ci: deploy파일 수정 #91
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: deploy | |
on: | |
push: | |
branches: | |
- develop | |
jobs: | |
push_to_registry: | |
name: Push to ncp container registry | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '17' | |
distribution: 'adopt' | |
- name: make application-prod.yml | |
run: | | |
cd ./src/main/resources | |
touch ./application-prod.yml | |
echo "${{ secrets.APPLICATION_PROD_YML }}" >> ./application-prod.yml | |
shell: bash | |
- name: make firebase-adminsdk.json | |
run: | | |
cd ./src/main/resources | |
touch ./roumo-server-firebase-adminsdk.json | |
echo "${{ secrets.FIREBASE_ADMINSDK_JSON }}" >> ./roumo-server-firebase-adminsdk.json | |
shell: bash | |
- name: Build with Gradle | |
run: ./gradlew bootJar | |
- name: Login to DOCKERHUB Container Registry | |
uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 | |
with: | |
username: ${{ secrets.DOCKERHUB_ACCESS_KEY }} | |
password: ${{ secrets.DOCKERHUB_SECRET_KEY }} | |
- name: build and push | |
uses: docker/build-push-action@v3 | |
with: | |
context: . | |
file: ./Dockerfile | |
push: true | |
tags: ${{ secrets.DOCKERHUB_CONTAINER_REGISTRY }}/roumo-web:latest | |
cache-from: type=registry,ref=${{ secrets.DOCKERHUB_CONTAINER_REGISTRY }}/roumo-web:latest | |
cache-to: type=inline | |
pull_from_registry: | |
name: Connect server ssh and pull from container registry | |
needs: push_to_registry | |
runs-on: ubuntu-latest | |
steps: | |
- name: Get Github Actions IP | |
id: ip | |
uses: haythem/[email protected] | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ap-northeast-2 | |
- name: Add Github Actions IP to Security group | |
run: | | |
aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32 | |
- name: connect ssh | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.PROD_HOST }} | |
username: ${{ secrets.PROD_USERNAME }} | |
key: ${{ secrets.PROD_KEY }} | |
port: ${{ secrets.PROD_PORT }} | |
script: | | |
sudo docker rm $(docker ps -a -q) | |
sudo docker pull ${{ secrets.DOCKERHUB_CONTAINER_REGISTRY }}/roumo-web | |
sudo docker pull ${{ secrets.DOCKERHUB_CONTAINER_REGISTRY }}/roumo-nginx | |
docker-compose up -d | |
docker image prune -f | |
- name: Remove Github Actions IP From Security Group | |
run: | | |
aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32 |