👀

docker, k8s, git actions

1. SpringBoot 프로젝트에 Docker 생성

FROM openjdk:17-jdk-slim COPY ./build/libs/*-SNAPSHOT.jar app.jar ENTRYPOINT ["java", "-jar", "app.jar"]
Docker
복사
docker build -t seungjusuh/cash-service:latest .
docker push seungjusuh/cash-service

2. GitHub에 .github/workflows/deploy.yml 생성

name: deploy on: push: branches: [ "dev" ] pull_request: branches: [ "dev" ] jobs: build: runs-on: ubuntu-latest permissions: contents: read packages: write steps: - uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v4 with: java-version: '17' distribution: 'temurin' server-id: github # Value of the distributionManagement/repository/id field of the pom.xml settings-path: ${{ github.workspace }} # location for the settings.xml file - name: Setup Gradle uses: gradle/actions/setup-gradle@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0 - name: Build with Gradle run: ./gradlew bootJar - name: Build the Docker image run: docker build . --file Dockerfile --tag ${{secrets.DOCKER_USERNAME}}/${{secrets.DOCKER_REPO}}:latest - name: Docker Login uses: docker/login-action@v3.3.0 with: username: ${{secrets.DOCKER_USERNAME}} password: ${{secrets.DOCKER_PASSWORD}} - name: Docker Push run: docker push ${{secrets.DOCKER_USERNAME}}/${{secrets.DOCKER_REPO}}:latest # - name: SSH Remote Commands # uses: appleboy/ssh-action@v1.0.3 # with: # host: ${{ secrets.HOST }} # username: ${{ secrets.USERNAME }} # key: ${{ secrets.PASSWORD }} # script: ${{ secrets.SCRIPT }}
YAML
복사

Secret Key 등록

3. Helm 레포지토리 생성 후 프로젝트 생성

helm create itemcd item/chartshelm create mysql + helm create item-service
# mysql-secret.yaml -> Base64로 인코딩 apiVersion: v1 kind: Secret metadata: name: mysql-secret type: Opaque data: MYSQL_ROOT_PASSWORD: cGxhbnRpZnk= MYSQL_DATABASE: aXRlbS1kYg== SPRING_DATASOURCE_URL: amRiYzpteXNxbDovL2Nhc2gtbXlzcWw6MzMwNi9jYXNoLWRi SPRING_DATASOURCE_PASSWORD: cGxhbnRpZnk= JASYPT_PASSWORD: SEtUT1NTUExBTlRJRlk=
YAML
복사
kubectl apply -f mysql-secret.yml
↓↓ 설정하는 yaml 파일은 다른 설정은 수정 X ↓↓

item-service

# deployment.yaml env: {{- range .Values.env }} - name: {{ .name }} {{- if .valueFrom }} valueFrom: secretKeyRef: name: {{ .valueFrom.secretKeyRef.name }} key: {{ .valueFrom.secretKeyRef.key }} {{- else }} value: {{ .value }} {{- end }} {{- end }}
YAML
복사
# values.yaml image: repository: seungjusuh/item-service pullPolicy: Always tag: "latest" service: type: NodePort port: 8080 volumes: - name: mysql-secret-volume secret: secretName: mysql-secret volumeMounts: - name: mysql-secret-volume mountPath: /etc/secrets readOnly: true env: - name: SPRING_DATASOURCE_URL valueFrom: secretKeyRef: name: mysql-secret key: SPRING_DATASOURCE_URL - name: SPRING_DATASOURCE_PASSWORD valueFrom: secretKeyRef: name: mysql-secret key: SPRING_DATASOURCE_PASSWORD - name: JASYPT_PASSWORD valueFrom: secretKeyRef: name: mysql-secret key: JASYPT_PASSWORD
YAML
복사

Mysql

# deployment.yaml env: {{- range .Values.env }} - name: {{ .name }} {{- if .valueFrom }} valueFrom: secretKeyRef: name: {{ .valueFrom.secretKeyRef.name }} key: {{ .valueFrom.secretKeyRef.key }} {{- else }} value: {{ .value }} {{- end }} {{- end }}
YAML
복사
# values.yaml image: repository: mysql pullPolicy: Always tag: "latest" service: type: NodePort port: 3306 volumes: - name: mysql-secret-volume secret: secretName: mysql-secret volumeMounts: - name: mysql-secret-volume mountPath: /etc/secrets readOnly: true env: - name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: name: mysql-secret key: MYSQL_ROOT_PASSWORD - name: MYSQL_DATABASE valueFrom: secretKeyRef: name: mysql-secret key: MYSQL_DATABASE
YAML
복사
helm install item . (현재 위치 /item )
kubectl get pods
kubectl get svc

참고