This service deploys to Amazon EC2 through .github/workflows/deploy.yml.
- Make sure the EC2 instance has Docker installed and the security group allows inbound traffic for the service port, currently
8080. - Add the required GitHub Actions secrets listed below.
- Run the
Deployworkflow manually from GitHub Actions, or push to thedeploybranch.
The workflow builds the Spring Boot jar, creates deploy-only config files from GitHub Secrets, uploads them to /home/ubuntu/OnTime-back, and restarts Docker Compose on the EC2 instance.
EC2_HOSTEC2_USEREC2_SSH_KEY
SPRING_APPLICATION_NAMESPRING_DATASOURCE_URLSPRING_DATASOURCE_USERNAMESPRING_DATASOURCE_PASSWORDSPRING_DATASOURCE_DRIVER_CLASS_NAMESPRING_JPA_HIBERNATE_DDL_AUTOJWT_SECRETKEYJWT_ACCESS_EXPIRATIONJWT_REFRESH_EXPIRATIONJWT_ACCESS_HEADERJWT_REFRESH_HEADERGOOGLE_WEB_CLIENT_IDGOOGLE_APP_CLIENT_IDAPPLE_CLIENT_IDAPPLE_LOGIN_KEYAPPLE_TEAM_IDAUTHKEY_743M7R5W3WSPRING_FLYWAY_URLSPRING_FLYWAY_USERSPRING_FLYWAY_PASSWORDONTIME_PUSH_FIREBASE_ADMINSDK
SPRING_JPA_DATABASE_PLATFORMdefaults toorg.hibernate.dialect.MySQL8Dialect.FEATURE_APPLE_LOGIN_ENABLEDdefaults totrue.- Google and Kakao OAuth provider/registration secrets are included by the workflow when configured.
The deploy workflow writes these files under /home/ubuntu/OnTime-back:
project.jarDockerfiledocker-compose.ymlconfig/application.propertiessecrets/firebase-adminsdk.jsonsecrets/AuthKey_743M7R5W3W.p8
Do not commit local application.properties, Firebase service account JSON, Apple .p8 keys, or .env files.