Merge pull request #75 from cloudcomputinginha/chore/CCI-80 #17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # github repository actions 페이지에 나타날 이름 | |
| name: CI/CD using github actions & docker | |
| # event trigger | |
| # dev 브랜치에 push가 되었을 때 실행 | |
| on: | |
| push: | |
| branches: [ "dev" ] | |
| permissions: | |
| contents: read | |
| jobs: | |
| CI-CD: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # JDK setting - github actions에서 사용할 JDK 설정 (프로젝트나 AWS의 java 버전과 달라도 무방) | |
| - uses: actions/checkout@v3 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| # gradle caching - 빌드 시간 향상 | |
| - name: Gradle Caching | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| # gradle build | |
| - name: Build with Gradle | |
| env: | |
| SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
| run: ./gradlew build -x test | |
| # docker build & push to production | |
| - name: Docker build & push to prod | |
| if: contains(github.ref, 'dev') | |
| run: | | |
| docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
| docker build -f Dockerfile -t ${{ secrets.DOCKER_USERNAME }}/interview-be-service . | |
| docker push ${{ secrets.DOCKER_USERNAME }}/interview-be-service | |
| ## deploy to production | |
| - name: Deploy to prod | |
| uses: appleboy/ssh-action@master | |
| id: deploy-prod | |
| if: contains(github.ref, 'dev') | |
| with: | |
| host: ${{ secrets.HOST_PROD }} # EC2 퍼블릭 IPv4 DNS | |
| username: ubuntu | |
| key: ${{ secrets.PRIVATE_KEY }} | |
| envs: GITHUB_SHA | |
| script: | | |
| # 서버에 .env 파일 덮어쓰기 | |
| mkdir -p /home/ubuntu/interview-be | |
| cd /home/ubuntu/interview-be | |
| cat > .env <<'EOF' # 멀티라인 환경변수 입력으로 사용 | |
| ${{ secrets.ENV_FILE }} | |
| EOF | |
| chmod 600 .env | |
| docker stop interview-be-app || true # 컨테이너가 실행 중이면 중지 | |
| docker rm interview-be-app || true # 기존 컨테이너 삭제 | |
| docker rmi ${{ secrets.DOCKER_USERNAME }}/interview-be-service || true # 기존 이미지 삭제 | |
| sudo docker pull ${{ secrets.DOCKER_USERNAME }}/interview-be-service # 최신 이미지 pull | |
| sudo docker run -d --name interview-be-app -p 8080:8080 --env-file /home/ubuntu/interview-be/.env ${{ secrets.DOCKER_USERNAME }}/interview-be-service # 환경변수 주입하여 컨테이너 실행 | |
| sudo docker image prune -f |