-
Notifications
You must be signed in to change notification settings - Fork 1
123 lines (108 loc) · 4.8 KB
/
github_actions.yml
File metadata and controls
123 lines (108 loc) · 4.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
name: Challenge CI/CD Pipeline
on:
pull_request:
types: [ closed ]
branches:
- develop
jobs:
build-and-deploy: # Job 이름
runs-on: ubuntu-latest # 실행 환경 - 가장 최신 버전 Ubuntu 환경
env: # 전체 job에서 사용할 환경 변수 설정
KAKAO_API_KEY: ${{ secrets.KAKAO_API_KEY }}
KAKAO_REDIRECT_URI: ${{ secrets.KAKAO_REDIRECT_URI }}
JWT_SECRET: ${{ secrets.JWT_SECRET }}
RDS_PRIVATE_IP: ${{ secrets.RDS_PRIVATE_IP }}
RDS_PORT: ${{ secrets.RDS_PORT }}
DB_SCHEMA_NAME: ${{ secrets.DB_SCHEMA_NAME }}
DB_USERNAME: ${{ secrets.DB_USERNAME }}
DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
S3_ACCESS_KEY: ${{ secrets.S3_ACCESS_KEY }}
S3_SECRET_KEY: ${{ secrets.S3_SECRET_KEY }}
S3_BUCKET_NAME: ${{ secrets.S3_BUCKET_NAME }}
S3_REGION: ${{ secrets.S3_REGION }}
FIREBASE_PROJECT_ID: ${{ secrets.FIREBASE_PROJECT_ID }}
steps:
# 1. GitHub Repository 파일 불러오기
- name: Github Repository 파일 불러오기
uses: actions/checkout@v4
# 2. 권한 설정
- name: gradlew 권한 설정
run: chmod +x ./gradlew
shell: bash
# 3. JDK 17 설치
- name: JDK 17 설치
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'
# 4. Docker 확장 기능 추가
- name: Docker 확장 기능 추가
uses: docker/setup-buildx-action@v3
# 5. Docker Hub 로그인
- name: Docker Hub 로그인
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
# 6. firebase 설정 파일 생성
- name: Prepare firebase directory
run: |
mkdir -p src/main/resources/firebase
chmod 777 src/main/resources/firebase
- name: Download firebase.json
env:
FIREBASE_JSON_URL: ${{ secrets.FIREBASE_JSON_URL }}
run: |
curl -L "$FIREBASE_JSON_URL" -o src/main/resources/firebase/firebase.json
# 7. Docker 이미지 생성 및 Push
- name: Docker 이미지 생성 및 push
uses: docker/build-push-action@v6
with:
context: . # Dockerfile 위치
file: ./Dockerfile # Dockerfile 경로
push: true
tags: ${{ secrets.DOCKERHUB_USERNAME }}/challenge:${{ github.sha }} # 이미지 태그
platforms: linux/amd64
build-args: | # Dockerfile에서 사용할 환경 변수 전달
KAKAO_API_KEY=${{ secrets.KAKAO_API_KEY }}
KAKAO_REDIRECT_URI=${{ secrets.KAKAO_REDIRECT_URI }}
JWT_SECRET=${{ secrets.JWT_SECRET }}
RDS_PRIVATE_IP= ${{ secrets.RDS_PRIVATE_IP }}
RDS_PORT= ${{ secrets.RDS_PORT }}
DB_SCHEMA_NAME= ${{ secrets.DB_SCHEMA_NAME }}
DB_USERNAME= ${{ secrets.DB_USERNAME }}
DB_PASSWORD= ${{ secrets.DB_PASSWORD }}
S3_ACCESS_KEY= ${{ secrets.S3_ACCESS_KEY }}
S3_SECRET_KEY= ${{ secrets.S3_SECRET_KEY }}
S3_BUCKET_NAME= ${{ secrets.S3_BUCKET_NAME }}
S3_REGION= ${{ secrets.S3_REGION }}
FIREBASE_PROJECT_ID= ${{ secrets.FIREBASE_PROJECT_ID }}
## CD (Continuous Deployment) 파트
# 8. EC2에 SSH로 접속하여 Docker 컨테이너 실행
- name: EC2에 배포
uses: appleboy/ssh-action@v1.1.0
with:
host: ${{ secrets.EC2_HOST }} # EC2 퍼블릭 IP
username: ubuntu # EC2 사용자 (기본은 ubuntu)
key: ${{ secrets.EC2_SSH_KEY }} # EC2 SSH Private Key
script_stop: true # SSH 명령어 실행 중 에러가 발생하면 워크플로 중단
script: |
sudo fuser -k -n tcp 8080 || true
docker rm -f challenge
docker pull ${{ secrets.DOCKERHUB_USERNAME }}/challenge:${{ github.sha }}
docker run -d -p 8080:8080 --name challenge \
-e SPRING_PROFILES_ACTIVE=dev \
-e KAKAO_API_KEY=${{ secrets.KAKAO_API_KEY }} \
-e KAKAO_REDIRECT_URI=${{ secrets.KAKAO_REDIRECT_URI }} \
-e JWT_SECRET=${{ secrets.JWT_SECRET }} \
-e RDS_PRIVATE_IP=${{ secrets.RDS_PRIVATE_IP }} \
-e RDS_PORT=${{ secrets.RDS_PORT }} \
-e DB_SCHEMA_NAME=${{ secrets.DB_SCHEMA_NAME }} \
-e DB_USERNAME=${{ secrets.DB_USERNAME }} \
-e DB_PASSWORD=${{ secrets.DB_PASSWORD }} \
-e S3_ACCESS_KEY=${{ secrets.S3_ACCESS_KEY }} \
-e S3_SECRET_KEY=${{ secrets.S3_SECRET_KEY }} \
-e S3_BUCKET_NAME=${{ secrets.S3_BUCKET_NAME }} \
-e S3_REGION=${{ secrets.S3_REGION }} \
-e FIREBASE_PROJECT_ID=${{ secrets.FIREBASE_PROJECT_ID }} \
${{ secrets.DOCKERHUB_USERNAME }}/challenge:${{ github.sha }}