diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c67ef61..302165e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,8 +25,9 @@ jobs: working-directory: backend run: ./gradlew bootJar -x test env: - DB_URL: ${{ secrets.DB_URL }} - DB_USER: ${{ secrets.DB_USER }} - DB_PASSWORD: ${{ secrets.DB_PASSWORD }} + RDS_ENDPOINT: ${{ secrets.RDS_ENDPOINT }} + RDS_DB_NAME: ${{ secrets.RDS_DB_NAME }} + RDS_USERNAME: ${{ secrets.RDS_USERNAME }} + RDS_PASSWORD: ${{ secrets.RDS_PASSWORD }} JWT_SECRET: ${{ secrets.JWT_SECRET }} JWT_EXPIRATION: ${{ secrets.JWT_EXPIRATION }} diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 87ddcca..2d5b3cd 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -25,9 +25,10 @@ jobs: working-directory: backend run: ./gradlew bootJar -x test env: - DB_URL: ${{ secrets.DB_URL }} - DB_USER: ${{ secrets.DB_USER }} - DB_PASSWORD: ${{ secrets.DB_PASSWORD }} + RDS_ENDPOINT: ${{ secrets.RDS_ENDPOINT }} + RDS_DB_NAME: ${{ secrets.RDS_DB_NAME }} + RDS_USERNAME: ${{ secrets.RDS_USERNAME }} + RDS_PASSWORD: ${{ secrets.RDS_PASSWORD }} JWT_SECRET: ${{ secrets.JWT_SECRET }} JWT_EXPIRATION: ${{ secrets.JWT_EXPIRATION }} @@ -55,10 +56,16 @@ jobs: docker rm piroin-backend || true docker run -d \ --name piroin-backend \ + --restart unless-stopped \ -p 8080:8080 \ - -e DB_URL=${{ secrets.DB_URL }} \ - -e DB_USER=${{ secrets.DB_USER }} \ - -e DB_PASSWORD=${{ secrets.DB_PASSWORD }} \ - -e JWT_SECRET=${{ secrets.JWT_SECRET }} \ - -e JWT_EXPIRATION=${{ secrets.JWT_EXPIRATION }} \ + --health-cmd="curl -f http://localhost:8080/actuator/health || exit 1" \ + --health-interval=30s \ + --health-timeout=10s \ + --health-retries=3 \ + -e RDS_ENDPOINT="${{ secrets.RDS_ENDPOINT }}" \ + -e RDS_DB_NAME="${{ secrets.RDS_DB_NAME }}" \ + -e RDS_USERNAME="${{ secrets.RDS_USERNAME }}" \ + -e RDS_PASSWORD="${{ secrets.RDS_PASSWORD }}" \ + -e JWT_SECRET="${{ secrets.JWT_SECRET }}" \ + -e JWT_EXPIRATION="${{ secrets.JWT_EXPIRATION }}" \ ${{ secrets.DOCKERHUB_USERNAME }}/piroin-backend:latest diff --git a/backend/build.gradle b/backend/build.gradle index 7aa086d..d7f248a 100644 --- a/backend/build.gradle +++ b/backend/build.gradle @@ -32,6 +32,9 @@ dependencies { // Swagger implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:3.0.0' + // Actuator + implementation 'org.springframework.boot:spring-boot-starter-actuator' + // Flyway implementation 'org.springframework.boot:spring-boot-flyway' diff --git a/backend/src/main/java/com/example/Piroin/project/global/config/SecurityConfig.java b/backend/src/main/java/com/example/Piroin/project/global/config/SecurityConfig.java index 4e6849a..3a22243 100644 --- a/backend/src/main/java/com/example/Piroin/project/global/config/SecurityConfig.java +++ b/backend/src/main/java/com/example/Piroin/project/global/config/SecurityConfig.java @@ -46,6 +46,9 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { "/swagger-ui.html" ).permitAll() + // Actuator health check + .requestMatchers("/actuator/health").permitAll() + // 다른 도메인 권한 설정 필요 시 위 패턴 참고해서 추가 // 단, 추가하지 않아도 무방함 // 이유 1. anyRequest().authenticated()로 비로그인 접근 차단 diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml index a839863..631371a 100644 --- a/backend/src/main/resources/application.yml +++ b/backend/src/main/resources/application.yml @@ -21,3 +21,9 @@ spring: hibernate: format_sql: true packagesToScan: com.example.Piroin.project.domain + +management: + endpoints: + web: + exposure: + include: health