Merge pull request #130 from ttakkeun/refactor/129 #107
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow uses actions that are not certified by GitHub. | |
| # They are provided by a third-party and are governed by | |
| # separate terms of service, privacy policy, and support | |
| # documentation. | |
| # This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time | |
| # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle | |
| name: ttakkeun ci/cd | |
| on: | |
| push: | |
| branches: | |
| - develop | |
| pull_request: | |
| branches: | |
| - develop | |
| permissions: | |
| contents: read | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| if: github.event.pull_request.merged == true && github.event.pull_request.base.ref == 'develop' || github.event_name == 'push' && github.ref == 'refs/heads/develop' && github.event.head_commit.message != 'Merge pull request' | |
| # develop 브랜치로의 pull request가 merge 되었을 때 github actions 작동 | |
| # 또는 develop 브랜치에 push가 발생하면 github actions 작동 (pr merge시 actions가 2번 발생하는 문제를 해결하기 위해 merge가 아닌 push때만 실행되도록 함) | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| # Configure Gradle for optimal use in GitHub Actions, including caching of downloaded dependencies. | |
| # See: https://github.com/gradle/actions/blob/main/setup-gradle/README.md | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0 | |
| - name: Build with Gradle Wrapper | |
| run: ./gradlew build | |
| ## 웹 이미지 빌드 및 도커허브에 push | |
| - name: Build and push Docker image | |
| run: | | |
| docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
| docker build --platform linux/amd64 -t ${{ secrets.DOCKER_USERNAME }}/ttakkeun . | |
| docker push ${{ secrets.DOCKER_USERNAME }}/ttakkeun | |
| - name: Execute remote SSH commands | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.HOST }} # EC2 퍼블릭 IPv4 DNS | |
| username: ubuntu | |
| key: ${{ secrets.KEY }} | |
| script: | | |
| cd /home/ubuntu/ | |
| ## 환경 변수 설정 | |
| export DB_URL=${{ secrets.DB_URL }} | |
| export DB_USERNAME=${{ secrets.DB_USERNAME }} | |
| export DB_PASSWORD=${{ secrets.DB_PASSWORD }} | |
| export NAVER_ClientID=${{ secrets.NAVER_ClientID }} | |
| export NAVER_ClientSecret=${{ secrets.NAVER_ClientSecret }} | |
| export APPLE_Secret=${{ secrets.APPLE_Secret }} | |
| export apple_key_id=${{ secrets.apple_key_id }} | |
| export apple_team_id=${{ secrets.apple_team_id }} | |
| export JWT_Secret=${{ secrets.JWT_Secret }} | |
| export aws_access=${{ secrets.aws_access }} | |
| export aws_secret=${{ secrets.aws_secret }} | |
| export OPENAI_KEY=${{ secrets.OPENAI_KEY }} | |
| ## Docker 작업 | |
| sudo chmod 666 /var/run/docker.sock | |
| sudo docker stop $(docker ps -a -q) | |
| sudo docker rm -f $(docker ps -qa) | |
| sudo docker pull ${{ secrets.DOCKER_USERNAME }}/ttakkeun | |
| sudo docker run -e DB_URL=${DB_URL} -e DB_USERNAME=${DB_USERNAME} -e DB_PASSWORD=${DB_PASSWORD} \ | |
| -e NAVER_ClientID=${NAVER_ClientID} -e NAVER_ClientSecret=${NAVER_ClientSecret} \ | |
| -e APPLE_Secret=${APPLE_Secret} -e apple_key_id=${apple_key_id} \ | |
| -e apple_team_id=${apple_team_id} -e JWT_Secret=${JWT_Secret} \ | |
| -e aws_access=${aws_access} -e aws_secret=${aws_secret} \ | |
| -e OPENAI_KEY=${OPENAI_KEY} \ | |
| -e TZ=Asia/Seoul \ | |
| -d -p 8080:8080 ${{ secrets.DOCKER_USERNAME }}/ttakkeun | |
| sudo docker image prune -f |