[BE] refactor: 서버별별 bootstrap, config application.yml 주입 (#24)

Signed-off-by: EunJiJung <[email protected]>
sgdevcamp2025 · Feb 9, 2025 · a030679 · a030679
1 parent ad69575
commit a030679
Show file tree

Hide file tree

Showing 2 changed files with 81 additions and 13 deletions.
diff --git a/.github/actions/ecr-push/action.yml b/.github/actions/ecr-push/action.yml
@@ -41,6 +41,16 @@ inputs:
   container_port:
     description: "AWS EC2 container port"
     required: true
+  config_private_ip:
+    description: "Config private ip"
+    required: true
+  config_port:
+    description: "Config default port"
+    required: true
+  config_application_yml:
+    description: "Config application.yml"
+    required: true
+
 
 
 runs:
@@ -63,6 +73,34 @@ runs:
       id: login-ecr
       uses: aws-actions/amazon-ecr-login@v1
 
+    - name: Generate dynamic bootstrap.yml & application.yml
+      shell: bash
+      run: |
+        if [[ "${{ inputs.container_name }}" == "config-server" ]]; then
+          # Config Server용 bootstrap.yml 생성 (private_ip는 암호화 key)
+          cat <<EOF > ${{ inputs.folder }}/src/main/resources/bootstrap.yml
+encrypt:
+  key: ${{ inputs.config_private_ip }}
+EOF
+
+          # Config Server의 application.yml 생성 (Base64 디코딩)
+          rm -f ${{ inputs.folder }}/src/main/resources/application.yml
+          echo "${{ inputs.config_application_yml }}" | base64 --decode > ${{ inputs.folder }}/src/main/resources/application.yml
+        else
+          # 일반 서비스용 bootstrap.yml 생성
+          cat <<EOF > ${{ inputs.folder }}/src/main/resources/bootstrap.yml
+spring:
+  application:
+    name: ${{ inputs.container_name }}
+  cloud:
+    config:
+      uri: http://${{ inputs.config_private_ip }}:${{ inputs.config_port }}
+EOF
+        fi
+
+
+
+
     # Docker 빌드 및 ECR에 푸시
     - name: Build and push Docker image to Amazon ECR
       shell: bash
@@ -81,6 +119,9 @@ runs:
         echo "Pushing image to Amazon ECR..."
         docker push $FULL_ECR_PATH:$IMAGE_TAG
 
+        echo "Cleaning up sensitive file..."
+        rm -f src/main/resources/bootstrap.yml
+
         echo "Build & Push completed!"
 
     - name: EC2에서 ECR에 로그인하기

diff --git a/.github/workflows/be-main.yml b/.github/workflows/be-main.yml
@@ -192,8 +192,11 @@ jobs:
           ec2_ip: ${{ secrets.AWS_DISCOVERY_EC2_IP }}
           ec2_username: ${{ secrets.AWS_EC2_USERNAME }}
           ec2_ssh_key: ${{ secrets.AWS_MSA_SSH_KEY }}
-          container_name: "discovery-container"
-          container_port: ${{ secrets.DISCOVERY_PORT}}
+          container_name: "discovery-server"
+          container_port: ${{ secrets.DISCOVERY_PORT }}
+          config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }}
+          config_port: ${{ secrets.CONFIG_PORT }}
+          config_application_yml: ""
 
 
   build-msa-config:
@@ -219,8 +222,11 @@ jobs:
           ec2_ip: ${{ secrets.AWS_CONFIG_EC2_IP }}
           ec2_username: ${{ secrets.AWS_EC2_USERNAME }}
           ec2_ssh_key: ${{ secrets.AWS_MSA_SSH_KEY }}
-          container_name: "config-container"
-          container_port: ${{ secrets.CONFIG_PORT}} 
+          container_name: "config-server"
+          container_port: ${{ secrets.CONFIG_PORT }} 
+          config_private_ip: ${{ secrets.CONFIG_ENCRYPT_KEY }}
+          config_port: ${{ secrets.CONFIG_PORT }}
+          config_application_yml: ${{ secrets.CONFIG_APPLICATION_YML }}
 
   build-msa-apigateway:
     needs: check-folder-change
@@ -244,8 +250,11 @@ jobs:
           ec2_ip: ${{ secrets.AWS_APIGATEWAY_EC2_IP }}
           ec2_username: ${{ secrets.AWS_EC2_USERNAME }}
           ec2_ssh_key: ${{ secrets.AWS_MSA_SSH_KEY }}
-          container_name: "apigateway-container"
-          container_port: ${{ secrets.APIGATEWAY_PORT}} 
+          container_name: "apigateway-server"
+          container_port: ${{ secrets.APIGATEWAY_PORT }} 
+          config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }}
+          config_port: ${{ secrets.CONFIG_PORT }}
+          config_application_yml: ""
 
   # Service 빌드 및 푸시
   build-service-user:
@@ -270,8 +279,11 @@ jobs:
           ec2_ip: ${{ secrets.AWS_USER_EC2_IP }}
           ec2_username: ${{ secrets.AWS_EC2_USERNAME }}
           ec2_ssh_key: ${{ secrets.AWS_SERVICE_SSH_KEY }}
-          container_name: "user-container"
+          container_name: "user-server"
           container_port: 0
+          config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }}
+          config_port: ${{ secrets.CONFIG_PORT }}
+          config_application_yml: ""
 
   build-service-chat:
     needs: check-folder-change
@@ -295,8 +307,11 @@ jobs:
           ec2_ip: ${{ secrets.AWS_CHAT_EC2_IP }}
           ec2_username: ${{ secrets.AWS_EC2_USERNAME }}
           ec2_ssh_key: ${{ secrets.AWS_CHAT_SSH_KEY }}
-          container_name: "chat-container"
+          container_name: "chat-server"
           container_port: 0
+          config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }}
+          config_port: ${{ secrets.CONFIG_PORT }}
+          config_application_yml: ""
 
   build-service-state:
     needs: check-folder-change
@@ -320,8 +335,11 @@ jobs:
           ec2_ip: ${{ secrets.AWS_STATE_EC2_IP }}
           ec2_username: ${{ secrets.AWS_EC2_USERNAME }}
           ec2_ssh_key: ${{ secrets.AWS_SERVICE_SSH_KEY }}
-          container_name: "state-container"
+          container_name: "state-server"
           container_port: 0
+          config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }}
+          config_port: ${{ secrets.CONFIG_PORT }}
+          config_application_yml: ""
 
   build-service-guild:
     needs: check-folder-change
@@ -345,8 +363,11 @@ jobs:
           ec2_ip: ${{ secrets.AWS_GUILD_EC2_IP }}
           ec2_username: ${{ secrets.AWS_EC2_USERNAME }}
           ec2_ssh_key: ${{ secrets.AWS_SERVICE_SSH_KEY }}
-          container_name: "guild-container"
+          container_name: "guild-server"
           container_port: 0
+          config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }}
+          config_port: ${{ secrets.CONFIG_PORT }}
+          config_application_yml: ""
 
   build-service-notification:
     needs: check-folder-change
@@ -370,8 +391,11 @@ jobs:
           ec2_ip: ${{ secrets.AWS_NOTIFICATION_EC2_IP }}
           ec2_username: ${{ secrets.AWS_EC2_USERNAME }}
           ec2_ssh_key: ${{ secrets.AWS_SERVICE_SSH_KEY }}
-          container_name: "notification-container"
+          container_name: "notification-server"
           container_port: 0
+          config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }}
+          config_port: ${{ secrets.CONFIG_PORT }}
+          config_application_yml: ""
 
   build-service-signaling:
     needs: check-folder-change
@@ -395,5 +419,8 @@ jobs:
           ec2_ip: ${{ secrets.AWS_SIGNALING_EC2_IP }}
           ec2_username: ${{ secrets.AWS_EC2_USERNAME }}
           ec2_ssh_key: ${{ secrets.AWS_SERVICE_SSH_KEY }}
-          container_name: "signaling-container"
-          container_port: 0
+          container_name: "signaling-server"
+          container_port: 0
+          config_private_ip: ${{ secrets.CONFIG_PRIVATE_IP }}
+          config_port: ${{ secrets.CONFIG_PORT }}
+          config_application_yml: ""