search

f-lab-edu / retry-lee

0 stars 1 forks source link

[System Design] ECR 생성 #33

Closed sypatrick closed 5 days ago

sypatrick commented 2 weeks ago

[Context]

sypatrick commented 1 week ago

- IAM, user 생성 및 정책 설정

image

- Active Profiles 설정하기

spring:
  application:
    name: api-user

  profiles:
    active: local

  config:
    import:
      - db-config.yml

jwt:
  secret: jwtwhatevertokenjwtwhatevertokenjwtwhatevertoken

server:
  port: 8081

---
spring:
  config:
    activate:
      on-profile: local

jwt:
  access-token:
    expire: 30m
  refresh-token:
    expire: 14d

---
spring:
  config:
    activate:
      on-profile: dev

server:
  port: 8081

jwt:
  access-token:
    expire: 15m
  refresh-token:
    expire: 7d

---
spring:
  config:
    activate:
      on-profile: prod

server:
  port: 8080

jwt:
  access-token:
    expire: 10m
  refresh-token:
    expire: 3d

  1. Dockerfile

    ENV SPRING_PROFILES_ACTIVE=prod

  2. Actions Workflow

    run: |
docker build --build-arg SPRING_PROFILES_ACTIVE=$SPRING_PROFILES_ACTIVE -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f api-admin/Dockerfile api-admin
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG

    Dockerfile 수정

    ARG SPRING_PROFILES_ACTIVE
ENV SPRING_PROFILES_ACTIVE=$SPRING_PROFILES_ACTIVE

- Workflow 작성 ( ECR에 이미지 저장까지 )

name: Deploy to Amazon ECR

on:
  push:
    branches: [ "main" ]

env:
  AWS_REGION: ${{ secrets.AWS_REGION }}
  ECR_REPOSITORY: sypatrick/retry-lee

jobs:
  deploy:
    name: Deploy
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Set up JDK 21
        uses: actions/setup-java@v4
        with:
          java-version: '21'
          distribution: 'temurin'

      - name: Grant execute permission for gradlew
        run: chmod +x gradlew

      - name: Build api-admin with Gradle
        run: ./gradlew :api-admin:build -x test

      - name: Build api-user with Gradle
        run: ./gradlew :api-user:build -x test

      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ${{ env.AWS_REGION }}

      - name: Login to Amazon ECR
        id: login-ecr
        uses: aws-actions/amazon-ecr-login@v2

      - name: Build, tag, and push api-admin to Amazon ECR
        env:
          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
          IMAGE_TAG: ${{ github.sha }}-admin
        run: |
          docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f api-admin/Dockerfile api-admin
          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG

      - name: Build, tag, and push api-user to Amazon ECR
        env:
          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
          IMAGE_TAG: ${{ github.sha }}-user
        run: |
          docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f api-user/Dockerfile api-user
          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
sypatrick commented 1 week ago

로컬에서 Aws cli 를 사용하여 ECR 업로드

  1. 리포지토리 태그 지정 docker tag api-admin:latest 992382387989.dkr.ecr.ap-northeast-2.amazonaws.com/sypatrick/retry-lee:latest-admin docker tag api-user:latest 992382387989.dkr.ecr.ap-northeast-2.amazonaws.com/sypatrick/retry-lee:latest-user

  2. 이미지 푸시 docker push 992382387989.dkr.ecr.ap-northeast-2.amazonaws.com/sypatrick/retry-lee:latest-admin docker push 992382387989.dkr.ecr.ap-northeast-2.amazonaws.com/sypatrick/retry-lee:latest-user

  3. 확인 aws ecr list-images --repository-name sypatrick/retry-lee

image