVICE_SSH_KEY }} - container_name: "signaling-container" - container_port: 0 \ No newline at end of file + container_name: "signaling-server" + container_port: 0 + config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }} + config_port: ${{ secrets.CONFIG_PORT }} + config_application_yml: "" \ No newline at end of file