[BE] 브랜치 Sync용 #46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci-cd | |
on: | |
push: | |
branches: [ be, dev ] | |
pull_request: | |
branches: [ be ] | |
permissions: | |
contents: read | |
jobs: | |
build-spring-boot-image: | |
runs-on: ubuntu-latest | |
environment: dev | |
defaults: | |
run: | |
shell: bash | |
working-directory: ./be # 작업 디렉토리 설정 | |
steps: | |
- uses: actions/checkout@v3 | |
# JDK 설정 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '17' | |
distribution: 'temurin' #adopt | |
# gradle caching - 빌드 시간 향상 | |
- name: Gradle Caching | |
uses: actions/cache@v3 | |
with: | |
# 캐시할 디렉토리 경로를 지정합니다. | |
path: | | |
~/.gradle/caches | |
~/.gradle/wrapper | |
# 캐시를 구분하는 키를 지정합니다. | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
# 이전에 생성된 캐시를 복원하는데 사용할 키를 지정합니다. | |
# 캐시가 없거나 만료되었을때 이 키를 기반으로 이전에 생성된 캐시를 찾아 복원합니다. | |
restore-keys: | | |
${{ runner.os }}-gradle- | |
# secret yml 파일 생성 | |
- name: make application-secret.yml | |
run: | | |
cd ./src/main/resources | |
touch ./application-secret.yml | |
echo "${{ secrets.APPLICATION_SECRET }}" > ./application-secret.yml | |
shell: bash | |
# gradlew 실행을 위해서 실행 권한을 부여 | |
- name: Grant execute permission for gradlew | |
run: chmod +x ./gradlew | |
# Gradle을 이용하여 빌드 수행 | |
- name: Build with Gradle | |
run: ./gradlew build -x test | |
# docker build & push to develop | |
- name: Docker build & push to dev | |
run: | | |
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
docker build -f Dockerfile -t ${{ secrets.DOCKER_USERNAME }}/gaemi-marble-app . | |
docker push ${{ secrets.DOCKER_USERNAME }}/gaemi-marble-app | |
cd-pipeline: | |
needs: | |
- build-spring-boot-image | |
# - build-react-image | |
name: continuos deploy | |
runs-on: ubuntu-latest | |
environment: dev | |
steps: | |
- uses: actions/checkout@master | |
# nginx.conf 파일을 EC2에 업로드 | |
- name: copy nginx.conf file via ssh password | |
uses: appleboy/scp-action@master | |
with: | |
host: ${{ secrets.HOST }} | |
username: ${{ secrets.EC2_USERNAME }} | |
key: ${{ secrets.PRIVATE_KEY }} | |
port: 22 | |
source: "./nginx/nginx.conf" | |
target: "/home/${{ secrets.EC2_USERNAME }}/" | |
# docker-compose.yml 파일을 EC2에 업로드 | |
- name: copy docker-compose file via ssh password | |
uses: appleboy/scp-action@master | |
with: | |
host: ${{ secrets.HOST }} | |
username: ${{ secrets.EC2_USERNAME }} | |
key: ${{ secrets.PRIVATE_KEY }} | |
port: 22 | |
source: "docker-compose.yml" | |
target: "/home/${{ secrets.EC2_USERNAME }}/" | |
# docker-compose 실행 | |
- name: Deploy to dev | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.HOST }} # EC2 인스턴스 퍼블릭 DNS | |
username: ${{ secrets.EC2_USERNAME }} | |
key: ${{ secrets.PRIVATE_KEY }} # pem 키 | |
port: 22 | |
script: | | |
sudo chmod 666 /var/run/docker.sock | |
docker-compose -f docker-compose.yml down -v | |
docker-compose -f docker-compose.yml pull | |
docker-compose -f docker-compose.yml up -d | |
docker image prune -f | |