feat: merge develop into master

.github/workflows/build-test.yml

@@ -0,0 +1,21 @@
+name: Build Test
+
+on:
+  pull_request:
+    branches: [ "develop", "stage", "main" ]
+
+jobs:
+  build-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+
+      - name: Set up JDK 21
+        uses: actions/setup-java@v3
+        with:
+          java-version: '21'
+          distribution: 'temurin'
+
+      - name: Build with Gradle
+        run: chmod +x gradlew && ./gradlew build -x test

.github/workflows/deploy.yml

@@ -0,0 +1,87 @@
+name: Deploy
+
+on:
+  push:
+    branches: [ "develop", "main" ]
+
+permissions:
+  contents: read
+
+jobs:
+  build-and-deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+        with:
+          submodules: true
+          token: ${{ secrets.GH_PAT }}
+
+      - name: Set up JDK 21
+        uses: actions/setup-java@v3
+        with:
+          java-version: '21'
+          distribution: 'temurin'
+
+      - name: Gradle Caching
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.gradle/caches
+            ~/.gradle/wrapper
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+          restore-keys: |
+            ${{ runner.os }}-gradle-
+
+      - name: Build with Gradle
+        run: chmod +x gradlew && ./gradlew build -x test
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ secrets.AWS_REGION }}
+
+      - name: Login to Amazon ECR
+        run: aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.ECR_REGISTRY_URI }}
+
+      - name: Docker build & push to ECR (develop)
+        if: github.ref == 'refs/heads/develop'
+        run: docker build -t ${{ secrets.ECR_REGISTRY_URI }}:dev -f Dockerfile-dev --push .
+
+      - name: Docker build & push to ECR (production)
+        if: github.ref == 'refs/heads/main'
+        run: docker build -t ${{ secrets.ECR_REGISTRY_URI }}:prod -f Dockerfile-prod --push .
+
+      - name: Server Deploy (develop)
+        if: github.ref == 'refs/heads/develop'
+        run: |
+          aws ssm send-command \
+            --document-name "AWS-RunShellScript" \
+            --instance-ids "${{ secrets.EC2_INSTANCE_ID }}" \
+            --parameters commands='[
+              "aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.ECR_REGISTRY_URI }}",
+              "cd /root",
+              "[ $(docker ps --filter 'publish=443' -q | wc -l) -gt 0 ] && docker stop $(docker ps --filter 'publish=443' -q)",
+              "[ $(docker images -q ${{ secrets.ECR_REGISTRY_URI }}:dev | wc -l) -gt 0 ] && docker rmi ${{ secrets.ECR_REGISTRY_URI }}:dev",
+              "docker pull ${{ secrets.ECR_REGISTRY_URI }}:dev",
+              "docker run --rm -d -p 443:443 --name writely-api -v /writely/logs:/writely/logs -v /etc/letsencrypt/live/dev-api.writeon.ai.kr:/writely/cert ${{ secrets.ECR_REGISTRY_URI }}:dev"
+            ]' \
+            --comment "Deploying Docker container (develop)"
+
+      - name: Server Deploy (production)
+        if: github.ref == 'refs/heads/main'
+        run: |
+          aws ssm send-command \
+            --document-name "AWS-RunShellScript" \
+            --instance-ids "${{ secrets.EC2_INSTANCE_ID_PROD }}" \
+            --parameters commands='[
+              "aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.ECR_REGISTRY_URI }}",
+              "cd /root",
+              "[ $(docker ps --filter 'publish=443' -q | wc -l) -gt 0 ] && docker stop $(docker ps --filter 'publish=443' -q)",
+              "[ $(docker images -q ${{ secrets.ECR_REGISTRY_URI }}:prod | wc -l) -gt 0 ] && docker rmi ${{ secrets.ECR_REGISTRY_URI }}:prod",
+              "docker pull ${{ secrets.ECR_REGISTRY_URI }}:prod",
+              "docker run --rm -d -p 443:443 --name writely-api -v /writely/logs:/writely/logs -v /etc/letsencrypt/live/api.writeon.ai.kr:/writely/cert ${{ secrets.ECR_REGISTRY_URI }}:prod"
+            ]' \
+            --comment "Deploying Docker container (production)"

.github/workflows/schedule-for-refresh-certification.yml

@@ -0,0 +1,66 @@
+name: Schedule for refresh certification
+
+on:
+  schedule:
+    - cron: "0 15 1 * *"
+  workflow_dispatch:
+
+jobs:
+  run-script:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ secrets.AWS_REGION }}
+
+      - name: Login to Amazon ECR
+        run: aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.ECR_REGISTRY_URI }}
+
+      - name: Refresh let's encrypt certification (develop)
+        run: |
+          aws ssm send-command \
+            --document-name "AWS-RunShellScript" \
+            --instance-ids "${{ secrets.EC2_INSTANCE_ID }}" \
+            --parameters commands='[
+              "docker run --rm --name writeon-certbot -p 80:80 -v \"/etc/letsencrypt:/etc/letsencrypt\"  -v \"/var/lib/letsencrypt:/var/lib/letsencrypt\" certbot/certbot certonly --standalone --force-renewal -d dev-api.writeon.ai.kr",
+              "cd /etc/letsencrypt/live/dev-api.writeon.ai.kr",
+              "openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out keystore.p12 -CAfile chain.pem -caname root -password pass:${{ secrets.TLS_KEYSTORE_PASSWORD }}"
+            ]' \
+            --comment "Refresh let's encrypt certification"
+
+      - name: Restart API Server (develop)
+        run: |
+          aws ssm send-command \
+            --document-name "AWS-RunShellScript" \
+            --instance-ids "${{ secrets.EC2_INSTANCE_ID }}" \
+            --parameters commands='[
+              "[ $(docker ps --filter 'publish=443' -q | wc -l) -gt 0 ] && docker stop $(docker ps --filter 'publish=443' -q)",
+              "docker run --rm -d -p 443:443 --name writely-api -v /writely/logs:/writely/logs -v /etc/letsencrypt/live/dev-api.writeon.ai.kr:/writely/cert ${{ secrets.ECR_REGISTRY_URI }}:dev"
+            ]' \
+            --comment "Restart API Server for apply new certification"
+
+      - name: Refresh let's encrypt certification (production)
+        run: |
+          aws ssm send-command \
+            --document-name "AWS-RunShellScript" \
+            --instance-ids "${{ secrets.EC2_INSTANCE_ID_PROD }}" \
+            --parameters commands='[
+              "docker run --rm --name writeon-certbot -p 80:80 -v \"/etc/letsencrypt:/etc/letsencrypt\"  -v \"/var/lib/letsencrypt:/var/lib/letsencrypt\" certbot/certbot certonly --standalone --force-renewal -d api.writeon.ai.kr",
+              "cd /etc/letsencrypt/live/api.writeon.ai.kr",
+              "openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out keystore.p12 -CAfile chain.pem -caname root -password pass:${{ secrets.TLS_KEYSTORE_PASSWORD }}"
+            ]' \
+            --comment "Refresh let's encrypt certification"
+
+      - name: Restart API Server (production)
+        run: |
+          aws ssm send-command \
+            --document-name "AWS-RunShellScript" \
+            --instance-ids "${{ secrets.EC2_INSTANCE_ID_PROD }}" \
+            --parameters commands='[
+              "[ $(docker ps --filter 'publish=443' -q | wc -l) -gt 0 ] && docker stop $(docker ps --filter 'publish=443' -q)",
+              "docker run --rm -d -p 443:443 --name writely-api -v /writely/logs:/writely/logs -v /etc/letsencrypt/live/api.writeon.ai.kr:/writely/cert ${{ secrets.ECR_REGISTRY_URI }}:prod"
+            ]' \
+            --comment "Restart API Server for apply new certification"

.gitignore

@@ -1,6 +1,7 @@
 HELP.md
 .gradle
 build/
+db/
 !gradle/wrapper/gradle-wrapper.jar
 !**/src/main/**/build/
 !**/src/test/**/build/
@@ -37,3 +38,6 @@ out/
 .vscode/
 *.log
 *.pid
+
+### secrets ###
+application*.yml

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "BE-secret"]
+	path = BE-secret
+	url = https://github.com/WritelyForWriters/BE-secret.git

Dockerfile-dev

@@ -0,0 +1,10 @@
+FROM openjdk:21-jdk-slim
+
+WORKDIR /writeon
+
+ENV TZ=Asia/Seoul
+RUN ln -sf /usr/share/zoneinfo/Asia/Seoul /etc/localtime
+
+COPY api/build/libs/*.jar writeon.jar
+
+ENTRYPOINT ["java", "-Dspring.profiles.active=dev", "-jar", "writeon.jar"]

Dockerfile-prod

@@ -0,0 +1,10 @@
+FROM openjdk:21-jdk-slim
+
+WORKDIR /writeon
+
+ENV TZ=Asia/Seoul
+RUN ln -sf /usr/share/zoneinfo/Asia/Seoul /etc/localtime
+
+COPY api/build/libs/*.jar writeon.jar
+
+ENTRYPOINT ["java", "-Dspring.profiles.active=prod", "-jar", "writeon.jar"]

api/build.gradle

@@ -0,0 +1,42 @@
+dependencies {
+	implementation 'org.springframework.boot:spring-boot-starter-webflux'
+
+	/* Mail */
+	implementation 'org.springframework.boot:spring-boot-starter-mail'
+
+	/* Template engine */
+	implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
+	implementation 'nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect'
+
+	/* AWS SDK */
+	implementation 'software.amazon.awssdk:s3:2.30.31'
+	implementation("software.amazon.awssdk:netty-nio-client:2.30.31")
+
+	/* amplitude (tracking tool) */
+	implementation 'org.json:json:20201115'
+	implementation 'com.amplitude:java-sdk:1.+'
+
+	/* Swagger */
+	implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.2.0'
+
+	implementation 'io.netty:netty-resolver-dns-native-macos:4.1.68.Final:osx-aarch_64'
+
+    implementation project(':assistant-api-client')
+	implementation project(':domain')
+}
+
+jar {
+	enabled = false
+}
+
+task copySecret(type: Copy) {
+	copy {
+		from '../BE-secret/api'
+		include "*.yml"
+		into 'src/main/resources'
+	}
+}
+
+tasks.named('bootJar') {
+	mainClass = 'writeon.api.ApiApplication'
+}

api/src/main/java/writeon/api/ApiApplication.java

@@ -0,0 +1,28 @@
+package writeon.api;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.domain.EntityScan;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.FilterType;
+import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
+import org.springframework.data.redis.repository.configuration.EnableRedisRepositories;
+
+@SpringBootApplication
+@ComponentScan(basePackages = {"writeon.api", "writeon.assistantapiclient"})
+@EntityScan(basePackages = "writeon.domain")
+@EnableJpaRepositories(
+	basePackages = "writeon.domain",
+	includeFilters = @ComponentScan.Filter(type = FilterType.REGEX, pattern = ".*JpaRepository")
+)
+@EnableRedisRepositories(
+	basePackages = "writeon.domain",
+	includeFilters = @ComponentScan.Filter(type = FilterType.REGEX, pattern = ".*RedisRepository")
+)
+public class ApiApplication {
+
+	public static void main(String[] args) {
+		SpringApplication.run(ApiApplication.class, args);
+	}
+
+}

api/src/main/java/writeon/api/HealthCheckController.java

@@ -0,0 +1,24 @@
+package writeon.api;
+
+import writeon.api.common.enums.exception.ParameterException;
+import writeon.api.common.exception.BaseException;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/health-check")
+@Tag(name = "health-check")
+public class HealthCheckController {
+
+    @GetMapping
+    public void healthCheck() {
+    }
+
+    @GetMapping("/error")
+    public void error(@RequestParam String id) {
+        throw new BaseException(ParameterException.PARAMETER_INVALID);
+    }
+}