fix: 도커파일 수정 #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: MADII-Server CI/CD | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - dev | |
| workflow_dispatch: | |
| env: | |
| DOCKER_IMAGE: ${{ secrets.DOCKERHUB_USERNAME }}/madii-server | |
| jobs: | |
| build-and-deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: temurin | |
| java-version: 17 | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x ./gradlew | |
| shell: bash | |
| # ===== application-*.yml, Firebase 키 생성 (기존과 동일) ===== | |
| - name: make application-secret.yml | |
| run: echo "${{ secrets.APPLICATION_SECRET_BASE64 }}" | base64 --decode > ./src/main/resources/application-secret.yml | |
| shell: bash | |
| - name: make application-dev.yml | |
| run: echo "${{ secrets.APPLICATION_DEV_BASE64 }}" | base64 --decode > ./src/main/resources/application-dev.yml | |
| shell: bash | |
| - name: make application-prod.yml | |
| run: echo "${{ secrets.APPLICATION_PROD_BASE64 }}" | base64 --decode > ./src/main/resources/application-prod.yml | |
| shell: bash | |
| - name: create madii-app-firebase-adminsdk json | |
| id: create-json | |
| uses: jsdaniell/[email protected] | |
| with: | |
| name: "madii-app-firebase-adminsdk-uriyk-c04677456f.json" | |
| json: ${{ secrets.FIREBASE_KEY_JSON }} | |
| dir: "src/main/resources/" | |
| - name: Gradle cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: Build with Gradle | |
| run: ./gradlew build | |
| shell: bash | |
| # ====== Docker 이미지 빌드 & Docker Hub 푸시 ====== | |
| - name: Build Docker image | |
| run: | | |
| IMAGE="${{ env.DOCKER_IMAGE }}:${GITHUB_SHA}" | |
| echo "Building image: $IMAGE" | |
| docker build -t "$IMAGE" . | |
| - name: Login to Docker Hub | |
| run: | | |
| echo "${{ secrets.DOCKERHUB_TOKEN }}" \ | |
| | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin | |
| - name: Push Docker image | |
| run: | | |
| IMAGE="${{ env.DOCKER_IMAGE }}:${GITHUB_SHA}" | |
| docker push "$IMAGE" | |
| # ====== OCI 인스턴스로 배포 (SSH) ====== | |
| - name: Deploy to OCI instance | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.OCI_HOST }} | |
| username: ${{ secrets.OCI_SSH_USER }} | |
| key: ${{ secrets.OCI_SSH_KEY }} | |
| port: 22 | |
| script: | | |
| set -e | |
| IMAGE="${{ env.DOCKER_IMAGE }}:${GITHUB_SHA}" | |
| BRANCH="${{ github.ref_name }}" | |
| # main -> prod, dev -> dev 프로파일 | |
| if [ "$BRANCH" = "dev" ]; then | |
| PROFILE="dev" | |
| CONTAINER_NAME="madii-dev" | |
| else | |
| PROFILE="prod" | |
| CONTAINER_NAME="madii-prod" | |
| fi | |
| echo "Deploying $IMAGE with profile=$PROFILE as container=$CONTAINER_NAME" | |
| # 1) Docker 미설치 시 자동 설치 | |
| if ! command -v docker >/dev/null 2>&1; then | |
| echo "Docker not found. Installing..." | |
| curl -fsSL https://get.docker.com | sudo sh | |
| fi | |
| # 2) Docker Hub 로그인 | |
| echo "${{ secrets.DOCKERHUB_TOKEN }}" \ | |
| | sudo docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin | |
| # 3) 최신 이미지 pull | |
| sudo docker pull "$IMAGE" | |
| # 4) 기존 컨테이너 중지/삭제 | |
| if sudo docker ps -a --format '{{.Names}}' | grep -q "^${CONTAINER_NAME}$"; then | |
| echo "Stopping old container..." | |
| sudo docker stop "$CONTAINER_NAME" || true | |
| sudo docker rm "$CONTAINER_NAME" || true | |
| fi | |
| # 5) 새 컨테이너 실행 | |
| sudo docker run -d \ | |
| --name "$CONTAINER_NAME" \ | |
| --restart unless-stopped \ | |
| -p 8090:8090 \ | |
| -e SPRING_PROFILES_ACTIVE="$PROFILE" \ | |
| "$IMAGE" | |
| echo "Deploy finished." |