This project forked from codesquad-members-2023/be-java-cafe-max
2023 마스터즈 비맥스 스프링 카페 프로젝트
질문 게시글을 올리기 위한 게시판
be-java-cafe-max $ ./gradlew clean build
be-java-cafe-max $ docker-compose up -d --build
Run appleboy/ssh-action@master
with:
host: ***
username: ec[2](https://github.com/yonghwankim-dev/be-java-cafe-max/actions/runs/5430382845/jobs/9877274493#step:9:2)-user
key: ***
script: docker pull ***/be-java-cafe-max:latest
docker stop $(docker ps -a -q)
docker run -d --log-driver=syslog -p 8080:8080 ***/be-java-cafe-max:latest
docker rm $(docker ps --filter 'status=exited' -a -q)
docker image prune -a -f
port: 22
timeout: [3](https://github.com/yonghwankim-dev/be-java-cafe-max/actions/runs/5430382845/jobs/9877274493#step:9:3)0s
command_timeout: 10m
proxy_port: 22
proxy_timeout: 30s
env:
JAVA_HOME: /opt/hostedtoolcache/Java_Temurin-Hotspot_jdk/11.0.19-7/x6[4](https://github.com/yonghwankim-dev/be-java-cafe-max/actions/runs/5430382845/jobs/9877274493#step:9:4)
JAVA_HOME_11_X64: /opt/hostedtoolcache/Java_Temurin-Hotspot_jdk/11.0.19-7/x64
/usr/bin/docker run --name a6c8c84478a17774940f4b[5](https://github.com/yonghwankim-dev/be-java-cafe-max/actions/runs/5430382845/jobs/9877274493#step:9:5)2138cfde0[6](https://github.com/yonghwankim-dev/be-java-cafe-max/actions/runs/5430382845/jobs/9877274493#step:9:6)88e0_9b54[7](https://github.com/yonghwankim-dev/be-java-cafe-max/actions/runs/5430382845/jobs/9877274493#step:9:7)6 --label 2a6c[8](https://github.com/yonghwankim-dev/be-java-cafe-max/actions/runs/5430382845/jobs/9877274493#step:9:8)c --workdir /github/workspace --rm -e "JAVA_HOME" -e "JAVA_HOME_11_X64" -e "INPUT_HOST" -e "INPUT_USERNAME" -e "INPUT_KEY" -e "INPUT_SCRIPT" -e "INPUT_PORT" -e "INPUT_PASSPHRASE" -e "INPUT_PASSWORD" -e "INPUT_SYNC" -e "INPUT_USE_INSECURE_CIPHER" -e "INPUT_CIPHER" -e "INPUT_TIMEOUT" -e "INPUT_COMMAND_TIMEOUT" -e "INPUT_KEY_PATH" -e "INPUT_FINGERPRINT" -e "INPUT_PROXY_HOST" -e "INPUT_PROXY_PORT" -e "INPUT_PROXY_USERNAME" -e "INPUT_PROXY_PASSWORD" -e "INPUT_PROXY_PASSPHRASE" -e "INPUT_PROXY_TIMEOUT" -e "INPUT_PROXY_KEY" -e "INPUT_PROXY_KEY_PATH" -e "INPUT_PROXY_FINGERPRINT" -e "INPUT_PROXY_CIPHER" -e "INPUT_PROXY_USE_INSECURE_CIPHER" -e "INPUT_SCRIPT_STOP" -e "INPUT_ENVS" -e "INPUT_ENVS_FORMAT" -e "INPUT_DEBUG" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_REPOSITORY_OWNER_ID" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_REPOSITORY_ID" -e "GITHUB_ACTOR_ID" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKFLOW_REF" -e "GITHUB_WORKFLOW_SHA" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "GITHUB_STATE" -e "GITHUB_OUTPUT" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_ENVIRONMENT" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/be-java-cafe-max/be-java-cafe-max":"/github/workspace" 2a6c8c:84478a17774[9](https://github.com/yonghwankim-dev/be-java-cafe-max/actions/runs/5430382845/jobs/9877274493#step:9:9)40f4b52138cfde0688e0
======CMD======
docker pull ***/be-java-cafe-max:latest
docker stop $(docker ps -a -q)
docker run -d --log-driver=syslog -p 8080:8080 ***/be-java-cafe-max:latest
docker rm $(docker ps --filter 'status=exited' -a -q)
docker image prune -a -f
======END======
err: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/images/create?fromImage=***%2Fbe-java-cafe-max&tag=latest": dial unix /var/run/docker.sock: connect: permission denied
err: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json?all=1": dial unix /var/run/docker.sock: connect: permission denied
err: "docker stop" requires at least 1 argument.
err: See 'docker stop --help'.
err: Usage: docker stop [OPTIONS] CONTAINER [CONTAINER...]
err: Stop one or more running containers
err: docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/create": dial unix /var/run/docker.sock: connect: permission denied.
err: See 'docker run --help'.
err: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json?all=1&filters=%7B%22status%22%3A%7B%22exited%22%3Atrue%7D%7D": dial unix /var/run/docker.sock: connect: permission denied
err: "docker rm" requires at least 1 argument.
err: See 'docker rm --help'.
err: Usage: docker rm [OPTIONS] CONTAINER [CONTAINER...]
err: Remove one or more containers
err: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/images/prune?filters=%7B%22dangling%22%3A%7B%22false%22%3Atrue%7D%7D": dial unix /var/run/docker.sock: connect: permission denied
2023/07/01 [12](https://github.com/yonghwankim-dev/be-java-cafe-max/actions/runs/5430382845/jobs/9877274493#step:9:12):49:12 Process exited with status 1
workflow.yml 파일의 내용중 도커 작업에서 SSH 접속한 EC2에서 docker 명령어를 호출하기 전에 /var/run/docker.sock의 실행권한을 666으로 변경합니다.
sudo chmod 666 /var/run/docker.sock
# 배포
- name: Deploy
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.HOST }} # EC2 인스턴스 퍼블릭 DNS
username: ec2-user
key: ${{ secrets.PRIVATE_KEY }} # pem 키
# 도커 작업
script: |
sudo chmod 666 /var/run/docker.sock
docker pull ${{ secrets.DOCKER_USERNAME }}/be-java-cafe-max:latest
docker stop $(docker ps -a -q)
docker run -d --log-driver=syslog -p 8080:8080 ${{ secrets.DOCKER_USERNAME }}/be-java-cafe-max:latest
docker rm $(docker ps --filter 'status=exited' -a -q)
docker image prune -a -f
EC2 인스턴스에서 시간을 출력할때 다음과 같이 출력됩니다.
$ date
Wed Jul 5 17:23:05 KST 2023
EC2 인스턴스에서 설정된 시간 형식이 별도로 설정되어 있지 않기 때문입니다.
date "+%Y-%m-%d %H:%M:%S"
# 루트로 로그인
$ sudo su - root
# 기존 타임존 삭제
$ sudo rm /etc/localtime
# 타임존 변경
$ sudo ln -s /usr/share/zoneinfo/Asia/Seoul /etc/localtime
# clock 파일 수정하여 영구 반영
$ sudo vim /etc/sysconfig/clock
ZONE="Asia/Seoul"
UTC=true
# 시간 변경 확인
$ date
스프링부트 앱을 서버 배포하기 위해서 Github Actions, EC2 인스턴스를 이용하여 CI/CD 파이프 라인을 구축하려고 했습니다.
Github Actions를 수행하기 위해서 .github/workflows/cicd.yml 파일에 CI를 수행하기 위한 작업들을 정의하였습니다.
이 작업들 중에서 외부에 노출시키고 싶지 않은 설정 파일(데이터베이스 정보 등)들을 CI 과정에서 파일을 생성하여 시크릿 값으로 넣는 작업들이 있습니다.
다음은 문제가 발생한 워크플로우 파일 내용입니다.
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle
name: Java CI with Gradle
on:
push:
branches: [ "네모네모", "main", "infra/cicd" ]
pull_request:
branches: [ "네모네모", "main", "infra/cicd" ]
permissions:
contents: read
jobs:
build-image:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
## JDK 설정
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
java-version: '11'
distribution: 'temurin'
# application-prod.properties 파일을 생성하여 설정
- name: make application-prod.properties
run: |
cd ./src/main/resources
touch ./application-prod.properties
echo "${{ secrets.APPLICATION_PROD }}" > ./application-prod.properties
ls -l
# .env 파일을 생성하여 설정
- name: make .env
run: |
touch ./.env
echo "${{ secrets.DATASOURCE_ENV }}" > ./.env
ls -l
- name: make mysql config file
run: |
cd ./src/main/resources
mkdir -p ./db/mysql/conf.d
mkdir -p ./db/mysql/initdb.d
touch ./db/mysql/conf.d/my.cnf
touch ./db/mysql/initdb.d/init.sql
echo "${{ secrets.MYSQL_CNF }}" > ./db/mysql/conf.d/my.cnf
echo "${{ secrets.MYSQL_INIT }}" > ./db/mysql/initdb.d/init.sql
ls -l ./db/mysql/conf.d/
ls -l ./db/mysql/initdb.d/
# gradlew 실행을 위해서 실행 권한을 부여
- name: Grant execute permission for gradlew
run: chmod +x gradlew
# Gradle을 이용하여 빌드 수행
- name: Build with Gradle
run: ./gradlew build -x test
# 도커 이미지 빌드하여 도커 허브에 푸시하기
- name: Docker build
run: |
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
docker build -t app .
docker tag app ${{ secrets.DOCKER_USERNAME}}/be-java-cafe-max:latest
docker push ${{ secrets.DOCKER_USERNAME }}/be-java-cafe-max:latest
cd-pipeline:
needs: build-image
name: continuos deploy
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- name: print pwd, ls
run: |
pwd
ls -l
- name: copy datasource env file via ssh password
uses: appleboy/scp-action@master
with:
host: ${{ secrets.HOST }}
username: ec2-user
key: ${{ secrets.PRIVATE_KEY }}
port: 22
source: ".env"
target: "/home/ec2-user/"
- name: copy file via ssh password
uses: appleboy/scp-action@master
with:
host: ${{ secrets.HOST }}
username: ec2-user
key: ${{ secrets.PRIVATE_KEY }}
port: 22
source: "docker-compose.yml"
target: "/home/ec2-user/"
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.HOST }} # EC2 인스턴스 퍼블릭 DNS
username: ec2-user
key: ${{ secrets.PRIVATE_KEY }} # pem 키
port: 22
script: |
sudo chmod 666 /var/run/docker.sock
docker stop $(docker ps -a -q) 2>/dev/null
docker-compose pull && docker-compose up -d문제가 발생한 부분은 다음 부분이었습니다.
cd-pipeline:
needs: build-image
name: continuos deploy
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
# ...
- name: copy datasource env file via ssh password
uses: appleboy/scp-action@master
with:
host: ${{ secrets.HOST }}
username: ec2-user
key: ${{ secrets.PRIVATE_KEY }}
port: 22
source: ".env"
target: "/home/ec2-user/"에러 내용은 다음과 같았습니다.
Run appleboy/scp-action@master
with:
host: ***
username: ec[2](https://github.com/yonghwankim-dev/be-java-cafe-max/actions/runs/5461538057/jobs/9939705852#step:6:2)-user
key: ***
port: 22
source: .env
target: /home/ec2-user/
timeout: [3](https://github.com/yonghwankim-dev/be-java-cafe-max/actions/runs/5461538057/jobs/9939705852#step:6:3)0s
command_timeout: 10m
use_insecure_cipher: false
rm: false
debug: false
strip_components: 0
overwrite: false
tar_dereference: false
tar_exec: tar
proxy_port: 22
proxy_timeout: 30s
proxy_use_insecure_cipher: false
# ...
tar: empty archive
tar all files into /tmp/oKKbSiNQNq.tar.gz
exit status 1
에러의 내용은 EC2에 업로드할 대상 파일이 없다는 것이었습니다.
해결한 워크플로우 링크를 참고해주세요.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.