Weekly/10/issue#213 (#214) #29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: deploy | |
| # 특정 브랜치에 코드가 push 될때 실행 | |
| on: | |
| push: | |
| branches: [ "Prod" ] | |
| # 코드의 내용을 이 파일을 실행하여 action을 수행하는 주체(Github Actions에서 사용하는 VM)가 읽을 수 있도록 허용. | |
| permissions: | |
| contents: read | |
| jobs: | |
| build: | |
| env: | |
| JWT_SECRET: ${{ secrets.JWT_SECRET }} | |
| CLIENT_ID: ${{ secrets.CLIENT_ID }} | |
| REDIRECT_URI: ${{ secrets.REDIRECT_URI }} | |
| DB_URL: ${{ secrets.DB_URL }} | |
| DB_USERNAME: ${{ secrets.DB_USERNAME }} | |
| DB_PASSWORD: ${{ secrets.DB_PASSWORD }} | |
| REDIS_HOST: ${{ secrets.REDIS_PROD_HOST }} | |
| REDIS_PORT: ${{ secrets.REDIS_PORT }} | |
| AWS_YOUR_REGION: ${{ secrets.AWS_YOUR_REGION }} | |
| AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }} | |
| AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }} | |
| S3_BUCKET_NAME: ${{ secrets.S3_BUCKET_PROD_NAME }} | |
| KAKAO_PAY_SECRET_KEY: ${{ secrets.KAKAO_PAY_SECRET_KEY }} | |
| KAKAO_PAY_APPROVE_REDIRECT_URL: ${{ secrets.KAKAO_PAY_APPROVE_REDIRECT_URL }} | |
| KAKAO_PAY_FAIL_REDIRECT_URL: ${{ secrets.KAKAO_PAY_FAIL_REDIRECT_URL }} | |
| KAKAO_PAY_CANCEL_REDIRECT_URL: ${{ secrets.KAKAO_PAY_CANCEL_REDIRECT_URL }} | |
| URL_SECRET_KEY: ${{ secrets.URL_SECRET_KEY }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '21' | |
| distribution: 'adopt' | |
| - name: Build with Gradle | |
| run: | | |
| chmod +x ./gradlew | |
| ./gradlew clean build -Dspring.profiles.active=dev | |
| # dockerfile을 통해 이미지를 빌드하고, 이를 docker repo로 push 합니다. | |
| # 이 때 사용되는 ${{ secrets.DOCKER_REPO }}/directors-dev 가 위에서 만든 도커 repository 입니다. | |
| - name: Docker build & push to docker repo | |
| run: | | |
| docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
| docker build -f Dockerfile -t ${{ secrets.DOCKER_REPO }} . | |
| docker push ${{ secrets.DOCKER_REPO }} | |
| # appleboy/ssh-action@master 액션을 사용하여 지정한 서버에 ssh로 접속하고, script를 실행합니다. | |
| # script의 내용은 도커의 기존 프로세스들을 제거하고, docker repo로부터 방금 위에서 push한 내용을 pull 받아 실행하는 것입니다. | |
| # 실행 시, docker-compose를 사용합니다. | |
| - name: Deploy to server | |
| uses: appleboy/ssh-action@master | |
| id: deploy | |
| with: | |
| host: ${{ secrets.HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.KEY }} | |
| port: 22 | |
| script: | | |
| # 8081 포트를 사용하는 컨테이너만 중단하고 제거 | |
| sudo docker ps --filter "publish=8081" -q | xargs -r sudo docker rm -f | |
| sudo docker image prune -f | |
| # Pull the latest image | |
| sudo docker pull ${{ secrets.DOCKER_REPO }} | |
| # Run the new container with environment variables | |
| sudo docker run -d -p 8081:8080 \ | |
| -e JWT_SECRET=${{ secrets.JWT_SECRET }} \ | |
| -e CLIENT_ID=${{ secrets.CLIENT_ID }} \ | |
| -e REDIRECT_URI=${{ secrets.REDIRECT_URI_PROD }} \ | |
| -e DB_URL=${{ secrets.DB_URL_PROD }} \ | |
| -e DB_USERNAME=${{ secrets.DB_USERNAME }} \ | |
| -e DB_PASSWORD=${{ secrets.DB_PASSWORD }} \ | |
| -e REDIS_HOST=${{ secrets.REDIS_PROD_HOST }} \ | |
| -e REDIS_PORT=${{ secrets.REDIS_PORT }} \ | |
| -e AWS_YOUR_REGION=${{ secrets.AWS_YOUR_REGION }} \ | |
| -e AWS_ACCESS_KEY=${{ secrets.AWS_ACCESS_KEY }} \ | |
| -e AWS_SECRET_KEY=${{ secrets.AWS_SECRET_KEY }} \ | |
| -e S3_BUCKET_NAME=${{ secrets.S3_BUCKET_PROD_NAME }} \ | |
| -e KAKAO_PAY_SECRET_KEY=${{ secrets.KAKAO_PAY_SECRET_KEY }} \ | |
| -e KAKAO_PAY_APPROVE_REDIRECT_URL=${{ secrets.KAKAO_PAY_APPROVE_REDIRECT_URL }} \ | |
| -e KAKAO_PAY_FAIL_REDIRECT_URL=${{ secrets.KAKAO_PAY_FAIL_REDIRECT_URL }} \ | |
| -e KAKAO_PAY_CANCEL_REDIRECT_URL=${{ secrets.KAKAO_PAY_CANCEL_REDIRECT_URL }} \ | |
| -e URL_SECRET_KEY=${{ secrets.URL_SECRET_KEY }} \ | |
| ${{ secrets.DOCKER_REPO }} | |