[AWS 이전] 운영서버 태그기반 수동 배포

.github/workflows/manual-prod-deploy.yaml

@@ -4,7 +4,7 @@ on:
     workflow_dispatch:
         inputs:
             tag:
-                description: 'Tag to deploy  (v1.0.0)'
+                description: 'Tag to deploy  (v0.33.8)'
                 required: true
 
 jobs:
@@ -16,22 +16,49 @@ jobs:
               with:
                   ref: ${{ github.event.inputs.tag }}
 
-            - name: Deploy to Prod NCP Server
-              uses: appleboy/ssh-action@master
-              with:
-                  host: ${{ secrets.PROD_NCP_SERVER_HOST }}
-                  username: ${{ secrets.PROD_NCP_SERVER_USERNAME }}
-                  password: ${{ secrets.PROD_NCP_SERVER_PASSWORD }}
-                  port: ${{ secrets.PROD_NCP_SERVER_PORT }}
-                  script: |
-                      docker pull ${{ secrets.DOCKERHUB_USERNAME }}/spot-server:${{ github.event.inputs.tag }}
-                      docker stop spot-server-prod || true
-                      docker rm spot-server-prod || true
-                      docker run -d --name spot-server-prod \
-                        -p 8080:8080 \
-                        -e SPRING_DATASOURCE_URL=${{ secrets.PROD_DB_URL }} \
-                        -e SPRING_DATASOURCE_USERNAME=${{ secrets.PROD_DB_USERNAME }} \
-                        -e SPRING_DATASOURCE_PASSWORD=${{ secrets.PROD_DB_PASSWORD }} \
-                        -e TZ=Asia/Seoul \
-                        ${{ secrets.DOCKERHUB_USERNAME }}/spot-server:${{ github.event.inputs.tag }}
-                      docker system prune -af
+            -   name: Set up Docker Buildx
+                uses: docker/setup-buildx-action@v2
+
+            -   name: Login to DockerHub
+                uses: docker/login-action@v2
+                with:
+                    username: ${{ secrets.DOCKERHUB_USERNAME }}
+                    password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+            -   name: Build and push Docker image
+                uses: docker/build-push-action@v4
+                with:
+                    context: .
+                    push: true
+                    tags: ${{ secrets.DOCKERHUB_USERNAME }}/spot-server:prod-${{ github.event.inputs.tag }}
+
+            -   name: Deploy to PROD - AWS EC2
+                uses: appleboy/ssh-action@master
+                with:
+                    host: ${{ secrets.PROD_AWS_SERVER_HOST }}
+                    username: ${{ secrets.PROD_AWS_SERVER_USERNAME }}
+                    password: ${{ secrets.PROD_AWS_SERVER_PASSWORD }}
+                    port: ${{ secrets.PROD_AWS_SERVER_PORT }}
+                    script: |
+                        docker pull ${{ secrets.DOCKERHUB_USERNAME }}/spot-server:prod-${{ github.event.inputs.tag }}
+                        docker stop spot-server-prod || true
+                        docker rm spot-server-prod || true
+                        docker run -d --name spot-server-prod \
+                          -p 8080:8080 \
+                          -e SPRING_PROFILES_ACTIVE=prod \
+                          -e SPRING_DATASOURCE_URL=${{ secrets.PROD_DB_URL }} \
+                          -e SPRING_DATASOURCE_USERNAME=${{ secrets.PROD_DB_USERNAME }} \
+                          -e SPRING_DATASOURCE_PASSWORD=${{ secrets.PROD_DB_PASSWORD }} \
+                          -e SPRING_JWT_SECRET=${{ secrets.JWT_SECRET }} \
+                          -e OAUTH_CLIENTID=${{ secrets.KAKAO_CLIENT_ID }} \
+                          -e OAUTH_KAUTHTOKENURLHOST=${{ secrets.KAUTH_TOKEN_URL_HOST }} \
+                          -e OAUTH_KAUTHUSERURLHOST=${{ secrets.KAUTH_USER_URL_HOST }} \
+                          -e SPRING_JPA_HIBERNATE_DDL_AUTO=validate \
+                          -e NCP_OBJECT_STORAGE_ACCESS_KEY=${{ secrets.AWS_S3_ACCESS_KEY }} \
+                          -e NCP_OBJECT_STORAGE_SECRET_KEY=${{ secrets.AWS_S3_SECRET_KEY }} \
+                          -e TZ=Asia/Seoul \
+                          -e SENTRY_DSN=${{ secrets.SENTRY_DSN }} \
+                          -e SENTRY_ENABLE_TRACING=true \
+                          -e SENTRY_ENVIRONMENT=prod \
+                          ${{ secrets.DOCKERHUB_USERNAME }}/spot-server:prod-${{ github.event.inputs.tag }}
+                        docker system prune -af

Dockerfile

@@ -9,4 +9,12 @@ FROM openjdk:17-jdk-slim
 WORKDIR /app
 COPY --from=build /app/application/build/libs/*.jar app.jar
 EXPOSE 8080
-ENTRYPOINT ["java", "-jar", "app.jar"]
+#ENTRYPOINT ["java", "-jar", "app.jar"]
+
+# JVM 튜닝 옵션 추가
+ENTRYPOINT ["java", \
+            "-Xms256m", \
+            "-Xmx512m", \
+            "-Xminf0.4", \
+            "-Xmaxf0.7", \
+            "-jar", "app.jar"]

application/src/main/resources/appenders/console-appender.xml

@@ -14,7 +14,7 @@
     <appender name="LOKI_APPENDER" class="com.github.loki4j.logback.Loki4jAppender">
         <http>
             <!-- TODO: Loki 인스턴스 세팅 후 URL 변경 필요 -->
-            <url>http://localhost:3100/loki/api/v1/push</url>
+<!--            <url>http://localhost:3100/loki/api/v1/push</url>-->
         </http>
         <format>
             <label>

application/src/main/resources/application.yaml

@@ -5,7 +5,7 @@ server:
 spring:
     # 서브모듈 profile
     profiles:
-        active: local
+        active: prod
         group:
             local:
                 - jpa

application/src/main/resources/logback-spring.xml

@@ -15,10 +15,10 @@
     </springProfile>
 
     <springProfile name="prod">
-        <root level="ERROR">
+        <root level="INFO">
             <appender-ref ref="CONSOLE_APPENDER"/>
             <appender-ref ref="SENTRY_APPENDER"/>
-            <appender-ref ref="LOKI_APPENDER"/>
+<!--            <appender-ref ref="LOKI_APPENDER"/>-->
         </root>
     </springProfile>
 </configuration>

infrastructure/src/main/java/org/depromeet/spot/infrastructure/aws/config/ObjectStorageConfig.java

@@ -7,7 +7,7 @@
 
 import com.amazonaws.auth.AWSStaticCredentialsProvider;
 import com.amazonaws.auth.BasicAWSCredentials;
-import com.amazonaws.client.builder.AwsClientBuilder.EndpointConfiguration;
+import com.amazonaws.regions.Regions;
 import com.amazonaws.services.s3.AmazonS3;
 import com.amazonaws.services.s3.AmazonS3ClientBuilder;
 
@@ -19,14 +19,13 @@
 public class ObjectStorageConfig {
 
     private final ObjectStorageProperties objectStorageProperties;
-    private static final String ENDPOINT = "https://kr.object.ncloudstorage.com";
-    private static final String REGION = "kr-standard";
-    public static final String BUCKET_NAME = "spot-image-bucket";
+    private final Regions clientRegion = Regions.AP_NORTHEAST_2;
+    public static final String BUCKET_NAME = "spot-image-bucket-v2";
 
     @Bean
     public AmazonS3 getAmazonS3() {
         return AmazonS3ClientBuilder.standard()
-                .withEndpointConfiguration(new EndpointConfiguration(ENDPOINT, REGION))
+                .withRegion(clientRegion)
                 .withCredentials(
                         new AWSStaticCredentialsProvider(
                                 new BasicAWSCredentials(

infrastructure/src/main/java/org/depromeet/spot/infrastructure/aws/objectstorage/PresignedUrlGenerator.java

@@ -32,6 +32,7 @@ public class PresignedUrlGenerator implements CreatePresignedUrlPort {
 
     @Override
     public String forImage(final Long memberId, PresignedUrlRequest request) {
+        log.info("presigned url generator: forImage");
         isValidImageExtension(request.getFileExtension());
 
         final ImageExtension fileExtension = ImageExtension.from(request.getFileExtension());
@@ -50,16 +51,19 @@ private void isValidImageExtension(final String fileExtension) {
     }
 
     private URL createPresignedUrl(final String fileName) {
+        log.info("presigned url generator: createPresignedUrl");
         return amazonS3.generatePresignedUrl(createGeneratePreSignedUrlRequest(fileName));
     }
 
     private GeneratePresignedUrlRequest createGeneratePreSignedUrlRequest(final String fileName) {
+        log.info("presigned url generator: createGeneratePreSignedUrlRequest");
         final String bucketName = ObjectStorageConfig.BUCKET_NAME;
         GeneratePresignedUrlRequest generatePresignedUrlRequest =
                 new GeneratePresignedUrlRequest(bucketName, fileName)
                         .withMethod(HttpMethod.PUT)
                         .withExpiration(createPreSignedUrlExpiration());
 
+        log.info("presigned url generator: addRequestParameter");
         generatePresignedUrlRequest.addRequestParameter(
                 Headers.S3_CANNED_ACL, CannedAccessControlList.PublicRead.toString());
 

infrastructure/src/main/java/org/depromeet/spot/infrastructure/jpa/stadium/entity/StadiumEntity.java

@@ -19,13 +19,13 @@ public class StadiumEntity extends BaseEntity {
     @Column(name = "name", nullable = false, length = 50)
     private String name;
 
-    @Column(name = "main_image", length = 255)
+    @Column(name = "main_image", length = 300)
     private String mainImage;
 
-    @Column(name = "seating_chart_image", length = 255)
+    @Column(name = "seating_chart_image", length = 300)
     private String seatingChartImage;
 
-    @Column(name = "labeled_seating_chart_image", length = 255)
+    @Column(name = "labeled_seating_chart_image", length = 300)
     private String labeledSeatingChartImage;
 
     @Column(name = "is_active", nullable = false)

infrastructure/src/main/resources/application-ncp.yaml

@@ -1,4 +1,4 @@
 ncp:
     object-storage:
-        accessKey: ${NCP_OBJECT_STORAGE_ACCESS_KEY}
-        secretKey: ${NCP_OBJECT_STORAGE_SECRET_KEY}
+        accessKey: ${AWS_OBJECT_STORAGE_ACCESS_KEY}
+        secretKey: ${AWS_OBJECT_STORAGE_SECRET_KEY}